CN117993021A - Remote inspection system security improving method and device - Google Patents

Remote inspection system security improving method and device Download PDF

Info

Publication number
CN117993021A
CN117993021A CN202410407192.1A CN202410407192A CN117993021A CN 117993021 A CN117993021 A CN 117993021A CN 202410407192 A CN202410407192 A CN 202410407192A CN 117993021 A CN117993021 A CN 117993021A
Authority
CN
China
Prior art keywords
data
user
identity information
user identity
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410407192.1A
Other languages
Chinese (zh)
Inventor
苏志鹄
李丽
张奇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Huimei Medical Technology Co ltd
Beijing Huimeiyun Technology Co ltd
Original Assignee
Hangzhou Huimei Medical Technology Co ltd
Beijing Huimeiyun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Huimei Medical Technology Co ltd, Beijing Huimeiyun Technology Co ltd filed Critical Hangzhou Huimei Medical Technology Co ltd
Priority to CN202410407192.1A priority Critical patent/CN117993021A/en
Publication of CN117993021A publication Critical patent/CN117993021A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to a method and a device for improving the safety of a remote inspection system, wherein the method comprises the following steps: and acquiring the user operation record and the user identity information, and storing the user operation record and the user identity information in a data chain in the form of data blocks. And carrying out hash encryption on the user identity information through a hash function to obtain a corresponding primary key, constructing a data processing unit based on a large model of clinical trial data fine adjustment, and processing newly-added data on a data chain. And constructing a database model by taking a main key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model. And checking the primary key according to a set period based on the user operation record and the data use record on the data chain so as to adjust the user authority corresponding to the primary key. And after the user logs in, invoking the fine-tuned large model to desensitize the current medical record information, and remotely monitoring the current medical record information.

Description

Remote inspection system security improving method and device
Technical Field
The invention relates to the technical field of clinical trial management, in particular to a method and a device for improving the safety of a remote inspection system.
Background
With the continuous progress of medical clinical technology, more and more clinical trials are accepted, and subjects are recruited to participate in the clinical trials according to requirements and characteristics of clinical trial projects, so that breakthrough of drug research results is facilitated.
At present, in the prior art, a remote inspection system and a remote inspection method for clinical research are proposed, and the remote inspection system and the remote inspection method are mainly used for acquiring clinical data pushed by medical institutions through a plurality of medical institution servers erected on the medical institutions for carrying out clinical tests. Comprises at least one firewall, and the at least one firewall is arranged corresponding to a plurality of medical institution servers. And the data platform is in communication connection with each server and is used for accessing clinical data of a plurality of medical institution servers or accessing non-clinical data of the plurality of medical institution servers after acquiring the authority so as to execute remote supervision actions of clinical researches. Therefore, the accuracy of information obtained by the database system can be ensured, and meanwhile, each link can be checked and urged to be completed in a high-efficiency and standard manner in time. However, the method is difficult to ensure that the data is not tampered, and if the data is tampered, the tampering behavior is difficult to trace back well. In addition, the prior art does not well encrypt and protect sensitive information of related clinical test data, which is not beneficial to privacy safety of clinical test patients, and the method mainly detects and identifies the state during login, and is difficult to dynamically detect and identify the user behavior after login, so that a certain potential safety hazard exists in the system.
In summary, the existing remote monitoring method and system for clinical research and clinical test patients have poor safety and difficult traceability of user behavior data.
Disclosure of Invention
Accordingly, in order to solve the above-mentioned problems, it is necessary to provide a method and apparatus for improving the safety of a remote inspection system, which can ensure the safety of a system and a clinical trial patient and can trace back the user behavior data.
The invention provides a method for improving the safety of a remote inspection system, which comprises the following steps:
Acquiring a user operation record and user identity information, and storing the user operation record and the user identity information in a data chain in the form of a data block, wherein the data block is provided with a group of data and meta information of the data;
Carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and constructing a data processing unit based on a large model of clinical trial data fine adjustment, wherein the data processing unit is used for processing newly-added data on the data chain;
constructing a database model by taking a primary key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model;
based on the user operation record and the data use record on the data chain, checking the main key according to a set period to adjust the user authority of the user identity information corresponding to the main key;
after the user authority of the user identity information corresponding to the primary key logs in, invoking the large model finely tuned based on the clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information after desensitization;
the user operation record at least comprises user checking content, checking time, clicking content, whether abnormal login is carried out or not and whether user operation behavior is compliant or not, wherein the user checking content at least comprises medical record information and a clinical test scheme.
In one embodiment, the obtaining the user operation record and the user identity information, and storing the user operation record and the user identity information in a data chain in the form of data blocks includes:
Packaging the user operation records and the user identity information in the data chain into corresponding new blocks according to a set data structure and rules, and adding the user operation records and the user identity information into data fields of the new blocks;
The hash value of the new block is calculated and the previous block hash value of the new block is replaced with the hash value of the new block to connect the new block into the existing blockchain.
In one embodiment, the hash function is a SHA-256 hash function;
The hash encryption is carried out on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and a data processing unit is constructed based on a large model of clinical trial data fine adjustment, and the method comprises the following steps:
Invoking the SHA-256 hash function to perform hash encryption on the user identity information so as to acquire a main key corresponding to the user identity information;
and acquiring the clinical test data, and performing fine tuning training on the large model through the clinical test data so that the large model can understand the medical scene of the clinical test data to obtain the fine-tuned large model.
In one embodiment, the hash encryption is performed on the user identity information through a hash function to obtain a primary key corresponding to the user identity information, and the data processing unit is constructed based on a large model of clinical trial data fine tuning, and the method further includes:
Taking an open-source pre-training Llama2 large model as a bottom model, and preprocessing the clinical test data, wherein the preprocessing at least comprises standardization processing, normalization processing, word segmentation processing and encoding processing;
And converting the data format of the preprocessed clinical test data into a data format meeting the format requirement of the bottom model so as to construct a training data set of the bottom model, and performing fine tuning training on the bottom model through the training data set.
In one embodiment, the constructing a database model with the primary key corresponding to the user identity information as an index, and storing the user operation record and the data usage record on the data chain in the database model includes:
Acquiring a defined database table structure, constructing the database model according to the database table structure by taking a primary key corresponding to the user identity information as an index, wherein the database table structure at least comprises a user information field, a search keyword field, a data identifier field on a data chain and a user access time field;
When a user retrieves or accesses the data on the data chain, a retrieval keyword or a data identifier, a user identity, a time stamp or access time of the user are obtained, and the retrieval keyword or the data identifier, the user identity, the time stamp or the access time are stored in a relational database.
In one embodiment, the checking the primary key according to a set period based on the user operation record and the data usage record on the data link to adjust the user authority of the user identity information corresponding to the primary key includes:
Acquiring login behavior data of a user, and calling the large model finely tuned based on clinical test data to process the login behavior data so as to score the login behavior data and obtain login behavior scores;
obtaining a default reference score of a user, deducting the login behavior score from the default reference minutes when the user logs in abnormally every time to obtain a comprehensive behavior score, and canceling the login permission of the user when the comprehensive behavior score is lower than a first threshold value;
The abnormal login at least comprises the steps that a user views content as sensitive information, steals privacy and tamper data.
In one embodiment, after the user authority of the user identity information corresponding to the primary key logs in, invoking the large model finely tuned based on the clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information after the desensitization, including:
Acquiring the current medical record information, and calling the large model finely tuned based on clinical test data to process the current medical record information so as to identify sensitive information in the current medical record information;
replacing sensitive information in the current medical record information with equal-length replacement symbols so as to desensitize the current medical record information;
Wherein the sensitive information comprises at least identity information of the patient.
The invention also provides a remote inspection system safety lifting device, which comprises:
The data storage module is used for acquiring a user operation record and user identity information, and storing the user operation record and the user identity information in a data chain in the form of data blocks, wherein the data blocks are provided with a group of data and meta information of the data;
The model fine adjustment module is used for carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and constructing a data processing unit based on a large model of clinical trial data fine adjustment, wherein the data processing unit is used for processing newly-added data on the data chain;
the database construction module is used for constructing a database model by taking a main key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model;
The permission adjustment module is used for checking the main key according to a set period based on the user operation record and the data use record on the data chain so as to adjust the user permission of the user identity information corresponding to the main key;
The remote monitoring module is used for calling the large model finely tuned based on the clinical test data to desensitize the current medical record information after the user authority of the user identity information corresponding to the primary key is logged in, and remotely monitoring the current medical record information after the desensitization;
the user operation record at least comprises user checking content, checking time, clicking content, whether abnormal login is carried out or not and whether user operation behavior is compliant or not, wherein the user checking content at least comprises medical record information and a clinical test scheme.
The invention also provides electronic equipment, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the remote checking system security improving method when executing the computer program.
The invention also provides a computer storage medium storing a computer program which when executed by a processor implements a remote inspection system security enhancement method as described in any of the above.
The invention also provides a computer program product comprising a computer program which when executed by a processor implements a remote inspection system security enhancement method as described in any one of the above.
According to the remote checking system security improving method and device, the user operation record and the user identity information are obtained and stored in the data link in the form of data blocks. And then, carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, constructing a data processing unit based on a large model of clinical trial data fine adjustment, and processing newly-added data on a data chain. And then, constructing a database model by taking a primary key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model. And checking the primary key according to a set period based on the user operation record and the data use record on the data chain so as to adjust the user authority of the user identity information corresponding to the primary key. And finally, after the user authority of the user identity information corresponding to the primary key logs in, invoking a large model finely tuned based on clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information after desensitization. According to the method, the data is stored on the data chain through the blockchain, so that any action of trying to tamper the data can leave marks on the data chain, and by combining the introduction of the large model, only authorized users and users compared by the large model can be ensured to log in the system, the abnormal logging action can be effectively monitored, the safety of the system is ensured, and the user action can be effectively traced. In addition, the method is used for identifying and desensitizing sensitive information in medical records based on the large model, so that the privacy of patients can be effectively protected.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of a method for improving the security of a remote inspection system according to the present invention;
FIG. 2 is a schematic diagram of an overall flow of remote inspection of a clinical trial of a method for improving security of a remote inspection system according to an embodiment of the present invention;
FIG. 3 is a second flowchart of a security enhancement method for a remote inspection system according to the present invention;
FIG. 4 is a third flowchart of a security enhancement method for a remote inspection system according to the present invention;
FIG. 5 is a flowchart illustrating a security improvement method for a remote inspection system according to the present invention;
FIG. 6 is a flowchart of a remote inspection system security improvement method according to the present invention;
FIG. 7 is a flowchart illustrating a security improvement method of a remote inspection system according to the present invention;
FIG. 8 is a schematic diagram of a security enhancement method for a remote inspection system according to the present invention;
FIG. 9 is a schematic diagram of a remote inspection system security lifting device according to the present invention;
fig. 10 is an internal structural diagram of a computer device provided by the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The method and apparatus for remote inspection system security enhancement of the present invention are described below with reference to FIGS. 1-10.
As shown in fig. 1, in one embodiment, a method for improving security of a remote inspection system includes the following steps:
Step S110, obtaining a user operation record and user identity information, and storing the user operation record and the user identity information in a data chain in the form of a data block, wherein the data block is provided with a group of data and meta information of the data.
Specifically, the server acquires a user operation record and user identity information, and stores the user operation record and the user identity information in a data chain in the form of a data block, wherein the data block is provided with a group of data and meta information of the group of data.
In a specific embodiment, referring to fig. 2, the method for improving security of a remote inspection system according to the present invention first stores user operation record data and user personal information on the remote inspection system in a data chain in the form of a data block. Determining a usage scenario of a remote inspection system: and (5) remotely monitoring a clinical test. The data operation record data includes: the user views the content (including medical record information, clinical trial protocols, patient signed clinical trial informed consent, etc.), views time, clicks on the content, whether the login is abnormal, whether the operation behavior is compliant/legal, etc. The personal user information includes: account name, unit/business to which the account belongs, gender, account creation time, account rating, etc.
For data blocks, each data Block contains a set of data and meta-information about the data, such as a Block Header (Block Header), including information of the hash value of the Block, a time stamp, a hash of the previous Block, etc.
The following is the step of storing the data block into the data chain:
1) Defining a data structure: first of all, it is necessary to define the structure of the data to be saved in the data chain, which may be in any form, such as transaction records, contract information, file contents, etc., generally depending on the application and use scenario.
2) Creating a block: packing data into a block according to certain rules typically involves adding the data to the data field of the block, calculating the hash value of the block, and updating the relevant information in the block header.
3) Connecting the blockchain: connecting the newly created block into the existing blockchain involves setting the previous block hash value of the new block to the hash value of the latest block in the chain.
4) Consensus mechanism: the data in the blockchain needs to be verified by a consensus mechanism to ensure consistency and non-tamper-ability of the data.
Step S120, hash encryption is carried out on the user identity information through a hash function, a main key corresponding to the user identity information is obtained, a data processing unit is constructed based on a large model of clinical trial data fine adjustment, and the data processing unit is used for processing newly-added data on a data chain.
Specifically, the server hashes and encrypts the user identity information through a hash function to obtain a main key corresponding to the user identity information, constructs a data processing unit based on a large model of clinical trial data fine adjustment, and is used for processing newly-added data on a data chain through the data processing unit.
In a specific embodiment, referring to fig. 2, the security improving method of the remote checking system provided by the invention hashes and encrypts the personal information of the user through a hash function to form a unique primary key. The hash function used may be SHA-256 (Secure Hash Algorithm-bit), where SHA-256 is a relatively advanced hash function that is part of the SHA-2 family, and SHA-256 is widely used in many security fields, such as cryptocurrency, digital signatures, certificates, etc.
In the embodiment, a unified data processing unit is constructed based on a large model technology, wherein the large model adopts a large model which is finely adjusted based on field data, and has high recognition accuracy for data related to clinical test scenes.
The unified data processing unit construction step comprises the following aspects:
1) Determining purposes and targets: the user uses a unified process of generating data during the remote inspection system.
2) Model selection: an open source pre-trained Llama2 was chosen as the underlying model.
3) Data preparation: data is prepared and cleaned, and the data meets the input requirements of the model. Including normalization, word segmentation, encoding, etc. of the data.
4) Constructing a data processing pipeline: the data processing pipeline is designed to convert the raw data into a format acceptable to the model. This may include extraction, conversion, loading (ETL) processes of the data.
5) Model training: the training model is fine-tuned based on the previously prepared data.
6) Model deployment: the trained model is deployed into a production environment using containerization techniques, such as Docker, to achieve model scalability and flexibility.
And step S130, constructing a database model by taking a primary key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model.
Specifically, the server builds a database model by taking a primary key corresponding to the user identity information as an index, and stores the user operation record and the data usage record on the data chain in the database model.
In a specific embodiment, referring to fig. 2, the security improving method of the remote inspection system provided by the invention processes newly generated data on the data chain through a unified data processing unit, counts and stores the situation that the user retrieves and uses the data on the data chain, and uses the previously generated unique primary key of the user as an index.
The method specifically comprises the following steps:
1) Designing a database model:
And defining a database table structure which comprises fields of user information, search keywords, data identifiers on a data chain, access time and the like, and ensuring the relationship between a main key and an external key of the association table so as to easily search and associate data when needed.
2) Implement a data collection mechanism:
A data collection mechanism is implemented in the system to record the user's retrieval and data usage behavior. When the user performs the search, information such as a search keyword, a user identification, a time stamp and the like is recorded. When a user accesses data on the data chain, information such as a data identifier, a user identification, access time and the like is recorded.
3) Selecting an appropriate storage medium:
The collected data is stored in an appropriate database, and a relational database (e.g., mySQL, postgreSQL) or a NoSQL database (e.g., mongoDB, cassandra) may be selected, depending on the nature of the data and the context of use.
4) Privacy protection and security:
If user privacy information is involved, proper desensitization or encryption processing is ensured on sensitive information, access control measures are implemented, and only authorized personnel can access and process the statistical data.
5) Real-time processing mechanism:
Because the scene needs data statistics with higher real-time performance, the implementation of a real-time processing mechanism is considered, and the timely recording and statistics of the user behaviors are ensured.
6) Compliance and regulation compliance:
Ensuring that the statistics and keeping of user data acts in compliance with relevant regulations and privacy policies, transparent notifications are provided to the user, where appropriate, explaining the purpose and manner of data processing.
Step S140, based on the user operation record and the data use record on the data chain, checking the main key according to the set period to adjust the user authority of the user identity information corresponding to the main key.
Specifically, the server checks the primary key according to a set period based on the user operation record and the data usage record on the data link, so as to adjust the user authority of the user identity information corresponding to the primary key.
In a specific embodiment, referring to fig. 2, the security improving method of the remote checking system according to the present invention counts the user information call and the use condition according to the unique primary key of the user in a fixed period, and adjusts the authority of the user to use the data. The system can comprehensively score by combining information such as large model technology, user login behaviors and the like, the user defaults to 100 points, each abnormal behavior can be deducted by 20 points, and when the user comprehensive score is less than 60 points, the user login permission is cancelled. Wherein the determination of abnormal behavior refers to the following data (including without limitation): whether the login is abnormal, whether the content is sensitive information, whether the privacy stealing behavior exists, whether the data tampering attempt behavior exists, and the like.
And step S150, after the user authority of the user identity information corresponding to the primary key is logged in, invoking a large model finely tuned based on clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information based on the desensitized current medical record information.
Specifically, after the user authority of the user identity information corresponding to the primary key logs in, the server invokes the large model finely tuned based on the clinical test data to desensitize the current medical record information, and remotely monitors the current medical record information based on the desensitized current medical record information.
In a specific embodiment, referring to fig. 2, the security improving method of the remote checking system provided by the invention identifies sensitive information based on a large model and performs desensitization processing after a user authorizes login before calling medical record information. And deploying a service by using the large language model obtained by the previous fine tuning training, and identifying sensitive information in the called medical record information in real time and performing desensitization processing. The existing desensitization processing mode can replace the sensitive information identified by the large model with equal-length characters, and after the potential safety hazard of the sensitive information is stopped, the user can continue to perform remote monitoring.
In the embodiment, the system is monitored in real time by using the large model, so that potential threats can be detected quickly, corresponding safety response measures can be taken, the behavior of the remote inspection system is evaluated in real time by using the real-time analysis capability of the large model, and any abnormal situation is identified.
According to the remote checking system security improving method, the user operation record and the user identity information are obtained and stored in the data chain in the form of data blocks. And then, carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, constructing a data processing unit based on a large model of clinical trial data fine adjustment, and processing newly-added data on a data chain. And then, constructing a database model by taking a primary key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model. And checking the primary key according to a set period based on the user operation record and the data use record on the data chain so as to adjust the user authority of the user identity information corresponding to the primary key. And finally, after the user authority of the user identity information corresponding to the primary key logs in, invoking a large model finely tuned based on clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information after desensitization. According to the method, the data is stored on the data chain through the blockchain, so that any action of trying to tamper the data can leave marks on the data chain, and by combining the introduction of the large model, only authorized users and users compared by the large model can be ensured to log in the system, the abnormal logging action can be effectively monitored, the safety of the system is ensured, and the user action can be effectively traced. In addition, the method is used for identifying and desensitizing sensitive information in medical records based on the large model, so that the privacy of patients can be effectively protected.
As shown in fig. 3, in one embodiment, the method for improving security of a remote inspection system provided by the present invention obtains a user operation record and user identity information, and stores the user operation record and the user identity information in a data chain in the form of a data block, and specifically includes the following steps:
Step S112, the user operation record and the user identity information in the data chain are packed into corresponding new blocks according to the set data structure and rules, and the user operation record and the user identity information are added into the data fields of the new blocks.
Specifically, the server packages the user operation records and the user identity information in the data chain into corresponding new blocks according to the set data structure and the set rules, and adds the user operation records and the user identity information into the data fields of the new blocks.
In step S114, the hash value of the new block is calculated and the previous block hash value of the new block is replaced with the hash value of the new block to connect the new block to the existing blockchain.
Specifically, the server calculates the hash value of the new block, and replaces the previous block hash value of the new block with the hash value of the new block, thereby connecting the new block to the existing blockchain.
As shown in fig. 4, in one embodiment, the method for improving security of a remote inspection system provided by the invention hashes and encrypts user identity information through a hash function to obtain a primary key corresponding to the user identity information, and constructs a data processing unit based on a large model of clinical test data fine adjustment, and specifically includes the following steps:
step S122, the SHA-256 hash function is called to carry out hash encryption on the user identity information so as to obtain a main key corresponding to the user identity information.
Specifically, the server calls the SHA-256 hash function to hash and encrypt the user identity information so as to obtain a primary key corresponding to the user identity information.
And step S124, acquiring clinical test data, and performing fine tuning training on the large model through the clinical test data so that the large model can understand the medical scene of the clinical test data to obtain a fine-tuned large model.
Specifically, the server acquires a large amount of clinical test data, and performs fine tuning training on the large model through the clinical test data, so that the large model can understand the medical scene of the clinical test data, and the application field is clear, so that the fine-tuned large model is obtained.
As shown in fig. 5, in one embodiment, the method for improving security of a remote inspection system provided by the invention hashes and encrypts user identity information through a hash function to obtain a primary key corresponding to the user identity information, and constructs a data processing unit based on a large model of clinical test data fine adjustment, and specifically further includes the following steps:
Step S126, taking the open-source pre-training Llama2 large model as a bottom model, and preprocessing clinical test data, wherein the preprocessing at least comprises standardization processing, normalization processing, word segmentation processing and encoding processing.
Specifically, the server takes an open-source pre-training Llama2 large model as a bottom model and performs pretreatment on clinical test data, and the pretreatment process at least comprises standardization treatment, normalization treatment, word segmentation treatment and coding treatment.
And S128, converting the data format of the preprocessed clinical test data into a data format meeting the format requirement of the bottom model to construct a training data set of the bottom model, and performing fine tuning training on the bottom model through the training data set.
Specifically, the server converts the data format of the preprocessed clinical test data into a data format meeting the format requirement of the bottom model to construct a training data set of the bottom model, and fine-tuning training is carried out on the bottom model through the training data set.
As shown in fig. 6, in one embodiment, the method for improving security of a remote inspection system provided by the present invention uses a primary key corresponding to user identity information as an index to construct a database model, and stores a user operation record and a data usage record on a data chain in the database model, and specifically includes the following steps:
Step S132, a defined database table structure is obtained, a main key corresponding to user identity information is used as an index, a database model is constructed according to the database table structure, and the database table structure at least comprises a user information field, a search keyword field, a data identifier field on a data chain and a user access time field.
Specifically, the server acquires a defined database table structure, takes a primary key corresponding to user identity information as an index, and constructs a database model according to the database table structure, wherein the database table structure at least comprises a user information field, a search keyword field, a data identifier field on a data chain and a user access time field.
Step S134, when the user searches or accesses the data on the data chain, the search keyword or the data identifier, the user identity, the time stamp or the access time of the user are obtained, and the search keyword or the data identifier, the user identity, the time stamp or the access time are stored in the relational database.
As shown in fig. 7, in one embodiment, the method for improving security of a remote inspection system provided by the present invention, based on a user operation record and a data usage record on a data chain, performs inspection on a primary key according to a set period to adjust user rights of user identity information corresponding to the primary key, and specifically includes the following steps:
Step S142, obtaining login behavior data of the user, and calling a large model finely tuned based on clinical test data to process the login behavior data so as to score the login behavior data and obtain login behavior scores.
Specifically, the server acquires login behavior data of the user, and invokes a large model finely tuned based on clinical test data to process the login behavior data so as to score the login behavior data and obtain a corresponding login behavior score.
Step S144, obtaining a default reference score of the user, deducting a login behavior score from the default reference minutes when the user logs in abnormally every time, obtaining a comprehensive behavior score, and canceling the login permission of the user when the comprehensive behavior score is lower than a first threshold.
Specifically, the server obtains a default reference score of the user, deducts a login behavior score from the default reference minutes when the user logs in abnormally every time, obtains a comprehensive behavior score, and cancels the login permission of the user when the comprehensive behavior score is lower than a set threshold value.
As shown in fig. 8, in one embodiment, the security improvement method of a remote checking system provided by the present invention, when a user authority of user identity information corresponding to a primary key logs in, invokes a large model finely tuned based on clinical test data to perform desensitization processing on current medical record information, and performs remote monitoring based on the current medical record information after the desensitization processing, specifically includes the following steps:
Step S152, current medical record information is obtained, and a large model finely tuned based on clinical test data is called to process the current medical record information so as to identify sensitive information in the current medical record information.
Specifically, the server acquires current medical record information of a clinical test, and invokes a large model finely tuned based on the clinical test data to process the current medical record information so as to identify sensitive information in the current medical record information.
And step S154, the sensitive information in the current medical record information is replaced by equal-length replacement symbols so as to desensitize the current medical record information.
Specifically, the server replaces the sensitive information in the current medical record information with equal-length replacement symbols (such as ". Times.") so as to desensitize the current medical record information.
The remote inspection system security lifting device provided by the invention is described below, and the remote inspection system security lifting device described below and the remote inspection system security lifting method described above can be referred to correspondingly.
As shown in fig. 9, in one embodiment, a remote inspection system security device includes a data storage module 910, a model fine tuning module 920, a database construction module 930, a rights adjustment module 940, and a remote inspection module 950.
The data storage module 910 is configured to obtain a user operation record and user identity information, and store the user operation record and the user identity information in a data chain in a data block form, where the data block has a set of data and meta information of the data.
The model fine adjustment module 920 is configured to hash and encrypt the user identity information through a hash function to obtain a primary key corresponding to the user identity information, and construct a data processing unit based on the large model fine-adjusted by the clinical test data, where the data processing unit is configured to process newly added data on the data chain.
The database construction module 930 is configured to construct a database model with the primary key corresponding to the user identity information as an index, and store the user operation record and the data usage record on the data chain in the database model.
The permission adjustment module 940 is configured to check the primary key according to a set period based on the user operation record and the data usage record on the data chain, so as to adjust the user permission of the user identity information corresponding to the primary key.
The remote monitoring module 950 is configured to call the large model finely tuned based on the clinical test data to perform desensitization processing on the current medical record information after the user authority of the user identity information corresponding to the primary key is logged in, and perform remote monitoring based on the current medical record information after the desensitization processing.
The user operation record at least comprises user checking content, checking time, clicking content, whether abnormal login is carried out or not and whether user operation behavior is compliant or not, wherein the user checking content at least comprises medical record information and a clinical test scheme.
In this embodiment, the remote inspection system security improving device provided by the present invention, the data storage module is specifically configured to:
and packing the user operation records and the user identity information in the data chain into corresponding new blocks according to the set data structure and rules, and adding the user operation records and the user identity information into the data fields of the new blocks.
The hash value of the new chunk is calculated and the previous chunk hash value of the new chunk is replaced with the hash value of the new chunk to join the new chunk into the existing blockchain.
In this embodiment, the remote inspection system security lifting device provided by the invention, the model fine adjustment module is specifically configured to:
and calling an SHA-256 hash function to hash and encrypt the user identity information so as to acquire a main key corresponding to the user identity information.
And acquiring clinical test data, and performing fine tuning training on the large model through the clinical test data so that the large model can understand the medical scene of the clinical test data to obtain a fine-tuned large model.
In this embodiment, the remote inspection system security lifting device provided by the present invention, the model fine tuning module is specifically further configured to:
The method is characterized by taking an open-source pre-training Llama2 large model as a bottom model, and preprocessing clinical test data, wherein the preprocessing at least comprises standardization processing, normalization processing, word segmentation processing and encoding processing.
And converting the data format of the preprocessed clinical test data into a data format meeting the format requirement of the bottom model to construct a training data set of the bottom model, and performing fine tuning training on the bottom model through the training data set.
In this embodiment, the remote inspection system security lifting device provided by the present invention, the database construction module is specifically configured to:
And acquiring a defined database table structure, constructing a database model according to the database table structure by taking a primary key corresponding to the user identity information as an index, wherein the database table structure at least comprises a user information field, a search keyword field, a data identifier field on a data chain and a user access time field.
When a user retrieves or accesses data on a data chain, a retrieval keyword or data identifier, a user identity, a time stamp or access time of the user are obtained, and the retrieval keyword or data identifier, the user identity, the time stamp or the access time are stored in a relational database.
In this embodiment, the remote checking system security lifting device provided by the invention, the permission adjustment module is specifically configured to:
and acquiring login behavior data of the user, and calling a large model finely tuned based on the clinical test data to process the login behavior data so as to score the login behavior data and obtain login behavior scores.
And obtaining a default reference score of the user, deducting a login behavior score from the default reference minutes when the user logs in abnormally every time to obtain a comprehensive behavior score, and canceling the login permission of the user when the comprehensive behavior score is lower than a first threshold value.
The abnormal login at least comprises the steps that a user views content as sensitive information, steals privacy and tamper data.
In this embodiment, the remote inspection system security lifting device provided by the invention, the remote inspection module is specifically configured to:
and acquiring current medical record information, and calling a large model finely tuned based on clinical test data to process the current medical record information so as to identify sensitive information in the current medical record information.
And replacing sensitive information in the current medical record information with equal-length replacement symbols so as to desensitize the current medical record information.
Wherein the sensitive information comprises at least identity information of the patient.
Fig. 10 illustrates a physical structure diagram of an electronic device, which may be an intelligent terminal, and an internal structure diagram thereof may be as shown in fig. 10. The electronic device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic device includes a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the electronic device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements the remote inspection system security enhancement method described above.
It will be appreciated by those skilled in the art that the structure shown in fig. 10 is merely a block diagram of a portion of the structure associated with the present inventive arrangements and is not limiting of the electronic device to which the present inventive arrangements are applied, and that a particular electronic device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
On the other hand, the invention also provides a computer storage medium which stores a computer program, and the computer program realizes the remote checking system security improving method when being executed by a processor.
In yet another aspect, a computer program product or computer program is provided, the computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the electronic device reads the computer instructions from the computer readable storage medium, and the processor executes the computer instructions to implement the remote inspection system security promotion method.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory.
By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (SYNCHLINK) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the invention and are described in detail herein without thereby limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.

Claims (10)

1. A method for improving security of a remote inspection system, the method comprising:
Acquiring a user operation record and user identity information, and storing the user operation record and the user identity information in a data chain in the form of a data block, wherein the data block is provided with a group of data and meta information of the data;
Carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and constructing a data processing unit based on a large model of clinical trial data fine adjustment, wherein the data processing unit is used for processing newly-added data on the data chain;
constructing a database model by taking a primary key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model;
based on the user operation record and the data use record on the data chain, checking the main key according to a set period to adjust the user authority of the user identity information corresponding to the main key;
after the user authority of the user identity information corresponding to the primary key logs in, invoking the large model finely tuned based on the clinical test data to desensitize the current medical record information, and remotely monitoring the current medical record information after desensitization;
the user operation record at least comprises user checking content, checking time, clicking content, whether abnormal login is carried out or not and whether user operation behavior is compliant or not, wherein the user checking content at least comprises medical record information and a clinical test scheme.
2. The method for improving security of a remote inspection system according to claim 1, wherein the obtaining the user operation record and the user identity information and storing the user operation record and the user identity information in a data chain in the form of data blocks comprises:
Packaging the user operation records and the user identity information in the data chain into corresponding new blocks according to a set data structure and rules, and adding the user operation records and the user identity information into data fields of the new blocks;
The hash value of the new block is calculated and the previous block hash value of the new block is replaced with the hash value of the new block to connect the new block into the existing blockchain.
3. The method for improving security of a remote inspection system according to claim 1, wherein the hash function is a SHA-256 hash function;
The hash encryption is carried out on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and a data processing unit is constructed based on a large model of clinical trial data fine adjustment, and the method comprises the following steps:
Invoking the SHA-256 hash function to perform hash encryption on the user identity information so as to acquire a main key corresponding to the user identity information;
and acquiring the clinical test data, and performing fine tuning training on the large model through the clinical test data so that the large model can understand the medical scene of the clinical test data to obtain the fine-tuned large model.
4. The method for improving security of remote inspection system according to claim 3, wherein the hash encryption is performed on the user identity information by a hash function to obtain a primary key corresponding to the user identity information, and the data processing unit is constructed based on a large model of clinical trial data fine adjustment, and further comprising:
Taking an open-source pre-training Llama2 large model as a bottom model, and preprocessing the clinical test data, wherein the preprocessing at least comprises standardization processing, normalization processing, word segmentation processing and encoding processing;
And converting the data format of the preprocessed clinical test data into a data format meeting the format requirement of the bottom model so as to construct a training data set of the bottom model, and performing fine tuning training on the bottom model through the training data set.
5. The method for improving security of a remote inspection system according to claim 1, wherein constructing a database model with a primary key corresponding to the user identity information as an index, and storing the user operation record and the data usage record on the data chain in the database model includes:
Acquiring a defined database table structure, constructing the database model according to the database table structure by taking a primary key corresponding to the user identity information as an index, wherein the database table structure at least comprises a user information field, a search keyword field, a data identifier field on a data chain and a user access time field;
When a user retrieves or accesses the data on the data chain, a retrieval keyword or a data identifier, a user identity, a time stamp or access time of the user are obtained, and the retrieval keyword or the data identifier, the user identity, the time stamp or the access time are stored in a relational database.
6. The method for improving security of a remote inspection system according to claim 1, wherein the checking the primary key according to a set period based on the user operation record and the data usage record on the data link to adjust the user authority of the user identity information corresponding to the primary key includes:
Acquiring login behavior data of a user, and calling the large model finely tuned based on clinical test data to process the login behavior data so as to score the login behavior data and obtain login behavior scores;
obtaining a default reference score of a user, deducting the login behavior score from the default reference minutes when the user logs in abnormally every time to obtain a comprehensive behavior score, and canceling the login permission of the user when the comprehensive behavior score is lower than a first threshold value;
The abnormal login at least comprises the steps that a user views content as sensitive information, steals privacy and tamper data.
7. The method for improving security of a remote inspection system according to any one of claims 1 to 6, wherein, after the user authority of the user identity information corresponding to the primary key is logged in, invoking the large model fine-tuned based on the clinical test data to perform desensitization processing on the current medical record information, and performing remote inspection based on the current medical record information after the desensitization processing, the method comprises:
Acquiring the current medical record information, and calling the large model finely tuned based on clinical test data to process the current medical record information so as to identify sensitive information in the current medical record information;
replacing sensitive information in the current medical record information with equal-length replacement symbols so as to desensitize the current medical record information;
Wherein the sensitive information comprises at least identity information of the patient.
8. A remote inspection system security enhancement device, the device comprising:
The data storage module is used for acquiring a user operation record and user identity information, and storing the user operation record and the user identity information in a data chain in the form of data blocks, wherein the data blocks are provided with a group of data and meta information of the data;
The model fine adjustment module is used for carrying out hash encryption on the user identity information through a hash function to obtain a main key corresponding to the user identity information, and constructing a data processing unit based on a large model of clinical trial data fine adjustment, wherein the data processing unit is used for processing newly-added data on the data chain;
the database construction module is used for constructing a database model by taking a main key corresponding to the user identity information as an index, and storing the user operation record and the data use record on the data chain in the database model;
The permission adjustment module is used for checking the main key according to a set period based on the user operation record and the data use record on the data chain so as to adjust the user permission of the user identity information corresponding to the main key;
The remote monitoring module is used for calling the large model finely tuned based on the clinical test data to desensitize the current medical record information after the user authority of the user identity information corresponding to the primary key is logged in, and remotely monitoring the current medical record information after the desensitization;
the user operation record at least comprises user checking content, checking time, clicking content, whether abnormal login is carried out or not and whether user operation behavior is compliant or not, wherein the user checking content at least comprises medical record information and a clinical test scheme.
9. An electronic device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 7 when the computer program is executed.
10. A computer storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the method of any one of claims 1 to 7.
CN202410407192.1A 2024-04-07 2024-04-07 Remote inspection system security improving method and device Pending CN117993021A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410407192.1A CN117993021A (en) 2024-04-07 2024-04-07 Remote inspection system security improving method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410407192.1A CN117993021A (en) 2024-04-07 2024-04-07 Remote inspection system security improving method and device

Publications (1)

Publication Number Publication Date
CN117993021A true CN117993021A (en) 2024-05-07

Family

ID=90897849

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410407192.1A Pending CN117993021A (en) 2024-04-07 2024-04-07 Remote inspection system security improving method and device

Country Status (1)

Country Link
CN (1) CN117993021A (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020001108A1 (en) * 2018-06-29 2020-01-02 阿里巴巴集团控股有限公司 Block chain-based data processing method and device
CN110750492A (en) * 2019-09-02 2020-02-04 深圳晶泰科技有限公司 Block chain-based drug crystal library and construction method thereof
WO2020103557A1 (en) * 2018-11-20 2020-05-28 阿里巴巴集团控股有限公司 Transaction processing method and device
CN114357527A (en) * 2020-10-13 2022-04-15 康波浩瀚(北京)科技有限公司 Huayunkang medicine for treating leukorrhagia
WO2022225467A1 (en) * 2021-04-20 2022-10-27 Angel Time Co., Ltd. System and method for creating multi dimension blockchain
CN116168794A (en) * 2023-04-23 2023-05-26 成都本千医疗科技有限公司 Big data supervision's electronic medical record collection management platform
CN117352188A (en) * 2023-12-06 2024-01-05 北京中兴正远科技有限公司 Clinical information sharing method and system based on big data analysis
CN117373602A (en) * 2023-10-13 2024-01-09 北京百度网讯科技有限公司 Medical record generation method and device
CN117637097A (en) * 2023-12-06 2024-03-01 厦门狄耐克物联智慧科技有限公司 Method and system for generating electronic medical record based on outpatient service dialogue of large model

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020001108A1 (en) * 2018-06-29 2020-01-02 阿里巴巴集团控股有限公司 Block chain-based data processing method and device
WO2020103557A1 (en) * 2018-11-20 2020-05-28 阿里巴巴集团控股有限公司 Transaction processing method and device
CN110750492A (en) * 2019-09-02 2020-02-04 深圳晶泰科技有限公司 Block chain-based drug crystal library and construction method thereof
CN114357527A (en) * 2020-10-13 2022-04-15 康波浩瀚(北京)科技有限公司 Huayunkang medicine for treating leukorrhagia
WO2022225467A1 (en) * 2021-04-20 2022-10-27 Angel Time Co., Ltd. System and method for creating multi dimension blockchain
CN116168794A (en) * 2023-04-23 2023-05-26 成都本千医疗科技有限公司 Big data supervision's electronic medical record collection management platform
CN117373602A (en) * 2023-10-13 2024-01-09 北京百度网讯科技有限公司 Medical record generation method and device
CN117352188A (en) * 2023-12-06 2024-01-05 北京中兴正远科技有限公司 Clinical information sharing method and system based on big data analysis
CN117637097A (en) * 2023-12-06 2024-03-01 厦门狄耐克物联智慧科技有限公司 Method and system for generating electronic medical record based on outpatient service dialogue of large model

Similar Documents

Publication Publication Date Title
US11200260B2 (en) Database asset fulfillment chaincode deployment
WO2017037443A1 (en) Predictive human behavioral analysis of psychometric features on a computer network
Pasquale et al. Towards forensic-ready software systems
Sharma et al. Blockchain-based privacy preservation for IoT-enabled healthcare system
US20200409952A1 (en) Sql processing engine for blockchain ledger
DE202013012765U1 (en) System for protecting cloud services from unauthorized access and malicious software attack
US11790368B2 (en) Auto-evolving database endorsement policies
US11860856B2 (en) Managing distributed ledger storage space
US9871826B1 (en) Sensor based rules for responding to malicious activity
CN110417718B (en) Method, device, equipment and storage medium for processing risk data in website
CN111835756B (en) APP privacy compliance detection method and device, computer equipment and storage medium
US11501315B2 (en) Compliance verification of connected data
US20210133742A1 (en) Detection of security threats in a network environment
US11507535B2 (en) Probabilistic verification of linked data
US20210109776A1 (en) Free-riding node identification for blockchain
US11856086B2 (en) Tracking and linking item-related data
Jan et al. Integrity verification and behavioral classification of a large dataset applications pertaining smart OS via blockchain and generative models
CN112637108A (en) Internal threat analysis method and system based on anomaly detection and emotion analysis
CN110062926A (en) Device driver telemetering
CN111369354A (en) Data monitoring method and device for block chain application and storage medium
CN110807187A (en) Block chain-based network market illegal information evidence storing method and platform terminal
CN114598514A (en) Industrial control threat detection method and device
CN110598397A (en) Deep learning-based Unix system user malicious operation detection method
DE102019209349A1 (en) Investigate web threats using advanced web crawling
Ghiasvand et al. Assessing data usefulness for failure analysis in anonymized system logs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination