CN116303767A - Medical data multistage management and sharing method based on CP-ABE - Google Patents

Medical data multistage management and sharing method based on CP-ABE Download PDF

Info

Publication number
CN116303767A
CN116303767A CN202310132919.5A CN202310132919A CN116303767A CN 116303767 A CN116303767 A CN 116303767A CN 202310132919 A CN202310132919 A CN 202310132919A CN 116303767 A CN116303767 A CN 116303767A
Authority
CN
China
Prior art keywords
user
data
transaction list
nodes
medical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310132919.5A
Other languages
Chinese (zh)
Inventor
宋鸽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Jiaotong University
Original Assignee
Xian Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Jiaotong University filed Critical Xian Jiaotong University
Priority to CN202310132919.5A priority Critical patent/CN116303767A/en
Publication of CN116303767A publication Critical patent/CN116303767A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2255Hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02ATECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
    • Y02A90/00Technologies having an indirect contribution to adaptation to climate change
    • Y02A90/10Information and communication technologies [ICT] supporting adaptation to climate change, e.g. for weather forecasting or climate simulation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

The invention relates to a medical data multistage management and sharing method based on CP-ABE, which is used for solving the problems that medical data is difficult to effectively interact and the data reliability is insufficient. The method comprises the following steps: distributing keys by a trusted authority to patients, third-party medical institutions, and doctors; using private keys by doctors, patients and third-party medical institutions, encrypting a private chain transaction list based on a CP-ABE algorithm, uploading the encrypted private chain transaction list to a blockchain by a hospital node and broadcasting the encrypted private chain transaction list, uploading a keyword ciphertext sent by the patients to a alliance chain by an authoritative node, carrying out decentralization hierarchical management on the nodes on the alliance chain, and forming an index transaction list by the private chain transaction list and the keyword ciphertext sent by the patients on the blockchain; the third party data user adopts intelligent contract technology to obtain the index transaction list corresponding to the medical shared data which the user wants to access, the third party data user judges the attribute set of the third party data user, and if and only if the access strategy defined by the patient is met, the user can decrypt the data.

Description

Medical data multistage management and sharing method based on CP-ABE
Technical Field
The invention relates to the field of medical data sharing management, in particular to a medical data multistage management and sharing method based on CP-ABE.
Background
When data sharing is performed between medical institutions, there are problems such as data islands, data update delays, user access restrictions and the like, which require a lot of resources and time for authority examination and data verification. The medical data is most important to ensure the safety of the data, and a mutually trusted and shared medical data platform is possibly built on the basis of avoiding leakage. The blockchain is used as a bottom layer platform, and can provide reliable guarantee for big data and data sources required by AI.
The traditional medical data sharing mode mainly adopts a data hosting or data aggregation mode, a data user hosts data into a centralized mechanism, when a data requester inquires the data, a central database performs local inquiry or broadcasts the demand to the data user, the data user transmits the data to the central database, and the central database transmits the data to the requester. The whole sharing process depends on a centralized third party, and data real security, data flow transparency, user data privacy and data ownership definiteness cannot be ensured.
In some existing schemes for applying the blockchain technology to medical data sharing, the problem of communication in large-scale network nodes is mostly not considered, and the problems of high network overhead, transaction delay, high communication cost and the like exist.
Disclosure of Invention
In order to solve the sharing problem of the medical data in the prior art, the invention aims to provide a medical data multistage management and sharing method based on the CP-ABE, and the sharing access of the medical data is realized by controlling the access; the dynamic adjustment is carried out on the influence factors of the nodes, and multi-level management is implemented, so that the aim of improving the participation enthusiasm of the nodes is fulfilled; meanwhile, ciphertext policy attribute encryption (CP-ABE) is combined with blockchain medical technology, so that only third party users meeting system setting can check and operate user medical data, user key safety is better protected, and system efficiency is improved.
In order to achieve the above object, the technical scheme of the present invention is as follows.
In a first aspect, the present invention proposes a CP-ABE based medical data multi-level management and sharing method, the method comprising the steps of:
distributing keys by a trusted authority to patients, third-party medical institutions, and doctors;
using private keys by doctors, patients and third-party medical institutions, encrypting a private chain transaction list based on a CP-ABE algorithm, uploading the encrypted private chain transaction list to a blockchain by a hospital node and broadcasting the encrypted private chain transaction list, uploading a keyword ciphertext sent by the patients to a alliance chain by an authoritative node, performing decentralization hierarchical management on the nodes on the alliance chain, and forming an index transaction list by the private chain transaction list and the keyword ciphertext sent by the patients on the blockchain;
the third party data user adopts intelligent contract technology to obtain the index transaction list corresponding to the medical shared data which the user wants to access, the third party data user judges the attribute set of the third party data user, and if and only if the access strategy defined by the patient is met, the user can decrypt the data.
In the above technical solution, the private chain transaction list is encrypted and then uploaded to the blockchain by the hospital node, comprising the following steps:
when a patient goes to a hospital for a doctor, the hospital server registers an Identity (ID) for the patient and distributes doctors, and the personal identity information and the access strategy information are authorized for the corresponding doctors;
the doctor generates a patient pseudo-identity ID through the random number, generates a transaction record code by utilizing a doctor private key, and uploads the ciphertext hash, the patient pseudo-identity ID and the authorization information to the blockchain.
In the above technical solution, the access policy is to perform one-to-one correspondence between each row of the user information matrix and different attributes of the user, and obtain the matching condition of the user information and the patient attributes through calculation.
In the technical scheme, the alliance chain is jointly constructed by n hospitals, and the authority node is a government authority.
In the technical scheme, the method dynamically adjusts the influence factors of the nodes on the alliance chain.
In the above technical solution, performing decentralized hierarchical management on nodes on a federation chain includes:
dividing nodes on a alliance chain into an initialization layer, a quasi-generation surface layer and a representation layer;
the initialization layer is composed of added initial nodes, the layer has the same kind of probability verification factors, and nodes of the layer can be equal in status through rewarding and punishment measures, so that the next round of competition can be fairly entered;
the quasi-generation surface layer is composed of nodes meeting the opportunity verification, and the Target value is automatically adjusted according to different service scenes;
the proxy layer is composed of quasi-proxy layer nodes meeting the probability verification, and the proxy is randomly dropped out through random guessing numbers.
In the above technical solution, the trusted authority center selects two large primes of x and y and calculates the value of n=x×y, and the euler function is recorded as
Figure BDA0004084803820000031
For random number A, calculate +.>
Figure BDA0004084803820000032
Figure BDA0004084803820000033
The public key is pk= { a, n }, and the private key is SK is S.
In the above technical solution, the obtaining, by the third party data user, the index transaction list corresponding to the medical shared data that the third party data user wants to access by using the intelligent contract technology includes:
after the authentication of the third party data user is successful, a search limit door is generated for the medical data which is required to be accessed, a request is sent to a government authority structure, the alliance link point receives the request and then searches and matches, and after the matching is successful, the authority node returns an index transaction list.
In the technical scheme, the search matching is realized by verifying whether the keyword set can be matched with the keyword index generated by the user.
In a second aspect, a computer readable storage medium is provided for storing a computer program capable of being loaded by a processor and performing any one of the methods described above.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort to a person skilled in the art.
FIG. 1 is a schematic diagram of a medical data sharing model in one embodiment;
FIG. 2 is a schematic diagram of a block chain based attribute encryption data flow.
Detailed Description
Aiming at the problems that medical data is difficult to effectively interact and the data reliability is insufficient, in a specific embodiment, a medical data multistage management and sharing method based on CP-ABE is adopted to solve, and the method realizes the shared access to the medical data by controlling the access. Aiming at the problem of large-scale network node communication in a sharing scheme, the influence factors of the nodes are dynamically regulated, so that the aim of improving the participation enthusiasm of the nodes is fulfilled, and in the technical scheme, the CP-ABE is combined with the blockchain medical technology to protect the data security.
FIG. 1 is a schematic diagram of a medical data sharing model in which:
a trusted authority: and the system is responsible for parameter setting of the whole system, generates a public key and a master key for the system, and generates corresponding private keys for patients, third-party medical institutions and doctors.
Patient: when a patient goes to a hospital visit, the hospital server first registers an identity ID for the patient, and then selects and authorizes the corresponding doctor to visit. Wherein the authorization information includes: patient personal identity information, patient generated access policy information. A set of keys is generated and encrypted at the same time.
The doctor: and the patient and the hospital and the third-party medical institution participate in the data sharing process.
Third party medical institution: the method is mainly a third party trusted authority which needs to acquire medical data for scientific research and the like. When a third party user searches patient medical records, the authoritative node needs to return the search result to the user, if the search is successful, the result is submitted to the hospital database system to obtain EMR ciphertext, and decryption is carried out to obtain the patient electronic medical record information.
Alliance chain: is commonly constructed by n hospitals, and incorporates government authorities into a alliance chain as authority nodes to commonly maintain the security and privacy of data on the chain. The hospital node uploads the transaction to the alliance chain and broadcasts the transaction, meanwhile, the authority node uploads the keyword ciphertext sent by the patient to the alliance chain, and then the server constructs an index transaction list consisting of the private chain transaction list and the keyword ciphertext. After the third party data user sends a request to the authority node, the node on the alliance chain performs search matching, verifies whether a keyword set can be matched with a keyword index generated by the user, if so, returns an index transaction list to the user, and the user continues to judge the attribute set of the user, if and only if the user meeting the access strategy defined by the patient can decrypt the data.
In the sharing model, access control is carried out by adopting a ciphertext-policy-based attribute encryption (CP-ABE) algorithm in the data sharing process, and the authority of a user is managed, so that a legal user can access corresponding data according to the authority of the legal user, and unauthorized access of the user is forbidden, thereby ensuring safe circulation and sharing of the data. CP-ABE typically contains the following algorithm:
CP-abe. Setup (λ) → (PK, MSK): inputting a security parameter lambda, initializing the algorithm, and generating a public parameter PK and a master key MSK;
CP-abe. Keygen (MSK, att_s) →usk: inputting a master key and an attribute set Att_S, and returning a user attribute key USK;
CP-abe. Enc (PK, msg, P) →c: inputting public parameters, data Msg to be encrypted and a decryption strategy P, and returning an encrypted ciphertext c;
CP-ABE. Dec (PK, c, USK). Fwdarw.msg: and inputting the public parameter, the ciphertext and the user attribute key, and if the user attribute is matched with the decryption strategy in the c, successfully decrypting and returning the plaintext Msg.
For the scheme, a user obtains an attribute key containing own attribute through a key generation algorithm, the ciphertext data contains a decryption strategy required by decryption, and the user can successfully decrypt the data only when the own attribute key is completely matched with the decryption strategy in the ciphertext. The specific implementation is shown in fig. 2, and comprises the following four parts:
1. a system establishment part:
global setting and key generation are both done by a trusted authority.
Global setup is accomplished by setting up the system public key and the master key. The input of a security parameter lambda is output as a public parameter PK, a system public Key Key and a master Key MSK. Wherein the trusted authority selects G and G T Bilinear clusters, each of which is prime in order. Selecting one element from G as G T Form a bilinear map. Simultaneously constructing an anti-collision hash function H 1 And H 2 As part of the common parameter PK output. The trusted authority discloses the system public key to all users, while the system master key MSK is kept secret.
Key generation is the generation of corresponding keys for patients, doctors, and third-party healthcare facility users. Firstly, generating a secret key for a patient and a doctor, selecting two large prime numbers of x and y by a trusted authority center, calculating a value of n=x×y, and recording Euler functions as
Figure BDA0004084803820000071
For random number A, calculate +.>
Figure BDA0004084803820000072
Figure BDA0004084803820000073
The public key is pk= { a, n }, and the private key is sk=s. Finally, the key is distributed to the patient, the doctor and the third-party medical institution user by the trusted authority.
2. A data encryption section:
when a patient goes to a hospital for a doctor, the hospital server firstly registers an Identity (ID) for the patient and distributes doctors, then the personal identity information and access strategy information are authorized for the corresponding doctors, the doctors obtain the authorization of the patient to generate electronic medical record information for the patient, and finally the electronic medical record ciphertext is uploaded to a hospital database.
To ensure that patient privacy is preserved throughout the visit and medical data sharing process, a pseudo-identity needs to be generated for the user. The physician generates a patient pseudo-identity ID from the random number. In order to ensure the legality of all transactions in the blockchain system, a doctor private key is utilized to generate a transaction record code, meanwhile, ciphertext hash, patient pseudo-identity ID and authorization information are uploaded to the blockchain, and other doctors verify the legality of the transaction record code.
3. A data verification section:
when a third party data user wants to inquire patient medical record information, a search trapdoor is firstly generated, then the request information is sent to a government authority, search matching is carried out after the request is received by a alliance link point, whether a keyword index generated by the user can be matched with a keyword set or not is verified, if so, a corresponding index transaction list is returned to the user as a search result, the user continues to judge the attribute set of the user, and if and only the user meeting a patient-defined access strategy can decrypt the data. The access strategy is to perform one-to-one correspondence between each row of the user information matrix and different attributes of the user, and obtain the matching condition of the user information and the patient attributes through calculation.
4. A data decryption section:
if the search is successful, the authority node returns the index transaction list to the user, the user continues to judge the attribute set of the index transaction list, and the user meeting the access strategy obtains the result sent by the authority node.
As a further improvement of the implementation mode, the problem of large-scale network node communication in a sharing scheme is solved by dynamically adjusting the influence factors of the nodes on the alliance chain, so that the aim of improving the participation enthusiasm of the nodes is fulfilled.
Compared with a workload certification mechanism (PoW), the authorized stock right certification mechanism (DPoS) does not need to consume a great deal of calculation force, and can improve the transaction efficiency; compared with the traditional stock right certification mechanism (PoS), the DPoS mechanism can better ensure decision fairness; compared with a distributed consistency algorithm (taking PBFT as an example), the DPoS mechanism can meet the related requirements of node joining more flexibly. However, in the conventional DPoS mechanism, the nodes of the subsurface layer are all composed of nodes with high reliability, so that the nodes of the subsurface layer become relatively fixed few nodes for a long time, and lack of relatively fairness.
In order to improve the enthusiasm of each node in the medical block chain for data sharing, all nodes are divided into three layers by improving the voting weight of the nodes with high credibility, and each layer is mutually independent:
1. initializing layer: is responsible for the initialization of the joining node. The layer is composed of the added initial nodes, and ensures that the layer has the same kind of probability verification factors. The newly added node only needs to ensure that the other nodes have the similar probability verification factors, and the old node can be a representative node with completed consensus or a quasi-representative node which is not represented. The nodes of the layer can be equal in status through rewarding and punishment measures, and the next round of competition can be fairly entered;
2. quasi-representative layer: the method mainly comprises an opportunity verification mechanism, and Target values are automatically adjusted according to different service scenes. Nodes meeting the probability verification can form quasi-representative layer nodes. Members from the distributed system can participate in collaboration, acquire rewards, and consume services provided by the system. The positive feedback excitation mechanism improves the stability and the safety in the system;
3. substitution surface layer: and the surface layer for carrying out final consensus decision is formed by quasi-representative layer nodes meeting the probability verification. The representative layer introduces a random guess method so that the representative is randomly superimposed. After the random guess is completed, broadcasting is required at the quasi-representative layer, so that each quasi-representative obtains as many guess results of the round as possible. In the number guessing process, the nodes are opaque, and each node number guessing process is independent.
The improved decentralization consensus mechanism is characterized in that each consensus is carried out by taking a round as a unit, each node independently operates codes, index of the current seed rho and slot is taken as input, and the block from which the current slot should be taken is obtained according to probability, so that the nodes of each round of circulation have equal opportunities to be representatives, and the fairness of the selection of the consensus representatives is ensured. Through the mechanism of opportunity verification, the nodes of the competing representatives are ensured to dynamically change, so that the situation of cyclic replacement of the nodes of the competing representatives is formed. Since the process of DPoS includes voting stages between nodes, the time required is long. In the present consensus mechanism, the method is an opportunity verification mode, so that the time required for consensus is reduced, and the method has certain advantages in terms of throughput. Therefore, the improved decentralization consensus mechanism can effectively avoid excessive waste of computing resources, reduce the communication times and the communication traffic among nodes and improve the efficiency of the whole block chain system.
In summary, for the medical data which is currently dependent on centralized storage of a third party organization, the medical data multilevel management and sharing method based on the CP-ABE can realize the decentralized sharing and storage of the medical data based on the blockchain, thereby improving the effectiveness of medical data interaction and the reliability of the data. The method comprises the following implementation steps:
distributing keys by a trusted authority to patients, third-party medical institutions, and doctors;
using private keys by doctors, patients and third-party medical institutions, encrypting a private chain transaction list based on a CP-ABE algorithm, uploading the encrypted private chain transaction list to a blockchain by a hospital node and broadcasting the encrypted private chain transaction list, uploading a keyword ciphertext sent by the patients to a alliance chain by an authoritative node, carrying out decentralization hierarchical management on the nodes on the alliance chain, and forming an index transaction list by the private chain transaction list and the keyword ciphertext sent by the patients on the blockchain;
the third party data user adopts intelligent contract technology to obtain the index transaction list corresponding to the medical shared data which the user wants to access, the third party data user judges the attribute set of the third party data user, and if and only if the access strategy defined by the patient is met, the user can decrypt the data.
From the above description of the embodiments, it will be apparent to those skilled in the art that the present disclosure may be implemented by means of software plus necessary general purpose hardware, or of course may be implemented by dedicated hardware including application specific integrated circuits, dedicated CPUs, dedicated memories, dedicated components and the like. Generally, functions performed by computer programs can be easily implemented by corresponding hardware, and specific hardware structures for implementing the same functions can be varied, such as analog circuits, digital circuits, or dedicated circuits. However, in more cases for the present disclosure, a software program implementation is a better implementation.
Although the embodiments of the present invention have been described above with reference to the accompanying drawings, the present invention is not limited to the above-described specific embodiments and application fields, and the above-described specific embodiments are merely illustrative, and not restrictive. Those skilled in the art, having the benefit of this disclosure, may effect numerous forms of the invention without departing from the scope of the invention as claimed.

Claims (10)

1. A CP-ABE based medical data multi-level management and sharing method, comprising the steps of:
distributing keys by a trusted authority to patients, third-party medical institutions, and doctors;
using private keys by doctors, patients and third-party medical institutions, encrypting a private chain transaction list based on a CP-ABE algorithm, uploading the encrypted private chain transaction list to a blockchain by a hospital node and broadcasting the encrypted private chain transaction list, uploading a keyword ciphertext sent by the patients to a alliance chain by an authoritative node, carrying out decentralization hierarchical management on the nodes on the alliance chain, and forming an index transaction list by the private chain transaction list and the keyword ciphertext sent by the patients on the blockchain;
the third party data user adopts intelligent contract technology to obtain the index transaction list corresponding to the medical shared data which the user wants to access, the third party data user judges the attribute set of the third party data user, and if and only if the access strategy defined by the patient is met, the user can decrypt the data.
2. The method of claim 1, wherein the private chain transaction ticket is uploaded to the blockchain by the hospital node after being encrypted, comprising the steps of:
when a patient goes to a hospital for a doctor, the hospital server registers an Identity (ID) for the patient and distributes doctors, and the personal identity information and the access strategy information are authorized for the corresponding doctors;
the doctor generates a patient pseudo-identity ID through the random number, generates a transaction record code by utilizing a doctor private key, and uploads the ciphertext hash, the patient pseudo-identity ID and the authorization information to the blockchain.
3. The method of claim 1, wherein the access policy is one-to-one correspondence between each row of the user information matrix and a different attribute of the user, and the matching between the user information and the patient attribute is obtained through calculation.
4. The method of claim 1, wherein the federation chain is co-constructed by n hospitals, the authority node being a government authority.
5. The method of claim 4, wherein the method dynamically adjusts the impact factors of nodes on the federation chain.
6. The method of claim 5, wherein the decentralized hierarchical management of nodes on the federation chain comprises:
dividing nodes on a alliance chain into an initialization layer, a quasi-generation surface layer and a representation layer;
the initialization layer is composed of added initial nodes, the layer has the same kind of probability verification factors, and nodes of the layer can be equal in status through rewarding and punishment measures, so that the next round of competition can be fairly entered;
the quasi-generation surface layer is composed of nodes meeting the opportunity verification, and the Target value is automatically adjusted according to different service scenes;
the proxy layer is composed of quasi-proxy layer nodes meeting the probability verification, and the proxy is randomly dropped out through random guessing numbers.
7. The method according to claim 1, characterized in that the trusted authority chooses two large primes x and y and calculates the value of n = x y, the euler function being noted as
Figure FDA0004084803810000022
For random number A, calculate +.>
Figure FDA0004084803810000021
The public key is pk= { a, n }, and the private key is SK is S.
8. The method of claim 1, wherein the third party data user obtains the index transaction ticket corresponding to the medical shared data he wants to access using smart contract technology, comprising:
after the authentication of the third party data user is successful, a search limit door is generated for the medical data which is required to be accessed, a request is sent to a government authority structure, the alliance link point receives the request and then searches and matches, and after the matching is successful, the authority node returns an index transaction list.
9. The method of claim 8, wherein searching for matches is accomplished by verifying whether any keyword sets can match a user-generated keyword index.
10. A computer-readable storage medium, characterized by: a computer program stored which can be loaded by a processor and which performs the method according to any one of claims 1 to 9.
CN202310132919.5A 2023-02-17 2023-02-17 Medical data multistage management and sharing method based on CP-ABE Pending CN116303767A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310132919.5A CN116303767A (en) 2023-02-17 2023-02-17 Medical data multistage management and sharing method based on CP-ABE

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310132919.5A CN116303767A (en) 2023-02-17 2023-02-17 Medical data multistage management and sharing method based on CP-ABE

Publications (1)

Publication Number Publication Date
CN116303767A true CN116303767A (en) 2023-06-23

Family

ID=86782591

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310132919.5A Pending CN116303767A (en) 2023-02-17 2023-02-17 Medical data multistage management and sharing method based on CP-ABE

Country Status (1)

Country Link
CN (1) CN116303767A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116665913A (en) * 2023-07-13 2023-08-29 之江实验室 Cross-institution patient matching system and method
CN116910788A (en) * 2023-08-15 2023-10-20 广州粤建三和软件股份有限公司 Searchable encryption management method and device for service data and storage medium
CN116992494A (en) * 2023-09-27 2023-11-03 四川启明芯智能科技有限公司 Security protection method, equipment and medium for scenic spot data circulation
CN117540432A (en) * 2024-01-05 2024-02-09 河北数港科技有限公司 Data privacy protection method and system for Internet

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116665913A (en) * 2023-07-13 2023-08-29 之江实验室 Cross-institution patient matching system and method
CN116665913B (en) * 2023-07-13 2023-10-13 之江实验室 Cross-institution patient matching system and method
CN116910788A (en) * 2023-08-15 2023-10-20 广州粤建三和软件股份有限公司 Searchable encryption management method and device for service data and storage medium
CN116992494A (en) * 2023-09-27 2023-11-03 四川启明芯智能科技有限公司 Security protection method, equipment and medium for scenic spot data circulation
CN116992494B (en) * 2023-09-27 2023-12-08 四川启明芯智能科技有限公司 Security protection method, equipment and medium for scenic spot data circulation
CN117540432A (en) * 2024-01-05 2024-02-09 河北数港科技有限公司 Data privacy protection method and system for Internet
CN117540432B (en) * 2024-01-05 2024-03-19 河北数港科技有限公司 Data privacy protection method and system for Internet

Similar Documents

Publication Publication Date Title
CN110099043B (en) Multi-authorization-center access control method supporting policy hiding and cloud storage system
Liu et al. Cloud-based electronic health record system supporting fuzzy keyword search
CN111986755B (en) Data sharing system based on blockchain and attribute-based encryption
US20210089676A1 (en) Methods and systems for secure data exchange
CN111695095B (en) Partial strategy hiding access control method, system and wireless communication system
CN116303767A (en) Medical data multistage management and sharing method based on CP-ABE
CN111343001A (en) Social data sharing system based on block chain
Sun et al. Non-repudiation storage and access control scheme of insurance data based on blockchain in IPFS
CN104618366B (en) A kind of network archives safety management system and method based on attribute
Yang et al. Multiple access control scheme for EHRs combining edge computing with smart contracts
CN108600174A (en) A kind of access control mechanisms and its implementation of big merger network
CN114239046A (en) Data sharing method
CN107302524A (en) A kind of ciphertext data-sharing systems under cloud computing environment
CN112291354A (en) Privacy protection method for participants of crowd sensing MCS based on block chain
Ramesh et al. Blockchain based efficient tamper-proof EHR storage for decentralized cloud-assisted storage
Padhya et al. BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control.
CN113889208B (en) Block chain-based on-and-off-chain medical data sharing method, device and equipment
Zong et al. ReLAC: Revocable and lightweight access control with blockchain for smart consumer electronics
Yin et al. Attribute-based multiparty searchable encryption model for privacy protection of text data
CN110011963A (en) The information processing method with the more authorization CP-ABE effectively cancelled based on OBDD
Yan et al. Traceable and weighted attribute-based encryption scheme in the cloud environment
CN108763944A (en) Multicenter large attribute Domain Properties base encryption method can be revoked safely in calculating in mist
Nie et al. Time-enabled and verifiable secure search for blockchain-empowered electronic health record sharing in IoT
CN115250205B (en) Data sharing method and system based on alliance chain, electronic device and storage medium
CN114710370B (en) Fine-grained access control method and system based on fog block chain and attribute encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination