CN113411323B - Medical record data access control system and method based on attribute encryption - Google Patents

Medical record data access control system and method based on attribute encryption Download PDF

Info

Publication number
CN113411323B
CN113411323B CN202110665330.2A CN202110665330A CN113411323B CN 113411323 B CN113411323 B CN 113411323B CN 202110665330 A CN202110665330 A CN 202110665330A CN 113411323 B CN113411323 B CN 113411323B
Authority
CN
China
Prior art keywords
medical record
record data
attribute
key
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110665330.2A
Other languages
Chinese (zh)
Other versions
CN113411323A (en
Inventor
薛庆水
时雪磊
马海峰
薛震
张继
王晨阳
王俊华
周雨卫
崔墨香
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Qiyue Information Technology Co Ltd
Original Assignee
Shanghai Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Institute of Technology filed Critical Shanghai Institute of Technology
Priority to CN202110665330.2A priority Critical patent/CN113411323B/en
Publication of CN113411323A publication Critical patent/CN113411323A/en
Application granted granted Critical
Publication of CN113411323B publication Critical patent/CN113411323B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Abstract

The invention relates to a medical record data access control system and method based on attribute encryption, which comprises five entities: the system comprises an attribute authorization mechanism, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein the five entities are communicated through the Internet; the medical record data owner encrypts the medical record data of the patient and then puts the encrypted medical record data into the cloud storage center for the access of the object with decryption qualification, so that the problems that the medical record can not follow the patient to walk, data islands exist among hospitals and the like can be effectively solved; the method introduces an access control scheme of attribute encryption based on a ciphertext strategy, realizes access control on a user, and simultaneously improves the operation efficiency of encryption and decryption; the method mainly considers the problem of calculation overhead of a data owner and a data visitor by adopting a calculation outsourcing scheme, and meanwhile fine-grained access control of a user on encrypted data is realized.

Description

Medical record data access control system and method based on attribute encryption
Technical Field
The invention relates to an information security technology, in particular to a medical record data access control system and method based on attribute encryption.
Background
In recent years, with the development of information technology, the traditional paper record obviously does not meet the requirement of various industries on key data storage, so the paper record is gradually replaced by information record. Personal medical record data of a hospital is no exception, and is not written by a doctor any longer, but is stored and recorded by a computer. However, there still exist some problems, such as weak data connection between different hospitals, data islanding problem of medical data, and the same examination may need to be done again after the patient is transferred, which is time-consuming, troublesome and wasteful of medical resources to some extent. After the cloud storage technology is developed, the existing information technology can be utilized, personal electronic medical record data can be stored in the cloud, the personal electronic medical record data can be downloaded and accessed by a user with permission, and after a patient is transferred, a new hospital can also acquire the previous medical record information of the patient in time, so that the medical efficiency is improved, the medical data utilization rate is improved, and the medical experience of the patient in a new era is improved.
The personal medical record data is not directly stored on the cloud server, and data ciphertext is stored on the cloud server, so that the data contains a lot of privacy information of the patient, the information is not wanted to be seen by other people, and the personal medical record data is encrypted and then is stored on the cloud. How to protect privacy and simultaneously facilitate medical resource sharing is a problem to be solved by applying a storage technology to improve medical efficiency.
Disclosure of Invention
Aiming at the problems existing in the further development of the existing electronic medical record data, the system and the method for controlling the access to the medical record data based on the attribute encryption are provided, the fine-grained access of a user can be realized through an attribute-based encryption mode, whether the access authority exists or not is judged through the user attribute, and the flexibility of the access control is improved under the condition of ensuring the data security.
The technical scheme of the invention is as follows: a medical record data access control system based on attribute encryption comprises five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein five entities are communicated through the Internet;
the attribute authority AA is used for attribute distribution authentication of medical record data accessors, generating a system public key PK to be sent to medical record data owners, generating a master key MK, and generating a decryption private key SK of the medical record data accessors by combining attributes of the medical record data accessors to be sent to the medical record data accessors;
medical record data owner MDO: the method comprises the steps that a user with medical record data formulates an access strategy and encrypts medical record information through an algorithm, considering that the computing power of the entity is weak, the access strategy, an algorithm secret key and a system public key PK are used for further encrypting to form a ciphertext and sending the ciphertext back to an MDO (media data administration) under the help of a cloud computing center, and then the MDO sends the encrypted medical record data and the ciphertext to a cloud storage center for storage;
the medical record data accessor MDV refers to a user who wants to access medical record data, the medical record data accessor can read encrypted data on a cloud storage center, an attribute set of the medical record data accessor is authenticated by obtaining AA to obtain an exclusive decryption private key, and then if the attribute set of the medical record data accessor, which is authenticated by the AA, meets an access strategy formulated by the MDO, an algorithm key can be obtained by using the decryption private key distributed by the AA to decrypt a medical record data plaintext, otherwise, plaintext information cannot be obtained; considering that the entity is weak in computing power, the private key is decrypted with the help of the cloud computing center, and then data decryption is carried out through the MDO;
the cloud storage center CSC provides data storage service for users, medical record data owners store the ciphertext in the cloud storage center, and medical record data accessors download the ciphertext from the cloud storage center;
cloud computing center CCC: the method is used for operation in the encryption and decryption processes, and the encryption and decryption efficiency is improved.
Preferably, the cloud computing center CCC corresponds to two cloud computing servers CCC1 and CCC2, and provides computing services for two types of users, namely, a medical record data owner and a medical record data visitor.
A medical record data access control method based on attribute encryption is established, and comprises the following steps:
1) initialization: execute setup (1) λ ) The part is completed by AA, and a system public key PK and a system master key MK are generated;
2) and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
3) encrypting medical record data: executing Encrypt MDO (M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
4) symmetric key encryption: executing Encrypt CCC1 (PK, ISK, T), which is completed by CCC1, a system public key PK, a symmetric encryption key ISK and an access strategy T formulated by the MDO are taken as input, the symmetric key is encrypted by using a ciphertext strategy attribute-based encryption algorithm to generate a symmetric key ciphertext CT, the ciphertext CT is returned to the MDO through a secure channel, and finally, the MDO sends a medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage;
5) and (3) decryption by using a symmetric key: performing Decrypt CCC2 (T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
6) data decryption: performing Decrypt MDV (CT ', M'), this part is completed by MDV, it takes medical record data ciphertext M 'and CT' as input, outputs medical record plaintext message M or terminator.
Further, the specific method for the attribute authority AA to generate the decryption private key SK is as follows:
1.1) selecting two bilinear groups G and G with prime number p T Wherein G is the generator of the group G, constructing a bilinear map e, G → G T Constructing a hash function H: {0,1} * →G;
1.2) selecting random numbers
Figure BDA0003116592450000031
g 1 ∈G,
Figure BDA0003116592450000032
A multiplicative group of a remaining class ring of p, and g 1 For any element of group G except G, h ═ G is defined α The computing system public key PK and the system master key MK are respectively: PK ═ G, G T ,p,H,g,h=g α },
Figure BDA0003116592450000033
1.3) executing KeyGen (MK, S) and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
the MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set, then executes an algorithm KeyGen (MK, S) to generate a decryption private key SK of a user, and selects a corresponding random element for any attribute i belonging to S in the user attribute set
Figure BDA0003116592450000034
And (3) calculating:
Figure BDA0003116592450000035
further, the specific method for encrypting the symmetric key in the step 4) is as follows:
4.1) the user defines the tree access structure T of the ciphertext strategy, leaf nodes of the access tree are attributes, non-leaf nodes are threshold operations, and the algorithm defines a polynomial q for each node of the access tree x Starting from a root node, the polynomial of each node is randomly generated in a top-down mode, and the secret value of the root node is
Figure BDA0003116592450000041
Namely, the polynomial constant term of the root node is s;
4.2) taking the ISK as an attribute encryption object, calculating to obtain a symmetric key ciphertext CT, and transmitting the ISK to the CCC1 by the MDO through a secure channel, wherein the method specifically comprises the following steps:
Figure BDA0003116592450000042
wherein, X represents all nodes in the access tree, X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3) the MDO uploads the M' and the CT to a cloud storage center.
Further, the specific method for decrypting the symmetric key in the step 5) is as follows:
5.1) the MDV acquires a ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, which specifically comprises the following steps:
defining recursive decryption operation DecryptNode (CT, SK, x), defining i att (x) as the attribute of leaf node x, defining i index (x) as the serial number of x in the serial number for non-leaf node x, so as to decrypt each leaf node of the access control tree to calculate DecryptNode (CT, SK, x), then gradually upwards, finally decrypting the root node to obtain its secret value q root (0);
5.2) the cloud computing center CCC2 substitutes the secret value calculated according to the step 5.1) into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation;
5.3) CT' is returned to the MDV via a secure channel.
The invention has the beneficial effects that: according to the medical record data access control system and method based on attribute encryption, a medical record data owner encrypts patient record data and then puts the patient record data into a cloud storage center for access of an object with decryption qualification, so that the problems that a medical record cannot follow a patient, data islands exist among hospitals and the like can be effectively solved; the method introduces an access control scheme of attribute encryption based on a ciphertext strategy, realizes access control on a user, and simultaneously improves the operation efficiency of encryption and decryption; the method mainly considers the problem of calculation overhead of a data owner and a data visitor by adopting a calculation outsourcing scheme, and meanwhile fine-grained access control of a user on encrypted data is realized.
Drawings
FIG. 1 is a schematic diagram of a medical record data access control system based on attribute encryption according to the present invention;
FIG. 2 is a flowchart of a medical record data access control method based on attribute encryption according to the present invention;
FIG. 3 is a diagram illustrating an example of an access control tree structure according to the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments. The present embodiment is implemented on the premise of the technical solution of the present invention, and a detailed implementation manner and a specific operation process are given, but the scope of the present invention is not limited to the following embodiments.
As shown in fig. 1, a schematic structural diagram of a medical record data access control system based on attribute encryption includes five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein the five entities are communicated through the Internet.
A. The Attribute Authority (AA) is completely credible, and an Authority center of the system is used for Attribute distribution authentication of medical record data accessors, generates a public key PK of the system and sends the public key PK to a medical record data owner, generates a main key MK and then generates a decryption private key SK of the medical record data accessors by combining with the attributes of the medical record data accessors and sends the decryption private key SK to the medical record data accessors;
B. medical record Data Owner (MDO): mainly refers to a user who has medical record data, generally refers to a doctor or a patient. A doctor and a patient who possess medical record data can jointly make an access strategy and encrypt and store medical record information on a cloud storage center. A medical record data owner encrypts a medical record data plaintext through a symmetric Encryption AES (advanced Encryption Standard) algorithm and encrypts an AES symmetric key through an attribute-based Encryption scheme. Consider that the entity is computationally weak; the encrypted medical record data and the encrypted text are sent to the CSC for storage by the MDO.
C. Medical record Data accessors (MDVs) mainly refer to users who want to access Medical record Data. The medical record data accessor can read the encrypted data on the cloud storage center, the attribute set of the medical record data accessor is authenticated by the AA to obtain an exclusive decryption private key, and then if the user attribute set of the medical record data accessor authenticated by the AA meets an access strategy formulated by the MDO, the private key distributed by the AA can be used for decryption to obtain an AES symmetric key so as to decrypt the medical record data plaintext, otherwise, plaintext information cannot be obtained. Consider that the entity is computationally weak; the key is decrypted with the help of the cloud computing center, and then the data is decrypted by the MDO.
D. And the Cloud Storage Center (CSC) provides data Storage service for the user, the medical record data owner stores the ciphertext in the Cloud Storage Center, and the medical record data visitor downloads the ciphertext from the Cloud Storage Center. The cloud storage center server is considered to be honest and suspicious, and can honest execute various tasks according to rules;
E. cloud Computing Center (CCC): the cloud computing center can be used for providing computing power due to the limitation of the computing power of the terminal, and the encryption and decryption efficiency is improved. In the method, the CCC1 and the CCC2 correspond to two cloud computing servers, and the main function is to provide computing services for medical record data owners and medical record data visitors respectively without other differences. The cloud computing center server is considered to be honest and suspicious and can honestly perform various tasks according to the rules.
As shown in fig. 2, a flowchart of an attribute encryption-based medical record data access control method is shown, and the access control method includes the following steps:
1. initialization: execute setup (1) λ ) This is done by the AA, generating a system public key PK and a system master key MK.
Specifically, step 1 further comprises:
1.1 two bilinear groups G and G with prime p of order are selected T Wherein G is the generator of group G, constructing bilinear map e G → G T Constructing a hash function H: {0,1} * →G;
1.2, selecting random numbers
Figure BDA0003116592450000061
g 1 ∈G,
Figure BDA0003116592450000062
Multiplicative group of a remaining class ring of p, and g 1 For any element of group G except G, h ═ G is defined α The computing system public key PK and the system master key MK are respectively:
PK={G,G T ,p,H,g,h=g α },
Figure BDA0003116592450000063
2. and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
specifically, the MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set of the AA, then an algorithm KeyGen (MK, S) is executed to generate a decryption private key SK of a user, and a corresponding random element is selected for any attribute iee S in the user attribute set
Figure BDA0003116592450000071
And (3) calculating:
Figure BDA0003116592450000072
3. encrypting medical record data: executing Encrypt MDO (M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
specifically, aiming at the plaintext data of the electronic medical record, the MDO adopts a symmetric encryption algorithm AES to encrypt the plaintext data, and a symmetric encryption key ISK is selected to encrypt the data, specifically:
M'=Enc ISK (M)。
4. symmetric key encryption: executing Encrypt CCC1 (PK, ISK, T), which is completed by CCC1, a system public key PK, a symmetric encryption key ISK and an access strategy T formulated by the MDO are taken as input, the symmetric key is encrypted by using a ciphertext strategy attribute-based encryption algorithm to generate a symmetric key ciphertext CT, the ciphertext CT is returned to the MDO through a secure channel, and finally, the MDO sends a medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage;
specifically, step 4 further comprises:
4.1, defining a tree access structure T of a ciphertext strategy by a user, wherein leaf nodes of an access tree are attributes, non-leaf nodes are threshold operations, and an algorithm needs to define a polynomial q for each node of the access tree x Starting from a root node, the polynomial of each node is randomly generated in a top-down mode, and the secret value of the root node is
Figure BDA0003116592450000073
Namely, the polynomial constant term of the root node is s;
4.2, calculating to obtain a symmetric key ciphertext CT by taking the ISK as an attribute encryption object, wherein the encryption process is completed by a cloud computing center CCC1, and the ISK is transmitted to a CCC1 by an MDO through a secure channel, which specifically comprises the following steps:
Figure BDA0003116592450000074
wherein, X represents all nodes in the access tree, X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3, the MDO uploads the M' and the CT to a cloud storage center.
5. And (3) decryption by using a symmetric key: performing Decrypt CCC2 (T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
specifically, step 5 further comprises:
5.1: the MDV acquires the ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, wherein the decryption operation is as follows:
defining recursive decryption operation DecryptNode (CT, SK, x), defining i att (x) as the attribute of leaf node x for leaf node x of access control tree, defining i index (x) for non-leaf node x, and index (x) as the sequence number of x in brother (numbering from left to right), so that each leaf node of access control tree is decrypted first to calculate DecryptNode (CT, SK, x), then step by step upwards, finally decrypting root node to obtain its secret value q root (0). As shown in fig. 3, the example of the access control tree structure is shown, where leaf nodes are user attributes, non-leaf nodes are logic control operations, a "2 of 3" node indicates that a user attribute set must satisfy any two of the three child nodes to decrypt the node secret value, an "OR" node indicates that a user attribute satisfies any one of its child nodes, which is equivalent to "1 of n", AND an "AND" node indicates that a user attribute must satisfy all of its child nodes, which is equivalent to "n of n".
5.2: the cloud computing center CCC2 substitutes the secret value calculated according to 5.1 into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation.
CT' is returned to the MDV via a secure channel.
6. Data decryption: performing Decrypt MDV (CT ', M'), this part is done by MDV, which is encrypted with case history dataThe text M 'and CT' are input, and the medical record plaintext message M or the terminator is output.
Specifically, the MDV decrypts M 'by using the symmetric key CT' (i.e., ISK) obtained in step 5, to obtain the plaintext of the medical record data, which is as follows:
M=Dec CT' (M')。
the above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (6)

1. A medical record data access control system based on attribute encryption is characterized by comprising five types of entities: the system comprises an attribute authority, a medical record data owner, a medical record data accessor, a cloud storage center and a cloud computing center, wherein five entities are communicated through the Internet;
the attribute authority AA is used for attribute distribution authentication of medical record data accessors, generating a system public key PK to be sent to medical record data owners, generating a master key MK, and generating a decryption private key SK of the medical record data accessors by combining attributes of the medical record data accessors to be sent to the medical record data accessors;
medical record data owner MDO: the method comprises the steps that a user with medical record data formulates an access strategy and encrypts medical record information through an algorithm, the computing power of the entity is considered to be weak, the access strategy, an algorithm secret key and a system public key PK are further used for encrypting to form a ciphertext and the ciphertext is sent back to an MDO (data management and input) under the help of a cloud computing center, and then the MDO sends two parts of encrypted medical record data and the ciphertext to the cloud storage center for storage;
the medical record data accessor MDV refers to a user who wants to access medical record data, the medical record data accessor reads encrypted data on the cloud storage center, an attribute set of the medical record data accessor obtains an exclusive decryption private key by obtaining AA authentication, and then if the attribute set of the user of the medical record data accessor, which passes the AA authentication, meets an access strategy formulated by the MDO, an algorithm key is obtained by using the decryption private key distributed by the AA, so that the medical record data plaintext is decrypted, otherwise, plaintext information cannot be obtained; considering that the entity is weak in computing power, the private key is decrypted with the help of the cloud computing center, and then data decryption is carried out through the MDO;
the cloud storage center CSC provides data storage service for users, medical record data owners store the ciphertext in the cloud storage center, and medical record data accessors download the ciphertext from the cloud storage center;
cloud computing center CCC: the method is used for operation in the encryption and decryption processes, and the encryption and decryption efficiency is improved.
2. The medical record data access control system based on attribute encryption as claimed in claim 1, wherein the cloud computing center CCC corresponds to two cloud computing servers CCC1 and CCC2, which respectively provide computing services for the owner and the visitor of the medical record data.
3. A medical record data access control method based on attribute encryption is characterized in that the medical record data access control system based on attribute encryption of claim 2 is established, and the access control method comprises the following steps:
1) initialization: execute setup (1) λ ) The part is completed by AA, and a system public key PK and a system master key MK are generated;
2) and (3) generating a decryption private key: executing KeyGen (MK, S), which is completed by AA, and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
3) encrypting medical record data: executing Encrypt MDO (M, ISK), this part is finished by MDO, encrypt the plaintext data with AES algorithm, produce the cipher text data, M represents the case history plaintext data, ISK represents the symmetric encryption key, output cipher text M';
4) symmetric key encryption: executing Encrypt CCC1 (PK, ISK, T), this part is accomplished by CCC1, taking system public key PK, symmetric encryption key ISK and access policy T formulated by MDO as input, and utilizingEncrypting the symmetric key by using a ciphertext strategy attribute-based encryption algorithm to generate a symmetric key ciphertext CT, returning the ciphertext CT to the MDO through a secure channel, and finally sending the medical record data ciphertext M' and the symmetric key ciphertext CT to the CSC for storage by the MDO;
5) and (3) decryption by using a symmetric key: performing Decrypt CCC2 (T, SK), this part is accomplished by CCC2, it regards user's private key SK, symmetric cipher key ciphertext CT as the input, if the user attribute set meets the tree-shaped access tree of the encrypted data, output CT', and send to MDV through the secure channel; otherwise, outputting T;
6) data decryption: performing Decrypt MDV (CT ', M'), this part is completed by MDV, it takes medical record data ciphertext M 'and CT' as input, outputs medical record plaintext message M or terminator.
4. The method for controlling access to medical record data based on attribute encryption according to claim 3, wherein the attribute authority AA generates the decryption private key SK by the following specific method:
1.1) selecting two bilinear groups G and G of prime p order T Wherein G is the generator of group G, constructing bilinear map e G → G T Constructing a hash function H: {0,1} * →G;
1.2) selecting a random number alpha,
Figure FDA0003675759960000021
g 1 ∈G,
Figure FDA0003675759960000022
A multiplicative group of a remaining class ring of p, and g 1 For any element of group G except G, h ═ G is defined α The computing system public key PK and the system master key MK are respectively: PK ═ G, G T ,p,H,g,h=g α },
Figure FDA0003675759960000023
1.3) executing KeyGen (MK, S) and generating a decryption private key SK of a medical record data visitor, wherein MK is a system master key, and S represents a user attribute set;
MDV applies for the AA where the MDV is located, the AA authenticates the identity attribute set, then an algorithm KeyGen (MK, S) is executed to generate a decryption private key SK of a user, and a corresponding random element is selected for any attribute i epsilon S in the user attribute set
Figure FDA0003675759960000031
And (3) calculating:
Figure FDA0003675759960000032
5. the method for controlling access to medical record data based on attribute encryption according to claim 4, wherein the step 4) symmetric key encryption is as follows:
4.1) user-defined ciphertext policy tree access structure T, leaf nodes of the access tree are attributes, non-leaf nodes are threshold operations, and the algorithm defines a polynomial q for each node of the access tree x Starting from a root node, the polynomial of each node is randomly generated in a top-down mode, and the secret value of the root node is
Figure FDA0003675759960000033
Namely, the polynomial constant term of the root node is s;
4.2) taking the ISK as an attribute encryption object, calculating to obtain a symmetric key ciphertext CT, and transmitting the ISK to the CCC1 by the MDO through a secure channel, wherein the method specifically comprises the following steps:
Figure FDA0003675759960000034
wherein, X represents all nodes in the access tree, and X represents a single leaf node in the access tree, and the computed CT is returned to the MDO through a secure channel;
4.3) the MDO uploads the M' and the CT to a cloud storage center.
6. The method for controlling access to medical record data based on attribute encryption according to claim 5, wherein the specific method for decrypting the symmetric key in step 5) is as follows:
5.1) the MDV acquires a ciphertext from the CSC, sends the SK and the CT to a cloud computing center CCC2 through a secure channel, and executes decryption operation by a cloud server, wherein the decryption operation is as follows:
defining recursive decryption operation DecryptNode (CT, SK, x), defining i att (x) as the attribute of leaf node x, defining i index (x) as the serial number of x in the serial number for non-leaf node x, so as to decrypt each leaf node of the access control tree to calculate DecryptNode (CT, SK, x), then gradually upwards, finally decrypting the root node to obtain its secret value q root (0);
5.2) the cloud computing center CCC2 substitutes the secret value calculated according to the step 5.1) into the decryption of the ciphertext CT, inputs CT and SK, and outputs CT' through specific calculation;
5.3) CT' is returned to the MDV via a secure channel.
CN202110665330.2A 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption Active CN113411323B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110665330.2A CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110665330.2A CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Publications (2)

Publication Number Publication Date
CN113411323A CN113411323A (en) 2021-09-17
CN113411323B true CN113411323B (en) 2022-09-30

Family

ID=77684271

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110665330.2A Active CN113411323B (en) 2021-06-16 2021-06-16 Medical record data access control system and method based on attribute encryption

Country Status (1)

Country Link
CN (1) CN113411323B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114567436B (en) * 2022-03-23 2024-04-12 浙江工业大学 Biological characteristic data security access control method
CN115174175B (en) * 2022-06-24 2024-03-22 深圳市北科瑞声科技股份有限公司 Data access method, device, electronic equipment and storage medium
CN115664810B (en) * 2022-10-25 2024-02-23 电子科技大学 Epidemic early warning method for cloud-assisted electronic medical system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107846397A (en) * 2017-09-30 2018-03-27 北京理工大学 A kind of cloud storage access control method based on the encryption of attribute base
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN109246096A (en) * 2018-08-30 2019-01-18 西安电子科技大学 Multi-functional fine-grained access control method suitable for cloud storage
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108390876B (en) * 2018-02-13 2021-12-14 西安电子科技大学 Multi-authorization-center access control method capable of supporting outsourcing revocation and verification and cloud server
US11310041B2 (en) * 2019-04-05 2022-04-19 Arizona Board Of Regents On Behalf Of Arizona State University Method and apparatus for achieving fine-grained access control with discretionary user revocation over cloud data
CN112380553B (en) * 2020-11-25 2022-12-16 华南理工大学 Multi-key searchable encryption method and system based on attribute access control structure

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107846397A (en) * 2017-09-30 2018-03-27 北京理工大学 A kind of cloud storage access control method based on the encryption of attribute base
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN109246096A (en) * 2018-08-30 2019-01-18 西安电子科技大学 Multi-functional fine-grained access control method suitable for cloud storage
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110099043A (en) * 2019-03-24 2019-08-06 西安电子科技大学 The hiding more authorization center access control methods of support policy, cloud storage system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Efficient Construction for Full Black-Box Accountable Authority Identity-Based Encryption;Zhen Zhao,etc;《IEEE》;20190218;全文 *
基于区块链的电子医疗病历可控共享模型;张磊等;《自动化学报》;20200821;全文 *

Also Published As

Publication number Publication date
CN113411323A (en) 2021-09-17

Similar Documents

Publication Publication Date Title
Xu et al. Secure fine-grained access control and data sharing for dynamic groups in the cloud
Liang et al. Searchable attribute-based mechanism with efficient data sharing for secure cloud storage
CN108881314B (en) Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
Liang et al. Attribute based proxy re-encryption with delegating capabilities
Zuo et al. Fine-grained two-factor protection mechanism for data sharing in cloud storage
Zhou et al. Enforcing role-based access control for secure data storage in the cloud
Yu et al. Achieving secure, scalable, and fine-grained data access control in cloud computing
CN110099043A (en) The hiding more authorization center access control methods of support policy, cloud storage system
CN113411323B (en) Medical record data access control system and method based on attribute encryption
CN106375346B (en) Data guard method based on condition broadcast agent re-encryption under a kind of cloud environment
CN105100083B (en) A kind of secret protection and support user's revocation based on encryption attribute method and system
WO2023044963A1 (en) Method and system for re-encrypting threshold proxy based on attribute condition
Swathy et al. Providing advanced security mechanism for scalable data sharing in cloud storage
JP2010220212A (en) Securing communications sent by first user to second user
WO2014114080A1 (en) Method and system for data encryption protection
Huang et al. Efficient revocable storage attribute-based encryption with arithmetic span programs in cloud-assisted internet of things
Hao et al. Efficient attribute-based access control with authorized search in cloud storage
Qinlong et al. Improving security and efciency for encrypted data sharing in online social networks
Deng et al. Policy-based broadcast access authorization for flexible data sharing in clouds
Niu et al. Attribute-based keyword search encryption scheme with verifiable ciphertext via blockchains
Fugkeaw A lightweight policy update scheme for outsourced personal health records sharing
Li et al. Multi-user searchable encryption with a designated server
CN114697042A (en) Block chain-based Internet of things security data sharing proxy re-encryption method
Qin et al. Flexible and lightweight access control for online healthcare social networks in the context of the internet of things
Yan et al. Traceable and weighted attribute-based encryption scheme in the cloud environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230601

Address after: 200333 room 1109, No.4, Lane 800, Tongpu Road, Putuo District, Shanghai

Patentee after: Shanghai Qiyue Information Technology Co.,Ltd.

Address before: 200235 No. 120, Xuhui District, Shanghai, Caobao Road

Patentee before: SHANGHAI INSTITUTE OF TECHNOLOGY

TR01 Transfer of patent right