CN113411323A - Medical record data access control system and method based on attribute encryption - Google Patents

Medical record data access control system and method based on attribute encryption Download PDF

Info

Publication number
CN113411323A
CN113411323A CN202110665330.2A CN202110665330A CN113411323A CN 113411323 A CN113411323 A CN 113411323A CN 202110665330 A CN202110665330 A CN 202110665330A CN 113411323 A CN113411323 A CN 113411323A
Authority
CN
China
Prior art keywords
medical record
record data
attribute
key
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110665330.2A
Other languages
Chinese (zh)
Other versions
CN113411323B (en
Inventor
薛庆水
时雪磊
马海峰
薛震
张继
王晨阳
王俊华
周雨卫
崔墨香
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Qiyue Information Technology Co Ltd
Original Assignee
Shanghai Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Institute of Technology filed Critical Shanghai Institute of Technology
Priority to CN202110665330.2A priority Critical patent/CN113411323B/en
Publication of CN113411323A publication Critical patent/CN113411323A/en
Application granted granted Critical
Publication of CN113411323B publication Critical patent/CN113411323B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Public Health (AREA)
  • Databases & Information Systems (AREA)
  • Primary Health Care (AREA)
  • Epidemiology (AREA)
  • Power Engineering (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a medical record data access control system and method based on attribute encryption, which comprises five entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein five entities are communicated through the Internet; the medical record data owner encrypts the medical record data of the patient and then puts the encrypted medical record data into the cloud storage center for the access of the object with decryption qualification, so that the problems that the medical record can not follow the patient to walk, data islands exist among hospitals and the like can be effectively solved; the method introduces an access control scheme of attribute encryption based on a ciphertext strategy, realizes access control on a user, and simultaneously improves the operation efficiency of encryption and decryption; the method mainly considers the problem of calculation overhead of a data owner and a data visitor by adopting a calculation outsourcing scheme, and meanwhile fine-grained access control of a user on encrypted data is realized.

Description

Medical record data access control system and method based on attribute encryption
Technical Field
The invention relates to an information security technology, in particular to a medical record data access control system and method based on attribute encryption.
Background
In recent years, with the development of information technology, the traditional paper record obviously does not meet the requirement of various industries on key data storage, so the paper record is gradually replaced by information record. The personal medical record data of the hospital is no longer the handwritten record of the doctor, but the personal medical record data is stored and recorded by using a computer. However, there still exist some problems, such as weak data connection between different hospitals, data islanding problem of medical data, and the same examination may need to be done again after the patient is transferred, which is time-consuming, troublesome and wasteful of medical resources to some extent. After the cloud storage technology is developed, the existing information technology can be utilized, personal electronic medical record data can be stored in the cloud, the personal electronic medical record data can be downloaded and accessed by a user with permission, and after a patient is transferred, a new hospital can also acquire the previous medical record information of the patient in time, so that the medical efficiency is improved, the medical data utilization rate is improved, and the medical experience of the patient in a new era is improved.
The personal medical record data is not directly stored on the cloud server, and data ciphertext is stored on the cloud server, so that the data contains a lot of privacy information of the patient, the information is not wanted to be seen by other people, and the personal medical record data is encrypted and then is stored on the cloud. How to protect privacy and simultaneously facilitate medical resource sharing is a problem to be solved by applying a storage technology to improve medical efficiency.
Disclosure of Invention
Aiming at the problems existing in the further development of the existing electronic medical record data, the system and the method for controlling the access to the medical record data based on the attribute encryption are provided, the fine-grained access of a user can be realized through an attribute-based encryption mode, whether the access authority exists or not is judged through the user attribute, and the flexibility of the access control is improved under the condition of ensuring the data security.
The technical scheme of the invention is as follows: a medical record data access control system based on attribute encryption comprises five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein five entities are communicated through the Internet;
the attribute authority AA is used for attribute distribution authentication of medical record data accessors, generating a system public key PK to be sent to medical record data owners, generating a master key MK, and generating a decryption private key SK of the medical record data accessors by combining attributes of the medical record data accessors to be sent to the medical record data accessors;
medical record data owner MDO: the method comprises the steps that a user with medical record data formulates an access strategy and encrypts medical record information through an algorithm, the computing power of the entity is considered to be weak, the access strategy, an algorithm secret key and a system public key PK are further used for encrypting to form a ciphertext and the ciphertext is sent back to an MDO (data management and input) under the help of a cloud computing center, and then the MDO sends two parts of encrypted medical record data and the ciphertext to the cloud storage center for storage;
the medical record data accessor MDV indicates a user who wants to access medical record data, the medical record data accessor can read encrypted data on the cloud storage center, an attribute set of the medical record data accessor is authenticated by obtaining AA to obtain an exclusive decryption private key, and then if the attribute set of the medical record data accessor authenticated by the AA meets an access strategy formulated by the MDO, an algorithm secret key can be obtained by using the decryption private key distributed by the AA to decrypt the medical record data plaintext, otherwise, plaintext information cannot be obtained; considering that the entity is weak in computing power, the private key is decrypted with the help of the cloud computing center, and then data decryption is carried out through the MDO;
the cloud storage center CSC provides data storage service for users, medical record data owners store the ciphertext in the cloud storage center, and medical record data accessors download the ciphertext from the cloud storage center;
cloud computing center CCC: the method is used for operation in the encryption and decryption processes, and the encryption and decryption efficiency is improved.
Preferably, the cloud computing center CCC corresponds to two cloud computing servers CCC1 and CCC2, and provides computing services for two types of users, namely, a medical record data owner and a medical record data visitor.
A medical record data access control method based on attribute encryption is established, and comprises the following steps:
1) initialization: execute setup (1)λ) The part is completed by AA, and a system public key PK and a system master key MK are generated;
2) and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
3) encrypting medical record data: executing EncryptMDO(M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
4) symmetric key encryption: executing EncryptCCC1(PK, ISK, T), which is completed by CCC1, and the symmetric encryption algorithm is encrypted by using a ciphertext policy attribute base encryption algorithm with a system public key PK, a symmetric encryption key ISK and an access policy T formulated by MDO as inputThe key generates a symmetric key ciphertext CT, returns the ciphertext CT to the MDO through a secure channel, and finally sends the medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage by the MDO;
5) and (3) decryption by using a symmetric key: performing DecryptCCC2(T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
6) data decryption: performing DecryptMDV(CT ', M'), this part is completed by MDV, it takes medical record data ciphertext M 'and CT' as input, outputs medical record plaintext message M or terminator.
Further, the specific method for the attribute authority AA to generate the decryption private key SK is as follows:
1.1) selecting two bilinear groups G and G of prime p orderTWherein G is the generator of group G, constructing bilinear map e G → GTConstructing a hash function H: {0,1}*→G;
1.2) selecting random numbers
Figure BDA0003116592450000031
g1∈G,
Figure BDA0003116592450000032
A multiplicative group of a remaining class ring of p, and g1For any element of group G except G, h ═ G is definedαThe computing system public key PK and the system master key MK are respectively: PK ═ G, GT,p,H,g,h=gα},
Figure BDA0003116592450000033
1.3) executing KeyGen (MK, S) and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
the MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set, then executes an algorithm KeyGen (MK, S) to generate a decryption private key SK of the user, and generates a decryption private key SK for the user attributeAny attribute i to S in the set selects a corresponding random element
Figure BDA0003116592450000034
And (3) calculating:
Figure BDA0003116592450000035
further, the specific method for encrypting the symmetric key in the step 4) is as follows:
4.1) user-defined ciphertext policy tree access structure T, leaf nodes of the access tree are attributes, non-leaf nodes are threshold operations, and the algorithm defines a polynomial q for each node of the access treexStarting from a root node, the polynomial of each node is randomly generated in a top-down mode, and the secret value of the root node is
Figure BDA0003116592450000041
Namely, the polynomial constant term of the root node is s;
4.2) using the ISK as an attribute encryption object, calculating to obtain a symmetric key ciphertext CT, wherein the ISK is transmitted to the CCC1 by the MDO through a secure channel, which is specifically as follows:
Figure BDA0003116592450000042
wherein, X represents all nodes in the access tree, and X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3) the MDO uploads the M' and the CT to a cloud storage center.
Further, the specific method for decrypting the symmetric key in the step 5) is as follows:
5.1) the MDV acquires a ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, which specifically comprises the following steps:
defining recursive decryption operation DecryptNode (CT, SK, x), and defining i ═ att (x) as leaf node x of access control tree, att (x) asFor the attribute of the leaf node x, for the non-leaf node x, defining i ═ index (x), and index (x) as the serial number of x in the serial number, so that each leaf node of the access control tree is decrypted first to calculate DecryptNode (CT, SK, x), then the leaf node goes up step by step, finally the root node is decrypted to obtain the secret value q of the root noderoot(0);
5.2) the cloud computing center CCC2 substitutes the secret value calculated according to the step 5.1) into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation;
5.3) CT' is returned to the MDV via a secure channel.
The invention has the beneficial effects that: according to the medical record data access control system and method based on attribute encryption, a medical record data owner encrypts patient record data and then puts the patient record data into a cloud storage center for access of an object with decryption qualification, so that the problems that a medical record cannot follow a patient, data islands exist among hospitals and the like can be effectively solved; the method introduces an access control scheme of attribute encryption based on a ciphertext strategy, realizes access control on a user, and simultaneously improves the operation efficiency of encryption and decryption; the method mainly considers the problem of calculation overhead of a data owner and a data visitor by adopting a calculation outsourcing scheme, and meanwhile fine-grained access control of a user on encrypted data is realized.
Drawings
FIG. 1 is a schematic diagram of a medical record data access control system based on attribute encryption according to the present invention;
FIG. 2 is a flowchart of a medical record data access control method based on attribute encryption according to the present invention;
FIG. 3 is a diagram illustrating an example of an access control tree structure according to the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments. The present embodiment is implemented on the premise of the technical solution of the present invention, and a detailed implementation manner and a specific operation process are given, but the scope of the present invention is not limited to the following embodiments.
As shown in fig. 1, the system for controlling access to medical record data based on attribute encryption comprises five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein the five entities are communicated through the Internet.
A. The Attribute Authority (AA) is completely credible, and an Authority center of the system is used for Attribute distribution authentication of medical record data accessors, generates a public key PK of the system and sends the public key PK to a medical record data owner, generates a main key MK and then generates a decryption private key SK of the medical record data accessors by combining with the attributes of the medical record data accessors and sends the decryption private key SK to the medical record data accessors;
B. medical record Data Owner (MDO): mainly refers to a user who has medical record data, generally refers to a doctor or a patient. Doctors and patients with medical record data can jointly make an access strategy and encrypt and store medical record information on the cloud storage center. A medical record data owner encrypts a medical record data plaintext through a symmetric Encryption AES (advanced Encryption Standard) algorithm and encrypts an AES symmetric key through an attribute-based Encryption scheme. Consider that the entity is computationally weak; the encrypted medical record data and the encrypted text are sent to the CSC for storage by the MDO.
C. Medical record Data accessors (MDVs) mainly refer to users who want to access Medical record Data. The medical record data accessor can read the encrypted data on the cloud storage center, the attribute set of the medical record data accessor is authenticated by the AA to obtain an exclusive decryption private key, and then if the user attribute set of the medical record data accessor authenticated by the AA meets an access strategy formulated by the MDO, the private key distributed by the AA can be used for decryption to obtain an AES symmetric key so as to decrypt the medical record data plaintext, otherwise, plaintext information cannot be obtained. Consider that the entity is computationally weak; the key is decrypted with the help of the cloud computing center, and then the data is decrypted by the MDO.
D. And the Cloud Storage Center (CSC) provides data Storage service for the user, the medical record data owner stores the ciphertext in the Cloud Storage Center, and the medical record data visitor downloads the ciphertext from the Cloud Storage Center. The cloud storage center server is considered to be honest and suspicious, and can perform various tasks honestly according to rules;
E. cloud Computing Center (CCC): the cloud computing center can be used for providing computing power due to the limitation of the computing power of the terminal, and the encryption and decryption efficiency is improved. In the method, the CCC1 and the CCC2 correspond to two cloud computing servers, and the main function is to provide computing services for medical record data owners and medical record data visitors respectively without other differences. The cloud computing center server is considered herein to be honest and suspicious, and he may honestly perform various tasks according to the rules.
As shown in fig. 2, a flowchart of an attribute encryption-based medical record data access control method is shown, and the access control method includes the following steps:
1. initialization: execute setup (1)λ) This is done by the AA, generating a system public key PK and a system master key MK.
Specifically, step 1 further comprises:
1.1 two bilinear groups G and G with prime p of order are selectedTWherein G is the generator of group G, constructing bilinear map e G → GTConstructing a hash function H: {0,1}*→G;
1.2, selecting random numbers
Figure BDA0003116592450000061
g1∈G,
Figure BDA0003116592450000062
A multiplicative group of a remaining class ring of p, and g1For any element of group G except G, h ═ G is definedαThe computing system public key PK and the system master key MK are respectively:
PK={G,GT,p,H,g,h=gα},
Figure BDA0003116592450000063
2. and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
specifically, the MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set, then executes an algorithm KeyGen (MK, S) to generate a decryption private key SK of a user, and selects a corresponding random element for any attribute i e S in the user attribute set
Figure BDA0003116592450000071
And (3) calculating:
Figure BDA0003116592450000072
3. encrypting medical record data: executing EncryptMDO(M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
specifically, aiming at the plaintext data of the electronic medical record, the MDO adopts a symmetric encryption algorithm AES to encrypt the plaintext data, and a symmetric encryption key ISK is selected to encrypt the data, specifically:
M'=EncISK(M)。
4. symmetric key encryption: executing EncryptCCC1(PK, ISK, T), which is completed by CCC1, a system public key PK, a symmetric encryption key ISK and an access strategy T formulated by the MDO are taken as input, the symmetric key is encrypted by using a ciphertext strategy attribute-based encryption algorithm to generate a symmetric key ciphertext CT, the ciphertext CT is returned to the MDO through a secure channel, and finally, the MDO sends a medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage;
specifically, step 4 further comprises:
4.1, defining a tree access structure T of a ciphertext strategy by a user, wherein leaf nodes of an access tree are attributes, non-leaf nodes are threshold operations, and an algorithm needs to define a polynomial q for each node of the access treexOf each node, starting from the root nodeThe polynomial is randomly generated in a top-down mode, and the secret value of the root node is
Figure BDA0003116592450000073
Namely, the polynomial constant term of the root node is s;
4.2, calculating to obtain a symmetric key ciphertext CT by taking the ISK as an attribute encryption object, wherein the encryption process is completed by a cloud computing center CCC1, and the ISK is transmitted to a CCC1 by an MDO through a secure channel, which specifically comprises the following steps:
Figure BDA0003116592450000074
wherein, X represents all nodes in the access tree, and X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3, the MDO uploads the M' and the CT to a cloud storage center.
5. And (3) decryption by using a symmetric key: performing DecryptCCC2(T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
specifically, step 5 further comprises:
5.1: the MDV acquires the ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, specifically as follows:
defining recursive decryption operation DecryptNode (CT, SK, x), defining i att (x) as the attribute of leaf node x for leaf node x of access control tree, defining i index (x) for non-leaf node x, and index (x) as the sequence number of x in brother (numbering from left to right), so that each leaf node of access control tree is decrypted first to calculate DecryptNode (CT, SK, x), then step by step upwards, finally decrypting root node to obtain its secret value qroot(0). FIG. 3 is an exemplary diagram of an access control tree structure in which leaf nodes are user attributes and non-leaf nodes are logical control operationsThe "2 of 3" node indicates that the user attribute set must satisfy any two of the three child nodes to decrypt the node secret value, the "OR" node indicates that the user attribute satisfies any one of its child nodes, which is equivalent to "1 of n", AND the "AND" node indicates that the user attribute must satisfy all of its child nodes, which is equivalent to "n of n".
5.2: the cloud computing center CCC2 substitutes the secret value calculated according to 5.1 into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation.
CT' is returned to the MDV via a secure channel.
6. Data decryption: performing DecryptMDV(CT ', M'), this part is completed by MDV, it takes medical record data ciphertext M 'and CT' as input, outputs medical record plaintext message M or terminator.
Specifically, the MDV decrypts M 'by using the symmetric key CT' (i.e., ISK) obtained in step 5 to obtain the plaintext of medical record data, which is as follows:
M=DecCT'(M')。
the above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (6)

1. A medical record data access control system based on attribute encryption is characterized by comprising five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein five entities are communicated through the Internet;
the attribute authority AA is used for attribute distribution authentication of medical record data accessors, generating a system public key PK to be sent to medical record data owners, generating a master key MK, and generating a decryption private key SK of the medical record data accessors by combining attributes of the medical record data accessors to be sent to the medical record data accessors;
medical record data owner MDO: the method comprises the steps that a user with medical record data formulates an access strategy and encrypts medical record information through an algorithm, the computing power of the entity is considered to be weak, the access strategy, an algorithm secret key and a system public key PK are further used for encrypting to form a ciphertext and the ciphertext is sent back to an MDO (data management and input) under the help of a cloud computing center, and then the MDO sends two parts of encrypted medical record data and the ciphertext to the cloud storage center for storage;
the medical record data accessor MDV indicates a user who wants to access medical record data, the medical record data accessor can read encrypted data on the cloud storage center, an attribute set of the medical record data accessor is authenticated by obtaining AA to obtain an exclusive decryption private key, and then if the attribute set of the medical record data accessor authenticated by the AA meets an access strategy formulated by the MDO, an algorithm secret key can be obtained by using the decryption private key distributed by the AA to decrypt the medical record data plaintext, otherwise, plaintext information cannot be obtained; considering that the entity is weak in computing power, the private key is decrypted with the help of the cloud computing center, and then data decryption is carried out through the MDO;
the cloud storage center CSC provides data storage service for users, medical record data owners store the ciphertext in the cloud storage center, and medical record data accessors download the ciphertext from the cloud storage center;
cloud computing center CCC: the method is used for operation in the encryption and decryption processes, and the encryption and decryption efficiency is improved.
2. The medical record data access control system based on attribute encryption as claimed in claim 1, wherein the cloud computing center CCC corresponds to two cloud computing servers CCC1 and CCC2, which provide computing services for the medical record data owner and the medical record data visitor, respectively.
3. A medical record data access control method based on attribute encryption is characterized in that the medical record data access control system based on attribute encryption of claim 2 is established, and the access control method comprises the following steps:
1) initialization: execute setup (1)λ) The part is completed by AA, and a system public key PK and a system master key MK are generated;
2) and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
3) encrypting medical record data: executing EncryptMDO(M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
4) symmetric key encryption: executing EncryptCCC1(PK, ISK, T), which is completed by CCC1, a system public key PK, a symmetric encryption key ISK and an access strategy T formulated by the MDO are taken as input, the symmetric key is encrypted by using a ciphertext strategy attribute-based encryption algorithm to generate a symmetric key ciphertext CT, the ciphertext CT is returned to the MDO through a secure channel, and finally, the MDO sends a medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage;
5) and (3) decryption by using a symmetric key: performing DecryptCCC2(T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
6) data decryption: performing DecryptMDV(CT ', M'), this part is completed by MDV, it takes medical record data ciphertext M 'and CT' as input, outputs medical record plaintext message M or terminator.
4. The method for controlling access to medical record data based on attribute encryption according to claim 3, wherein the attribute authority AA generates the decryption private key SK by the following specific method:
1.1) selecting two bilinear groups G and G of prime p orderTWherein G is the generator of group G, constructing bilinear map e G → GTConstructing a hash function H: {0,1}*→G;
1.2) selecting a random number alpha,
Figure FDA0003116592440000021
g1∈G,
Figure FDA0003116592440000022
A multiplicative group of a remaining class ring of p, and g1For any element of group G except G, h ═ G is definedαThe computing system public key PK and the system master key MK are respectively: PK ═ G, GT,p,H,g,h=gα},
Figure FDA0003116592440000023
1.3) executing KeyGen (MK, S) and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
the MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set, then executes an algorithm KeyGen (MK, S) to generate a decryption private key SK of a user, and selects a corresponding random element for any attribute i belonging to S in the user attribute set
Figure FDA0003116592440000031
And (3) calculating:
Figure FDA0003116592440000032
5. the method for controlling access to medical record data based on attribute encryption according to claim 4, wherein the symmetric key encryption in step 4) is as follows:
4.1) user-defined ciphertext policy tree access structure T, leaf nodes of the access tree are attributes, non-leaf nodes are threshold operations, and the algorithm defines a polynomial q for each node of the access treexStarting from a root node, the polynomial of each node is randomly generated in a top-down mode, and the secret value of the root node is
Figure FDA0003116592440000033
Namely, the polynomial constant term of the root node is s;
4.2) using the ISK as an attribute encryption object, calculating to obtain a symmetric key ciphertext CT, wherein the ISK is transmitted to the CCC1 by the MDO through a secure channel, which is specifically as follows:
Figure FDA0003116592440000034
wherein, X represents all nodes in the access tree, and X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3) the MDO uploads the M' and the CT to a cloud storage center.
6. The method for controlling access to medical record data based on attribute encryption according to claim 5, wherein the specific method for decrypting the symmetric key in step 5) is as follows:
5.1) the MDV acquires a ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, which specifically comprises the following steps:
defining recursive decryption operation DecryptNode (CT, SK, x), defining i att (x) as the attribute of leaf node x, defining i index (x) as the serial number of x in the serial number for non-leaf node x, so as to decrypt each leaf node of the access control tree to calculate DecryptNode (CT, SK, x), then gradually upwards, finally decrypting the root node to obtain its secret value qroot(0);
5.2) the cloud computing center CCC2 substitutes the secret value calculated according to the step 5.1) into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation;
5.3) CT' is returned to the MDV via a secure channel.
CN202110665330.2A 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption Active CN113411323B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110665330.2A CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110665330.2A CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Publications (2)

Publication Number Publication Date
CN113411323A true CN113411323A (en) 2021-09-17
CN113411323B CN113411323B (en) 2022-09-30

Family

ID=77684271

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110665330.2A Active CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Country Status (1)

Country Link
CN (1) CN113411323B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567436A (en) * 2022-03-23 2022-05-31 浙江工业大学 Biological characteristic data security access control method
CN115174175A (en) * 2022-06-24 2022-10-11 深圳市北科瑞声科技股份有限公司 Data access method and device, electronic equipment and storage medium
CN115664810A (en) * 2022-10-25 2023-01-31 电子科技大学 Epidemic disease early warning method for cloud-assisted electronic medical system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107846397A (en) * 2017-09-30 2018-03-27 北京理工大学 A kind of cloud storage access control method based on the encryption of attribute base
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN108390876A (en) * 2018-02-13 2018-08-10 西安电子科技大学 Revocation outsourcing is supported to can verify that more authorization center access control methods, Cloud Server
CN109246096A (en) * 2018-08-30 2019-01-18 西安电子科技大学 Multi-functional fine-grained access control method suitable for cloud storage
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN112380553A (en) * 2020-11-25 2021-02-19 华南理工大学 Multi-key searchable encryption method and system based on attribute access control structure

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107846397A (en) * 2017-09-30 2018-03-27 北京理工大学 A kind of cloud storage access control method based on the encryption of attribute base
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN108390876A (en) * 2018-02-13 2018-08-10 西安电子科技大学 Revocation outsourcing is supported to can verify that more authorization center access control methods, Cloud Server
CN109246096A (en) * 2018-08-30 2019-01-18 西安电子科技大学 Multi-functional fine-grained access control method suitable for cloud storage
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN112380553A (en) * 2020-11-25 2021-02-19 华南理工大学 Multi-key searchable encryption method and system based on attribute access control structure

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ZHEN ZHAO,ETC: "Efficient Construction for Full Black-Box Accountable Authority Identity-Based Encryption", 《IEEE》 *
张磊等: "基于区块链的电子医疗病历可控共享模型", 《自动化学报》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567436A (en) * 2022-03-23 2022-05-31 浙江工业大学 Biological characteristic data security access control method
CN114567436B (en) * 2022-03-23 2024-04-12 浙江工业大学 Biological characteristic data security access control method
CN115174175A (en) * 2022-06-24 2022-10-11 深圳市北科瑞声科技股份有限公司 Data access method and device, electronic equipment and storage medium
CN115174175B (en) * 2022-06-24 2024-03-22 深圳市北科瑞声科技股份有限公司 Data access method, device, electronic equipment and storage medium
CN115664810A (en) * 2022-10-25 2023-01-31 电子科技大学 Epidemic disease early warning method for cloud-assisted electronic medical system
CN115664810B (en) * 2022-10-25 2024-02-23 电子科技大学 Epidemic early warning method for cloud-assisted electronic medical system

Also Published As

Publication number Publication date
CN113411323B (en) 2022-09-30

Similar Documents

Publication Publication Date Title
Miao et al. Secure online/offline data sharing framework for cloud-assisted industrial Internet of Things
Tong et al. Cloud-assisted mobile-access of health data with privacy and auditability
CN108881314B (en) Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
US20210089676A1 (en) Methods and systems for secure data exchange
CN110099043A (en) The hiding more authorization center access control methods of support policy, cloud storage system
CN113411323B (en) Medical record data access control system and method based on attribute encryption
CN105100083B (en) A kind of secret protection and support user's revocation based on encryption attribute method and system
Li et al. Unified fine-grained access control for personal health records in cloud computing
WO2023044963A1 (en) Method and system for re-encrypting threshold proxy based on attribute condition
Swathy et al. Providing advanced security mechanism for scalable data sharing in cloud storage
Zhao et al. An efficient access control scheme with outsourcing and attribute revocation for fog-enabled E-health
CN108111540A (en) The hierarchical access control system and method for data sharing are supported in a kind of cloud storage
Islam et al. Attribute-based encryption scheme for secure multi-group data sharing in cloud
Wang et al. Ciphertext-policy attribute-based encryption supporting policy-hiding and cloud auditing in smart health
Xu et al. Enabling authorized encrypted search for multi-authority medical databases
Hao et al. Efficient attribute-based access control with authorized search in cloud storage
Sethia et al. CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder.
Ma et al. Revocable attribute-based encryption scheme with efficient deduplication for ehealth systems
Niu et al. Attribute-based keyword search encryption scheme with verifiable ciphertext via blockchains
Qinlong et al. Improving security and efciency for encrypted data sharing in online social networks
Fugkeaw A lightweight policy update scheme for outsourced personal health records sharing
Alimohammadi et al. A secure key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage
Ragesh et al. Cryptographically enforced data access control in personal health record systems
Yan et al. Traceable and weighted attribute-based encryption scheme in the cloud environment
Kibiwott et al. Privacy Preservation for eHealth Big Data in Cloud Accessed Using Resource-Constrained Devices: Survey.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230601

Address after: 200333 room 1109, No.4, Lane 800, Tongpu Road, Putuo District, Shanghai

Patentee after: Shanghai Qiyue Information Technology Co.,Ltd.

Address before: 200235 No. 120, Xuhui District, Shanghai, Caobao Road

Patentee before: SHANGHAI INSTITUTE OF TECHNOLOGY

TR01 Transfer of patent right