WO2018205444A1 - 动态加密的医疗数据传输系统及方法 - Google Patents
动态加密的医疗数据传输系统及方法 Download PDFInfo
- Publication number
- WO2018205444A1 WO2018205444A1 PCT/CN2017/098185 CN2017098185W WO2018205444A1 WO 2018205444 A1 WO2018205444 A1 WO 2018205444A1 CN 2017098185 W CN2017098185 W CN 2017098185W WO 2018205444 A1 WO2018205444 A1 WO 2018205444A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- cloud platform
- network device
- wifi network
- medical data
- algorithm
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
Definitions
- the present invention relates to the field of medical information, and in particular, to a dynamically encrypted medical data transmission system and method.
- the existing cloud platform encrypts the health medical data in the data transmission process by using a fixed encryption and decryption algorithm, and the fixed encryption algorithm is easily cracked and reduced. Information security for health care data.
- the current public WIFI network is becoming more and more common, and the public health data channel public WIFI network leaks incidents have occurred, so how to avoid health care data leakage through the public WIFI network is also a technical problem to be solved.
- the main object of the present invention is to provide a dynamically encrypted medical data transmission system and method, which aims to solve the technical problem that medical data is easily leaked through a public WIFI network.
- the present invention provides a dynamically encrypted medical data transmission system, which is operated in a cloud platform, and the cloud platform is communicably connected to a user terminal through a WIFI network device, and the cloud platform and the user terminal are both Pre-stored with multiple encryption and decryption algorithms, the system includes:
- a receiving module configured to receive an access request sent by the user terminal
- a determining module configured to determine whether the access request passes through a public WIFI network device
- a generating module configured to: when the access request is transmitted to the cloud platform through a public WIFI network device, randomly select a pre-stored encryption and decryption algorithm in the cloud platform by using a random function, and obtain the selected encryption and decryption algorithm The hash value of the law;
- a sending module configured to send the hash value to the user terminal, so that the user terminal invokes the encryption and decryption algorithm corresponding to the hash value to encrypt the medical data
- a calling module configured to invoke the encryption and decryption algorithm corresponding to the hash value in the cloud platform, and decrypt the medical data transmitted by the user terminal;
- a saving module configured to save the decrypted medical data in the cloud platform.
- the access request includes attribute information of a WIFI network device, where the attribute information is
- the MAC address of the WIFI network device and the username of the WIFI network device are identical to the MAC address of the WIFI network device and the username of the WIFI network device.
- the determining module determines whether the access request is transmitted to the cloud platform through the public WIFI network device:
- the IFI network device is a public WIFI network device
- the WIFI network device that the access request passes is an authenticated WIFI network device.
- the saving module is further configured to directly save the medical data in the user terminal in the cloud platform when the access request is not through a public WIFI network device.
- the encryption and decryption algorithm is a data encryption standard algorithm, a cubic data encryption standard algorithm, an advanced encryption standard algorithm, an RSA public key algorithm, a digital signature algorithm, an elliptic curve cryptography algorithm, a message digest algorithm, or security. Hash algorithm.
- the present invention also provides a dynamic encrypted medical data transmission method, which is applied to a cloud platform.
- the cloud platform is connected to the user terminal through the WIFI network device, and the cloud platform and the user terminal are pre-stored with multiple encryption and decryption algorithms, and the method includes the following steps:
- the decrypted medical data is saved in the cloud platform.
- the access request includes attribute information of a WIFI network device, where the attribute information is
- the MAC address of the WIFI network device and the username of the WIFI network device are identical to the MAC address of the WIFI network device and the username of the WIFI network device.
- the method for determining whether the access request is transmitted to the cloud platform by using a public WIFI network device is:
- the IFI network device is a public WIFI network device
- the WIFI network device that the access request passes is an authenticated WIFI network device.
- the method further includes the following steps: When the access request is not transmitted to the cloud platform through the public WIFI network device, the medical data in the user terminal is directly saved in the cloud platform.
- the encryption and decryption algorithm is a data encryption standard algorithm, a cubic data encryption standard algorithm, an advanced encryption standard algorithm, an RSA public key algorithm, a digital signature algorithm, an elliptic curve cryptography algorithm, a message digest algorithm or security. Hash algorithm.
- the present invention adopts the above technical solution, and brings the technical effects as follows:
- the dynamic encryption algorithm is enabled to encrypt the transmitted medical data, thereby improving the information security in the process of medical data transmission. .
- FIG. 1 is a schematic diagram of an application environment of a dynamically encrypted medical data transmission system according to the present invention
- FIG. 2 is a block diagram of a preferred embodiment of a dynamically encrypted medical data transmission system of the present invention
- FIG. 3 is a flow chart of a preferred embodiment of a dynamically encrypted medical data transmission method of the present invention.
- FIG. 1 is a schematic diagram of an application environment of a dynamically encrypted medical data transmission system according to the present invention.
- the dynamically encrypted medical data transmission system 20 of the present invention runs on the cloud platform 2.
- the cloud platform 2 is communicably connected to a plurality of WIFI network devices 3 through a network, and the WIFI network device 3 is connected to the user terminal 4.
- the WIFI network device 3 is a router, and is used to establish a communication connection between the user terminal 4 and the cloud platform 2, so that the data on the user terminal 4 is transmitted and saved in the cloud platform 2.
- the cloud platform 2 stores various types of medical data, and the medical data includes medical files (for example, medical image files, disease encyclopedia documents, government medical policy documents, medical department introduction documents, etc.), health detection Data (eg, heart rate, number of steps, blood pressure, blood oxygen, etc.), electronic medical record data (eg, patient name, patient's age, diseased day, disease name, cause of illness, disease diagnosis information, drug name, number of drugs, Name of the doctor, hospital and department, cost and contact details of the patient) and other medical data.
- medical files for example, medical image files, disease encyclopedia documents, government medical policy documents, medical department introduction documents, etc.
- health detection Data eg, heart rate, number of steps, blood pressure, blood oxygen, etc.
- electronic medical record data eg, patient name, patient's age, diseased day, disease name, cause of illness, disease diagnosis information, drug name, number of drugs, Name of the doctor, hospital and department, cost and contact details of the patient
- other medical data e.g, patient name, patient'
- a plurality of encryption and decryption algorithms are pre-stored in the cloud platform 2, for example, a Data Encryption Standard (DES), a Triple Data Encryption Standard (3DES), and an Advanced Encryption Standard (Advanced Encryption).
- DES Data Encryption Standard
- 3DES Triple Data Encryption Standard
- Advanced Encryption Advanced Encryption Standard
- AES RSA public key algorithm
- DSA Digital Signature Algorithm
- elliptic curve cryptography algorithm Elliptic Curves
- the user terminal 4 is configured to generate medical data and transmit and save the medical data to the cloud platform 2 through the WIFI network device 3.
- the user terminal 4 can be a professional medical detecting device (for example, a medical X-ray machine for taking human medical image files), a wearable device for health monitoring (for example, a sports watch, etc.), or a mobile device.
- Equipment for example, a mobile phone with a health check module
- a plurality of encryption and decryption algorithms are pre-stored in the user terminal 4, for example, a Data Encryption Standard (DES), a Triple Data Encryption Standard (3DES), Advanced Encryption Standard (AES), RSA public key algorithm, digital signature algorithm (Digital Signature
- each encryption and decryption algorithm in the user terminal 4 can find the same encryption and decryption algorithm in the cloud platform 2, and each encryption and decryption algorithm in the cloud platform 2 can also re-user.
- a corresponding encryption and decryption algorithm is found in the terminal 4. That is to say, the same encryption and decryption algorithm is pre-stored in the user terminal 4 and the cloud platform 2.
- the network may be a wired communication network or a wireless communication network.
- the network is preferably a wireless communication network including, but not limited to, a GSM network, a GPRS network, a CDMA network, a TD-SC DMA network, a WiMAX network, a TD-LTE network, an FDD-LTE network, and the like.
- the cloud platform 2 is a data center. It should be noted that, through the data transmission capability and the data storage capability of the cloud platform 2, the user terminal 4 connected to the cloud platform 2 can be better managed and/or assisted, and the data on the user terminal 4 is facilitated.
- the dynamic encryption is transmitted and stored in the cloud platform 2.
- FIG. 2 there is shown a block diagram of a preferred embodiment of a dynamically encrypted medical data transmission system of the present invention.
- the dynamically encrypted medical data transmission system 20 is applied to the cloud platform 2.
- the cloud platform 2 includes, but is not limited to, a dynamically encrypted medical data transmission system 20, a storage unit 21, a processing unit 22, and a communication unit 23.
- the storage unit 21 may be a read only storage unit ROM, an electrically erasable storage unit EEPRO M, a flash storage unit FLASH or a solid hard disk.
- the processing unit 22 may be a central processing unit (CPU), a microcontroller (MCU), a data processing chip, or an information processing unit having a data processing function.
- CPU central processing unit
- MCU microcontroller
- data processing chip or an information processing unit having a data processing function.
- the communication unit 23 is a communication interface with a remote communication function, for example, supports GSM, GPR S, WCDMA, CDMA, TD-SCDMA, WiMAX, TD-LTE, FDD-LTE, etc.
- Technical communication interface support wired communication interface of USB and network cable.
- the dynamically encrypted medical data transmission system 20 includes, but is not limited to, a receiving module 210, a determining module 211, a generating module 212, a sending module 213, a calling module 214, and a saving module 215, which are referred to as modules of the present invention.
- the receiving module 210 is configured to receive an access request sent by the user terminal 4.
- the access request is an instruction for connecting to the cloud platform 2.
- the access request includes attribute information of the WIFI network device 3 (for example, the MAC address of the WIFI network device 3, the user name of the WIFI network device, etc.) Information).
- the user terminal 4 automatically records the attribute information of the WIFI network device 3, and carries the attribute information of the WIFI network device 3 after generating the access request.
- the determining module 211 is configured to determine whether the access request is transmitted to the cloud platform through the public WIFI network device 4. Specifically, the determining module 211 parses the attribute information of the WIFI network device 4 in the access request. If the attribute information is inconsistent with the attribute information preset in the cloud platform 2, the WIFI network device 4 that the access request passes is determined. For public WIFI network equipment 4. Otherwise, if the attribute information is consistent with the attribute information preset in the cloud platform 2, it is determined that the WIFI network device 4 through which the access request passes is the authenticated WIFI network device 4 (ie, the user approves the WIFI network device 4 in advance, and can be assured Transfer medical data).
- the authenticated WIFI network device 4 ie, the user approves the WIFI network device 4 in advance, and can be assured Transfer medical data.
- the generating module 212 is configured to: when the access request is transmitted to the cloud platform through the public WIFI network device 4, randomly select an encryption and decryption algorithm pre-stored in the cloud platform 2 by using a random function, and obtain the selected encryption and decryption algorithm.
- the hash value of the algorithm is configured to: when the access request is transmitted to the cloud platform through the public WIFI network device 4, randomly select an encryption and decryption algorithm pre-stored in the cloud platform 2 by using a random function, and obtain the selected encryption and decryption algorithm.
- the hash value of the algorithm is configured to: when the access request is transmitted to the cloud platform through the public WIFI network device 4, randomly select an encryption and decryption algorithm pre-stored in the cloud platform 2 by using a random function, and obtain the selected encryption and decryption algorithm.
- the sending module 213 is configured to send the hash value to the user terminal 4, so that the user terminal 4 invokes the encryption and decryption algorithm corresponding to the hash value to encrypt the medical data.
- the user terminal 4 receives the hash value ⁇ and searches for an encryption and decryption algorithm corresponding to the hash value in the user terminal 4. For example, if the encryption and decryption algorithm corresponding to the hash value generated in the cloud platform 2 is the DES algorithm, the user terminal 4 invokes the DES algorithm according to the hash value to encrypt the medical data in the user terminal 4.
- the calling module 214 is configured to invoke the encryption and decryption algorithm corresponding to the hash value in the cloud platform 2, and decrypt the medical data transmitted by the user terminal 4. For example, if the encryption and decryption algorithm corresponding to the hash value generated in the cloud platform 2 is the DES algorithm, the medical data is decrypted by using the DES algorithm.
- the saving module 215 is configured to save the decrypted medical data in the storage unit 21 of the cloud platform 2.
- the saving module 215 is further configured to directly save the medical data in the user terminal 4 in the cloud platform 2 when the access request is not through the public WIFI network device.
- FIG. 3 it is a flow chart of a preferred embodiment of the dynamically encrypted medical data transmission method of the present invention.
- the dynamically encrypted medical data transmission method is applied to the cloud platform 2, and the method includes the following steps:
- Step S10 The receiving module 210 is configured to receive an access request sent by the user terminal 4.
- the access request is an instruction for connecting to the cloud platform 2.
- the access request includes attribute information of the WIFI network device 3 (for example, the MAC address of the WIFI network device 3, the user name of the WIFI network device, etc.) Information).
- the user terminal 4 automatically records the attribute information of the WIFI network device 3, and carries the attribute information of the WIFI network device 3 after generating the access request.
- Step S11 The determining module 211 determines whether the access request passes through the public WIFI network device 4. Specifically, the determining module 211 parses the attribute information of the WIFI network device 4 in the access request. If the attribute information is inconsistent with the attribute information preset in the cloud platform 2, the WIFI network device 4 that the access request passes is determined. For public WIFI network equipment 4. Otherwise, if the attribute information is consistent with the attribute information preset in the cloud platform 2, it is determined that the WIFI network device 4 through which the access request passes is the authenticated WIFI network device 4 (ie, the user approves the WIFI network device 4 in advance, and can be assured Transfer medical data). If the access request passes through the public WIFI network device 4, the flow proceeds to step S12. If the access request is not through the public WIFI network device 4, the flow proceeds to step S15, and the medical data in the user terminal 4 is directly saved in the cloud platform 2. .
- Step S12 The generating module 212 randomly selects a pre-existing encryption and decryption algorithm in the cloud platform 2 by using a random function, and acquires a hash value of the selected encryption and decryption algorithm.
- Step S13 The sending module 213 sends the hash value to the user terminal 4, so that the user terminal 4 invokes the encryption and decryption algorithm corresponding to the hash value to encrypt the medical data.
- the user terminal 4 receives the hash value ⁇ and searches for an encryption and decryption algorithm corresponding to the hash value in the user terminal 4. For example, if the encryption and decryption algorithm corresponding to the hash value generated in the cloud platform 2 is the DES algorithm, the user terminal 4 invokes the DES algorithm according to the hash value to encrypt the medical data in the user terminal 4.
- Step S14 The calling module 214 invokes the encryption and decryption algorithm corresponding to the hash value in the cloud platform 2, and decrypts the medical data transmitted by the user terminal 4. For example, if the encryption and decryption algorithm corresponding to the hash value generated in the cloud platform 2 is the DES algorithm, the medical data is decrypted by using the DES algorithm.
- Step S15 The saving module 215 is configured to save the decrypted medical data in the storage unit 21 of the cloud platform 2.
- the present invention adopts the above technical solution, and brings the technical effects as follows:
- the dynamic encryption algorithm is enabled to encrypt the transmitted medical data, thereby improving the information security in the process of medical data transmission. .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Measuring And Recording Apparatus For Diagnosis (AREA)
Abstract
本发明提供一种动态加密的医疗数据传输系统及方法,该方法包括:接收用户终端发送过来的访问请求;判断访问请求是否通过公共的WIFI网络设备;当该访问请求通过公共的WIFI网络设备时,通过随机函数随机选择一个云平台中预存的加解密算法,并获取该选择的加解密算法的哈希值;将所述哈希值发送给用户终端,使得用户终端调用该哈希值对应的加解密算法对医疗数据进行加密;在云平台中调用该哈希值对应的加解密算法,并对用户终端传输过来的医疗数据进行解密;将解密后的医疗数据保存于云平台中。实施本发明提高了医疗数据传输过程中的信息安全。
Description
发明名称:动态加密的医疗数据传输系统及方法 技术领域
[0001] 本发明涉及医疗信息化领域, 尤其涉及一种动态加密的医疗数据传输系统及方 法。
背景技术
[0002] 近年来, 随着城市经济的快速增长, 人民生活水平的不断提高, 人们幵始更加 关爱生命和关心自己的健康。 市面上各种监测用户健康的设备不断涌现, 为了 方便管理这些检测到的健康医疗数据, 方便用户远程实吋査看, 所监测的健康 医疗数据存放于云平台。
[0003] 然而, 由于健康医疗数据涉及个人隐私, 现有的云平台对数据传输过程中的健 康医疗数据均采用固定的加解密算法进行加密, 而采用该固定的加密算法容易 被破解, 降低了健康医疗数据的信息安全。 此外, 当前公共 WIFI网络越来越普 遍, 而健康医疗数据途径公共 WIFI网络泄密的事件吋有发生, 因此如何避免健 康医疗数据通过公共 WIFI网络泄密, 也是拭待解决的技术问题。
技术问题
[0004] 本发明的主要目的在于提供一种动态加密的医疗数据传输系统及方法, 旨在解 决了医疗数据通过公共 WIFI网络容易泄露的技术问题。
问题的解决方案
技术解决方案
[0005] 为实现上述目的, 本发明提供了一种动态加密的医疗数据传输系统, 运行于云 平台中, 所述云平台通过 WIFI网络设备与用户终端通信连接, 所述云平台及用 户终端均预存有多个加解密算法, 该系统包括:
[0006] 接收模块, 用于接收用户终端发送过来的访问请求;
[0007] 判断模块, 用于判断访问请求是否通过公共的 WIFI网络设备;
[0008] 生成模块, 用于当该访问请求通过公共的 WIFI网络设备传输至云平台吋, 通过 随机函数随机选择一个云平台中预存的加解密算法, 并获取该选择的加解密算
法的哈希值;
[0009] 发送模块, 用于将所述哈希值发送给用户终端, 使得用户终端调用该哈希值对 应的加解密算法对医疗数据进行加密;
[0010] 调用模块, 用于在云平台中调用该哈希值对应的加解密算法, 并对用户终端传 输过来的医疗数据进行解密; 及
[0011] 保存模块, 用于将解密后的医疗数据保存于云平台中。
[0012] 优选的, 所述访问请求包括 WIFI网络设备的属性信息, 其中, 所述属性信息为
WIFI网络设备的 MAC地址及 WIFI网络设备的用户名。
[0013] 优选的, 所述判断模块判断访问请求是否通过公共的 WIFI网络设备传输至云平 台的方式为:
[0014] 若该属性信息与云平台中预设的属性信息不一致, 则认定该访问请求经过的 W
IFI网络设备为公共的 WIFI网络设备; 及
[0015] 若该属性信息与云平台中预设的属性信息一致, 则认定该访问请求经过的 WIFI 网络设备为经过认证的 WIFI网络设备。
[0016] 优选的, 所述保存模块还用于当该访问请求不是通过公共的 WIFI网络设备吋, 直接将用户终端中的医疗数据保存于云平台中。
[0017] 优选的, 所述加解密算法为数据加密标准算法、 三次数据加密标准算法、 高级 加密标准算法、 RSA公共密钥算法、 数字签名算法、 椭圆曲线密码编码学算法、 消息摘要算法或安全哈希算法。
[0018] 另一方面, 本发明还提供一种动态加密的医疗数据传输方法, 应用于云平台中
, 所述云平台通过 WIFI网络设备与用户终端通信连接, 所述云平台及用户终端 均预存有多个加解密算法, 该方法包括如下步骤:
[0019] 接收用户终端发送过来的访问请求;
[0020] 判断访问请求是否通过公共的 WIFI网络设备传输至云平台;
[0021] 当该访问请求通过公共的 WIFI网络设备传输至云平台吋, 通过随机函数随机选 择一个云平台中预存的加解密算法, 并获取该选择的加解密算法的哈希值;
[0022] 将所述哈希值发送给用户终端, 使得用户终端调用该哈希值对应的加解密算法 对医疗数据进行加密;
[0023] 在云平台中调用该哈希值对应的加解密算法, 并对用户终端传输过来的医疗数 据进行解密; 及
[0024] 将解密后的医疗数据保存于云平台中。
[0025] 优选的, 所述访问请求包括 WIFI网络设备的属性信息, 其中, 所述属性信息为
WIFI网络设备的 MAC地址及 WIFI网络设备的用户名。
[0026] 优选的, 所述判断访问请求是否通过公共的 WIFI网络设备传输至云平台的方式 为:
[0027] 若该属性信息与云平台中预设的属性信息不一致, 则认定该访问请求经过的 W
IFI网络设备为公共的 WIFI网络设备; 及
[0028] 若该属性信息与云平台中预设的属性信息一致, 则认定该访问请求经过的 WIFI 网络设备为经过认证的 WIFI网络设备。
[0029] 优选的, 进一步包括如下步骤: 当该访问请求不是通过公共的 WIFI网络设备传 输至云平台吋, 直接将用户终端中的医疗数据保存于云平台中。
[0030] 优选的, 所述加解密算法为数据加密标准算法、 三次数据加密标准算法、 高级 加密标准算法、 RSA公共密钥算法、 数字签名算法、 椭圆曲线密码编码学算法、 消息摘要算法或安全哈希算法。
发明的有益效果
有益效果
[0031] 本发明采用上述技术方案, 带来的技术效果为: 当医疗数据通过公共 WIFI网络 设备吋, 启用动态的加密算法对传输的医疗数据进行加密, 提高了医疗数据传 输过程中的信息安全。
对附图的简要说明
附图说明
[0032] 图 1是本发明动态加密的医疗数据传输系统的应用环境示意图;
[0033] 图 2是本发明动态加密的医疗数据传输系统的优选实施例的模块示意图;
[0034] 图 3是本发明动态加密的医疗数据传输方法的优选实施例的流程图。
[0035] 本发明目的实现、 功能特点及优点将结合实施例, 参照附图做进一步说明。
实施该发明的最佳实施例
本发明的最佳实施方式
[0036] 为更进一步阐述本发明为达成预定发明目的所采取的技术手段及功效, 以下结 合附图及较佳实施例, 对本发明的具体实施方式、 结构、 特征及其功效, 详细 说明如下。 应当理解, 此处所描述的具体实施例仅仅用以解释本发明, 并不用 于限定本发明。
[0037] 参照图 1所示, 图 1是本发明动态加密的医疗数据传输系统的应用环境示意图。
本发明中的动态加密的医疗数据传输系统 20运行于云平台 2上。 所述云平台 2通 过网络与多个 WIFI网络设备 3通信连接, 所述 WIFI网络设备 3与所述用户终端 4连 接。
[0038] 在本实施例中, 所述 WIFI网络设备 3为路由器, 用于在用户终端 4与云平台 2之 间建立通信连接, 使得用户终端 4上的数据传输并保存于云平台 2。
[0039] 所述云平台 2上存储有各种类型医疗数据, 所述医疗数据包括医疗文件 (例如 , 医学影像文件、 疾病百科文件、 政府医疗政策文件、 医疗科室介绍文件等等 ) 、 健康检测数据 (例如, 心率、 步数、 血压、 血氧等) 、 电子病历数据 (例 如, 患者姓名、 患者年齢、 患病吋间、 疾病名称、 患病原因、 疾病诊断信息、 药品名称、 药品数量、 医生姓名、 就诊医院及科室、 费用及患者的联系方式) 及其它医疗数据。 所述云平台 2内预先存储有多种加解密算法, 例如, 数据加密 标准算法 (Data Encryption Standard, DES) 、 三次数据加密标准算法 (Triple Data Encryption Standard, 3DES) 、 高级加密标准算法 (Advanced Encryption Standard, AES) 、 RSA公共密钥算法, 数字签名算法 (Digital Signature Algorithm, DSA) 、 椭圆曲线密码编码学算法 (Elliptic Curves
Cryptography , ECC) 、 消息摘要算法 (Message Digest Algorithm 5, MD5) 、 安全哈希算法 (Secure Hash Algorithm, SHA) 。
[0040] 所述用户终端 4用于产生医疗数据并将医疗数据通过 WIFI网络设备 3传输并保存 至云平台 2。 所述用户终端 4既可以是专业的医疗检测设备 (例如, 用于拍摄人 体医学影像文件的医用 X光机) 、 用于健康监护的可穿戴设备 (例如, 运动手表 等) , 也可以是移动设备 (例如, 装有健康检测模块的手机) , 还可以是装有 H
IS系统的个人电脑等其它任意能够自动或手动记录健康数据的设备或装置。
[0041] 进一步地, 所述用户终端 4内也预先存储有多种加解密算法, 例如, 数据加密 标准算法 (Data Encryption Standard, DES) 、 三次数据加密标准算法 (Triple Data Encryption Standard, 3DES) 、 高级加密标准算法 (Advanced Encryption Standard, AES) 、 RSA公共密钥算法, 数字签名算法 (Digital Signature
Algorithm, DSA) 、 椭圆曲线密码编码学算法 (Elliptic Curves
Cryptography, ECC) 、 消息摘要算法 (Message Digest Algorithm 5, MD5) 、 安全哈希算法 (Secure Hash Algorithm, SHA) 。
[0042] 需要说明的是, 所述用户终端 4中的每个加解密算法在云平台 2中能找到相同的 加解密算法, 而所述云平台 2中的每个加解密算法也能再用户终端 4中找到对应 的加解密算法。 也就是说, 同一种加解密算法均预先存储于用户终端 4及云平台 2中。
[0043] 在本实施例中, 所述网络可以是有线通讯网络或无线通讯网络。 所述网络优选 为无线通讯网络, 包括但不限于, GSM网络、 GPRS网络、 CDMA网络、 TD-SC DMA网络、 WiMAX网络、 TD-LTE网络、 FDD-LTE网络等无线传输网络。
[0044] 此外, 所述云平台 2为数据中心。 需要说明的是, 通过云平台 2的数据传输能力 及数据存储能力, 可以更好地管理及 /或协助与该云平台 2连接的用户终端 4, 有 利于将所述用户终端 4上的数据经过动态加密传输并存储于云平台 2中。
[0045] 参照图 2所示, 是本发明动态加密的医疗数据传输系统的优选实施例的模块示 意图。 在本实施例中, 所述动态加密的医疗数据传输系统 20应用于云平台 2。 该 云平台 2包括, 但不仅限于, 动态加密的医疗数据传输系统 20、 存储单元 21、 处 理单元 22、 及通讯单元 23。
[0046] 所述的存储单元 21可以为一种只读存储单元 ROM, 电可擦写存储单元 EEPRO M、 快闪存储单元 FLASH或固体硬盘等。
[0047] 所述的处理单元 22可以为一种中央处理器 (Central Processing Unit, CPU) 、 微控制器 (MCU) 、 数据处理芯片、 或者具有数据处理功能的信息处理单元。
[0048] 所述的通讯单元 23为一种具有远程通讯功能的通讯接口, 例如支持 GSM、 GPR S、 WCDMA、 CDMA、 TD-SCDMA、 WiMAX、 TD-LTE、 FDD-LTE等无线通 ifl
技术的通讯接口, 支持 USB、 网线的有线通讯接口。
[0049] 所述动态加密的医疗数据传输系统 20包括, 但不局限于, 接收模块 210、 判断 模块 211、 生成模块 212、 发送模块 213、 调用模块 214及保存模块 215, 本发明所 称的模块是指一种能够被所述云平台 2的处理单元 22执行并且能够完成固定功能 的一系列计算机程序指令段, 其存储在所述云平台 2的存储单元 21中。
[0050] 所述接收模块 210用于接收用户终端 4发送过来的访问请求。 所述访问请求为用 于连接至所述云平台 2的指令。 在本实施例中, 由于所述用户终端 4经过 WIFI网 络设备 3, 因此所述访问请求中包括 WIFI网络设备 3的属性信息 (例如, WIFI网 络设备 3的 MAC地址、 WIFI网络设备的用户名等信息) 。 具体地说, 当用户终端 4连接至所述 WIFI网络设备 3吋, 用户终端 4自动记录该 WIFI网络设备 3的属性信 息, 在生成访问请求吋携带该 WIFI网络设备 3的属性信息。
[0051] 所述判断模块 211用于判断访问请求是否通过公共的 WIFI网络设备 4传输至云平 台。 具体地说, 所述判断模块 211解析所述访问请求中 WIFI网络设备 4的属性信 息, 若该属性信息与云平台 2中预设的属性信息不一致, 则认定该访问请求经过 的 WIFI网络设备 4为公共的 WIFI网络设备 4。 否则, 若该属性信息与云平台 2中预 设的属性信息一致, 则认定该访问请求经过的 WIFI网络设备 4为经过认证的 WIFI 网络设备 4 (即用户提前认可该 WIFI网络设备 4, 可以放心传输医疗数据) 。
[0052] 所述生成模块 212用于当该访问请求通过公共的 WIFI网络设备 4传输至云平台吋 , 通过随机函数随机选择一个云平台 2中预存的加解密算法, 并获取该选择的加 解密算法的哈希值。
[0053] 所述发送模块 213用于将所述哈希值发送给用户终端 4, 使得用户终端 4调用该 哈希值对应的加解密算法对医疗数据进行加密。 具体地说, 所述用户终端 4接收 到哈希值吋, 寻找该用户终端 4中哈希值对应的加解密算法。 例如, 若云平台 2 中生成的哈希值对应的加解密算法为 DES算法, 则用户终端 4根据该哈希值调用 DES算法对用户终端 4中的医疗数据进行加密。
[0054] 所述调用模块 214用于在云平台 2中调用该哈希值对应的加解密算法, 并对用户 终端 4传输过来的医疗数据进行解密。 例如, 若云平台 2中生成的哈希值对应的 加解密算法为 DES算法, 则采用 DES算法对医疗数据进行解密。
[0055] 所述保存模块 215用于将解密后的医疗数据保存于云平台 2的存储单元 21中。 所 述保存模块 215还用于当该访问请求不是通过公共的 WIFI网络设备 4吋, 直接将 用户终端 4中的医疗数据保存于云平台 2中。
[0056] 参照图 3所示, 是本发明动态加密的医疗数据传输方法的优选实施例的流程图
。 在本实施例中, 所述的动态加密的医疗数据传输方法应用于云平台 2, 该方法 包括以下步骤:
[0057] 步骤 S10: 所述接收模块 210用于接收用户终端 4发送过来的访问请求。 所述访 问请求为用于连接至所述云平台 2的指令。 在本实施例中, 由于所述用户终端 4 经过 WIFI网络设备 3, 因此所述访问请求中包括 WIFI网络设备 3的属性信息 (例 如, WIFI网络设备 3的 MAC地址、 WIFI网络设备的用户名等信息) 。 具体地说 , 当用户终端 4连接至所述 WIFI网络设备 3吋, 用户终端 4自动记录该 WIFI网络设 备 3的属性信息, 在生成访问请求吋携带该 WIFI网络设备 3的属性信息。
[0058] 步骤 S11 : 所述判断模块 211判断访问请求是否通过公共的 WIFI网络设备 4。 具 体地说, 所述判断模块 211解析所述访问请求中 WIFI网络设备 4的属性信息, 若 该属性信息与云平台 2中预设的属性信息不一致, 则认定该访问请求经过的 WIFI 网络设备 4为公共的 WIFI网络设备 4。 否则, 若该属性信息与云平台 2中预设的属 性信息一致, 则认定该访问请求经过的 WIFI网络设备 4为经过认证的 WIFI网络设 备 4 (即用户提前认可该 WIFI网络设备 4, 可以放心传输医疗数据) 。 若访问请 求通过公共的 WIFI网络设备 4, 则流程进入步骤 S12。 若访问请求不是通过公共 的 WIFI网络设备 4, 则流程进入步骤 S15, 直接将用户终端 4中的医疗数据保存于 云平台 2中。 。
[0059] 步骤 S12: 所述生成模块 212通过随机函数随机选择一个云平台 2中预存的加解 密算法, 并获取该选择的加解密算法的哈希值。
[0060] 步骤 S13: 所述发送模块 213将所述哈希值发送给用户终端 4, 使得用户终端 4调 用该哈希值对应的加解密算法对医疗数据进行加密。 具体地说, 所述用户终端 4 接收到哈希值吋, 寻找该用户终端 4中哈希值对应的加解密算法。 例如, 若云平 台 2中生成的哈希值对应的加解密算法为 DES算法, 则用户终端 4根据该哈希值调 用 DES算法对用户终端 4中的医疗数据进行加密。
[0061] 步骤 S14: 所述调用模块 214在云平台 2中调用该哈希值对应的加解密算法, 并 对用户终端 4传输过来的医疗数据进行解密。 例如, 若云平台 2中生成的哈希值 对应的加解密算法为 DES算法, 则采用 DES算法对医疗数据进行解密。
[0062] 步骤 S15: 所述保存模块 215用于将解密后的医疗数据保存于云平台 2的存储单 元 21中。
[0063] 以上仅为本发明的优选实施例, 并非因此限制本发明的专利范围, 凡是利用本 发明说明书及附图内容所作的等效结构或等效流程变换, 或之间或间接运用在 其他相关的技术领域, 均同理包括在本发明的专利保护范围内。
工业实用性
[0064] 本发明采用上述技术方案, 带来的技术效果为: 当医疗数据通过公共 WIFI网络 设备吋, 启用动态的加密算法对传输的医疗数据进行加密, 提高了医疗数据传 输过程中的信息安全。
Claims
[权利要求 1] 一种动态加密的医疗数据传输系统, 运行于云平台中, 其特征在于, 所述云平台通过 WIFI网络设备与用户终端通信连接, 所述云平台及 用户终端均预存有多个加解密算法, 该系统包括: 接收模块, 用于接 收用户终端发送过来的访问请求; 判断模块, 用于判断访问请求是否 通过公共的 WIFI网络设备传输至云平台; 生成模块, 用于当该访问 请求通过公共的 WIFI网络设备传输至云平台吋, 通过随机函数随机 选择一个云平台中预存的加解密算法, 并获取该选择的加解密算法的 哈希值; 发送模块, 用于将所述哈希值发送给用户终端, 使得用户终 端调用该哈希值对应的加解密算法对医疗数据进行加密; 调用模块, 用于在云平台中调用该哈希值对应的加解密算法, 并对用户终端传输 过来的医疗数据进行解密; 及保存模块, 用于将解密后的医疗数据保 存于云平台中。
[权利要求 2] 如权利要求 1所述的动态加密的医疗数据传输系统, 其特征在于, 所 述访问请求包括 WIFI网络设备的属性信息, 其中, 所述属性信息为 WIFI网络设备的 MAC地址及 WIFI网络设备的用户名。
[权利要求 3] 如权利要求 2所述的动态加密的医疗数据传输系统, 其特征在于, 所 述判断模块判断访问请求是否通过公共的 WIFI网络设备传输至云平 台的方式为: 若该属性信息与云平台中预设的属性信息不一致, 则认 定该访问请求经过的 WIFI网络设备为公共的 WIFI网络设备; 及若该 属性信息与云平台中预设的属性信息一致, 则认定该访问请求经过的 WIFI网络设备为经过认证的 WIFI网络设备。
[权利要求 4] 如权利要求 1所述的动态加密的医疗数据传输系统, 其特征在于, 所 述保存模块还用于当该访问请求不是通过公共的 WIFI网络设备传输 至云平台吋, 直接将用户终端中的医疗数据保存于云平台中。
[权利要求 5] 如权利要求 1所述的动态加密的医疗数据传输系统, 其特征在于, 所 述加解密算法为数据加密标准算法、 三次数据加密标准算法、 高级加 密标准算法、 RSA公共密钥算法、 数字签名算法、 椭圆曲线密码编码
学算法、 消息摘要算法或安全哈希算法。
一种动态加密的医疗数据传输方法, 应用于云平台中, 其特征在于, 所述云平台通过 WIFI网络设备与用户终端通信连接, 所述云平台及 用户终端均预存有多个加解密算法, 该方法包括如下步骤: 接收用户 终端发送过来的访问请求; 判断访问请求是否通过公共的 WIFI网络 设备传输至云平台; 当该访问请求通过公共的 WIFI网络设备传输至 云平台吋, 通过随机函数随机选择一个云平台中预存的加解密算法, 并获取该选择的加解密算法的哈希值; 将所述哈希值发送给用户终端 , 使得用户终端调用该哈希值对应的加解密算法对医疗数据进行加密 ; 在云平台中调用该哈希值对应的加解密算法, 并对用户终端传输过 来的医疗数据进行解密; 及将解密后的医疗数据保存于云平台中。 如权利要求 6所述的动态加密的医疗数据传输方法, 其特征在于, 所 述访问请求包括 WIFI网络设备的属性信息, 其中, 所述属性信息为 WIFI网络设备的 MAC地址及 WIFI网络设备的用户名。
如权利要求 7所述的动态加密的医疗数据传输方法, 其特征在于, 所 述判断访问请求是否通过公共的 WIFI网络设备传输至云平台的方式 为: 若该属性信息与云平台中预设的属性信息不一致, 则认定该访问 请求经过的 WIFI网络设备为公共的 WIFI网络设备; 及若该属性信息 与云平台中预设的属性信息一致, 则认定该访问请求经过的 WIFI网 络设备为经过认证的 WIFI网络设备。
如权利要求 6所述的动态加密的医疗数据传输方法, 其特征在于, 进 一步包括如下步骤: 当该访问请求不是通过公共的 WIFI网络设备传 输至云平台吋, 直接将用户终端中的医疗数据保存于云平台中。 如权利要求 6所述的动态加密的医疗数据传输方法, 其特征在于, 所 述加解密算法为数据加密标准算法、 三次数据加密标准算法、 高级加 密标准算法、 RSA公共密钥算法、 数字签名算法、 椭圆曲线密码编码 学算法、 消息摘要算法或安全哈希算法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710314634.8 | 2017-05-06 | ||
CN201710314634.8A CN107147638A (zh) | 2017-05-06 | 2017-05-06 | 动态加密的医疗数据传输系统及方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018205444A1 true WO2018205444A1 (zh) | 2018-11-15 |
Family
ID=59778388
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/098185 WO2018205444A1 (zh) | 2017-05-06 | 2017-08-19 | 动态加密的医疗数据传输系统及方法 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107147638A (zh) |
WO (1) | WO2018205444A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI718680B (zh) * | 2019-09-24 | 2021-02-11 | 國立勤益科技大學 | 數位醫療資訊安全傳輸系統 |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107671869A (zh) * | 2017-10-20 | 2018-02-09 | 深圳市前海安测信息技术有限公司 | 基于动态加密的医疗协助式拿药机器人及控制方法 |
CN117454856B (zh) * | 2023-12-22 | 2024-04-16 | 达州爱迦飞诗特科技有限公司 | 基于线上点对点模式的医疗诊断数据编辑方法和系统 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103310608A (zh) * | 2013-05-23 | 2013-09-18 | 苏州市玮琪生物科技有限公司 | 用于健康云平台的分离式数据无线采集器及采集方法 |
CN104822310A (zh) * | 2012-10-04 | 2015-08-05 | 太空实验室健康护理有限公司 | 用于提供病人护理的系统和方法 |
CN104955036A (zh) * | 2015-07-07 | 2015-09-30 | 北京长亭科技有限公司 | 公共Wi-Fi环境下安全联网方法和装置 |
CN105516984A (zh) * | 2015-07-29 | 2016-04-20 | 哈尔滨工业大学(威海) | 一种公共WiFi的安全接入系统 |
-
2017
- 2017-05-06 CN CN201710314634.8A patent/CN107147638A/zh not_active Withdrawn
- 2017-08-19 WO PCT/CN2017/098185 patent/WO2018205444A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104822310A (zh) * | 2012-10-04 | 2015-08-05 | 太空实验室健康护理有限公司 | 用于提供病人护理的系统和方法 |
CN103310608A (zh) * | 2013-05-23 | 2013-09-18 | 苏州市玮琪生物科技有限公司 | 用于健康云平台的分离式数据无线采集器及采集方法 |
CN104955036A (zh) * | 2015-07-07 | 2015-09-30 | 北京长亭科技有限公司 | 公共Wi-Fi环境下安全联网方法和装置 |
CN105516984A (zh) * | 2015-07-29 | 2016-04-20 | 哈尔滨工业大学(威海) | 一种公共WiFi的安全接入系统 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI718680B (zh) * | 2019-09-24 | 2021-02-11 | 國立勤益科技大學 | 數位醫療資訊安全傳輸系統 |
Also Published As
Publication number | Publication date |
---|---|
CN107147638A (zh) | 2017-09-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2018205445A1 (zh) | 医疗数据加密传输系统及方法 | |
Li et al. | Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems | |
CN110049016B (zh) | 区块链的数据查询方法、装置、系统、设备及存储介质 | |
CN106295393B (zh) | 电子处方操作方法、装置及系统 | |
Chen et al. | A secure electronic medical record authorization system for smart device application in cloud computing environments | |
WO2019214066A1 (zh) | 区块链上用户数据库重建方法、装置、设备及介质 | |
EP3611871A1 (en) | Technologies for synchronizing and restoring reference templates | |
WO2017035899A1 (zh) | 一种数据安全处理方法、装置和系统 | |
US11245531B2 (en) | Method, apparatus and system for establishing biometric identification information transmission and storage medium | |
US20120033807A1 (en) | Device and user authentication | |
EP3458985A1 (en) | Method, device and system for verifying user health data | |
WO2017024804A1 (zh) | 一种数据加密方法、解密方法、装置和系统 | |
WO2016202207A1 (zh) | 获取电子文件的方法及装置 | |
TW201330577A (zh) | 基於雲儲存的資料安全保護系統及方法 | |
WO2018205444A1 (zh) | 动态加密的医疗数据传输系统及方法 | |
EP2942899B1 (en) | Information processing method, trust server and cloud server | |
CN112039901A (zh) | 一种数据传输的方法、装置及系统 | |
WO2019095552A1 (zh) | 区域医疗电子病历安全协同整合系统及方法 | |
WO2023051337A1 (zh) | 数据处理方法、装置、设备及存储介质 | |
CN106789008A (zh) | 对可共享的加密数据进行解密的方法、装置及系统 | |
Liu et al. | ETAP: Energy-efficient and traceable authentication protocol in mobile medical cloud architecture | |
CN112487461B (zh) | 一种数据加密方法 | |
Rubio et al. | A robust and simple security extension for the medical standard SCP-ECG | |
US11621841B2 (en) | System and method for secure end-to-end electronic communication using a privately shared table of entropy | |
CN104680080A (zh) | 患者病历数据保密方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17909103 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 24/04/2020) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 17909103 Country of ref document: EP Kind code of ref document: A1 |