CN113556316A - Information encryption transmission method, system and medium - Google Patents

Information encryption transmission method, system and medium Download PDF

Info

Publication number
CN113556316A
CN113556316A CN202110609601.2A CN202110609601A CN113556316A CN 113556316 A CN113556316 A CN 113556316A CN 202110609601 A CN202110609601 A CN 202110609601A CN 113556316 A CN113556316 A CN 113556316A
Authority
CN
China
Prior art keywords
information
transmission
result
user
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110609601.2A
Other languages
Chinese (zh)
Other versions
CN113556316B (en
Inventor
高强
徐起伟
孙浩亮
生伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Financial Information Technology Co Ltd
Original Assignee
Inspur Financial Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Financial Information Technology Co Ltd filed Critical Inspur Financial Information Technology Co Ltd
Priority to CN202110609601.2A priority Critical patent/CN113556316B/en
Publication of CN113556316A publication Critical patent/CN113556316A/en
Application granted granted Critical
Publication of CN113556316B publication Critical patent/CN113556316B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The invention discloses an information encryption transmission method, a system and a medium, wherein the method comprises the following steps: acquiring a user information set, constructing a transmission link, and creating a restricted access list; acquiring the information of the doctor, and identifying first verification information and time information of the doctor; after the first verification information and the time information are obtained, encryption operation is carried out on the information of the doctor to obtain encrypted information; acquiring second time, and decrypting the encrypted information based on the time information and the second time to obtain decrypted information; executing information checking operation based on the first checking information and the decryption information to obtain a first result; executing transmission environment judgment operation based on the first result and the access limiting list to obtain a second result; transmitting the decryption information based on the second result, the user information set and the transmission link; the invention can protect the safety of the information and further ensure the accuracy and the correctness of the information through multiple times of verification.

Description

Information encryption transmission method, system and medium
Technical Field
The present invention relates to the field of information security processing technologies, and in particular, to a method, a system, and a medium for information encryption transmission.
Background
The notification of a lot of information in the medical institution is public, the fault tolerance rate of the information correctness and accuracy is extremely low, and once the information is intercepted or modified, serious consequences can be caused; in general, in order to distribute information efficiently in a medical institution, information encryption protection is only performed at a database end of the medical institution, and a great potential safety hazard exists in an information transmission part, so that a safety accident is easily caused.
Disclosure of Invention
The invention mainly solves the problem of potential safety hazard in the transmission of information in medical institutions.
In order to solve the technical problems, the invention adopts a technical scheme that: an information encryption transmission method is provided, which comprises the following steps:
initialization and information encryption:
acquiring a user information set, constructing a transmission link, and creating a restricted access list; acquiring treatment information, and identifying first verification information and time information of the treatment information; after the first verification information and the time information are identified, performing encryption operation on the visit information to obtain encrypted information;
information decryption and verification:
acquiring second time, and decrypting the encrypted information based on the time information and the second time to obtain decrypted information; executing information checking operation based on the first checking information and the decryption information to obtain a first result;
information transmission:
executing transmission environment judgment operation based on the first result and the access limit list to obtain a second result; transmitting the decryption information based on the second result, the set of user information and the transmission link.
As an improvement, the encryption operation includes:
dividing the information of the medical treatment into data header information and data tail information;
calling a block encryption algorithm to encrypt the data header information to obtain first information;
calling a symmetric encryption algorithm to encrypt the data tail information to obtain second information;
and calling a data compression algorithm to compress the first information and the second information to obtain the encrypted information.
As an improved scheme, the step of acquiring a user information set, building a transmission link, and creating a restricted access list further includes:
setting a user category, accessing a database, and extracting first user information corresponding to the user category in the database to obtain a user information set;
acquiring medical resource information, an information sending end address and an information receiving end address, establishing a link between the information sending end address and the information receiving end address according to the medical resource information, and defining the link as the transmission link;
and accessing the log file, extracting the risk user information in the log file, and integrating the risk user information to obtain the access limiting list.
As an improvement, the step of decrypting the encrypted information based on the time information and the second time further includes:
when the second time is matched with the time information, detecting whether an information modification request exists or not; if not, decrypting the encrypted information based on the data compression algorithm, the symmetric encryption algorithm and the block encryption algorithm.
As an improved solution, the information checking operation includes:
second check-up information identifying the decryption information;
comparing whether a second check character string in the second check information is matched with a first check character string in the first check information;
if the first result is matched with the second result, the first result is set as complete information; and if the information is not matched, setting the first result as incomplete information.
As an improved solution, the transmission environment determining operation includes:
when the first result is that the information is complete, judging whether an access request exists in the transmission link;
if the second result does not exist, setting the second result as the transmission environment safety;
if so, judging whether second user information matched with the risk user information exists in the user information corresponding to the access request based on a regular expression; if so, setting the second result as that the transmission environment is not safe; and if not, setting the second result as the transmission environment safety.
As an improvement, the step of transmitting the decryption information based on the second result, the user information set and the transmission link further comprises:
when the second result is that the transmission environment is safe, identifying whether the first user ID, the first user name and the first user visiting situation in the third user information corresponding to the decryption information are respectively matched with the second user ID, the second user name and the second user visiting situation in the first user information;
and if so, transmitting the decryption information based on the transmission link.
As an improvement, the step of transmitting the decryption information based on the transmission link further includes:
identifying the medical resource category corresponding to the decryption information;
if the medical resource category is a surgical category, selecting a transmission link corresponding to the medical resource information corresponding to the surgical category as a first transmission link, and transmitting the decryption information based on the first transmission link;
and if the medical resource category is a department category, selecting a transmission link corresponding to the medical resource information corresponding to the department category as a second transmission link, and transmitting the decryption information based on the second transmission link.
The present invention also provides an information encryption transmission system, including:
the device comprises an initialization module, an encryption module, a decryption module, a verification module, a judgment module and a transmission module;
the initialization module is used for acquiring a user information set, building a transmission link and creating a restricted access list, and is also used for acquiring the treatment information and identifying first verification information and time information of the treatment information;
the encryption module is used for performing encryption operation on the visit information after the first verification information and the time information are identified to obtain encrypted information;
the decryption module is used for acquiring second time and decrypting the encrypted information based on the time information and the second time to obtain decrypted information;
the verification module is used for executing information verification operation according to the first verification information and the decryption information to obtain a first result;
the judging module is used for executing transmission environment judging operation according to the first result and the access limiting list to obtain a second result;
and the transmission module is used for transmitting the decryption information according to the second result, the user information set and the transmission link.
The present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the information encryption transmission method.
The invention has the beneficial effects that:
1. the information encryption transmission method can realize effective encryption and decryption operation on the information in the initial information transmission stage, protect the safety of the information, carry out safety verification on the information again in the information notification stage, further improve the safety of the information, further ensure the accuracy and the correctness of the information through multiple verification, and reduce the potential safety hazard of information transmission in medical institutions.
2. The information encryption transmission system can effectively encrypt and decrypt information in the initial transmission stage of the information by the mutual matching of the initialization module, the encryption module, the decryption module, the verification module, the judgment module and the transmission module, thereby protecting the safety of the information, carrying out safety verification on the information again in the notification stage of the information, further improving the safety of the information, further ensuring the accuracy and the correctness of the information through multiple verification, and reducing the potential safety hazard of information transmission in medical institutions.
3. The computer-readable storage medium can realize the cooperation of the guide initialization module, the encryption module, the decryption module, the verification module, the judgment module and the transmission module, further realize the effective encryption and decryption operation on the information in the initial transmission stage of the information, protect the safety of the information, perform the safety verification on the information again in the notification stage of the information, further improve the safety of the information, further ensure the accuracy and the correctness of the information through multiple verification, reduce the potential safety hazard of information transmission in medical institutions, and effectively improve the operability of the information encryption transmission method.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of an information encryption transmission method according to embodiment 1 of the present invention;
fig. 2 is a schematic flowchart of a specific process of the information encryption transmission method according to embodiment 1 of the present invention;
fig. 3 is an architecture diagram of an information encryption transmission system according to embodiment 2 of the present invention.
Detailed Description
The following detailed description of the preferred embodiments of the present invention, taken in conjunction with the accompanying drawings, will make the advantages and features of the invention easier to understand by those skilled in the art, and thus will clearly and clearly define the scope of the invention.
In the description of the present invention, it should be noted that the described embodiments of the present invention are a part of the embodiments of the present invention, and not all embodiments; all other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "first", "second", and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless explicitly specified or limited otherwise, the terms "user information set", "transmission link", "access-restricted list", "medical information", "check information", "time information", "encryption operation", "encryption information", "information check operation", "transmission environment judgment operation", "packet encryption algorithm", "user category", "medical resource information", "risk user information", "medical resource category", "initialization module", "encryption module", "decryption module", "check module", "judgment module", "transmission module" should be interpreted in a broad sense. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In the description of the present invention, it is to be noted that: SM4 is a packet encryption algorithm; DES is a symmetric encryption algorithm; the ID is an identification number.
Example 1
The present embodiment provides an information encryption transmission method, as shown in fig. 1 and fig. 2, including the following steps:
firstly, it should be noted that the embodiment is applied to a medical institution, and a specific application scenario is a notification process of a plurality of different information in the medical institution; in order to carry out multi-directional safety protection on information in the notification process of the information in a medical institution and ensure the safety and the accuracy of the information, the following steps are designed:
initialization and information encryption stage: before information notification, the steps of construction of the whole secure transmission environment, preparation of subsequent verification data and encryption of information during waiting are as follows:
s100, acquiring a user information set, building a transmission link, and creating a restricted access list;
step S100 specifically includes:
s110, setting a user category, accessing a database, and extracting first user information corresponding to the user category from the database to obtain a user information set; in this embodiment, the database is an internal user information database in the medical institution, so the database is generally encrypted in the medical institution and will be relatively secure; because the database has various data, the user category needs to be set, and the information transmitted in the embodiment is the information for seeing a doctor, so the information which needs to be checked is the information of the patient to be seen, and the user category is set as the user to be seen; correspondingly, after the first user information is extracted, integrating the first user information to obtain a user information set for the later verification step;
s120, acquiring medical resource information, an information sending end address and an information receiving end address, establishing a link between the information sending end address and the information receiving end address according to the medical resource information, and defining the link as the transmission link; in this embodiment, the medical resource information is information such as department classification, department, and attending physician in a medical institution; the information sending end and the information receiving end are classified and built according to different classifications, departments and attending physicians, so that the relative independence of information transmission on each link is further ensured, and the information safety is further improved;
s130, accessing a log file, extracting risk user information in the log file, and integrating the risk user information to obtain the access limiting list; in this embodiment, the risk user information may be obtained by querying an interception log or an intrusion log in the medical institution, specifically, historical user information that invades the medical institution, and is used in the subsequent verification step.
S200, obtaining the treatment information, and identifying first verification information and time information of the treatment information;
specifically, the first check information is a data layer check code of the visit information and is used for integrity check of the encrypted and decrypted data; the time information comprises the treatment time, the notification time, the operation time and the like in the treatment information; this time is used to distinguish the time at which each visit message needs to be decrypted for transmission.
S300, after the first verification information and the time information are identified, encryption operation is carried out on the visit information to obtain encrypted information;
step 300 specifically includes:
s310, dividing the information of the doctor seeing into data head information and data tail information; calling a block encryption algorithm to encrypt the data header information to obtain first information; calling a symmetric encryption algorithm to encrypt the data tail information to obtain second information; calling a data compression algorithm to compress the first information and the second information to obtain the encrypted information; correspondingly, in order to ensure the safety of the data and ensure the transmission efficiency of the encrypted data, the data is divided according to the structure, and the divided points can select the central point of the data; then, respectively encrypting by adopting various encryption algorithms, and finally compressing the data; as no operation is performed after the data is encrypted, the medical information needs to be encrypted after the first verification information and the time information in the unencrypted medical information are successfully acquired; in this embodiment, the block encryption algorithm adopts an SM4 encryption algorithm, the symmetric encryption algorithm adopts a DES encryption algorithm, and the data compression algorithm adopts a layered coding algorithm, which are all only used as an implementation manner, and the encryption algorithm capable of producing the same technical effect may be used to replace the algorithm.
S400, acquiring second time, and decrypting the encrypted information based on the time information and the second time to obtain decrypted information;
step S400 specifically includes:
s410, when the second time is matched with the time information, detecting whether an information modification request exists or not; if yes, decrypting the information, modifying the information, and returning to the step S200 after modification; if not, decrypting the encrypted information based on the data compression algorithm, the symmetric encryption algorithm and the block encryption algorithm; in this embodiment, the second time is the current time; correspondingly, in order to ensure real-time performance, a detection time period is set, and the encryption information is acquired every other detection time period; in this embodiment, the detection time period is 1s, when the second time matches the time information, it is detected whether there is a request for information modification, and if not, the information can be decrypted and sent; in this step, the encrypted information is subjected to the inverse logic operation, i.e., decryption, also based on the SM4 encryption algorithm, the DES encryption algorithm, and the block coding algorithm.
S500, performing information verification operation based on the first verification information and the decryption information to obtain a first result;
step S500 specifically includes:
the information verification operation comprises:
s510, identifying second check information of the decryption information, and comparing whether a second check character string in the second check information is matched with a first check character string in the first check information; correspondingly, the second check information is the data layer check code of the decryption information, if all the data layer check codes are compared, the comparison time is longer, and in order to further improve the data transmission efficiency, only the check character strings in the data layer check codes are compared; if the second check character string is matched with the first check character string, the decryption information is complete; so a first result is set; in this embodiment, the first result plays a role of notification, identification and triggering;
s511, if the first result is matched with the second result, the first result is set as complete information;
and S512, if the information is not matched, setting the first result as incomplete information.
S600, executing transmission environment judgment operation based on the first result and the access limit list to obtain a second result;
step S600 specifically includes:
the transmission environment determination operation includes:
s610, judging whether an access request exists in the transmission link or not when the first result is that the information is complete; if the second result does not exist, setting the second result as the transmission environment safety; if yes, judging whether second user information matched with the risk user information exists in the transmission link or not based on a regular expression; correspondingly, only when the decrypted information is complete, the next verification can be carried out, so that the integrity and the correctness of the data can be highly ensured; correspondingly, because the transmission link is positioned between the sending end and the receiving end, certain potential safety hazard still exists in the transmission after data decryption from the angle, and the transmission environment judgment operation in the step is executed for eliminating the potential safety hazard; the specific operation is the content, and screening operation is carried out according to the risk user information in the access limiting list; when the first result is that the information is incomplete, ending the step and alarming information missing;
s611, if the first result exists, setting the second result as that the transmission environment is not safe;
and S612, if the second result does not exist, setting the second result as the transmission environment safety.
S700, transmitting the decryption information based on the second result, the user information set and the transmission link;
step S700 specifically includes:
s710, when the second result is that the transmission environment is safe, judging whether the first user ID, the first user name and the first user diagnosis condition in the third user information corresponding to the decryption information are respectively matched with the second user ID, the second user name and the second user diagnosis condition in the first user information; if yes, transmitting the decryption information based on the transmission link; if not, ending the step and alarming information loss; specifically, after the judgment of the transmission environment, the accuracy of the decryption information needs to be further determined, and each piece of information in the diagnosis information is ensured to be matched with the user information extracted from the database, so that serious medical safety accidents such as 'missing diagnosis time', 'operation time disorder' and the like caused by wrong information can be prevented; when the second result is that the transmission environment is not safe, ending the step and alarming for abnormal transmission environment;
s720, identifying the medical resource category corresponding to the decryption information, if the medical resource category is a surgical category, selecting a transmission link corresponding to the medical resource information corresponding to the surgical category as a first transmission link, and transmitting the decryption information based on the first transmission link; if the medical resource category is a medical category, selecting a transmission link corresponding to the medical resource information corresponding to the medical category as a second transmission link, and transmitting the decryption information based on the second transmission link; specifically, the transmission links are constructed corresponding to the medical resource information, so that a plurality of transmission links are provided; correspondingly, in order to further ensure the accuracy of information transmission and improve the transmission efficiency to a certain extent, the method comprises the following steps of: the medical department or the surgical department matches the corresponding medical resource information according to the information of the main treating physician, the disease condition category, the registration department and the like in the medical resource information of the medical department or the surgical department, and then selects the corresponding first transmission link or the second transmission link, the corresponding information receiving ends of different categories are different, so the transmission links are different, and finally the decryption information is transmitted through the selected first transmission link.
It should be noted that the method described in this embodiment may be applied not only to medical institutions, but also to some public places, such as stations and schools, and if the places are changed, the corresponding data information needs to be modified correspondingly.
By the information encryption transmission method described in the embodiment, the safety of information transmission in the medical institution is improved, the accuracy and the correctness of information are ensured, the working efficiency of the medical institution is improved to a certain extent, and the information security construction of the medical institution is facilitated.
Example 2
The present embodiment provides an information encryption transmission system, as shown in fig. 3, including: the device comprises an initialization module, an encryption module, a decryption module, a verification module, a judgment module and a transmission module;
in the information encryption transmission system, an initialization module is used for acquiring a user information set, building a transmission link and creating a restricted access list, and the initialization module is also used for acquiring treatment information and identifying first verification information and time information of the treatment information;
specifically, the initialization module sets a user category, accesses a database, and extracts first user information corresponding to the user category in the database to obtain the user information set; the initialization module acquires medical resource information, an information sending end address and an information receiving end address, and establishes a link between the information sending end address and the information receiving end address according to the medical resource information, and the initialization module defines the link as the transmission link; and the initialization module accesses the log file and extracts the risk user information in the log file, and integrates the risk user information to obtain the access limiting list.
In the information encryption transmission system, an encryption module is used for carrying out encryption operation on the visit information after identifying the first verification information and the time information to obtain encrypted information;
specifically, the encryption module divides the visit information into data header information and data trailer information; the encryption module calls a block encryption algorithm to encrypt the data header information to obtain first information; the encryption module calls a symmetric encryption algorithm to encrypt the data tail information to obtain second information; and the encryption module calls a data compression algorithm to compress the first information and the second information to obtain the encrypted information.
In the information encryption transmission system, the decryption module is used for acquiring second time and decrypting the encrypted information based on the time information and the second time to obtain decrypted information;
specifically, when the second time is matched with the time information, the decryption module detects whether an information modification request exists; if not, the decryption module decrypts the encrypted information based on the data compression algorithm, the symmetric encryption algorithm and the block encryption algorithm.
In the information encryption transmission system, a verification module is used for executing information verification operation according to the first verification information and the decryption information to obtain a first result;
specifically, the information checking operation includes: the verification module identifies second verification information of the decryption information and compares whether a second verification character string in the second verification information is matched with a first verification character string in the first verification information; if the first result is matched with the second result, the checking module sets the first result as complete information; and if the first result is not matched with the second result, the checking module sets the first result as incomplete information.
In the information encryption transmission system, a judgment module is used for executing transmission environment judgment operation according to the first result and the access limiting list to obtain a second result;
specifically, the transmission environment determining operation includes: when the first result is that the information is complete, a judging module judges whether an access request exists in the transmission link; if the second result does not exist, the judgment module sets the second result as the transmission environment safety; if the first user information exists, the judging module judges whether second user information matched with the risk user information exists in the user information corresponding to the access request or not based on the regular expression; if yes, the judging module sets the second result as that the transmission environment is not safe; if not, the judgment module sets the second result as the transmission environment safety.
In the information encryption transmission system, a transmission module is used for transmitting the decryption information according to the second result, the user information set and the transmission link;
specifically, when the second result is that the transmission environment is safe, the transmission module identifies whether a first user ID, a first user name and a first user medical condition in third user information corresponding to the decryption information are respectively matched with a second user ID, a second user name and a second user medical condition in the first user information; if yes, the transmission module transmits the decryption information based on the transmission link; the transmission module identifies the medical resource category corresponding to the decryption information; if the medical resource category is a surgical category, the transmission module selects a transmission link corresponding to the medical resource information corresponding to the surgical category as a first transmission link, and transmits the decryption information based on the first transmission link; if the medical resource category is a medical category, the transmission module selects a transmission link corresponding to the medical resource information corresponding to the medical category as a second transmission link, and transmits the decryption information based on the second transmission link.
It should be noted that the system described in this embodiment may be applied not only to medical institutions, but also to a plurality of public places, such as stations and schools, and if the places are changed, the corresponding data information and module functions need to be modified correspondingly;
through the information encryption transmission system described in this embodiment, the mutual cooperation of each module can be realized, and then the safety of information transmission in the medical institution is improved, the accuracy and correctness of information are ensured, the working efficiency of the medical institution is improved to a certain extent, and the information security construction of the medical institution is facilitated.
Example 3
The present embodiments provide a computer-readable storage medium comprising:
the storage medium is used for storing computer software instructions for implementing the information encryption transmission method described in the above embodiment 1, and includes a program for executing the above program set for the information encryption transmission method; specifically, the executable program may be embedded in the information encryption transmission system described in embodiment 2, so that the information encryption transmission system may implement the information encryption transmission method described in embodiment 1 by executing the embedded executable program.
Furthermore, the computer-readable storage medium of the present embodiments may take any combination of one or more readable storage media, where a readable storage medium includes an electronic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof.
Different from the prior art, the information encryption transmission method, the information encryption transmission system and the information encryption transmission medium can effectively encrypt and decrypt information in the initial information transmission stage through the method, the information safety is protected, the information is verified again in the information notification stage, the information safety is further improved, the accuracy and the correctness of the information are further ensured through multiple verification, effective technical support is provided for the method through the system, and potential safety hazards existing in information transmission in medical institutions are finally reduced.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments.
It will be understood by those skilled in the art that all or part of the steps of implementing the above embodiments may be implemented by hardware, and a program that can be implemented by the hardware and can be instructed by the program to be executed by the relevant hardware may be stored in a computer readable storage medium, where the storage medium may be a read-only memory, a magnetic or optical disk, and the like.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes performed by the present specification and drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. An information encryption transmission method is characterized by comprising the following steps:
initialization and information encryption:
acquiring a user information set, constructing a transmission link, and creating a restricted access list; acquiring treatment information, and identifying first verification information and time information of the treatment information; after the first verification information and the time information are identified, performing encryption operation on the visit information to obtain encrypted information;
information decryption and verification:
acquiring second time, and decrypting the encrypted information based on the time information and the second time to obtain decrypted information; executing information checking operation based on the first checking information and the decryption information to obtain a first result;
information transmission:
executing transmission environment judgment operation based on the first result and the access limit list to obtain a second result; transmitting the decryption information based on the second result, the set of user information and the transmission link.
2. The method for encrypted transmission of information according to claim 1, wherein the encryption operation comprises:
dividing the information of the medical treatment into data header information and data tail information;
calling a block encryption algorithm to encrypt the data header information to obtain first information;
calling a symmetric encryption algorithm to encrypt the data tail information to obtain second information;
and calling a data compression algorithm to compress the first information and the second information to obtain the encrypted information.
3. The method for encrypting and transmitting information according to claim 2, wherein the steps of obtaining the user information set, building a transmission link, and creating a restricted access list further comprise:
setting a user category, accessing a database, and extracting first user information corresponding to the user category in the database to obtain a user information set;
acquiring medical resource information, an information sending end address and an information receiving end address, establishing a link between the information sending end address and the information receiving end address according to the medical resource information, and defining the link as the transmission link;
and accessing the log file, extracting the risk user information in the log file, and integrating the risk user information to obtain the access limiting list.
4. The method for encrypted transmission of information according to claim 2 or 3, wherein the step of decrypting the encrypted information based on the time information and the second time further comprises:
when the second time is matched with the time information, detecting whether an information modification request exists or not; if not, decrypting the encrypted information based on the data compression algorithm, the symmetric encryption algorithm and the block encryption algorithm.
5. The method for encrypted transmission of information according to claim 4, wherein the information verification operation comprises:
second check-up information identifying the decryption information;
comparing whether a second check character string in the second check information is matched with a first check character string in the first check information;
if the first result is matched with the second result, the first result is set as complete information; and if the information is not matched, setting the first result as incomplete information.
6. The information encryption transmission method according to claim 5, wherein the transmission environment judgment operation includes:
when the first result is that the information is complete, judging whether an access request exists in the transmission link;
if the second result does not exist, setting the second result as the transmission environment safety;
if so, judging whether second user information matched with the risk user information exists in the user information corresponding to the access request based on a regular expression; if so, setting the second result as that the transmission environment is not safe; and if not, setting the second result as the transmission environment safety.
7. The method for encrypted transmission of information according to claim 6, wherein the step of transmitting the decryption information based on the second result, the set of user information and the transmission link further comprises:
when the second result is that the transmission environment is safe, identifying whether the first user ID, the first user name and the first user visiting situation in the third user information corresponding to the decryption information are respectively matched with the second user ID, the second user name and the second user visiting situation in the first user information;
and if so, transmitting the decryption information based on the transmission link.
8. The method for encrypted transmission of information according to claim 7, wherein the step of transmitting the decryption information based on the transmission link further comprises:
identifying the medical resource category corresponding to the decryption information;
if the medical resource category is a surgical category, selecting a transmission link corresponding to the medical resource information corresponding to the surgical category as a first transmission link, and transmitting the decryption information based on the first transmission link;
and if the medical resource category is a department category, selecting a transmission link corresponding to the medical resource information corresponding to the department category as a second transmission link, and transmitting the decryption information based on the second transmission link.
9. An information encryption transmission system, comprising: the device comprises an initialization module, an encryption module, a decryption module, a verification module, a judgment module and a transmission module;
the initialization module is used for acquiring a user information set, building a transmission link and creating a restricted access list, and is also used for acquiring the treatment information and identifying first verification information and time information of the treatment information;
the encryption module is used for performing encryption operation on the visit information after the first verification information and the time information are identified to obtain encrypted information;
the decryption module is used for acquiring second time and decrypting the encrypted information based on the time information and the second time to obtain decrypted information;
the verification module is used for executing information verification operation according to the first verification information and the decryption information to obtain a first result;
the judging module is used for executing transmission environment judging operation according to the first result and the access limiting list to obtain a second result;
and the transmission module is used for transmitting the decryption information according to the second result, the user information set and the transmission link.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for encrypted transmission of information according to any one of claims 1 to 8.
CN202110609601.2A 2021-06-01 2021-06-01 Information encryption transmission method, system and medium Active CN113556316B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110609601.2A CN113556316B (en) 2021-06-01 2021-06-01 Information encryption transmission method, system and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110609601.2A CN113556316B (en) 2021-06-01 2021-06-01 Information encryption transmission method, system and medium

Publications (2)

Publication Number Publication Date
CN113556316A true CN113556316A (en) 2021-10-26
CN113556316B CN113556316B (en) 2024-04-02

Family

ID=78102047

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110609601.2A Active CN113556316B (en) 2021-06-01 2021-06-01 Information encryption transmission method, system and medium

Country Status (1)

Country Link
CN (1) CN113556316B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106535137A (en) * 2016-10-13 2017-03-22 天津光电华典科技有限公司 Link data transmission control method in wireless network
CN111131602A (en) * 2019-11-05 2020-05-08 珠海格力电器股份有限公司 Data processing method and device
CN111241375A (en) * 2019-12-31 2020-06-05 上海汇智融合科技集团有限公司 Regional medical information sharing query system
CN112738048A (en) * 2020-12-24 2021-04-30 中国农业银行股份有限公司 Session data transmission method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106535137A (en) * 2016-10-13 2017-03-22 天津光电华典科技有限公司 Link data transmission control method in wireless network
CN111131602A (en) * 2019-11-05 2020-05-08 珠海格力电器股份有限公司 Data processing method and device
CN111241375A (en) * 2019-12-31 2020-06-05 上海汇智融合科技集团有限公司 Regional medical information sharing query system
CN112738048A (en) * 2020-12-24 2021-04-30 中国农业银行股份有限公司 Session data transmission method and device

Also Published As

Publication number Publication date
CN113556316B (en) 2024-04-02

Similar Documents

Publication Publication Date Title
CN110990407B (en) Block chain based data storage method and device, server and storage medium
CN107819587B (en) Authentication method based on fully homomorphic encryption, user equipment and authentication server
TWI324757B (en) Autheritication device, autheritication system, and confirmation method for the autheritication device
WO2020000825A1 (en) Medical treatment data processing method and system, computer device and readable storage medium
CN107925581A (en) 1:N organism authentications, encryption, signature system
CN108073821B (en) Data security processing method and device
WO2009006609A1 (en) Records access and management
KR20200111303A (en) System and method for retrieval of medical information using blockchain and computer program for the same
CN106131080A (en) The method and device of transmission medical image data
US11569990B2 (en) Distributed data management method based on a blockchain network and apparatus therefor
CN107277046A (en) Coerce-proof password management-control method and device
JPH09282393A (en) Cooperation method for health insurance medical care card and on-line data base
Unal et al. Machine learning for the security of healthcare systems based on Internet of Things and edge computing
JP2005197912A (en) Method and program for information disclosure control and tamper resistant instrument
CN115982769A (en) Data processing method, device, equipment and storage medium
CN110798494A (en) Wireless medical sensor network user identity authentication protocol based on biological characteristic information
CN107086914A (en) Individual health data based on big data technology integrates distribution method and system
CN111626884B (en) Method and device for preventing insurance fraud
CN114900832A (en) Server and intelligent terminal based on electronic card information safety transmission verification method
CN113556316B (en) Information encryption transmission method, system and medium
US20180109521A1 (en) Method of mutual authentication between agent and data manager in u-health environment
CN115547441B (en) Safety acquisition method and system based on personal health medical data
CN115525917A (en) Body data management method based on multiple terminals and data management terminal
CN111885069B (en) Computer network safety system
JP2006079537A (en) Biometric authentication device, and biometric authentication system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant