CN113434177B - Medical software updating method and device based on medical data safety - Google Patents
Medical software updating method and device based on medical data safety Download PDFInfo
- Publication number
- CN113434177B CN113434177B CN202110762674.5A CN202110762674A CN113434177B CN 113434177 B CN113434177 B CN 113434177B CN 202110762674 A CN202110762674 A CN 202110762674A CN 113434177 B CN113434177 B CN 113434177B
- Authority
- CN
- China
- Prior art keywords
- medical
- data
- software
- medical data
- medical software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data security, and discloses a medical software updating method based on medical data security, which comprises the following steps: acquiring medical data of a user, and encrypting the medical data by using a medical data encryption scheme to obtain encrypted medical data; the medical software verifies the identity of the data manager; if the medical data passes the verification, the data management personnel uploads the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data into the medical software; and the data management personnel applies for medical data downloading from the medical software. The invention also provides a medical software updating device based on medical data safety. The invention realizes software updating based on data security.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a medical software updating method and device based on medical data security.
Background
The cloud computing system can provide flexible and powerful computing and storage resources for users, and particularly with the rapid development of new technologies such as big data, artificial intelligence and the like, the data security problem of the cloud computing system is very important as a basic platform of related technologies.
The traditional data security scheme obviously cannot adapt to the characteristics of cloud computing elasticity, multiple users, distributed deployment and the like, and has the defects of high computing complexity, high resource overhead, difficult ciphertext processing and the like, so that the traditional data security scheme cannot be suitable for medical software updating based on medical data security.
In view of this, how to implement security protection on medical data and implement medical software update based on medical data security becomes a problem to be urgently solved by those skilled in the art.
Disclosure of Invention
The invention provides a medical software updating method based on medical data safety, which is characterized in that medical data is encrypted by using a medical data encryption scheme, a data manager uploads the encrypted data to medical software, the medical software verifies the identity of the data manager and the integrity of the medical data, and if the verification is not wrong, the encrypted medical data is stored in the medical software, so that data information in the medical software is updated.
In order to achieve the above object, the present invention provides a medical software updating method based on medical data security, including:
acquiring medical data of a user, and encrypting the medical data by using a medical data encryption scheme to obtain encrypted medical data;
the medical software verifies the identity of the data manager;
if the verification is passed, the data management personnel uploads the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data into the medical software;
and the data management personnel applies for medical data downloading from the medical software.
Optionally, the encrypting the medical data by using the medical data encryption scheme includes:
1) medical software assigns unique medical data identification to user
And a user identity token
And initializing parameters based on the Chinese remainder theorem
And
and calculating to obtain a message authentication code of the medical data:
wherein:
2) identifying medical data
User identity token
Message authentication code
And time stamp information
Sending the information to medical software; medical software calculates message corresponding code
:
Verifying message correspondence code
Whether or not to equal the message authentication code
If, if
If the authentication information is incorrect, quitting the key negotiation stage and returning to the step 1);
3) after the verification is successful, the medical software generates two pairs of public keys and private keys:
and selecting a random number
Wherein
Record of
And a current time stamp
;
4) According to what is recorded
And a current time stamp
Generating a pair of public and private keys
And selecting a random number
In which
;
Calculating a shared message code:
wherein:
generating an encryption key for the medical data:
wherein:
encrypting the medical data by using the encryption key to obtain encrypted medical data;
5) will be provided with
Sending to medical software; the medical software calculates a decryption key of the medical data:
wherein:
in a specific embodiment of the present invention, after receiving the encrypted medical data, the medical software decrypts the encrypted medical data by using the decryption key to obtain the medical data.
Optionally, the process of the data manager identity authentication is as follows:
medical software constructionData manager identity table under different medical data labels
Wherein:
a data manager identity table in a medical data label i is represented;
the data management personnel sends an identity ID and a medical data label i to the medical software;
the medical software is based on the received medical data tag
User public key for searching corresponding user ID
And selecting a random number a and calculating
And sending F to a data manager;
data manager using private key
Decrypting F to obtain
And will be
Sending to medical software;
medical software separate calculation
And
if, if
If the request is not successful, the data management personnel is informed of the successful authentication, otherwise, the request is ignored.
Optionally, the data manager uploads the encrypted medical data to the medical software, and includes:
1) the data management personnel sends the medical data label, the hash value of the data abstract and the encrypted medical data C to the medical software;
2) the medical software decrypts the encrypted medical data and divides the decrypted data into n parts
Generating a summary for each data portion
Are combined with each other
Performing hash processing, inserting the generated k hashes into the Bloom Filter, wherein the corresponding bit positions are 1;
3) the medical software receives the medical data label and judges whether the medical data label exists or not, if so, verification is needed, and the verification process comprises the following steps: randomly selecting r data parts and sending the parts to a data manager, and the data manager generates an abstract of the data manager
And returns to the medical software for calculation
And (4) checking whether the corresponding bits of the Bloom Filter are all 1, if so, indicating that the corresponding bits are all 1, then verifying the corresponding bits, storing the decrypted data into the medical software, and updating the data information in the medical software.
Optionally, the downloading process of the medical data is as follows:
1) the data manager U requests to download the medical data and utilizes the randomMedical data label obtained by converging encrypted label generation algorithm
Sent to the medical software along with the user ID; wherein K represents an encryption key;
2) the medical software carries out identity authentication on the data management personnel, if the authentication is passed, the medical data downloading stage is entered, otherwise, the request is terminated;
3) medical software return
Giving a data manager, wherein C represents a medical data ciphertext, token represents a ciphertext abstract, the data manager calculates to obtain a decryption key SC, decrypts the medical data ciphertext by using the decryption key SC, and calculates a data abstract of the decrypted medical data
Determine whether token is equal to
If the two are equal, the medical data is completely stored, and the medical data is not tampered, the medical data is downloaded, otherwise, the medical data is abandoned.
In addition, to achieve the above object, the present invention provides a medical software updating apparatus based on medical data security, the apparatus including:
the data acquisition device is used for acquiring medical data of a user;
the data processor is used for verifying the identity of the data manager;
the data encryption device is used for encrypting the medical data by using a medical data encryption scheme to obtain encrypted medical data; the data management personnel upload the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data into the medical software; and the data management personnel applies for medical data downloading from the medical software.
In addition, to achieve the above object, the present invention also provides a computer readable storage medium, which stores medical software update program instructions, which can be executed by one or more processors to implement the steps of the implementation method of medical software update based on medical data security as described above.
Compared with the prior art, the invention provides a medical software updating method based on medical data safety, which has the following advantages:
firstly, the invention provides a medical data encryption method, and medical software distributes unique medical data identification to users
And a user identity token
And initializing parameters based on the Chinese remainder theorem
And
and calculating to obtain a message authentication code of the medical data:
wherein:
representing time stamp information; identifying medical data
User identity token
Message authentication code
And time stamp information
The information is sent to medical software, when a user needs to be tracked, the medical software can analyze the message authentication code to obtain a user identity token, and the function of tracking the user is achieved; medical software calculates message corresponding code
:
Verifying message correspondence code
Whether or not equal to the message authentication code
If, if
If the authentication message is incorrect, quitting the key negotiation stage and returning to the initial step; after the verification is successful, the medical software generates two pairs of public keys and private keys:
and selecting a random number
Wherein
Record of
And a current time stamp
(ii) a According to what is recorded
And a current time stamp
Generating a pair of public and private keys
And selecting a random number
In which
(ii) a Calculating a shared message code:
wherein:
representation generation
A timestamp of the time of day; generating an encryption key for the medical data:
wherein:
the encryption key representing the medical data deletes the user private key by matching the user information with the public key and the private key of the medical software, thereby achieving the purpose of forbidding the user access; compared with the traditional algorithm, the encryption algorithm utilizes the encryption key to encrypt the medical data to obtain the encrypted medical data, the encryption algorithm introduces a timestamp and a token into each medical data, the token and the timestamp are mixed with a ciphertext to calculate the hash digest and send the hash digest to a receiver, so that the medical data cannot be changed, if the medical data is replayed again, the receiver can quickly detect the modification of the medical data by verifying the hash digest, the condition that an attacker obtains the digest information of the medical data by replaying the medical data is effectively avoided, and the replay attack on the medical software is realized; will be provided with
Sending to medical software; the medical software calculates a decryption key of the medical data:
wherein:
a decryption key representing the medical data; and after the medical software receives the encrypted medical data, the medical software can decrypt the encrypted medical data by using the decryption key to obtain the medical data. Compared with the traditional data encryption method, the medical data verifies the identity of the medical data user through one-way Hash authentication, namely through calculation
If the message corresponds to the code
Equals message authentication code
Then authentication is passed due to the user's token parameters
Only the user and the medical software can obtain the information, but the opponent can not obtain the information
And the token parameters ensure the safety of the algorithm.
Meanwhile, the invention provides a medical data uploading method, which comprises the following steps: the data management personnel sends the medical data label, the hash value of the data abstract and the encrypted medical data C to the medical software; the medical software decrypts the encrypted medical data and divides the decrypted data into n parts
Generating a summary for each data portion
Are combined with each other
Performing hash processing, inserting the generated k hashes into a Bloom Filter, wherein the corresponding bit position is 1, namely the medical software divides the decrypted data into a plurality of parts, each part is provided with a corresponding hash abstract, the hash abstract is stored in the Bloom Filter, the Bloom Filter establishes mapping bits of the hash abstract, and the corresponding bit position is 1 for the stored hash abstract, so that the rapid retrieval of the decrypted data can be realized; the medical software receives the medical data label and judges whether the medical data label existsBy searching the medical data tag in the Bloom Filter, if a hash digest with a bit of 1 is inquired, it indicates that the currently uploaded medical data is already stored in the medical software, and then verification needs to be performed, where the verification process is as follows: randomly selecting r data parts and sending the parts to a data manager, and the data manager generates an abstract of the data manager
And returns to the medical software for calculation
And (3) checking whether the corresponding bits of the Bloom Filter are all 1, if all 1 bits are 1 bits, the verification is passed, and the current data uploading personnel is proved to have all real data, and the current data uploading personnel is not a medical software attacker, so that the medical software can store the decrypted data into the medical software and update the data information in the medical software. In the data security management method, when the uploaded data is repeated data, an attacker can acquire the whole file only by the label information of the data, so that whether the data management personnel have all real data is verified, and if the verification is passed, the medical software can store the data uploaded by the data management personnel.
Drawings
Fig. 1 is a schematic flowchart of a medical software updating method based on medical data security according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a medical software updating apparatus based on medical data security according to an embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Medical data are encrypted by using a medical data encryption scheme, data management personnel upload encrypted data to medical software, the medical software verifies the identity of the data management personnel and the integrity of the medical data, and if the verification is not wrong, the encrypted medical data are stored in the medical software, so that data information in the medical software is updated. Fig. 1 is a schematic diagram illustrating a medical software updating method based on medical data security according to an embodiment of the present invention.
In this embodiment, the medical software updating method based on medical data security includes:
and S1, acquiring medical data of the user, and encrypting the medical data by using a medical data encryption scheme to obtain the encrypted medical data.
Firstly, the invention acquires medical data of a user and encrypts the medical data by using a medical data encryption scheme, wherein in a specific embodiment of the invention, the medical data of the user comprises the name, sex, age, identity, symptom, disease name, treatment scheme and the like of the user;
the medical data encryption scheme comprises the following flows:
1) medical software assigns unique medical data identification to user
And a user identity token
And initializing parameters based on the Chinese remainder theorem
And
and calculating to obtain a message authentication code of the medical data:
wherein:
2) identifying medical data
User identity token
Message authentication code
And time stamp information
Sending the information to medical software; medical software calculates message corresponding code
:
Verifying message correspondence code
Whether or not equal to the message authentication code
If at all
If the authentication information is incorrect, quitting the key negotiation stage and returning to the step 1);
3) after the verification is successful, the medical software generates two pairs of public keys and private keys:
and selecting a random number
Wherein
Record of
And a current time stamp
;
4) According to what is recorded
And a current time stamp
Generating a pair of public and private keys
And selecting a random number
Wherein
;
Calculating a shared message code:
wherein:
generating an encryption key for the medical data:
wherein:
encrypting the medical data by using the encryption key to obtain encrypted medical data;
5) will be provided with
Sending to medical software; the medical software calculates a decryption key of the medical data:
wherein:
in a specific embodiment of the present invention, after receiving the encrypted medical data, the medical software decrypts the encrypted medical data by using the decryption key to obtain the medical data.
And S2, the medical software verifies the identity of the data manager.
Furthermore, the medical software verifies the identity of a data manager, and in one specific embodiment of the invention, the data manager is responsible for uploading, updating and deleting data in the medical software;
the process of the data manager identity authentication comprises the following steps:
medical software establishes data manager identity list under different medical data labels
Wherein:
a table of data manager identities in the medical data label i;
the data management personnel sends an identity ID and a medical data label i to the medical software;
the medical software is based on the received medical data tag
In-search of user public key corresponding to user ID
And selecting a random number a and calculating
And sending F to a data manager;
data manager using private key
Decrypting F to obtain
And will be
Sending to medical software;
medical software separate calculation
And
if at all
If the request is not successful, the data management personnel is informed of the successful authentication, otherwise, the request is ignored.
And S3, if the verification is passed, the data management personnel uploads the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data in the medical software.
Further, if the identity of the data manager passes the authentication, the data manager uploads the encrypted medical data to the medical software, and the uploading process of the medical data is as follows:
1) the data management personnel sends the medical data label, the hash value of the data abstract and the encrypted medical data C to the medical software;
2) the medical software decrypts the encrypted medical data and divides the decrypted data into n parts
Generating a summary for each data portion
Are combined with each other
Performing hash processing to hash the generated k piecesInserting the bit into the Bloom Filter, wherein the corresponding bit position is 1;
3) the medical software receives the medical data label and judges whether the medical data label exists or not, if so, verification is needed, and the verification process comprises the following steps: randomly selecting r data parts and sending the parts to a data manager, and the data manager generates an abstract of the data manager
And returns to the medical software for calculation
And (4) checking whether the corresponding bits of the Bloom Filter are all 1, if so, indicating that the corresponding bits are all 1, then verifying the corresponding bits, storing the decrypted data into the medical software, and updating the data information in the medical software.
And S4, the data manager applies for medical data downloading from the medical software.
Further, a data manager can apply for downloading medical data to the medical software, and the downloading process of the medical data is as follows:
1) the data manager U requests to download the medical data, and medical data labels are obtained by using a label generation algorithm of random convergence encryption
Sent to the medical software along with the user ID; wherein K represents an encryption key;
2) the medical software carries out identity authentication on the data management personnel, if the authentication is passed, the medical data downloading stage is entered, otherwise, the request is terminated;
3) medical software return
Giving a data manager, wherein C represents a medical data ciphertext, token represents a ciphertext abstract, the data manager calculates to obtain a decryption key SC, decrypts the medical data ciphertext by using the decryption key SC, and calculates a data abstract of the decrypted medical data
Determine whether token is equal to
If the two are equal, the medical data is completely stored, and the medical data is not tampered, the medical data is downloaded, otherwise, the medical data is abandoned.
The following describes embodiments of the present invention through an algorithmic experiment and tests of the inventive treatment method. The hardware test environment of the algorithm of the invention is as follows: inter (R) core (TM) i7-6700K CPU with software Matlab2018 a; the comparison method is a medical software updating method based on an RSA algorithm and a medical software updating method based on an SHA256 algorithm.
In the algorithm experiment, the data set is 10G of medical data. In the experiment, the medical data is input into the algorithm model, and the effectiveness of the medical software updating is used as an evaluation index of the feasibility of the algorithm, wherein the higher the effectiveness of the medical software updating is, the higher the effectiveness and the feasibility of the algorithm are.
According to the experimental result, the medical software updating effectiveness of the medical software updating method based on the RSA algorithm is 76.18, the medical software updating effectiveness of the medical software updating method based on the SHA256 algorithm is 82.29, the medical software updating effectiveness of the medical software updating method based on the SHA256 algorithm is 89.26, and compared with a comparison algorithm, the medical software updating method based on the medical data safety can achieve more effective medical software updating.
The invention also provides a medical software updating device based on medical data safety. Fig. 2 is a schematic diagram illustrating an internal structure of a medical software updating apparatus based on medical data security according to an embodiment of the present invention.
In the present embodiment, the medical software updating apparatus 1 based on medical data security comprises at least a data acquisition device 11, a data processor 12, a data encryption device 13, a communication bus 14, and a network interface 15.
The data acquisition device 11 may be a PC (Personal Computer), a terminal device such as a smart phone, a tablet Computer, a portable Computer, or a camera, or may be a server.
The data processor 12 includes at least one type of readable storage medium including flash memory, hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, and the like. The data processor 12 may in some embodiments be an internal storage unit of the medical data security based medical software updating apparatus 1, for example a hard disk of the medical data security based medical software updating apparatus 1. The data processor 12 may also be an external storage device of the medical software updating apparatus 1 based on medical data security in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, provided on the medical software updating apparatus 1 based on medical data security. Further, the data processor 12 may also comprise both an internal storage unit and an external storage device of the medical software updating apparatus 1 secured based on medical data. The data processor 12 can be used not only to store application software and various types of data installed in the medical software updating apparatus 1 secured based on medical data, but also to temporarily store data that has been output or is to be output.
The data encryption device 13 may be, in some embodiments, a Central Processing Unit (CPU), controller, microcontroller, microprocessor or other data Processing chip including a monitoring Unit for running program code stored in the data processor 12 or Processing data, such as medical software update program instructions 16.
The communication bus 14 is used to enable connection communication between these components.
The network interface 15 may optionally comprise a standard wired interface, a wireless interface (e.g. WI-FI interface), typically used for establishing a communication connection between the medical software updating apparatus 1 based on medical data security and other electronic devices.
Optionally, the medical software updating apparatus 1 based on medical data security may further comprise a user interface, the user interface may comprise a Display (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface may further comprise a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the medical software updating apparatus 1 based on medical data security and for displaying a visualized user interface.
Fig. 2 only shows the medical software updating apparatus 1 with the components 11-15 and the medical data security based thereon, and it will be understood by those skilled in the art that the structure shown in fig. 1 does not constitute a limitation of the medical data security based medical software updating apparatus 1, and may comprise fewer or more components than shown, or a combination of certain components, or a different arrangement of components.
In the embodiment of the medical software updating apparatus 1 based on medical data security shown in fig. 2, the data processor 12 stores therein medical software updating program instructions 16; the steps of the data encryption device 13 executing the medical software updating program instructions 16 stored in the data processor 12 are the same as the implementation method of the medical software updating method based on medical data security, and are not described here.
Furthermore, an embodiment of the present invention also provides a computer-readable storage medium having stored thereon medical software update program instructions executable by one or more processors to implement the following operations:
acquiring medical data of a user, and encrypting the medical data by using a medical data encryption scheme to obtain encrypted medical data;
the medical software verifies the identity of the data manager;
if the medical data passes the verification, the data management personnel uploads the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data into the medical software;
and the data management personnel applies for medical data downloading from the medical software.
It should be noted that the above-mentioned numbers of the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments. And the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, apparatus, article, or method that includes the element.
Through the description of the foregoing embodiments, it is clear to those skilled in the art that the method of the foregoing embodiments may be implemented by software plus a necessary general hardware platform, and certainly may also be implemented by hardware, but in many cases, the former is a better implementation. Based on such understanding, the technical solutions of the present invention or portions thereof contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) as described above and includes several instructions for enabling a terminal device (which may be a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (5)
1. A medical software updating method based on medical data security is characterized by comprising the following steps:
acquiring medical data of a user, and encrypting the medical data by using a medical data encryption scheme to obtain encrypted medical data;
the medical software verifies the identity of the data manager;
if the medical data passes the verification, the data management personnel uploads the encrypted medical data to the medical software, and the medical software decrypts the encrypted medical data and stores the decrypted data into the medical software;
the data management personnel applies for medical data downloading from the medical software;
the encrypting the medical data by using the medical data encryption scheme comprises the following steps:
1) medical software assigns unique medical data identification to user
And a user identity token
And initializing parameters based on the Chinese remainder theorem
And
and calculating to obtain a message authentication code of the medical data:
wherein:
2) identifying medical data
User identity token
Message authentication code
And time stamp information
Sending the information to medical software; medical software calculates message corresponding code
:
Verifying message correspondence codes
Whether or not equal to the message authentication code
If at all
If the authentication information is incorrect, quitting the key negotiation stage and returning to the step 1);
3) after the verification is successful, the medical software generates two pairs of public keys and private keys:
and selecting a random number
In which
Record and take notes
And a current time stamp
;
4) According to what is recorded
And a current time stamp
Generating a pair of public and private keys
And selecting a random number
In which
;
Calculating a shared message code:
wherein:
generating an encryption key for the medical data:
wherein:
encrypting the medical data by using the encryption key to obtain encrypted medical data;
5) will be provided with
Sending to medical software; the medical software calculates a decryption key of the medical data:
wherein:
2. The medical software updating method based on medical data security as claimed in claim 1, wherein the process of the data manager identity verification is as follows:
medical software establishes data manager identity list under different medical data labels
Wherein:
a table of data manager identities in the medical data label i;
the data management personnel sends an identity ID and a medical data label i to the medical software;
the medical software is based on the received medical data tag
In-search of user public key corresponding to user ID
And selecting a random number a and calculating
And sending F to a data manager;
data manager using private key
Decrypting F to obtain
And will be
Sending to medical software;
medical software separate calculation
And
if, if
If the request is not successful, the data management personnel is informed of the successful authentication, otherwise, the request is ignored.
3. The medical software updating method based on medical data security as claimed in claim 2, wherein the uploading of the encrypted medical data to the medical software by the data manager comprises:
1) the data management personnel sends the medical data label, the hash value of the data abstract and the encrypted medical data C to the medical software;
2) the medical software decrypts the encrypted medical data and divides the decrypted data into n parts
Generating a summary for each data portion
And are combined to
Performing hash processing, inserting the generated k hashes into the Bloom Filter, wherein the corresponding bit positions are 1;
3) the medical software receives the medical data label and judges whether the medical data label exists or not, if so, verification is needed, and the verification flow comprisesThe process is as follows: randomly selecting r data parts and sending the parts to a data manager, and the data manager generates an abstract of the data manager
And returns to the medical software, which calculates
And (4) checking whether the corresponding bits of the Bloom Filter are all 1, if so, indicating that the corresponding bits are all 1, then verifying the corresponding bits, storing the decrypted data into the medical software, and updating the data information in the medical software.
4. The medical software updating method based on medical data security as claimed in claim 3, wherein the downloading process of the medical data is as follows:
1) the data manager U requests to download the medical data, and medical data labels are obtained by using a label generation algorithm of random convergence encryption
Sent to the medical software along with the user ID; wherein K represents an encryption key;
2) the medical software carries out identity authentication on the data management personnel, if the authentication is passed, the medical data downloading stage is entered, otherwise, the request is terminated;
3) medical software return
Giving a data manager, wherein C represents a medical data ciphertext, token represents a ciphertext abstract, the data manager calculates to obtain a decryption key SC, decrypts the medical data ciphertext by using the decryption key SC, and calculates a data abstract of the decrypted medical data
Determine whether token is equal to
If the two are equal, the medical data is completely stored, and the medical data is not tampered, the medical data is downloaded, otherwise, the medical data is abandoned.
5. A computer readable storage medium having stored thereon medical software update program instructions executable by one or more processors to perform the steps of the medical data security-based medical software update method of claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110762674.5A CN113434177B (en) | 2021-07-06 | 2021-07-06 | Medical software updating method and device based on medical data safety |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110762674.5A CN113434177B (en) | 2021-07-06 | 2021-07-06 | Medical software updating method and device based on medical data safety |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113434177A CN113434177A (en) | 2021-09-24 |
| CN113434177B true CN113434177B (en) | 2022-06-17 |
Family
ID=77759237
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110762674.5A Active CN113434177B (en) | 2021-07-06 | 2021-07-06 | Medical software updating method and device based on medical data safety |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113434177B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115296807B (en) * | 2022-10-08 | 2022-12-06 | 北京安帝科技有限公司 | Key generation method, device and equipment for preventing industrial control network viruses |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111199045A (en) * | 2018-11-16 | 2020-05-26 | 安全技术私人有限责任公司 | Method and system for encrypted private key management for secure multiparty storage and delivery of information |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1297478A2 (en) * | 2000-03-15 | 2003-04-02 | Emedicalfiles, Inc. | Web-hosted healthcare medical information management system |
| CN103607420A (en) * | 2013-09-23 | 2014-02-26 | 北京理工大学 | Safe electronic medical system for cloud storage |
| CN110289056A (en) * | 2019-05-15 | 2019-09-27 | 杭州趣链科技有限公司 | A kind of medical data shared system and method based on block chain |
| CN110473600A (en) * | 2019-08-19 | 2019-11-19 | 重庆华医康道科技有限公司 | Sharing method and device are reported between a kind of medical institutions based on block chain |
-
2021
- 2021-07-06 CN CN202110762674.5A patent/CN113434177B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111199045A (en) * | 2018-11-16 | 2020-05-26 | 安全技术私人有限责任公司 | Method and system for encrypted private key management for secure multiparty storage and delivery of information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113434177A (en) | 2021-09-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102611692B (en) | Secure computing method in multi-tenant data centers | |
| CN110399717B (en) | Key acquisition method and device, storage medium and electronic device | |
| CN111666564B (en) | Application program safe starting method and device, computer equipment and storage medium | |
| CN110798315A (en) | Data processing method and device based on block chain and terminal | |
| CN112347508A (en) | Block chain data sharing encryption and decryption method and system | |
| CN107040520B (en) | Cloud computing data sharing system and method | |
| CN111882233A (en) | Storage risk early warning method, system and device based on block chain and storage medium | |
| EP3206329A1 (en) | Security check method, device, terminal and server | |
| CN110958239B (en) | Method and device for verifying access request, storage medium and electronic device | |
| CN117240625B (en) | Tamper-resistant data processing method and device and electronic equipment | |
| CN116318617B (en) | Medical rescue material charity donation method based on RFID and blockchain | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN113434177B (en) | Medical software updating method and device based on medical data safety | |
| CN113378224B (en) | Medical image storage method, device, equipment and storage medium | |
| CN113726515B (en) | UKEY-based key processing method, storage medium and electronic device | |
| CN110753257A (en) | Data display method, display terminal, server, display system, and storage medium | |
| CN117349895B (en) | Block chain-based automobile financial digital archive management method and device | |
| CN111934882B (en) | Identity authentication method and device based on block chain, electronic equipment and storage medium | |
| CN116401718A (en) | Block chain-based data protection method and device, electronic equipment and storage medium | |
| CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
| CN106341227B (en) | The method, apparatus and system of resetting protection password based on server decryption ciphertext | |
| CN109218009B (en) | Method, client and server for improving equipment ID security | |
| CN111641657B (en) | RFID-based information anonymous retrieval method and system in intelligent medical environment | |
| CN115442046A (en) | Signature method, signature device, electronic equipment and storage medium | |
| CN111681014A (en) | Product non-polar number identity authentication device, system and encryption transmission method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220525 Address after: 201210 floor 2, pilot building, No. 222, Kangnan Road, pilot Free Trade Zone, Pudong New Area, Shanghai Applicant after: Fosun Kaite Biotechnology Co.,Ltd. Address before: 510630 room 1304, 19 / F, Jinxing building, No. 1, Hanjing Road, Tianhe District, Guangzhou City, Guangdong Province Applicant before: Wu Guojun |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |