CN117411913B - Secure interaction method of cloud platform and health application based on power transformation - Google Patents
Secure interaction method of cloud platform and health application based on power transformation Download PDFInfo
- Publication number
- CN117411913B CN117411913B CN202311723105.5A CN202311723105A CN117411913B CN 117411913 B CN117411913 B CN 117411913B CN 202311723105 A CN202311723105 A CN 202311723105A CN 117411913 B CN117411913 B CN 117411913B
- Authority
- CN
- China
- Prior art keywords
- state
- cloud platform
- data
- packet
- health application
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000036541 health Effects 0.000 title claims abstract description 154
- 230000009466 transformation Effects 0.000 title claims abstract description 48
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000003993 interaction Effects 0.000 title claims abstract description 30
- 230000005540 biological transmission Effects 0.000 claims abstract description 20
- 230000004044 response Effects 0.000 claims description 20
- 238000004458 analytical method Methods 0.000 claims description 10
- 238000012795 verification Methods 0.000 claims description 10
- 238000005065 mining Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000012544 monitoring process Methods 0.000 claims description 5
- 238000011426 transformation method Methods 0.000 claims description 4
- 230000002452 interceptive effect Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 10
- 230000006854 communication Effects 0.000 abstract description 4
- 238000004891 communication Methods 0.000 abstract description 3
- 238000013461 design Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 8
- 238000013475 authorization Methods 0.000 description 3
- 230000000875 corresponding effect Effects 0.000 description 3
- 201000010099 disease Diseases 0.000 description 3
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 2
- 230000004424 eye movement Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/38—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
- G06F7/48—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
- G06F7/544—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices for evaluating functions by calculation
- G06F7/552—Powers or roots, e.g. Pythagorean sums
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/06—Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Pure & Applied Mathematics (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Mathematical Optimization (AREA)
- Databases & Information Systems (AREA)
- Software Systems (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a secure interaction method of a cloud platform and a health application based on power transformation, which designs and defines the finite states of the cloud platform and the health application, describes all states experienced by the cloud platform and the health application in a communication life cycle and responds to external events; by analyzing the characteristics of information exchange in the communication process, data packets with different formats are designed, and the data packets with different formats are sent in different finite states; in consideration of the information transmission in the interaction process, the data sharing problem among all health applications and the attack risk problem faced in the plaintext transmission process, a method for transmitting data in an plaintext manner is adopted, and a safe interaction method of the cloud platform and the health applications based on power transformation is designed. According to the cloud platform and health application safe interaction method based on power transformation, interaction between the cloud platform and the health application is efficiently and safely completed under the condition that data are lossless.
Description
Technical Field
The invention belongs to the technical field of safe interaction, and particularly relates to a safe interaction method of a cloud platform and health application based on power transformation.
Background
The interaction between the cloud platform and the health application refers to the health application storing, processing and managing health data of the user through the cloud platform. The cloud platform can provide powerful data analysis and mining capabilities and help health applications acquire valuable information from massive health data. Through the application of technologies such as statistical analysis and machine learning on data, potential health trends can be found, disease risks can be predicted, and personalized health suggestions can be provided. In addition, a mechanism of multi-user collaboration and data sharing is provided so that specific health data can be shared among multiple health applications. Thus doctors, nurses, patients and other health professionals can access and update data together, and better collaboration and communication are realized. Through interaction between the cloud platform and the health application, health data can be efficiently, safely and reliably processed and managed.
However, many potential safety hazards exist in the process of interaction between the health application and the cloud platform. In the authentication stage of the health application, the health application needs to provide sensitive information such as mobile phone number, age, geographic position and the like of the user; in requesting data from the cloud platform by the health application, sensitive characteristic information such as heart rate, pulse, eye movement and the like of a plurality of locatable personal diseases is involved; in the process of uploading local data to health data or downloading data analysis results, the risk of data privacy leakage exists. The data containing personal sensitive information has great economic value, and if leakage happens, advertising disturbance, promotion and even disease discrimination are brought to users. The existing method for the safe interaction process, such as data noise adding based on anonymous and differential privacy technology, encryption method based on physical circuit or secret key, distributed framework based on federal architecture, and the like, has the defects of low data availability, high realization cost, long encryption and decryption process and the like, and is not suitable for the frequent interaction process of cloud platform and health application. How to efficiently, lightweight and safely realize interaction between a cloud platform and health applications is a key problem to be solved at present.
Disclosure of Invention
The invention provides a secure interaction method of a cloud platform and health application based on power transformation, which aims to solve the problems of low data availability, high realization cost, long encryption and decryption process and the like.
The technology of the invention is implemented as follows: a method of power transformation of data, the method comprising the steps of:
first, determining whether the data type is a pure number or a combination of letters and numbers;
then, the operation is performed by using the designed power transformation operation method:
if the data to be transmitted is a pure number, the formula is directly used for calculation:
substituting the original data to be transmitted into c, randomly giving an x value, calculating a y value, and transmitting the (x, y) value;
if the combination of the letters and the numbers is adopted, firstly, the code number corresponding to the letters is found in an ASCII code table, and then, the calculation is carried out by utilizing a formula:
substituting the original data to be transmitted into c, randomly giving an x value, calculating a y value, and transmitting the (x, y) value;
to ensure that the same value range does not occur, the x values defined at random cannot take 0 and 1 and are positive integers.
The method is characterized in that the request-response is realized in a data packet transmission mode, the data packet transmission is correlated with the health application and the finite state of the cloud platform, the data packet comprises a serial number, a health application address, a cloud platform address, sensitive information and a timestamp, the sensitive information is represented by a set of power transformation data, and the power transformation data is obtained by the power transformation method.
Preferably, the data packet includes:
the health application sends a request packet and a response packet returned by the cloud platform response request to the cloud platform, wherein the request packet is a req_auth packet, and the response packet is a Res_auth packet;
the health application sends a request packet and a response packet returned by the cloud platform response request to the cloud platform, wherein the request packet is an ash link packet, and the response packet is a User data packet;
the health application sends a request packet and a response packet returned by the cloud platform response request to the cloud platform, wherein the request packet is an ash_load packet, and the response packet is an analysis_result packet;
according to the above, a secure interaction method between a cloud platform and a health application can be designed as the following steps:
step 1: the health application sends a req_auth packet to the cloud platform to request authentication so as to verify the identity and legitimacy of the application;
step 2: the cloud platform checks the authentication information and returns a Res_auth packet to the health application;
step 3: the health application sends an ask_link packet to the cloud platform to request to acquire the personal history health data of the user;
step 4: the cloud platform returns a user_data packet response request;
step 5: the health application sends an ash_load packet to the cloud platform, and the user monitoring data is uploaded to request the cloud platform to search and analyze;
step 6: and the cloud platform returns an analysis_result packet to the health application, and the health application displays the related analysis result to the user.
Preferably, the data packet in the above step is designed as follows:
(1) Req_auth packet: the user logs in the health application and grants the monitorable health permission, the health application sends a req_auth packet to the cloud platform to request for issuing cloud permission, and the data packet comprises five fields, namely P_ID, CP_Add, HA_Add, limits_auth and T_stamp, wherein the P_ID field represents a packet sequence number, and 01 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the limits_auth represents authority information of a user for granting health application, wherein the authority information comprises sensitive information such as mobile phone number, age, geographic position and the like of the user, and the authority information is represented by a group of power transformation data for protecting privacy; t_stamp represents a time Stamp, indicating the timeliness of the packet;
(2) Res_auth packet: the cloud platform judges whether to grant the access right according to the authorized application list and the user right setting, returns the data packet to the health application and responds to the request; the data packet comprises five fields, namely P_ID, CP_Add, HA_Add, API_code and T_stamp, wherein the P_ID field represents a packet sequence number, and 02 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a permission Code issued by the cloud platform, when the permission Code is 00, no permission is granted, and the permission Code is represented by a group of power transformation data for protecting privacy; T_Stamp represents the transmission time of the data packet to verify the timeliness of the data packet;
(3) Ask_link packet: the health application sends the data packet to the cloud platform, and requests to log in user history information or requests to share data with other health applications; the data packet comprises six fields, namely P_ID, CP_Add, HA_Add, API_code, req_Info and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 03 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a permission Code issued by the cloud platform and is represented by a group of power transformation data for protecting privacy; req_info indicates request information, 00 indicates history health information of a request log-in user, and 01 indicates a request for data sharing with other health applications; t_stamp represents the transmission time of the data packet in order to verify the timeliness of the data packet;
(4) User_data packet: the cloud platform returns the packet to the health application, responds to a Data request of the health application, and comprises five fields, namely P_ID, CP_Add, HA_Add, data_Info and T_Stamp, wherein the P_ID field represents the serial number of the Data packet, and 04 represents the packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; data_info represents user history information or other health application information, expressed in a set of power transformation Data for privacy protection; t_stamp represents the transmission time of the data packet in order to verify the timeliness of the data packet;
(5) Ask_load packet: the health application sends the packet to the cloud platform, and requests to upload data for data retrieval and mining; the data packet comprises six fields, namely P_ID, CP_Add, HA_Add, API_code, R_Upload and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 05 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a health application permission Code and is represented by a group of power transformation data for protecting privacy; R_Upload represents request content, wherein the request content is request uploading data, and the request content is represented by a group of power transformation data for protecting data security; T_Stamp represents the transmission time of the data packet to verify the timeliness of the data;
(6) Analy_result packet: the cloud platform returns the package to the health application, and responds to the request of the health application for data retrieval analysis and mining; the data packet comprises five fields, namely P_ID, CP_Add, HA_Add, result and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 06 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; result represents Result data of data retrieval and mining, and is represented by a group of power transformation data for protecting privacy; t_stamp represents the return time of the packet to verify the timeliness of the result.
Preferably, the finite state of the health application and the association relation between the finite state and the data packet transmission:
(1) Init state: this state indicates that the health application is in an initial state;
(2) Verify state: under the Init state, a user logs in the health application, and at the moment, the health application state is changed from the Init state to the Verify state, and a req_auth packet is sent to the cloud platform to request identity authentication;
(3) Linking state: in the Verify state, receiving a Res_auth packet returned by the cloud platform, changing the health application state from the Verify state to a Linking state if the identity verification is successful, and sending an ask_link packet to the cloud platform to request access to user history information; if the identity verification fails, the health application state keeps a Verify state, and the req_auth packet is resent to the cloud platform to request the identity verification;
(4) Send_data state: in the Linking state, receiving a user_data packet returned by the cloud platform, changing the health application state from the Linking state to the Send_data state, sending an ask_load packet to the cloud platform, and uploading User monitoring data to request the cloud platform to search and analyze;
(5) End state: and in the send_data state, receiving an analysis_result packet returned by the cloud platform, changing the health application state from the send_data state to the End state, and displaying a search analysis result, a suggestion or a report to a user to finish the interactive task.
Preferably, the finite state of the cloud platform and the association relation between the finite state and data packet transmission:
(1) Init state: this state indicates that the cloud platform is in an initial state;
(2) Ide_auth state: in the Init state, the cloud platform receives a req_auth packet sent by the health application, at the moment, the cloud platform state is changed from the Init state to the ideau state, and after receiving the authentication request, whether to grant the access right is judged according to the authorized application list and the user right setting;
(3) Ide_data state: in the Ide_auth state, the cloud platform receives an Ash_link packet sent by the health application, the cloud platform changes the Ide_auth state into the Ide_data state, verifies the access authority range of the health application, and returns a user_data packet containing User history health information to respond to the request;
(4) Ana_data state: in the Ide_data state, the cloud platform receives an ash_load packet sent by the health application, at the moment, the cloud platform state is changed from the Ide_data state to an Ana_data state, user data uploaded by the health application are retrieved and mined, and an Analy_result packet containing a retrieval analysis result, a suggestion or a report is returned to the health application;
(5) End state: in the Ana_data state, the cloud platform does not receive new data to be analyzed of the health application, and at the moment, the state of the cloud platform is changed from the Ana_data state to the End state, so that the task is completed.
Advantageous effects
The interaction flow between the cloud platform and the health application is normalized by defining the finite state and state conversion rule of the cloud platform and the health application, and the design of the communication data packet perfects the integrity of interaction;
the designed power transformation data operation method ensures the data safety in the interaction process, and the method has low requirements on the equipment performance, high data availability and short encryption and decryption time consumption, and is more suitable for the frequent interaction process of cloud platforms and health application.
Drawings
FIG. 1 is an overall flow chart of the present invention;
FIG. 2 is a diagram showing the format of a req_auth packet according to the present invention;
FIG. 3 is a diagram illustrating the Res_auth packet format according to the present invention;
FIG. 4 is a diagram showing an Ask_Link packet format according to the present invention;
FIG. 5 is a diagram illustrating a format of a user_data packet according to the present invention;
FIG. 6 is a diagram of an Ash_load packet format according to the present invention;
FIG. 7 is a diagram showing an Analy_result packet format according to the present invention;
FIG. 8 is a diagram illustrating a state transition for health applications according to the present invention;
fig. 9 is a schematic diagram of cloud platform state transition in the present invention.
Detailed Description
In one embodiment, as shown in fig. 1, a method for securely interacting a cloud platform based on power transformation with a health application, the method comprising the steps of:
step 1: the health application sends a req_auth packet to the cloud platform to request authentication so as to verify the identity and legitimacy of the application;
step 2: the cloud platform checks the authentication information and returns a Res_auth packet to the health application;
step 3: the health application sends an ask_link packet to the cloud platform to request to acquire the personal history health data of the user;
step 4: the cloud platform returns a user_data packet response request;
step 5: the health application sends an ash_load packet to the cloud platform, and the user monitoring data is uploaded to request the cloud platform to search and analyze;
step 6: and the cloud platform returns an analysis_result packet to the health application, and relevant analysis results are displayed to the user.
In some embodiments, as shown in fig. 2-7, the data packet is designed as follows:
(1) Req_auth packet: the user logs in the health application and grants the monitorable health permission, the health application sends a req_auth packet to the cloud platform to request for issuing cloud permission, the packet comprises five fields including P_ID, CP_Add, HA_Add, limits_auth and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 01 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the limits_auth represents authority information granted to health application by a user, and sensitive information such as mobile phone number, age, geographic position and the like of the user is represented by a group of power transformation data; t_stamp represents a time Stamp, indicating the timeliness of the packet;
(2) Res_auth packet: the cloud platform judges whether to grant the access right according to the authorized application list and the user right setting, returns the data packet to the health application and responds to the request; the data packet comprises five fields, namely P_ID, CP_Add, HA_Add, API_code and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 02 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a permission Code issued by the cloud platform, is represented by a group of power transformation data, and represents that no permission is granted when the API_code is 00; T_Stamp represents the transmission time of the data packet to verify the timeliness of the data packet;
(3) Ask_link packet: the health application sends the package to the cloud platform, and requests to log in user history information or requests to share data with other health applications; the packet comprises six fields, namely P_ID, CP_Add, HA_Add, API_code, req_Info and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 03 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a permission Code issued by the cloud platform and is represented by a group of power transformation data; req_info indicates request information, 00 indicates history health information of a request log-in user, and 01 indicates a request for data sharing with other health applications; t_stamp represents the packet transmission time in order to verify the timeliness of the packet;
(4) User_data packet: the cloud platform returns the packet to the health application, responds to a Data request of the health application, and comprises five fields, namely P_ID, CP_Add, HA_Add, data_Info and T_Stamp, wherein the P_ID field represents the serial number of the Data packet, and 04 represents the Data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; data_info represents user history information or other health application information, represented as a set of power transformation Data; t_stamp represents the packet transmission time in order to verify the timeliness of the data packet;
(5) Ask_load packet: the health application sends the packet to the cloud platform, and requests to upload data for data retrieval and mining; the packet comprises six fields, namely P_ID, CP_Add, HA_Add, API_code, R_Unload and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 05 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; the API_code represents a health application permission Code and is represented by a group of power transformation data for protecting privacy; R_Upload represents request content, wherein the request content is request uploading data and is represented by a group of power transformation data; T_Stamp represents the transmission time of the data packet to verify the timeliness of the data;
(6) Analy_result packet: the cloud platform returns the data packet to the health application, and responds to the request of the health application for data retrieval analysis and mining; the data packet comprises five fields, namely P_ID, CP_Add, HA_Add, result and T_Stamp, wherein the P_ID field represents the serial number of the data packet, and 06 represents the data packet; cp_add represents a cloud platform address; ha_add represents a healthy application address; result represents the Result data of data retrieval and mining, and is represented by a group of power transformation data; t_stamp represents the return time of the packet to verify the timeliness of the resulting data.
In one embodiment, as shown in fig. 8, the finite state of the health application and the association between the finite state and the packet transmission are designed as follows:
init state: this state indicates that the health application is in an initial state;
verify state: under the Init state, a user logs in the health application, and at the moment, the health application state is changed from the Init state to the Verify state, and a req_auth packet is sent to the cloud platform to request identity authentication;
linking state: in the Verify state, receiving a Res_auth packet returned by the cloud platform, changing the health application state from the Verify state to a Linking state if the identity verification is successful, and sending an ask_link packet to the cloud platform to request access to user history information; if the identity verification fails, the health application state keeps a Verify state, and the req_auth packet is resent to the cloud platform to request the identity verification;
send_data state: in the Linking state, receiving a user_data packet returned by the cloud platform, changing the health application state from the Linking state to the Send_data state, sending an ask_load packet to the cloud platform, and uploading User monitoring data to request the cloud platform to search and analyze;
end state: and in the send_data state, receiving an analysis_result packet returned by the cloud platform, changing the health application state from the send_data state to the End state, and displaying a retrieval analysis result, a suggestion or a report to a user to finish the interactive task.
In one embodiment, as shown in fig. 9, the finite state of the cloud platform and the association relationship between the finite state and the data packet transmission are designed as follows:
init state: this state indicates that the cloud platform is in an initial state;
ide_auth state: in the Init state, the cloud platform receives a req_auth packet sent by the health application, at the moment, the cloud platform state is changed from the Init state to the ideau state, and after receiving the authentication request, whether to grant the access right is judged according to the authorized application list and the user right setting;
ide_data state: in the Ide_auth state, the cloud platform receives an Ash_link packet sent by the health application, the cloud platform changes the Ide_auth state into the Ide_data state, verifies the access authority range of the health application, and returns a user_data packet containing User history health information to respond to the request;
ana_data state: in the Ide_data state, the cloud platform receives an ash_load packet sent by the health application, at the moment, the cloud platform state is changed from the Ide_data state to an Ana_data state, user data uploaded by the health application are retrieved and mined, and an Analy_result packet containing a retrieval analysis result, a suggestion or a report is returned to the health application;
end state: in the Ana_data state, the cloud platform does not receive a new round of data to be analyzed of the health application, and at the moment, the cloud platform state is changed from the Ana_data state to the End state to finish the task.
The power transformation method of the data comprises the following steps:
firstly, determining whether the data type of the sensitive information is a pure number or a combination of letters and numbers;
then, the operation is performed by using the designed power transformation operation method:
if the data to be transmitted is a pure number, the formula is directly used for calculation:
substituting the original data to be transmitted into c, randomly giving an x value, calculating a y value, and transmitting the (x, y) value;
if the combination of the letters and the numbers is adopted, firstly, the code number corresponding to the letters is found in an ASCII code table, and then, the calculation is carried out by utilizing a formula:
substituting the original data to be transmitted into c, randomly giving an x value, calculating a y value, and transmitting the (x, y) value;
to ensure that the same value range does not occur, the x values defined at random cannot take 0 and 1 and are positive integers.
Specific examples: in the interaction process, the data of the mobile phone number, age, heart rate, pulse, eye movement and the like of the user are pure digital data, and the mobile phone number of the user is taken as an example: 188ABCD3062, take the following formula
The method can obtain:
the [ (2, 2), (2,256), (3,6561), (2, E), (3, F), (4,J), (7,G), (8, 512), (0, 1), (2,64), (3, 9) ] is put into the limits_auth field of the req_auth packet, transmitted to the cloud platform, and the cloud platform solves according to the formula to obtain the original mobile phone number: 188ABCD3062, the verification is completed.
The API authorization code and the geographic position information are combinations of letters and numbers, firstly, the corresponding code number of the letters is found in an ASCII code table, and then power transformation is carried out.
With API authorization code: AS12df is exemplified by ASCII code number of AThe method comprises the following steps: 65, S has the ASCII code number: 83, d is 100 and f is 102, then the following formula is introduced:
is available in the form of
Transmitting [ [ (2,64), (2, 32) ], [ (4,65536), (3, 27) ], (3, 3), (5, 25), [ (7, 7), (8, 1), (9, 1) ], [ (10, 10), (3, 1), (12,144) ] ] in an API_code field in a Res_auth packet, an Ask_link packet and an Ask_load packet, and decrypting by the cloud platform to obtain an original API authorization Code: AS12df, verifies the health application rights.
While the embodiments of the present invention have been described in detail with reference to the examples/drawings, the present invention is not limited to the above embodiments, and it will be apparent to those skilled in the art that various equivalent changes and substitutions can be made therein without departing from the principles of the present invention, and such equivalent changes and substitutions should also be considered to be within the scope of the present invention.
Claims (10)
1. The secure interaction method of the cloud platform and the health application based on power transformation is characterized in that the request-response is realized in a data packet transmission mode, and the data packet transmission is associated with the finite states of the health application and the cloud platform; the data packet comprises a serial number, a health application address, a cloud platform address, sensitive information and a time stamp, wherein the sensitive information is represented by a group of power transformation data, the power transformation data is obtained by a power transformation method, and the power transformation method comprises the following steps:
s1, determining the data type of data, namely pure numbers or combination of letters and numbers;
s2, performing operation by using designed power transformation:
if the data to be transmitted is a pure number, the formula is directly used for calculation:
substituting data to be transmitted into c, and randomly giving xCalculating a y value, and transmitting the (x, y) value;
if the combination of the letters and the numbers is adopted, firstly, the code number corresponding to the letters is found in an ASCII code table, and then, the calculation is carried out by utilizing a formula:
substituting the original data to be transmitted into c, randomly giving an x value, calculating a y value, and transmitting the (x, y) value;
to ensure that the same value range does not occur, the x values defined at random cannot take 0 and 1 and are positive integers.
2. The method for secure interaction of a power-based cloud platform with a health application of claim 1, wherein the data packet comprises:
the health application sends a request packet to the cloud platform: the req_auth packet and a response packet returned by the cloud platform in response to the req_auth packet: res_auth packet;
the health application sends a request packet to the cloud platform: the response packet returned by the ask_link packet and the cloud platform in response to the ask_link packet: user_data packet;
the health application sends a request packet to the cloud platform: the response packet returned by the Ask_load packet and the response packet returned by the cloud platform in response to the health application Ask_load packet: an analysis_result packet.
3. The method for securely interacting the cloud platform and the health application based on the power transformation according to claim 2, wherein the sensitive information in the req_auth packet is authority information of the user for granting the health application, and the authority information comprises mobile phone number, age and geographical position information of the user and is represented by a set of power transformation data.
4. The secure interaction method for a cloud platform and a health application based on power transformation according to claim 2, wherein the sensitive information in the res_auth packet is a permission code issued by the cloud platform, and the permission code is represented by a set of power transformation data and is not granted when the sensitive information is 00.
5. The secure interaction method for a cloud platform and a health application based on power transformation according to claim 2, wherein the sensitive information in the ask_link packet is a permission code issued by the cloud platform and is represented by a set of power transformation data.
6. The method for securely interacting a cloud platform with a health application based on power transformation according to claim 2, wherein the sensitive information in the user_data packet is User history information or information of other health applications, and is represented by a set of power transformation data.
7. The secure interaction method of a cloud platform and a health application based on power transformation according to claim 2, wherein the sensitive information in the ask_load packet is a permission code and request content of the health application, wherein the permission code is represented by a set of power transformation data; the request content is data for which uploading is requested and is expressed by a group of power transformation data.
8. The method for secure interaction between a cloud platform and a health application based on power transformation according to claim 2, wherein the sensitive information in the analysis_result packet is a result of data retrieval and mining, and is represented by a set of power transformation data.
9. The secure interaction method of a cloud platform and a health application based on power transformation according to claim 1, wherein the finite state of the health application and the association relation between the finite state and data packet transmission:
(1) Init state: this state indicates that the health application is in an initial state;
(2) Verify state: under the Init state, a user logs in the health application, and at the moment, the health application state is changed from the Init state to the Verify state, and a req_auth packet is sent to the cloud platform to request identity authentication;
(3) Linking state: in the Verify state, receiving a Res_auth packet returned by the cloud platform, changing the health application state from the Verify state to a Linking state if the identity verification is successful, and sending an ask_link packet to the cloud platform to request access to user history information; if the identity verification fails, the health application state keeps a Verify state, and the req_auth packet is resent to the cloud platform to request the identity verification;
(4) Send_data state: in the Linking state, a user_data packet returned by the cloud platform is received, and at the moment, the health application state is changed from the Linking state to the Send_data state, and an ask_load packet is sent to the cloud platform to upload User monitoring data, so that the cloud platform is requested to search and analyze;
(5) End state: and in the send_data state, receiving an analysis_result packet returned by the cloud platform, changing the health application state from the send_data state to the End state, and displaying a retrieval analysis result, a suggestion or a report to a user to finish the interactive task.
10. The secure interaction method for a cloud platform and a health application based on power transformation according to claim 1, wherein the finite state of the cloud platform and the association relation between the finite state and data packet transmission:
(1) Init state: this state indicates that the cloud platform is in an initial state;
(2) Ide_auth state: in the Init state, the cloud platform receives a req_auth packet sent by the health application, at the moment, the cloud platform state is changed from the Init state to the ideau state, and after receiving the authentication request, whether to grant the access right is judged according to the authorized application list and the user right setting;
(3) Ide_data state: in the Ide_auth state, the cloud platform receives an Ash_link packet sent by the health application, the cloud platform changes the Ide_auth state into the Ide_data state, verifies the access authority range of the health application, and returns a user_data packet containing User history health information to respond to the request;
(4) Ana_data state: in the Ide_data state, the cloud platform receives an ash_load packet sent by the health application, at the moment, the cloud platform state is changed from the Ide_data state to an Ana_data state, user data uploaded by the health application are retrieved and mined, and an Analy_result packet containing a retrieval analysis result, a suggestion or a report is returned to the health application;
(5) End state: in the Ana_data state, the cloud platform does not receive a new round of data to be analyzed of the health application, and at the moment, the cloud platform state is changed from the Ana_data state to the End state to finish the task.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311723105.5A CN117411913B (en) | 2023-12-15 | 2023-12-15 | Secure interaction method of cloud platform and health application based on power transformation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311723105.5A CN117411913B (en) | 2023-12-15 | 2023-12-15 | Secure interaction method of cloud platform and health application based on power transformation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117411913A CN117411913A (en) | 2024-01-16 |
| CN117411913B true CN117411913B (en) | 2024-02-13 |
Family
ID=89494789
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311723105.5A Active CN117411913B (en) | 2023-12-15 | 2023-12-15 | Secure interaction method of cloud platform and health application based on power transformation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117411913B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117650952A (en) * | 2024-01-30 | 2024-03-05 | 徐州医科大学 | Household medical health heterogeneous data safe transmission method based on geometric transformation |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2017207751A (en) * | 2016-05-17 | 2017-11-24 | 富士通株式会社 | Relational encryption |
| CN111984225A (en) * | 2020-09-07 | 2020-11-24 | 青岛大学 | Modular exponentiation operation task outsourcing method supporting privacy protection based on edge calculation |
| US10887104B1 (en) * | 2020-04-01 | 2021-01-05 | Onu Technology Inc. | Methods and systems for cryptographically secured decentralized testing |
| CN112328699A (en) * | 2020-11-20 | 2021-02-05 | 中山大学 | Security outsourcing method and system based on block chain fully homomorphic encryption algorithm |
| CN113286296A (en) * | 2021-05-24 | 2021-08-20 | 广东电网有限责任公司广州供电局 | Data processing method and device of wireless sensor network and computer equipment |
| CN116760840A (en) * | 2023-06-15 | 2023-09-15 | 江苏大学 | Efficient data sharing method based on block chain |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8184803B2 (en) * | 2008-12-29 | 2012-05-22 | King Fahd University Of Petroleum And Minerals | Hash functions using elliptic curve cryptography |
-
2023
- 2023-12-15 CN CN202311723105.5A patent/CN117411913B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2017207751A (en) * | 2016-05-17 | 2017-11-24 | 富士通株式会社 | Relational encryption |
| US10887104B1 (en) * | 2020-04-01 | 2021-01-05 | Onu Technology Inc. | Methods and systems for cryptographically secured decentralized testing |
| CN111984225A (en) * | 2020-09-07 | 2020-11-24 | 青岛大学 | Modular exponentiation operation task outsourcing method supporting privacy protection based on edge calculation |
| CN112328699A (en) * | 2020-11-20 | 2021-02-05 | 中山大学 | Security outsourcing method and system based on block chain fully homomorphic encryption algorithm |
| CN113286296A (en) * | 2021-05-24 | 2021-08-20 | 广东电网有限责任公司广州供电局 | Data processing method and device of wireless sensor network and computer equipment |
| CN116760840A (en) * | 2023-06-15 | 2023-09-15 | 江苏大学 | Efficient data sharing method based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117411913A (en) | 2024-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11937081B2 (en) | Quorum-based secure authentication | |
| KR101590076B1 (en) | Method for managing personal information | |
| US8485438B2 (en) | Mobile computing device authentication using scannable images | |
| EP1997291B1 (en) | Method and arrangement for secure authentication | |
| US7665118B2 (en) | Server, computer memory, and method to support security policy maintenance and distribution | |
| JP5024999B2 (en) | Cryptographic management device, cryptographic management method, cryptographic management program | |
| CN117411913B (en) | Secure interaction method of cloud platform and health application based on power transformation | |
| US20060236363A1 (en) | Client architecture for portable device with security policies | |
| CN1953375A (en) | Account management in a system and method for providing code signing services | |
| CN100507934C (en) | System and method for registering entities for code signing services | |
| CN111475841A (en) | Access control method, related device, equipment, system and storage medium | |
| CN104169935A (en) | Information processing device, information processing system, information processing method, and program | |
| US20060271482A1 (en) | Method, server and program for secure data exchange | |
| CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
| US9432344B2 (en) | Secure storage and sharing of user objects | |
| Moura et al. | Assessing access control risk for mhealth: A delphi study to categorize security of health data and provide risk assessment for mobile apps | |
| Lu et al. | Security and privacy solutions for smart healthcare systems | |
| CN101599117A (en) | Be used to provide the system and method for code signature service | |
| KR101914416B1 (en) | System for providing security service based on cloud computing | |
| CN115514523A (en) | Data security access system, method, device and medium based on zero trust system | |
| CN108550208A (en) | Method for managing user right, server and the readable medium of intelligent door lock | |
| GB2407461A (en) | Server including an encoded data converter apparatus. | |
| Li et al. | A privacy protection mechanism for numerical control information in Internet of things | |
| CN117118750B (en) | Data sharing method and device based on white-box password, electronic equipment and medium | |
| JP7284957B2 (en) | Information management device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |