CN114422265A - Data access method and server - Google Patents
Data access method and server Download PDFInfo
- Publication number
- CN114422265A CN114422265A CN202210185340.0A CN202210185340A CN114422265A CN 114422265 A CN114422265 A CN 114422265A CN 202210185340 A CN202210185340 A CN 202210185340A CN 114422265 A CN114422265 A CN 114422265A
- Authority
- CN
- China
- Prior art keywords
- user
- data
- health data
- target health
- sample
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 74
- 230000036541 health Effects 0.000 claims abstract description 322
- 238000013475 authorization Methods 0.000 claims abstract description 64
- 230000004044 response Effects 0.000 claims abstract description 33
- 239000013598 vector Substances 0.000 claims description 122
- 230000008569 process Effects 0.000 claims description 29
- 238000010339 medical test Methods 0.000 claims description 23
- 238000004422 calculation algorithm Methods 0.000 claims description 13
- 238000012360 testing method Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 abstract description 12
- 239000008280 blood Substances 0.000 description 30
- 210000004369 blood Anatomy 0.000 description 22
- 238000010586 diagram Methods 0.000 description 17
- 238000012545 processing Methods 0.000 description 16
- 230000036772 blood pressure Effects 0.000 description 15
- 238000002591 computed tomography Methods 0.000 description 14
- 230000002093 peripheral effect Effects 0.000 description 10
- 230000001133 acceleration Effects 0.000 description 9
- LEHOTFFKMJEONL-UHFFFAOYSA-N Uric Acid Chemical compound N1C(=O)NC(=O)C2=C1NC(=O)N2 LEHOTFFKMJEONL-UHFFFAOYSA-N 0.000 description 8
- 230000006870 function Effects 0.000 description 8
- 210000004556 brain Anatomy 0.000 description 7
- 238000004590 computer program Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- TVWHNULVHGKJHS-UHFFFAOYSA-N Uric acid Natural products N1C(=O)NC(=O)C2NC(=O)NC21 TVWHNULVHGKJHS-UHFFFAOYSA-N 0.000 description 6
- 238000012790 confirmation Methods 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 208000024891 symptom Diseases 0.000 description 6
- 229940116269 uric acid Drugs 0.000 description 6
- 210000002700 urine Anatomy 0.000 description 6
- 210000004072 lung Anatomy 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 3
- 201000010099 disease Diseases 0.000 description 3
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000002558 medical inspection Methods 0.000 description 3
- 206010020772 Hypertension Diseases 0.000 description 2
- 210000000577 adipose tissue Anatomy 0.000 description 2
- 238000007675 cardiac surgery Methods 0.000 description 2
- 239000000919 ceramic Substances 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- HVYWMOMLDIMFJA-DPAQBDIFSA-N cholesterol Chemical compound C1C=C2C[C@@H](O)CC[C@]2(C)[C@@H]2[C@@H]1[C@@H]1CC[C@H]([C@H](C)CCCC(C)C)[C@@]1(C)CC2 HVYWMOMLDIMFJA-DPAQBDIFSA-N 0.000 description 2
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- WQZGKKKJIJFFOK-GASJEMHNSA-N Glucose Natural products OC[C@H]1OC(O)[C@H](O)[C@@H](O)[C@@H]1O WQZGKKKJIJFFOK-GASJEMHNSA-N 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 230000036760 body temperature Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 235000012000 cholesterol Nutrition 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 239000008103 glucose Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002685 pulmonary effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000006641 stabilisation Effects 0.000 description 1
- 238000011105 stabilization Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The application discloses a data access method and a server, and belongs to the technical field of communication. The method comprises the following steps: the method comprises the steps of receiving a data access request sent by a first user terminal, sending an access authorization request to a second user terminal, receiving an access authorization response sent by the second user terminal, encrypting target health data by using an encryption parameter of a second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the authority of the first user terminal to access the target health data, sending a ciphertext of the target health data and a decryption parameter of the second user to the first user terminal, and displaying the ciphertext of the target health data after the first user terminal decrypts the ciphertext of the target health data through the decryption parameter. When the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a data access method and a server.
Background
The internet entered into a big data era, and the online education technology, the online training technology and the online inquiry technology came out endlessly. In the online inquiry technique, a user sends health data to a doctor, and the doctor makes a diagnosis based on the health data of the user. In addition to the doctor, other users may also view the user's health data. However, in the process of sending the health data of the user to a doctor or other users, the health data may be intercepted, maliciously forwarded, tampered, and the like, thereby exposing the privacy of the health data of the user. Therefore, how to protect the privacy and security of the health data of the user in the data access process becomes a problem which needs to be solved urgently at present.
Disclosure of Invention
The application provides a data access method and a server, which can protect the privacy and the safety of health data of a user in the data access process. The technical scheme is as follows:
in one aspect, a data access method is provided, the method including:
receiving a data access request sent by a first user terminal, wherein the data access request is used for accessing target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
sending an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data;
under the condition that the access authorization response indicates that the second user has granted the first user terminal the authority to access the target health data, encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data;
and sending the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, wherein the first user terminal is used for decrypting and displaying the ciphertext of the target health data through the decryption parameter.
In another aspect, there is provided a data access apparatus, the apparatus comprising:
a first receiving module, configured to receive a data access request sent by a first user terminal, where the data access request is used to access target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
the first sending module is used for sending an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
a second receiving module, configured to receive an access authorization response sent by the second user terminal, where the access authorization response is used to indicate whether the second user grants the first user terminal the right to access the target health data;
the encryption module is used for encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the authority of the first user terminal to access the target health data;
and the second sending module is used for sending the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, and the first user terminal is used for decrypting and displaying the ciphertext of the target health data through the decryption parameter.
In another aspect, a server is provided, the server comprising a receiver, a transmitter, and a processor;
the receiver is used for receiving a data access request sent by a first user terminal, the data access request is used for accessing target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
the transmitter is used for transmitting an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
the receiver is further used for receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data;
the processor is used for encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the authority of the first user terminal to access the target health data;
the transmitter is further configured to transmit the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, and the first user terminal is configured to decrypt and display the ciphertext of the target health data according to the decryption parameter.
In another aspect, a first user terminal is provided, the first user terminal comprising a transmitter, a receiver, a processor, and a display;
the sender is used for sending a data access request to a server, the data access request is used for accessing target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
the receiver is configured to receive a ciphertext of the target health data and a decryption parameter of the second user, where the ciphertext of the target health data is obtained by encrypting, by the server, the target health data by using the encryption parameter of the second user according to an encryption level of the target health data when the second user has granted the right to access the target health data to the first user terminal;
the processor is used for decrypting the ciphertext of the target health data through the decryption parameter;
the display is used for displaying the decrypted target health data.
In another aspect, a second user terminal is provided, the second user terminal comprising a receiver and a transmitter;
the receiver is used for receiving an access authorization request sent by a server, wherein the access authorization request is sent by the server when receiving a data access request sent by a first user terminal, the data access request is used for accessing target health data of a second user, the access authorization request is used for requesting access authority of the target health data, the target health data is one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, and the first user terminal is located in a visible range of the target health data;
the transmitter is used for transmitting an access authorization response to the server, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data.
In another aspect, a computer-readable storage medium is provided, in which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the data access method described above.
In another aspect, a computer program product is provided comprising instructions which, when run on a computer, cause the computer to perform the steps of the data access method described above.
The technical scheme provided by the application can at least bring the following beneficial effects:
when the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data. In this way, the target health data of the second user may be prevented from being intercepted, maliciously forwarded, tampered with, and the like. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only the user terminal in the visible range can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the encryption level of the highest level, so that unnecessary encryption processes can be reduced, and the data access performance is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a diagram of a system architecture provided by an embodiment of the present application;
FIG. 2 is a flow chart of a data access method provided by an embodiment of the present application;
FIG. 3 is a schematic diagram of a fourth user interface provided by an embodiment of the present application;
FIG. 4 is a schematic diagram of a fifth user interface provided by an embodiment of the present application;
FIG. 5 is a schematic diagram of a sixth user interface provided by an embodiment of the present application;
FIG. 6 is a schematic diagram of a seventh user interface provided by an embodiment of the present application;
FIG. 7 is a schematic diagram of a data access flow provided by an embodiment of the present application;
fig. 8 is a schematic structural diagram of a data access device according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a user terminal according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a server according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application more clear, the embodiments of the present application will be further described in detail with reference to the accompanying drawings.
Before explaining the data access method provided by the embodiment of the present application in detail, a system architecture provided by the embodiment of the present application is introduced.
Referring to fig. 1, fig. 1 is an architectural diagram illustrating a data access system according to an exemplary embodiment. The system comprises a first user terminal 101, a server 102 and a second user terminal 103, wherein the first user terminal 101 and the second user terminal 103 can be in communication connection with the server 102. The communication connection may be a wired connection or a wireless connection, which is not limited in this embodiment of the present application.
When a first user needs to access target health data of a second user, the first user terminal 101 sends a data access request to the server 102. After receiving the data access request sent by the first user terminal 101, the server 102 sends an access authorization request to the second user terminal 103, where the access authorization request is used to request the access right of the target health data. After receiving the access authorization request sent by the server 102, the second user terminal 103 sends an access authorization response to the server 102, where the access authorization response is used to indicate whether the second user grants the first user terminal 101 the right to access the target health data. The server 102 receives the access authorization response sent by the second user terminal 103, and encrypts the target health data according to the encryption level of the target health data and using the encryption parameter of the second user to obtain the ciphertext of the target health data under the condition that the second user has granted the authority of the first user terminal 101 to access the target health data. Then, the server 102 transmits the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal 101. After receiving the ciphertext of the target health data and the decryption parameter of the second user, which are sent by the server 102, the first user terminal 101 decrypts the ciphertext of the target health data through the decryption parameter, and displays the decrypted target health data.
The first user terminal 101 and the second user terminal 103 may be any electronic product capable of performing human-Computer interaction with a user through one or more modes of a keyboard, a touch pad, a touch screen, a remote controller, voice interaction or handwriting equipment, for example, a PC (Personal Computer), a mobile phone, a smart phone, a PDA (Personal Digital Assistant), a wearable device, a pocket PC (pocket PC), a tablet Computer, a smart car machine, a smart television, a smart sound box, and the like.
The server 102 may be an independent server, a server cluster or a distributed system composed of a plurality of physical servers, a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a CDN (Content Delivery Network), a big data and artificial intelligence platform, or a cloud computing service center.
It should be understood by those skilled in the art that the first user terminal 101, the server 102 and the second user terminal 103 are only examples, and other existing or future user terminals or servers may be suitable for the embodiments of the present application, and are included in the scope of the embodiments of the present application, and are included herein by reference.
It should be noted that the system architecture described in the embodiment of the present application is for more clearly illustrating the technical solution of the embodiment of the present application, and does not constitute a limitation to the technical solution provided in the embodiment of the present application, and as a person having ordinary skill in the art knows, along with the evolution of the system architecture, the technical solution provided in the embodiment of the present application is also applicable to similar technical problems.
The data access method provided by the embodiments of the present application is explained in detail below.
Fig. 2 is a flowchart of a data access method provided in an embodiment of the present application, please refer to fig. 2, which includes the following steps.
Step 201: the method comprises the steps that a first user terminal sends a data access request to a server, the data access request is used for accessing target health data of a second user, the target health data are one type of health data in multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data.
In some embodiments, the first user may access the target health data of the second user through the first user terminal. When the first user terminal detects the data access operation of the first user, a data access request is sent to the server, and the data access request carries the user identification of the first user, the user identification of the second user and the data identification of the target health data.
Since each type of health data has a corresponding visible range, only users within the visible range can view the health data, before the first user terminal accesses the target health data, the server needs to determine whether the first user terminal is within the visible range of the target health data. If the first user terminal is within the visible range of the target health data, the server may provide the first user terminal with an access portal for the target health data, such that the first user terminal may send a data access request for the target health data to the server through the access portal. If the first user terminal is not within the visible range of the target health data, then the server does not provide the first user terminal with access to the target health data.
In some embodiments, when the first user terminal detects a data query operation of the first user, a data query request may be sent to the server first, where the data query request carries a user identifier and a query keyword of the first user. After receiving a data query request sent by a first user terminal, the server queries based on the query keyword to obtain a plurality of health data. Then, based on the visible range of the plurality of wellness data and the user identification of the first user, at least one wellness data is determined, the at least one wellness data each visible to the first user, and the at least one wellness data includes the target wellness data. The server then provides an access portal for the at least one health data to the first user terminal. In this way, the first user terminal may send a data access request to the server through the access portal for the target health data.
The data query operation of the first user can be triggered by voice interaction and can also be triggered by clicking the data query button. For example, the first user triggers a data query operation by voice inputting "query XX data".
The user identifier is used to uniquely identify the user, and may be a user's number, nickname, avatar, or the like, or may be obtained by combining these information. The data identifier is used to uniquely identify the data, and may be the number and type of the data, or the like, or may be obtained by combining these information.
The remote inquiry data of the second user includes basic data, inquiry data, family sign data, and medical examination data, that is, the above-mentioned multiple types of health data include basic data, inquiry data, family sign data, and medical examination data. The basic data refers to current basic information of the second user, such as the second user's age, sex, height, weight, BMI (Body Mass Index), location, disease history, and the like. The inquiry data refers to data generated by the second user in the inquiry process, such as inquiry time, inquiry symptoms, inquiry conclusion and the like. Of course, in practical applications, the inquiry data may also include other contents, which are not limited in the embodiments of the present application. The family sign data refers to sign data measured by the second user at home, such as blood pressure, blood sugar, uric acid, blood index and the like. The medical examination data refers to physical data that is examined by the second user in the medical institution, such as blood routine, urine routine, Computed Tomography (CT) of the brain, lung CT, and the like.
In some embodiments, the second user's basic data, the interrogation data, the family sign data, and the medical examination data are obtained in advance by the server and stored locally. Illustratively, the second user terminal may display a first user interface in which the second user enters the basic data, the interview data, the family sign data, and the medical examination data. And the second user terminal acquires the basic data, the inquiry data, the family sign data and the medical examination data input by the second user, and sends the basic data, the inquiry data, the family sign data and the medical examination data of the second user to the server.
The types of health data input by the second user in the first user interface can be in a text format or a chart format. And when the multiple types of health data input by the second user in the first user interface are in a chart format, the second user terminal acquires the multiple types of health data in the chart format input by the second user and sends the multiple types of health data to the server. The server can analyze the received multiple types of health data in the chart format to obtain multiple types of health data in the text format.
Since the family sign data refers to sign data measured by the second user at home, the server obtains the family sign data in the above manner is an example. In other embodiments, the server may obtain the family sign data in other manners. For example, after the user measures the family sign data through the instruments, the instruments may directly transmit the family sign data of the second user to the server. Meanwhile, the instruments can also send prompt messages to the second user terminal, and the prompt messages are used for indicating that the instruments send the family sign data to the server. For example, the prompt message is "the data measured by the instrument belongs to the family sign data, and is uploaded". That is, the second user's home is equipped with common instruments, such as a non-invasive blood monitor, a body fat scale, a sphygmomanometer, a three-in-one analyzer, a thermometer, etc., for measuring data of blood physiological parameters, body fat rate, blood pressure/heart rate, blood sugar/uric acid/total cholesterol, body temperature, etc., respectively. The second user uses the instruments to measure the physical sign data, and when the instruments detect that the measurement of the second user is finished, the household physical sign data is sent to the server.
Since the medical examination data refers to body data examined by the second user at the medical institution, the server acquires the medical examination data in the above-described manner is an example. In other embodiments, the server may obtain the medical test data in other manners. Illustratively, the server may obtain medical examination data from a medical facility server. That is, the second user terminal displays the second user interface, the second user inputs the basic information such as name, medical institution, yard, department, etc. in the second user interface, and the second user terminal sends the basic information to the server. After receiving the basic information, the server sends the basic information to the medical institution server, and the medical institution server acquires the medical examination data corresponding to the basic information from the stored corresponding relationship between the basic information and the medical examination data. The medical test data is then sent to a server.
Step 202: the server receives a data access request sent by a first user terminal and sends an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data.
Although the target health data has a corresponding visible range, in order to improve the privacy and security of the health data, after the server receives the data access request sent by the first user terminal, the server may also send an access authorization request to the second user terminal based on the user identifier of the second user carried in the data access request, where the access authorization request carries the user identifier of the first user, the role information of the first user, and the data identifier of the target health data. In this way, the second user may determine whether to grant the first user terminal access to the target health data. The role information of the first user is used for indicating whether the first user is a doctor, a family member of the second user or a stranger.
In some embodiments, for the doctor, the server stores the user identification of each doctor, and for the user who is not the doctor, the server stores the association relationship between each user. Therefore, after the server acquires the user identification of the first user, it can be determined whether the first user is a doctor. In the case where the first user is not a doctor, an association between the first user and the second user may also be determined, thereby determining whether the first user is a family member or stranger of the second user. In this way, the role information of the first user can be determined.
Step 203: and the second user terminal receives the access authorization request sent by the server and sends an access authorization response to the server, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data.
In some embodiments, after the second user terminal receives the access authorization request sent by the server, the second user terminal may generate a prompt message based on the user identifier of the first user and the role information of the first user, which are carried in the access authorization request, where the prompt message is used to prompt the second user whether to grant the first user terminal the right to access the target health data. And when the second user terminal detects the confirmation operation of the second user, the second user terminal indicates that the second user grants the first user terminal the authority to access the target health data. And when the second user terminal detects the cancel operation of the second user, the second user terminal indicates that the second user does not grant the first user terminal the authority to access the target health data.
For example, the prompt message is "doctor a wants to access your inquiry data and is authorized", and when the second user terminal detects the confirmation operation of the second user, it indicates that the second user grants the first user terminal the right to access the target health data. And when the second user terminal detects the cancel operation of the second user, the second user terminal indicates that the second user does not grant the first user terminal the authority to access the target health data.
The second user terminal may indicate, via the access authorization response, whether the first user terminal is authorized to access the rights to the target health data. For example, the access grant response includes an grant signal bit that is set indicating that the second user has granted the first user terminal the right to access the target health data. Of course, the right of whether the first user terminal is authorized to access the target health data may also be indicated in other manners. Wherein the setting of the grant signal position means setting the grant signal position to a specific value. For example, the authorization signal position is set to 1.
Step 204: and the server receives an access authorization response sent by the second user terminal, and encrypts the target health data by using the encryption parameter of the second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the first user terminal the authority to access the target health data.
The encryption parameters of the second user may include a public parameter, an encryption private key and an encryption public key, but may also include other parameters. The encryption level of the target health data is used to indicate the number of times the target health data is encrypted, for example, when the encryption level of the target health data is the lowest level, the encryption level is used to indicate that the target health data is encrypted once. When the encryption level of the target health data is one level higher, the encryption level is used to indicate that the target health data is encrypted twice.
For example, the encryption parameters of the second user include a public parameter, an encryption private key and an encryption public key, and the encryption levels are in the following order: four levels of encryption, three levels of encryption, two levels of encryption, and one level of encryption. For convenience of description, the public parameter is denoted as PP, the encryption private key is denoted as sk, the encryption public key is denoted as pk, and the plaintext of the target health data is denoted as Info. Assuming that the encryption level of the target health data is a four-level encryption level, the ciphertext of the target health data may be represented by Info _ Enc ═ Enc (PP, sk, pk, Info), that is, the plaintext of the target health data is encrypted once by the public parameter, the encryption private key, and the encryption public key. Assuming that, when the encryption level of the target health data is a three-level encryption level, the ciphertext of the target health data may be represented by Info _ ReEnc ═ ReEnc (PP, sk, pk, Info _ Enc), that is, the target health data is encrypted once by the public parameter, the encryption private key, and the encryption public key and then re-encrypted. It is assumed that, when the encryption level of the target health data is a secondary encryption level, the ciphertext of the target health data may be represented by Info _ renec ═ renec (PP, sk, pk, Info _ renec), that is, the target health data is encrypted twice by the public parameter, the encryption private key, and the encryption public key and then re-encrypted. Assuming that, when the encryption level of the target health data is a first-level encryption level, the ciphertext of the target health data may be represented by Info _ ReReEnc (PP, sk, pk, Info _ ReReEnc), that is, the target health data is encrypted three times by the public parameter, the encryption private key, and the encryption public key and then re-encrypted.
In some embodiments, the server obtains the security parameter and the encryption private key input by the second user, generates a public parameter of the second user by using a hash algorithm based on the security parameter, generates an encryption public key of the second user based on the encryption private key, and determines the public parameter, the encryption private key and the encryption public key as the encryption parameter of the second user.
That is, when the second user terminal detects the setting operation of the second user, the second user terminal displays a third user interface, where the third user interface includes an input box corresponding to the security parameter and the encrypted private key. The second user may enter the security parameters and the encryption private key in an input box. And when the second user terminal detects the confirmation operation of the second user, sending the security parameters and the encryption private key input by the second user to the server. Certainly, in practical application, the security parameter and the encryption private key may also be input in different user interfaces, which is not limited in this embodiment of the present application.
The server adopts a hash algorithm, and the generation of the public parameter of the second user is an example. In other embodiments, the server may generate the common parameters of the second user according to other algorithms. The public parameters of the second user comprise a security parameter, a first-level encryption level, a second-level encryption level, a third-level encryption level and a fourth-level encryption level. For convenience of description, the public parameter is denoted as PP, the security parameter is denoted as S, and the first-level encryption level is denoted as SL1The second level encryption level is denoted as SL2Let three levels of encryption be denoted as SL3Let four levels of encryption be SL4. I.e. PP ═ S, SL1,SL2,SL3,SL4). Of course, the common parameter may also include other parameters, which are not limited in this application.
In addition, the server may generate the encrypted public key of the second user according to a related algorithm based on the encrypted private key, and the algorithm is not limited in this embodiment of the application.
In some embodiments, the server further needs to determine the encryption level of the target health data before encrypting the target health data according to the encryption level of the target health data by using the encryption parameter of the second user. That is, the server converts the target health data of the second user into corresponding feature vectors to obtain a target health data vector of the second user, and determines, based on the target health data vector of the second user and the target health data vectors of the multiple reference users, a similarity between the second user and each of the multiple reference users with respect to the target health data to obtain multiple similarities. Then, the server ranks the plurality of similarities according to the sequence of the similarities from large to small to obtain a ranking result, determines the reference users corresponding to the first N similarities in the ranking result as candidate reference users, and obtains the encryption levels of the target health data of the candidate reference users to obtain N encryption levels. And the server counts the number of each encryption level in the N encryption levels, and determines the encryption level with the largest number as the encryption level of the target health data of the second user.
For example, N is 20. At this time, the server determines the reference users corresponding to the top 20 similarities in the ranking result as candidate reference users, and obtains the encryption levels of the target health data of the candidate reference users to obtain 20 encryption levels. The server counts the number of each encryption level (i.e. the occurrence frequency of each encryption level) in the 20 encryption levels, and determines the encryption level with the largest number as the encryption level of the target health data of the second user.
Based on the above description, the multiple types of health data of the second user include basic data, inquiry data, family sign data, and medical examination data, and the target health data is one of the multiple types of health data. Therefore, the target health data may be the basic data of the second user, and may also be the inquiry data of the second user, or may also be the family sign data of the second user, and of course, may also be the medical examination data of the second user. The detailed implementation process of the server determining the encryption level of the target health data in the above manner is different in different cases, and thus the following four cases will be divided, and the above processes will be described in detail separately.
In the first case, the target health data is the underlying data of the second user. The server may determine the encryption level of the underlying data of the second user according to steps (11) - (14) described below.
(11) And the server converts the basic data of the second user into corresponding characteristic vectors so as to obtain the basic data vectors of the second user.
Based on the above description, the second user's underlying data includes age, gender, height, weight, BMI, location, disease history, and the like. The server stores the correspondence between the attribute information and the numerical value for the attribute information such as sex, region, and disease history, and therefore, the server can acquire the numerical value corresponding to the attribute information from the stored correspondence between the attribute information and the numerical value based on the attribute information. The second user's base data is then converted into corresponding feature vectors.
For example, a value corresponding to gender male is 0, a value corresponding to gender female is 1, and a value corresponding to gender unknown is 2; the numerical value corresponding to the history of hypertension is 1, and the numerical value corresponding to the history of non-hypertension is 0; the value corresponding to the presence of cardiac surgery history is 1, and the value corresponding to the absence of cardiac surgery history is 0.
(12) The server determines a distance between the base data vector of the second user and the base data vector of each of the plurality of reference users.
As an example, the server may determine the distance between the base data vector of the second user and the base data vector of each reference user according to the following formula (1).
Wherein, in the above formula (1), d2iA distance, x, between the basic data vector representing the second user and the basic data vector of the ith reference user of the plurality of reference users2jThe j-th element, x, in the basic data vector representing the second userijRepresents the jth element in the base data vector of the ith reference user, and n represents the number of elements included in the base data vector.
The basic data vector of the reference user can be obtained by real-time preprocessing of the server. That is, when the server receives the basic data uploaded by the reference user, the server directly converts the basic data of the reference user into the corresponding feature vector to obtain the basic data vector of the reference user. Alternatively, the basic data vector of the reference user may be obtained by preprocessing the server at fixed intervals. That is, the server stores the basic data of the reference user, and converts the stored basic data of the reference user into corresponding feature vectors at intervals to obtain the basic data vectors of the reference user. Thus, the calculation efficiency of the server can be improved.
It should be noted that the server should convert the basic data of the reference user into the corresponding feature vector before determining the encryption level of the basic data of the second user, so as to avoid that the time taken for processing the basic data of the reference user is too long, which affects the efficiency of the server for determining the encryption level of the basic data of the second user. Moreover, before the server determines the encryption level of the base data of the second user, the base data of the reference user is converted into the corresponding feature vector, so that the similarity of the base data between the second user and the reference user can be conveniently determined.
(13) And the server converts the distance between the basic data vector of the second user and the basic data vector of each reference user into the basic data similarity between the second user and each reference user.
As an example, the server may convert the distance between the basic data vector of the second user and the basic data vector of each reference user into the basic data similarity between the second user and each reference user according to the following formula (2).
SJ=1/(1+d2i) (2)
Wherein, in the above formula (2), SJRepresenting the degree of similarity of the underlying data between the second user and the ith reference user, d2iRepresenting the distance between the base data vector of the second user and the base data vector of the ith reference user.
(14) The server determines the encryption level of the base data of the second user based on the similarity of the base data between the second user and each reference user and the encryption level of the base data of each reference user.
And the server ranks the plurality of basic data similarities according to the sequence of the basic data similarities from large to small to obtain a ranking result, and determines the reference users corresponding to the first N basic data similarities in the ranking result as candidate reference users. Then, the server acquires the encryption levels of the basic data of the candidate reference user to obtain N encryption levels, counts the number of each encryption level in the N encryption levels, and determines the encryption level with the largest number as the encryption level of the basic data of the second user.
Of course, in practical applications, there may be a plurality of the largest number of encryption levels. In this case, the highest encryption level among the plurality of the highest number of encryption levels is determined as the encryption level of the base data of the second user. For example, N is 13, the number of first-level encryptions in the 13 encryption levels is 5, the number of second-level encryptions is 3, and the number of third-level encryptions is 5. The number of the first-level encryption is the same as and the maximum number of the third-level encryption, and the number of the first-level encryption is 5, and the level of the first-level encryption is higher than that of the third-level encryption, so that the encryption level of the basic data of the second user is determined to be the first-level encryption.
The server stores the corresponding relationship between the user identifier and the encryption level of the basic data, so that after the server determines the candidate reference user, the server can obtain the encryption level of the basic data corresponding to the candidate reference user from the corresponding relationship between the stored user identifier and the encryption level of the basic data based on the user identifier of the candidate reference user.
Since the base data of the second user represents the basic attributes of the second user and the base data of the second user are integers, the above manner is used to determine the greatest common divisor between the base data of the second user and the base data of the reference user. Therefore, the server can accurately determine the similarity of the basic data between the second user and each reference user in the above manner, and further accurately determine the encryption level of the basic data of the second user.
In a second case, the target health data is the second user's interview data. The server may determine the encryption level of the second user's interrogation data according to steps (21) - (23) below.
(21) The server converts the inquiry data of the second user into corresponding characteristic vectors so as to obtain the inquiry data vectors of the second user.
Based on the above description, the second user's interrogation data includes an interrogation time, interrogation symptoms, and interrogation conclusions. The server stores the corresponding relationship between the inquiry symptoms and the inquiry conclusions and the numerical values, so the server can obtain the corresponding numerical values of the inquiry symptoms and the inquiry conclusions from the stored corresponding relationship between the inquiry symptoms and the numerical values based on the inquiry symptoms and the inquiry conclusions. The second user's inquiry data is then converted into corresponding feature vectors.
(22) The server determines an inquiry similarity between the second user and each reference user based on the inquiry data vector of the second user and the inquiry data vectors of the plurality of reference users.
As an example, the server may determine the inquiry similarity between the second user and each reference user according to the following formula (3).
Wherein, in the above formula (3), SWRepresenting the inquiry similarity between the second user and the ith reference user, x2jRepresenting the jth element, x, in the second user's interrogation data vectorijRepresents the jth element in the interrogation data vector of the ith reference user, and n represents the number of elements included in the interrogation data vector.
The obtaining manner of the inquiry data vector of the reference user is similar to that of the basic data vector of the reference user in the first case, so that the related content of the first case can be referred to, and details are not repeated here.
(23) The server determines an encryption level of the inquiry data of the second user based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
The process of determining the encryption level of the inquiry data of the second user by the server is similar to the process of determining the encryption level of the basic data of the second user in the first case, so the related content of the first case can be referred to, and details are not described here.
Because the inquiry data of the second user is sparse, the similarity between the two vectors is determined by the cosine value of the included angle between the inquiry data vector of the second user and the inquiry data vector of the reference user. Therefore, the server can accurately determine the inquiry similarity between the second user and each reference user according to the method, and further accurately determine the encryption level of the inquiry data of the second user.
In a third case, the target health data is family sign data of the second user. The server may determine the encryption level of the second user's family sign data according to steps (31) - (34) described below.
(31) The server converts the family sign data of the second user into the corresponding feature vector to obtain the family sign vector of the second user.
Based on the above description, the family sign data of the second user includes blood pressure, blood sugar, uric acid, blood index, and the like. The family sign data correspond to specific numerical values, so that the server can directly convert the family sign data of the second user into corresponding feature vectors to obtain the family sign vectors of the second user.
(32) And the server determines the similarity of the second user and each reference user about the same type of sign data based on the family sign vector of the second user and the family sign vectors of the plurality of reference users.
In some embodiments, the server selects a reference user from the plurality of reference users, and determines the similarity of the second user to the selected reference user with respect to the same type of vital sign data according to the following steps (a1) - (c1) until the similarity of the second user to each reference user with respect to the same type of vital sign data is determined.
(a1) The server obtains data elements measured by the instrument of the first model and data elements measured by the instrument of the second model from the family sign vector of the second user and the family sign vectors of the multiple reference users to obtain a first group of sample data and a second group of sample data.
In some embodiments, the number of data elements measured with the first model of instrument and the number of data elements measured with the second model of instrument may be the same or different between the family sign vector of the second user and the family sign vectors of the plurality of reference users. Under the same condition, the first group of sample data and the second group of sample data can be directly obtained. In the event that the first and second quantities are different, the number of data elements measured with the first model of instrument and the number of data elements measured with the second model of instrument may be determined to yield the first and second quantities. And if the first quantity is smaller than the second quantity, determining the acquired data elements measured by the instrument with the first model as a first group of sample data, and screening the first quantity of data elements from the acquired data elements measured by the instrument with the second model to obtain a second group of sample data. At this time, the number of samples of the first group of sample data is the same as the number of samples of the second group of sample data.
The first model refers to an instrument model used by a second user when measuring the target sign data, the second model refers to an instrument model used by a selected reference user when measuring the target sign data, and the target sign data is any one sign data.
That is, any one of the family physical sign data is selected as the target physical sign data. For example, the target vital sign data is blood pressure. The second user measures the blood pressure using the first model of the instrument and the selected reference user measures the blood pressure using the second model of the instrument. The server acquires the blood pressure data measured by the instrument with the first model as a first group of sample data and acquires the blood pressure data measured by the instrument with the second model as a second group of sample data from the stored family sign vectors.
The first model and the second model may be the same or different. That is, the type of the device used by the second user to measure the blood pressure data may be the same as or different from the type of the device used by the selected reference user to measure the blood pressure data. In the case where the first model number and the second model number are the same, the first group of sample data and the second group of sample data are the same. In the case where the first model number and the second model number are different, the first set of sample data and the second set of sample data may be the same or different.
(b1) The server determines a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data.
As an example, the server may determine the sample standard deviation for the first set of sample data and the sample standard deviation for the second set of sample data according to equation (4) below.
Wherein, in the above formula (4), S1、S2Respectively representing the sample standard deviation of the first set of sample data and the sample standard deviation, X, of the second set of sample data1PRepresenting the p sample data in the first set of sample data, X2PRepresenting the p-th sample data in the second set of sample data,
represents a sample mean of the sample data of the first set,
represents the sample mean of the second set of sample data and m represents the number of samples of the first set of sample data.
As an example, the server may determine a sample covariance between the first set of sample data and the second set of sample data according to equation (5) below.
Wherein, in the above formula (5), Cov (X)1,X2) Representing the sample covariance, X, between a first set of sample data and a second set of sample data1PRepresenting the p sample data in the first set of sample data, X2PRepresenting the p-th sample data in the second set of sample data,
represents a sample mean of the sample data of the first set,
represents the sample mean of the second set of sample data and m represents the number of samples of the first set of sample data.
(c1) The server determines similarity of the second user and the selected reference user with respect to the target vital sign data based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data.
As an example, the server may determine the similarity of the second user with the selected reference user with respect to the target vital sign data according to the following formula (6). That is, the server determines the similarity of the second user and the selected reference user with respect to the target physical sign data by using a pearson correlation coefficient algorithm.
Wherein, in the above formula (6), rEyes of a userRepresenting the similarity of the second user with the selected reference user with respect to the target sign data, Cov (X)1,X2) Representing the sample covariance, S, between a first set of sample data and a second set of sample data1Represents the sample standard deviation, S, of a first set of sample data2Representing the sample standard deviation of the second set of sample data.
The obtaining manner of the family sign data vector of the reference user is similar to that of the basic data vector of the reference user in the first case, so that the relevant content of the first case can be referred to, and details are not repeated here.
(33) And the server determines the average value of the similarity of the second user and each reference user about various types of physical sign data as the family physical sign similarity between the second user and each reference user.
Based on the above description, the family sign data of the second user includes blood pressure, blood sugar, uric acid, blood index, and the like. The server determines the similarity of the second user and each reference user about various types of physical sign data according to the method, and further determines the average value of the similarity of the second user and each reference user about various types of physical sign data as the family physical sign similarity between the second user and each reference user.
For example, the server determines the similarity r of the second user and the reference user A with respect to the blood pressure data according to the method described aboveBlood pressureSimilarity r with respect to blood glucose dataBlood sugarSimilarity r with respect to uric acid dataUric acidAnd a similarity r with respect to blood index dataBlood index. Then, the server will rBlood pressure、rBlood sugar、rUric acidAnd rBlood indexIs determined as the family sign similarity between the second user and the reference user a.
(34) The server determines the encryption level of the family sign data of the second user based on the family sign similarity between the second user and each reference user and the encryption level of the family sign data of each reference user.
The process of determining the encryption level of the family sign data of the second user by the server is similar to the process of determining the encryption level of the basic data of the second user in the first case, so the related content of the first case may be referred to, and details are not described here.
The family sign data of the second user is related to the instrument used by the second user, and the similarity of the two vectors in each dimension is determined firstly, and then the similarity between the two vectors is determined. Therefore, the server can accurately determine the family sign similarity between the second user and each reference user according to the above manner, and further accurately determine the encryption level of the family sign data of the second user.
In a fourth case, the target health data is medical examination data of the second user. The server may determine the encryption level of the medical verification data of the second user according to steps (41) - (44) described below.
(41) The server converts the medical examination data of the second user into the corresponding feature vector to obtain the medical examination vector of the second user.
Based on the above description, the medical examination data of the second user includes blood routine, urine routine, brain CT, lung CT, and the like. The medical examination data correspond to specific numerical values, so that the server can directly convert the medical examination data of the second user into corresponding feature vectors to obtain the medical examination vector of the second user.
(42) The server determines a similarity of the second user to each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of the plurality of reference users.
In some embodiments, the server selects a reference user from the plurality of reference users, and determines the similarity of the second user to the selected reference user with respect to the same type of test data according to the following steps (a2) - (c2) until the similarity of the second user to each of the reference users with respect to the same type of test data is determined.
(a2) And the server acquires data elements of first department examination of a first yard area of the first medical institution and data elements of second department examination of a second yard area of the second medical institution from the medical examination vector of the second user and the medical examination vectors of the plurality of reference users so as to obtain a third group of sample data and a fourth group of sample data.
The first department of the first yard area of the first medical institution refers to a checking organization of target checking data of the second user, the second department of the second yard area of the second medical institution refers to a checking organization of the selected target checking data of the reference user, and the target checking data is any one of the checking data.
The implementation process of step (a2) is similar to that of step (a1) in step (32), so the detailed implementation process of step (a2) refers to the related contents of step (a1) in step (32), and is not repeated here.
(b2) The server determines a sample standard deviation of the third set of sample data, a sample standard deviation of the fourth set of sample data, and a sample covariance between the third set of sample data and the fourth set of sample data.
The implementation process of step (b2) is similar to that of step (b1) in step (32), so the detailed implementation process of step (b2) refers to the related contents of step (b1) in step (32), and is not described herein again.
(c2) The server determines similarity of the second user and the selected reference user with respect to the target inspection data based on the sample standard deviation of the third set of sample data, the sample standard deviation of the fourth set of sample data, and the sample covariance between the third set of sample data and the fourth set of sample data.
The implementation process of step (c2) is similar to that of step (c1) in step (32), so the detailed implementation process of step (c2) refers to the related contents of step (c1) in step (32), and is not described herein again.
(43) The server determines the average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user.
Based on the above description, the medical examination data of the second user includes blood routine, urine routine, brain CT, lung CT, and the like. The server determines the similarity of the second user and each reference user about various types of test data according to the method, and further determines the average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user.
For example, the server determines the similarity r of the second user to the reference user A with respect to the blood routine data according to the method described aboveBlood routineSimilarity r with respect to urine routine dataRoutine of urineSimilarity r with respect to brain CT dataBrain CTAnd similarity r with respect to pulmonary CT dataPulmonary CT. Then, the server will rBlood routine、rRoutine of urine、rBrain CTAnd rPulmonary CTIs determined as the family sign similarity between the second user and the reference user a.
(44) The server determines an encryption level of the medical test data of the second user based on the medical test similarity between the second user and each reference user and the encryption level of the medical test data of each reference user.
The detailed implementation process refers to the related content of the above (34), and is not described in detail here.
Since the medical examination data of the second user is related to the instruments used by the medical institution, the similarity between the two vectors in each dimension is determined before the similarity between the two vectors is determined. Therefore, the server can accurately determine the medical examination similarity between the second user and each reference user in the above manner, and further accurately determine the encryption level of the medical examination data of the second user.
Because the characteristics of different types of health data are different, when the server determines the encryption level of each type of health data, different algorithms are adopted to respectively determine the similarity of the health data between the second user and each reference user, and further determine the encryption level of each type of health data. In this way, the encryption level of each type of health data can be accurately determined. Moreover, the server can automatically determine the encryption level of each type of health data according to the method, so that the determination efficiency of the encryption level is improved.
It should be noted that the above description is given by taking the example of determining the encryption level of the target health data by the server. Of course, in practical applications, after the server recommends the encryption level of the target health data to the second user, if the second user is not satisfied with the encryption level determined by the server, the encryption level of the target health data may be adjusted through the second user terminal, so as to provide personalized privacy protection for the second user. That is, after determining the encryption level of the target health data, the server sends a prompt message to the second user terminal, where the prompt message is used to prompt the second user to confirm the encryption level. And when the second user terminal detects the confirmation operation of the second user, sending an encryption level confirmation message to the server. And when the server receives the encryption level confirmation message sent by the second user terminal, determining the encryption level of the target health data as the encryption level determined by the server. And when the second user terminal detects the change operation of the second user, the second user terminal displays a fourth user interface, wherein the fourth user interface comprises the data identification of the target health data and each encryption level. The second user may select the encryption level of the target health data in a fourth user interface. And when the second user terminal detects the selection operation of the second user, determining the encryption level selected by the second user as the encryption level of the target health data.
Optionally, when the second user selects the encryption level of the target health data, the fourth user interface may display a prompt message, where the prompt message includes a visible range corresponding to each encryption level, and the visible range may allow the second user to specify the specific meaning of each encryption level. For example, the visible range corresponding to the first-level encryption is only visible for the user, the visible range corresponding to the second-level encryption is only visible for the user and family members, the visible range corresponding to the third-level encryption is only visible for the user and a doctor, and the visible range corresponding to the fourth-level encryption is visible for all people. Of course, in practical applications, the prompting message may also include other contents, which is not limited in this embodiment of the application.
Since the second user can only select one encryption level from the plurality of encryption levels as the encryption level of the target health data. Therefore, when the second user clicks a certain encryption level button in the fourth user interface, the second user selects the encryption level, and when the second user clicks the encryption level button again, the currently selected encryption level cannot be cancelled, and only when the second user clicks other encryption level buttons, the currently selected encryption level can be cancelled.
For example, please refer to fig. 3, fig. 3 is a schematic diagram of a fourth user interface provided in the embodiment of the present application. In fig. 3, the target health data is the base data, and the encryption level of the second user-selected base data is the second-level encryption.
For the inquiry data, after determining the encryption level of the inquiry data, the second user may also select a time range for sharing the inquiry data to other users through the second user terminal. That is, the second user chooses to share the inquiry data over a specific time period to other users. Illustratively, the second user terminal displays a fifth user interface, which includes the data identifier of the inquiry data, the encryption level of the inquiry data, and the time range of the inquiry data. The second user may select a time range for the interrogation data in a fifth user interface. And when the second user terminal detects the selection operation of the second user, determining the time range selected by the second user as the time range in which the second user shares the inquiry data with other users.
For example, please refer to fig. 4, fig. 4 is a schematic diagram of a fifth user interface provided in the embodiment of the present application. In fig. 4, the target health data is the inquiry data, the encryption level of the inquiry data selected by the second user is two-level encryption, and the second user selects the time range of the inquiry data from all 4 options within one week, one month, one year and so on. For example, a time range selected by the second user is within a month, indicating that the second user selects to share the inquiry data with other users within a month.
For the family physical sign data, after the encryption level of the family physical sign data is determined, the second user can select the type of the physical sign data shared by other users through the second user terminal. Illustratively, the second user terminal displays a sixth user interface, where the sixth user interface includes a data identifier of the family sign data, an encryption level of the family sign data, and a type of the family sign data. The second user may select the type of family sign data shared to other users in a sixth user interface. When the second user terminal detects the selection operation of the second user, the type selected by the second user is determined as the type of the family sign data shared by the second user to other users.
Since the second user can select at least one vital sign data from the plurality of vital sign data as the vital sign data shared to other users. Therefore, when the second user clicks a certain sign data button in the sixth user interface, the sign data is selected by the second user on behalf of the second user, and when the second user clicks the sign data button again, the currently selected sign data is cancelled by the second user on behalf of the second user.
For example, please refer to fig. 5, and fig. 5 is a schematic diagram of a sixth user interface provided in an embodiment of the present application. In fig. 5, the target health data is family sign data, the encryption level of the family sign data selected by the second user is two-level encryption, and the second user selects at least one sign data from 4 options of blood pressure, blood sugar, uric acid, and blood index. For example, the sign data selected by the second user is blood pressure and blood sugar, which indicates that the second user selects to share the blood pressure data and the blood sugar data with other users.
For the medical test data, after determining the encryption level of the medical test data, the second user may also select the type of the medical test data to be shared with other users through the second user terminal. Illustratively, the second user terminal displays a seventh user interface including a data identification of the medical test data, an encryption level of the medical test data, and a type of the medical test data. The second user may select the type of medical verification data to share to other users in a seventh user interface. And when the second user terminal detects the selection operation of the second user, determining the type selected by the second user as the type of the medical examination data shared by the second user to other users.
For example, please refer to fig. 6, and fig. 6 is a schematic diagram of a seventh user interface provided in the embodiment of the present application. In fig. 6, the target health data is medical test data, the encryption level of the medical test data selected by the second user is two-level encryption, and the second user selects at least one test data from 4 options of blood routine, urine routine, brain CT, lung CT. For example, if the second user selected test data is blood routine and brain CT, it indicates that the second user selected to share the blood routine data and brain CT data with other users.
Step 205: and the server sends the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal.
In some embodiments, the server may send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal simultaneously. Certainly, in practical applications, in order to further protect the privacy and security of the health data of the user, the server may also send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal in a time-sharing manner. For example, when the second user grants the first user terminal access to the target health data, the server sends the second user's decryption parameters to the first user terminal. And after encrypting the target health data by using the encryption parameter of the second user at the server according to the encryption level of the target health data, sending the ciphertext of the target health data to the first user terminal.
The decryption parameters of the second user include public parameters, an encryption private key, and an encryption public key of the second user.
Step 206: and the first user terminal receives the ciphertext of the target health data and the decryption parameter sent by the server, decrypts the ciphertext of the target health data through the decryption parameter and displays the decrypted ciphertext.
Based on the above description, the encryption level of the target health data may be one-level encryption, two-level encryption, three-level encryption, or four-level encryption. And under the condition that the encryption levels of the target health data are different, the process of decrypting the ciphertext of the target health data by the first user terminal is different. For example, when the encryption level of the target health data is four-level encryption, the first user terminal only needs to decrypt the ciphertext of the target health data once. When the encryption level of the target health data is three-level encryption, the first user terminal needs to decrypt the ciphertext of the target health data twice. When the encryption level of the target health data is two-stage encryption, the first user terminal needs to decrypt the ciphertext of the target health data three times. When the encryption level of the target health data is first-level encryption, the first user terminal needs to decrypt the ciphertext of the target health data four times.
In some embodiments, the first user terminal decrypts the ciphertext of the target health data to obtain the plaintext of the target health data. Since the plaintext of the target health data may include sensitive information such as the second user's identification number, phone call, and date of birth, in order to better protect the privacy and security of the second user's health data, the server may further adopt an Advanced Encryption Standard (AES) to desensitize the sensitive information in the plaintext of the target health data. That is, Info _ DecDes ═ Des (Info _ Dec, ID, Tel, Birth).
Wherein, Info _ DecDes represents the desensitized target health data, Info _ Dec represents the plaintext of the target health data, ID represents the identity number of the second user, Tel represents the telephone of the second user, and birthday represents the second user.
The server desensitizes the plaintext of the target health data by the AES algorithm as an example. In other embodiments, the server may also desensitize through other algorithms, which is not limited in this application.
It should be noted that, the related contents of the foregoing steps 201 to 206 are described by taking as an example the right granted by the second user to the first user terminal to access the target health data. Of course, in practical applications, the second user may not grant the first user terminal the right to access the target health data. Illustratively, the server receives an access authorization response sent by the second user terminal, and in the case that the access authorization response indicates that the second user does not grant the first user terminal the authority to access the target health data, the server sends a prompt message to the first user terminal, wherein the prompt message is used for prompting that the first user cannot access the target health data of the second user. For example, the hint message is "data encrypted, cannot be viewed".
Next, by taking fig. 7 as an example, a complete description is given of a data access flow provided in the embodiment of the present application. In fig. 7, taking a doctor as an example, the doctor terminal sends a data access request to the server, and in the case that the second user has granted the doctor the right to access the target health data, the server sends the decryption parameter of the second user to the doctor terminal. Then, the server encrypts the target health data and sends the ciphertext of the target health data to the doctor terminal. And the doctor terminal decrypts and desensitizes the ciphertext of the target health data through the decryption parameter. To obtain the desensitized target health data Info _ DecDes.
It should be noted that different roles can view different information. For example, the second user may view the plaintext Info _ Dec of the target health data, the family member of the second user may also view the plaintext Info _ Dec of the target health data, the doctor may only view the desensitized target health data Info _ DecDes, and other authorized users may only view the desensitized target health data Info _ DecDes.
In the embodiment of the application, when the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data. In this way, it may be avoided that the health data of the second user is intercepted, maliciously forwarded, tampered with, etc. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only the user terminal in the visible range can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the encryption level of the highest level, so that unnecessary encryption processes can be reduced, and the data access performance is improved. In addition, when the server determines the encryption levels of the various types of health data, the similarity between the second user and each reference user is determined respectively by adopting different algorithms based on the characteristics of the various types of health data, and then the encryption levels of the various types of health data are determined. In this way, the encryption level of each type of health data can be accurately determined. Under the condition that the second user is not satisfied with the encryption level determined by the server, the second user can also independently select the encryption level and the health data sharing range, and personalized privacy protection is provided for the second user.
Fig. 8 is a schematic structural diagram of a data access device provided in an embodiment of the present application, where the data access device may be implemented as part or all of a server by software, hardware, or a combination of the two. Referring to fig. 8, the apparatus includes: a first receiving module 801, a first sending module 802, a second receiving module 803, an encryption module 804 and a second sending module 805.
A first receiving module 801, configured to receive a data access request sent by a first user terminal, where the data access request is used to access target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data. For the detailed implementation process, reference is made to corresponding contents in the above embodiments, and details are not repeated here.
A first sending module 802, configured to send an access authorization request to a second user terminal, where the access authorization request is used to request an access right of the target health data. For the detailed implementation process, reference is made to corresponding contents in the above embodiments, and details are not repeated here.
A second receiving module 803, configured to receive an access authorization response sent by the second user terminal, where the access authorization response is used to indicate whether the second user grants the first user terminal the right to access the target health data. For the detailed implementation process, reference is made to corresponding contents in the above embodiments, and details are not repeated here.
The encryption module 804 is configured to encrypt the target health data according to the encryption level of the target health data by using the encryption parameter of the second user when the access authorization response indicates that the second user has granted the first user terminal the right to access the target health data. For the detailed implementation process, reference is made to corresponding contents in the above embodiments, and details are not repeated here.
The second sending module 805 is configured to send the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, where the first user terminal is configured to decrypt and display the ciphertext of the target health data according to the decryption parameter. For the detailed implementation process, reference is made to corresponding contents in the above embodiments, and details are not repeated here.
Optionally, the target health data is basic data of the second user, and the basic data refers to current basic information of the second user;
the apparatus is also specifically configured to:
converting the basic data of the second user into corresponding feature vectors to obtain basic data vectors of the second user;
determining a distance between the base data vector of the second user and the base data vector of each of the plurality of reference users;
converting the distance between the basic data vector of the second user and the basic data vector of each reference user into the basic data similarity between the second user and each reference user;
and determining the encryption level of the basic data of the second user based on the similarity of the basic data between the second user and each reference user and the encryption level of the basic data of each reference user.
Optionally, the target health data is inquiry data of the second user, and the inquiry data refers to data generated by the second user in an inquiry process;
the device also includes:
the first conversion module is used for converting the inquiry data of the second user into corresponding characteristic vectors so as to obtain the inquiry data vectors of the second user;
the first determination module is used for determining the inquiry similarity between the second user and each reference user based on the inquiry data vector of the second user and the inquiry data vectors of a plurality of reference users;
and the second determining module is used for determining the encryption level of the inquiry data of the second user based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
Optionally, the first determining module is specifically configured to:
determining the inquiry similarity between the second user and each reference user according to the following formula based on the inquiry data vector of the second user and the inquiry data vectors of the plurality of reference users;
wherein, in the above formula, SWRepresenting the inquiry similarity between the second user and the ith reference user in the plurality of reference users, x2jRepresenting the jth element, x, in the second user's interrogation data vectorijRepresents the jth element in the interrogation data vector of the ith reference user, and n represents the number of elements included in the interrogation data vector.
Optionally, the target health data is family sign data of the second user, and the family sign data refers to sign data measured by the second user at home;
the device also includes:
the second conversion module is used for converting the family sign data of the second user into corresponding characteristic vectors so as to obtain the family sign vectors of the second user;
the third determination module is used for determining the similarity of the second user and each reference user about the same type of sign data based on the family sign vector of the second user and the family sign vectors of a plurality of reference users;
the fourth determination module is used for determining the average value of the similarity of the second user and each reference user about various types of physical sign data as the family physical sign similarity between the second user and each reference user;
and the fifth determining module is used for determining the encryption level of the family physical sign data of the second user based on the family physical sign similarity between the second user and each reference user and the encryption level of the family physical sign data of each reference user.
Optionally, the third determining module includes:
a selecting unit, configured to select a reference user from the multiple reference users, and determine similarity of the second user and the selected reference user with respect to the same type of physical sign data according to the following operations until the similarity of the second user and each reference user with respect to the same type of physical sign data is determined:
the acquisition unit is used for acquiring data elements measured by adopting an instrument of a first model and data elements measured by adopting an instrument of a second model from the family sign vector of the second user and the family sign vectors of the multiple reference users so as to obtain a first group of sample data and a second group of sample data;
the first model refers to an instrument model used by a second user when measuring target sign data, the second model refers to an instrument model used by a selected reference user when measuring the target sign data, and the target sign data is any one sign data;
a first determining unit for determining a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data;
and the second determining unit is used for determining the similarity of the second user and the selected reference user about the target sign data based on the sample standard deviation of the first group of sample data, the sample standard deviation of the second group of sample data and the sample covariance between the first group of sample data and the second group of sample data.
Optionally, the second determining unit is specifically configured to:
determining the similarity of the second user and the selected reference user about the target physical sign data according to the following formula based on the sample standard deviation of the first group of sample data, the sample standard deviation of the second group of sample data and the sample covariance between the first group of sample data and the second group of sample data;
wherein, in the above formula, rEyes of a userRepresenting the similarity of the second user with the selected reference user with respect to the target sign data, Cov (X)1,X2) Representing the sample covariance, S, between a first set of sample data and a second set of sample data1Represents the sample standard deviation, S, of a first set of sample data2Representing the sample standard deviation of the second set of sample data.
Optionally, the target health data is medical examination data of the second user, and the medical examination data refers to physical data examined by the second user in a medical institution;
the apparatus is also specifically configured to:
converting the medical examination data of the second user into corresponding feature vectors to obtain the medical examination vectors of the second user;
determining similarity of the second user and each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of the plurality of reference users;
determining the average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user;
and determining the encryption level of the medical inspection data of the second user based on the medical inspection similarity between the second user and each reference user and the encryption level of the medical inspection data of each reference user.
Optionally, the apparatus further comprises:
the acquisition module is used for acquiring the security parameters and the encrypted private key input by the second user;
the first generation module is used for generating public parameters of the second user by adopting a Hash algorithm based on the security parameters;
the second generation module is used for generating an encrypted public key of a second user based on the encrypted private key;
and the sixth determining module is used for determining the public parameter, the encryption private key and the encryption public key as the encryption parameter of the second user.
In the embodiment of the application, when the first user terminal requests to access the target health data of the second user, the ciphertext of the target health data is sent to the first user terminal through the authorization of the second user, and the ciphertext is not the plaintext of the target health data. In this way, it may be avoided that the health data of the second user is intercepted, maliciously forwarded, tampered with, etc. Moreover, different types of health data correspond to different encryption levels and different visible ranges, and only the user terminal in the visible range can access the corresponding health data, so that encryption is performed according to the encryption levels of various types of health data, and encryption is not uniformly performed according to the encryption level of the highest level, so that unnecessary encryption processes can be reduced, and the data access performance is improved. In addition, when the server determines the encryption levels of the various types of health data, the similarity between the second user and each reference user is determined respectively by adopting different algorithms based on the characteristics of the various types of health data, and then the encryption levels of the various types of health data are determined. In this way, the encryption level of each type of health data can be accurately determined. Under the condition that the second user is not satisfied with the encryption level determined by the server, the second user can also independently select the encryption level and the health data sharing range, and personalized privacy protection is provided for the second user.
It should be noted that: in the data access device provided in the above embodiment, only the division of the functional modules is illustrated when data access is performed, and in practical applications, the functions may be distributed by different functional modules as needed, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the functions described above. In addition, the data access device and the data access method provided by the above embodiments belong to the same concept, and specific implementation processes thereof are described in the method embodiments and are not described herein again.
Fig. 9 is a block diagram of a user terminal 900 according to an embodiment of the present disclosure. The user terminal 900 may be a portable mobile terminal such as: a smart phone, a tablet computer, an MP3 player (Moving Picture Experts Group Audio Layer III, motion video Experts compression standard Audio Layer 3), an MP4 player (Moving Picture Experts Group Audio Layer IV, motion video Experts compression standard Audio Layer 4), a notebook computer, or a desktop computer. User terminal 900 may also be referred to by other names such as user equipment, portable terminals, laptop terminals, desktop terminals, etc.
In general, user terminal 900 includes: a processor 901 and a memory 902.
In some embodiments, user terminal 900 may also optionally include: a peripheral interface 903 and at least one peripheral. The processor 901, memory 902, and peripheral interface 903 may be connected by buses or signal lines. Various peripheral devices may be connected to the peripheral interface 903 via a bus, signal line, or circuit board. Specifically, the peripheral device includes: at least one of a radio frequency circuit 904, a touch display screen 905, a camera 906, an audio circuit 907, a positioning component 908, and a power supply 909.
The peripheral interface 903 may be used to connect at least one peripheral related to I/O (Input/Output) to the processor 901 and the memory 902. In some embodiments, the processor 901, memory 902, and peripheral interface 903 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 901, the memory 902 and the peripheral interface 903 may be implemented on a separate chip or circuit board, which is not limited by this embodiment.
The Radio Frequency circuit 904 is used for receiving and transmitting RF (Radio Frequency) signals, also called electromagnetic signals. The radio frequency circuitry 904 communicates with communication networks and other communication devices via electromagnetic signals. The radio frequency circuit 904 converts an electrical signal into an electromagnetic signal to transmit, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 904 comprises: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuit 904 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: the world wide web, metropolitan area networks, intranets, generations of mobile communication networks (2G, 3G, 4G, and 5G), Wireless local area networks, and/or WiFi (Wireless Fidelity) networks. In some embodiments, the radio frequency circuit 904 may further include NFC (Near Field Communication) related circuits, which are not limited in this application.
The display screen 905 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display screen 905 is a touch display screen, the display screen 905 also has the ability to capture touch signals on or over the surface of the display screen 905. The touch signal may be input to the processor 901 as a control signal for processing. At this point, the display 905 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display screen 905 may be one, providing the front panel of the user terminal 900; in other embodiments, the number of the display panels 905 may be at least two, and each of the display panels is disposed on a different surface of the user terminal 900 or is in a foldable design; in still other embodiments, the display 905 may be a flexible display, disposed on a curved surface or on a folded surface of the user terminal 900. Even more, the display screen 905 may be arranged in a non-rectangular irregular figure, i.e. a shaped screen. The Display panel 905 can be made of LCD (Liquid Crystal Display), OLED (Organic Light-Emitting Diode), and other materials.
The camera assembly 906 is used to capture images or video. Optionally, camera assembly 906 includes a front camera and a rear camera. Generally, a front camera is disposed on a front panel of the user terminal, and a rear camera is disposed on a rear surface of the user terminal. In some embodiments, the number of the rear cameras is at least two, and each rear camera is any one of a main camera, a depth-of-field camera, a wide-angle camera and a telephoto camera, so that the main camera and the depth-of-field camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize panoramic shooting and VR (Virtual Reality) shooting functions or other fusion shooting functions. In some embodiments, camera assembly 906 may also include a flash. The flash lamp can be a monochrome temperature flash lamp or a bicolor temperature flash lamp. The double-color-temperature flash lamp is a combination of a warm-light flash lamp and a cold-light flash lamp, and can be used for light compensation at different color temperatures.
The positioning component 908 is used to locate the current geographic Location of the user terminal 900 to implement navigation or LBS (Location Based Service). The Positioning component 908 may be a Positioning component based on the Global Positioning System (GPS) in the united states, the beidou System in china, or the galileo System in russia.
The power supply 909 is used to supply power to each component in the user terminal 900. The power source 909 may be alternating current, direct current, disposable or rechargeable. When the power source 909 includes a rechargeable battery, the rechargeable battery may be a wired rechargeable battery or a wireless rechargeable battery. The wired rechargeable battery is a battery charged through a wired line, and the wireless rechargeable battery is a battery charged through a wireless coil. The rechargeable battery may also be used to support fast charge technology.
In some embodiments, user terminal 900 also includes one or more sensors 910. The one or more sensors 910 include, but are not limited to: acceleration sensor 911, gyro sensor 912, pressure sensor 913, fingerprint sensor 914, optical sensor 915, and proximity sensor 916.
The acceleration sensor 911 may detect the magnitude of acceleration in three coordinate axes of a coordinate system established with the user terminal 900. For example, the acceleration sensor 911 may be used to detect the components of the gravitational acceleration in three coordinate axes. The processor 901 can control the touch display 905 to display the user interface in a landscape view or a portrait view according to the gravitational acceleration signal collected by the acceleration sensor 911. The acceleration sensor 911 may also be used for acquisition of motion data of a game or a user.
The gyro sensor 912 may detect a body direction and a rotation angle of the user terminal 900, and the gyro sensor 912 may cooperate with the acceleration sensor 911 to acquire a 3D motion of the user on the user terminal 900. The processor 901 can implement the following functions according to the data collected by the gyro sensor 912: motion sensing (such as changing the UI according to a user's tilting operation), image stabilization at the time of photographing, game control, and inertial navigation.
The pressure sensor 913 may be disposed at a side bezel of the user terminal 900 and/or at a lower layer of the touch display 905. When the pressure sensor 913 is disposed on the side frame of the user terminal 900, the user's holding signal of the user terminal 900 may be detected, and the processor 901 performs left-right hand recognition or shortcut operation according to the holding signal collected by the pressure sensor 913. When the pressure sensor 913 is disposed at a lower layer of the touch display 905, the processor 901 controls the operability control on the UI interface according to the pressure operation of the user on the touch display 905. The operability control comprises at least one of a button control, a scroll bar control, an icon control and a menu control.
The fingerprint sensor 914 is used for collecting a fingerprint of the user, and the processor 901 identifies the user according to the fingerprint collected by the fingerprint sensor 914, or the fingerprint sensor 914 identifies the user according to the collected fingerprint. Upon recognizing that the user's identity is a trusted identity, processor 901 authorizes the user to perform relevant sensitive operations including unlocking the screen, viewing encrypted information, downloading software, paying, and changing settings, etc. The fingerprint sensor 914 may be disposed on the front, back, or side of the user terminal 900. When a physical key or vendor Logo is provided on the user terminal 900, the fingerprint sensor 914 may be integrated with the physical key or vendor Logo.
The optical sensor 915 is used to collect ambient light intensity. In one embodiment, the processor 901 may control the display brightness of the touch display 905 based on the ambient light intensity collected by the optical sensor 915. Specifically, when the ambient light intensity is high, the display brightness of the touch display screen 905 is increased; when the ambient light intensity is low, the display brightness of the touch display screen 905 is turned down. In another embodiment, the processor 901 can also dynamically adjust the shooting parameters of the camera assembly 906 according to the ambient light intensity collected by the optical sensor 915.
A proximity sensor 916, also called a distance sensor, is generally provided at a front panel of the user terminal 900. The proximity sensor 916 is used to collect a distance between the user and the front surface of the user terminal 900. In one embodiment, when the proximity sensor 916 detects that the distance between the user and the front face of the user terminal 900 gradually decreases, the processor 901 controls the touch display 905 to switch from the bright screen state to the dark screen state; when the proximity sensor 916 detects that the distance between the user and the front surface of the user terminal 900 becomes gradually larger, the processor 901 controls the touch display 905 to switch from the breath screen state to the bright screen state.
Those skilled in the art will appreciate that the architecture shown in fig. 9 is not intended to be limiting of user terminal 900, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components may be employed.
Fig. 10 is a schematic structural diagram of a server according to an embodiment of the present application. The server 1000 includes a Central Processing Unit (CPU)1001, a system memory 1004 including a Random Access Memory (RAM)1002 and a Read Only Memory (ROM)1003, and a system bus 1005 connecting the system memory 1004 and the central processing unit 1001. The server 1000 also includes a basic input/output system (I/O system) 1006, which facilitates the transfer of information between devices within the computer, and a mass storage device 1007, which stores an operating system 1013, application programs 1014, and other program modules 1015.
The basic input/output system 1006 includes a display 1008 for displaying information and an input device 1009, such as a mouse, keyboard, etc., for user input of information. Wherein a display 1008 and an input device 1009 are connected to the central processing unit 1001 via an input-output controller 1010 connected to the system bus 1005. The basic input/output system 1006 may also include an input/output controller 1010 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, the input-output controller 1010 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1007 is connected to the central processing unit 1001 through a mass storage controller (not shown) connected to the system bus 1005. The mass storage device 1007 and its associated computer-readable media provide non-volatile storage for the server 1000. That is, the mass storage device 1007 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Without loss of generality, computer readable media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices. Of course, those skilled in the art will appreciate that computer storage media is not limited to the foregoing. The system memory 1004 and mass storage device 1007 described above may be collectively referred to as memory.
According to various embodiments of the present application, the server 1000 may also operate as a remote computer connected to a network through a network, such as the Internet. That is, the server 1000 may be connected to the network 1012 through a network interface unit 1011 connected to the system bus 1005, or the network interface unit 1011 may be used to connect to another type of network or a remote computer system (not shown).
The memory further includes one or more programs, and the one or more programs are stored in the memory and configured to be executed by the CPU.
In some embodiments, a computer-readable storage medium is also provided, in which a computer program is stored, which, when being executed by a processor, implements the steps of the data access method in the above embodiments. For example, the computer readable storage medium may be a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
It is noted that the computer-readable storage medium referred to in the embodiments of the present application may be a non-volatile storage medium, in other words, a non-transitory storage medium.
It should be understood that all or part of the steps for implementing the above embodiments may be implemented by software, hardware, firmware or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The computer instructions may be stored in the computer-readable storage medium described above.
That is, in some embodiments, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the steps of the data access method described above.
It is to be understood that reference herein to "at least one" means one or more and "a plurality" means two or more. In the description of the embodiments of the present application, "/" means "or" unless otherwise specified, for example, a/B may mean a or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, in order to facilitate clear description of technical solutions of the embodiments of the present application, in the embodiments of the present application, terms such as "first" and "second" are used to distinguish the same items or similar items having substantially the same functions and actions. Those skilled in the art will appreciate that the terms "first," "second," etc. do not denote any order or quantity, nor do the terms "first," "second," etc. denote any order or importance.
It should be noted that the information (including but not limited to user equipment information, user personal information, etc.), data (including but not limited to data for analysis, stored data, displayed data, etc.) and signals referred to in the embodiments of the present application are authorized by the user or fully authorized by various parties, and the collection, use and processing of the relevant data need to comply with relevant laws and regulations and standards in relevant countries and regions. For example, the health data, encryption parameters, user identification, etc. referred to in the embodiments of the present application are obtained under sufficient authorization.
The above-mentioned embodiments are provided not to limit the present application, and any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (10)
1. A method of data access, the method comprising:
receiving a data access request sent by a first user terminal, wherein the data access request is used for accessing target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
sending an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data;
under the condition that the access authorization response indicates that the second user has granted the first user terminal the authority to access the target health data, encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data;
and sending the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, wherein the first user terminal is used for decrypting and displaying the ciphertext of the target health data through the decryption parameter.
2. The method of claim 1, wherein the target health data is basic data of the second user, and the basic data refers to current basic information of the second user;
before encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data, the method further comprises the following steps:
converting the basic data of the second user into corresponding feature vectors to obtain basic data vectors of the second user;
determining a distance between the base data vector of the second user and the base data vector of each of a plurality of reference users;
converting the distance between the basic data vector of the second user and the basic data vector of each reference user into the basic data similarity between the second user and each reference user;
and determining the encryption level of the basic data of the second user based on the similarity of the basic data between the second user and each reference user and the encryption level of the basic data of each reference user.
3. The method of claim 1, wherein the target health data is the second user's interview data, the interview data being generated by the second user during an interview process;
before encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data, the method further comprises the following steps:
converting the inquiry data of the second user into corresponding characteristic vectors to obtain inquiry data vectors of the second user;
determining an interrogation similarity between the second user and each of the plurality of reference users based on the interrogation data vector of the second user and the interrogation data vectors of the plurality of reference users;
determining an encryption level of the inquiry data of the second user based on the inquiry similarity between the second user and each reference user and the encryption level of the inquiry data of each reference user.
4. The method of claim 3, wherein determining the interrogation similarity between the second user and each of the plurality of reference users based on the interrogation data vector of the second user and the interrogation data vectors of the plurality of reference users comprises:
determining an inquiry similarity between the second user and each reference user according to the following formula based on the inquiry data vector of the second user and the inquiry data vectors of a plurality of reference users;
wherein, in the above formula, SWRepresenting an inquiry similarity between the second user and an ith reference user of the plurality of reference users, x2jOn behalf of said second userThe jth element, x, in the interrogation data vectorijRepresents the jth element in the interrogation data vector of the ith reference user, and n represents the number of elements included in the interrogation data vector.
5. The method of claim 1, wherein the target health data is family sign data of the second user, and the family sign data refers to sign data measured by the second user at home;
before encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data, the method further comprises the following steps:
converting the family sign data of the second user into corresponding feature vectors to obtain family sign vectors of the second user;
determining similarity of the second user and each reference user about the same type of sign data based on the family sign vector of the second user and the family sign vectors of a plurality of reference users;
determining the average value of the similarity of the second user and each reference user about various types of physical sign data as the family physical sign similarity between the second user and each reference user;
and determining the encryption level of the family sign data of the second user based on the family sign similarity between the second user and each reference user and the encryption level of the family sign data of each reference user.
6. The method of claim 5, wherein the determining the similarity of the second user to each reference user with respect to the same type of vital sign data based on the family sign vector of the second user and the family sign vectors of a plurality of reference users comprises:
selecting one reference user from the multiple reference users, and determining the similarity of the second user and the selected reference user about the same type of physical sign data according to the following operations until the similarity of the second user and each reference user about the same type of physical sign data is determined:
acquiring data elements measured by adopting an instrument of a first model and data elements measured by adopting an instrument of a second model from the family sign vector of the second user and the family sign vectors of the plurality of reference users to obtain a first group of sample data and a second group of sample data;
the first model refers to an instrument model used by the second user when measuring the target sign data, the second model refers to an instrument model used by the selected reference user when measuring the target sign data, and the target sign data is any one sign data;
determining a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data;
determining a similarity of the second user to a selected reference user with respect to the target vital sign data based on the sample standard deviations of the first set of sample data, the sample standard deviations of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data.
7. The method of claim 6, wherein the determining a similarity of the second user to the selected reference user with respect to the target vital sign data based on a sample standard deviation of the first set of sample data, a sample standard deviation of the second set of sample data, and a sample covariance between the first set of sample data and the second set of sample data comprises:
determining a similarity of the second user to a selected reference user with respect to the target vital sign data according to the following formula based on the sample standard deviation of the first set of sample data, the sample standard deviation of the second set of sample data, and the sample covariance between the first set of sample data and the second set of sample data;
wherein, in the above formula, rEyes of a userRepresenting the similarity of the second user and the selected reference user with respect to the target physical sign data, Cov (X)1,X2) Representing a sample covariance, S, between the first set of sample data and the second set of sample data1A sample standard deviation, S, representative of the first set of sample data2Represents a sample standard deviation of the second set of sample data.
8. The method of claim 1, wherein the target health data is medical examination data of the second user, the medical examination data being physical data examined by the second user at a medical institution;
before encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data, the method further comprises the following steps:
converting the medical examination data of the second user into corresponding feature vectors to obtain the medical examination vectors of the second user;
determining a similarity of the second user to each reference user with respect to the same type of test data based on the medical test vector of the second user and the medical test vectors of a plurality of reference users;
determining an average value of the similarity of the second user and each reference user about various types of test data as the medical test similarity between the second user and each reference user;
determining an encryption level of the medical examination data of the second user based on the medical examination similarity between the second user and each reference user and the encryption level of the medical examination data of each reference user.
9. The method of any one of claims 1-8, wherein the method further comprises:
acquiring security parameters and an encrypted private key input by the second user;
generating public parameters of the second user by adopting a Hash algorithm based on the security parameters;
generating an encrypted public key of the second user based on the encrypted private key;
and determining the public parameter, the encryption private key and the encryption public key as the encryption parameter of the second user.
10. A server, characterized in that the server comprises a receiver, a transmitter and a processor;
the receiver is used for receiving a data access request sent by a first user terminal, the data access request is used for accessing target health data of a second user, the target health data is one of multiple types of health data, the multiple types of health data are remote inquiry data of the second user, each type of health data has a corresponding visible range, and the first user terminal is located in the visible range of the target health data;
the transmitter is used for transmitting an access authorization request to a second user terminal, wherein the access authorization request is used for requesting the access authority of the target health data;
the receiver is further used for receiving an access authorization response sent by the second user terminal, wherein the access authorization response is used for indicating whether the second user grants the first user terminal the authority to access the target health data;
the processor is used for encrypting the target health data by using the encryption parameter of the second user according to the encryption level of the target health data under the condition that the access authorization response indicates that the second user has granted the authority of the first user terminal to access the target health data;
the transmitter is further configured to transmit the ciphertext of the target health data and the decryption parameter of the second user to the first user terminal, and the first user terminal is configured to decrypt and display the ciphertext of the target health data according to the decryption parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210185340.0A CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210185340.0A CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114422265A true CN114422265A (en) | 2022-04-29 |
| CN114422265B CN114422265B (en) | 2024-05-03 |
Family
ID=81261767
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210185340.0A Active CN114422265B (en) | 2022-02-28 | 2022-02-28 | Data access method and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114422265B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116344010A (en) * | 2023-05-23 | 2023-06-27 | 广东名阳信息科技有限公司 | Household health management method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140223576A1 (en) * | 2012-10-17 | 2014-08-07 | Beijing Z & W Technology Consulting Co., Ltd. | Method and System for Improving the Data Security of Cloud Computing |
| CN105635082A (en) * | 2014-11-12 | 2016-06-01 | 北大方正集团有限公司 | Dynamic authorization method and system, authorization center, and authorization client |
| CN106027552A (en) * | 2016-06-30 | 2016-10-12 | 中经汇通电子商务有限公司 | Method and system for accessing cloud storage data by user |
| CN111049803A (en) * | 2019-11-20 | 2020-04-21 | 江苏物联网络科技发展有限公司 | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system |
| CN112825520A (en) * | 2019-11-21 | 2021-05-21 | 中国移动通信有限公司研究院 | User privacy data processing method, device, system and storage medium |
| CN114003929A (en) * | 2021-10-27 | 2022-02-01 | 平安国际智慧城市科技股份有限公司 | Data processing method, device, server and storage medium |
-
2022
- 2022-02-28 CN CN202210185340.0A patent/CN114422265B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140223576A1 (en) * | 2012-10-17 | 2014-08-07 | Beijing Z & W Technology Consulting Co., Ltd. | Method and System for Improving the Data Security of Cloud Computing |
| CN105635082A (en) * | 2014-11-12 | 2016-06-01 | 北大方正集团有限公司 | Dynamic authorization method and system, authorization center, and authorization client |
| CN106027552A (en) * | 2016-06-30 | 2016-10-12 | 中经汇通电子商务有限公司 | Method and system for accessing cloud storage data by user |
| CN111049803A (en) * | 2019-11-20 | 2020-04-21 | 江苏物联网络科技发展有限公司 | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system |
| CN112825520A (en) * | 2019-11-21 | 2021-05-21 | 中国移动通信有限公司研究院 | User privacy data processing method, device, system and storage medium |
| CN114003929A (en) * | 2021-10-27 | 2022-02-01 | 平安国际智慧城市科技股份有限公司 | Data processing method, device, server and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 江心怡;陈敏;: "电子病历数据治理方法的研究", 中国医院管理, no. 08 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116344010A (en) * | 2023-05-23 | 2023-06-27 | 广东名阳信息科技有限公司 | Household health management method and device, electronic equipment and storage medium |
| CN116344010B (en) * | 2023-05-23 | 2023-08-25 | 广东名阳信息科技有限公司 | Household health management method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114422265B (en) | 2024-05-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110209952B (en) | Information recommendation method, device, equipment and storage medium | |
| CN110569909B (en) | Block chain-based fault early warning method, device, equipment and storage medium | |
| CN108924737B (en) | Positioning method, device, equipment and computer readable storage medium | |
| CN106471860B (en) | Mobile terminal and method for controlling the same | |
| US20160180026A1 (en) | Mobile terminal and method for controlling the same | |
| CN110807325B (en) | Predicate identification method, predicate identification device and storage medium | |
| CN111104980B (en) | Method, device, equipment and storage medium for determining classification result | |
| CN111209313B (en) | Block chain-based medical project data query method and device | |
| CN111508609A (en) | Health condition risk prediction method and device, computer equipment and storage medium | |
| CN111104402A (en) | Method, device, electronic equipment and medium for searching data | |
| CN112002391A (en) | Method and device for determining checking sequence, electronic equipment and storage medium | |
| CN110535820A (en) | For the classification method of malice domain name, device, electronic equipment and medium | |
| CN110675473B (en) | Method, device, electronic equipment and medium for generating GIF dynamic diagram | |
| CN111598896A (en) | Image detection method, device, equipment and storage medium | |
| CN114422265B (en) | Data access method and server | |
| CN110544193A (en) | Donation information distributed storage method and device | |
| CN110597801A (en) | Database system and establishing method and device thereof | |
| CN110597840B (en) | Partner relationship establishment method, device, equipment and storage medium based on blockchain | |
| CN111563201A (en) | Content pushing method, device, server and storage medium | |
| CN113987326B (en) | Resource recommendation method and device, computer equipment and medium | |
| CN110968549B (en) | File storage method, device, electronic equipment and medium | |
| CN114153963A (en) | Document recommendation method and device, computer equipment and medium | |
| CN110197055B (en) | Method, device, equipment and storage medium for managing information | |
| CN114328948A (en) | Training method of text standardization model, text standardization method and device | |
| CN114612887A (en) | Bill abnormity detection method, device, equipment and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |