支持受控共享的医疗数据隐私保护方案

doi:10.19665/j.issn1001-2400.20230104

摘要/Abstract

摘要：

患者医疗健康数据信息的合理利用促进了医学研究机构的发展。针对目前患者与医疗研究机构间共享医疗数据隐私易泄露,以及患者对医疗数据的使用情况不可控的问题,提出一种支持受控共享的医疗数据隐私保护方案。首先,将区块链与代理服务器结合设计医疗数据受控共享模型,区块链矿工节点分布式构造代理重加密密钥,使用代理服务器存储和转换医疗数据密文,利用代理重加密技术在保护患者隐私的同时实现医疗数据安全共享。其次,设计用户权限动态调整机制,由患者与区块链授权管理节点交互通过授权列表来更新医疗数据访问权限,实现患者对医疗数据的可控共享。最后,安全性分析表明,所提方案可以在医疗数据隐私保护的同时,实现医疗数据动态共享,并且可以抵抗共谋攻击。性能分析表明,该方案在通信开销、计算开销方面具有优势,适用于患者或医院与研究机构间的数据受控共享。

关键词: 区块链, 医疗数据, 受控共享, 代理重加密, 隐私保护

Abstract:

The rational use of patient medical and health data information has promoted the development of medical research institutions.Aiming at the current difficulties in sharing medical data between patients and medical research institutions,data privacy is easy to leak,and the use of medical data is uncontrollable,a medical data privacy protection scheme supporting controlled sharing is proposed.Firstly,the blockchain and proxy server are combined to design a medical data controlled sharing model that the blockchain miner nodes are distributed to construct proxy re-encryption keys,and the proxy server is used to store and convert medical data ciphertext,and proxy re-encryption technology is used to bring about the secure sharing of medical data while protecting the privacy of patients.Secondly,a dynamic adjustment mechanism of user permissions is designed that the patient and the blockchain authorization management nodes update the access permissions of medical data through the authorization list to realize the controllable sharing of medical data by patients.Finally,the security analysis shows that the proposed scheme can bring about the dynamic sharing of medical data while protecting the privacy of medical data,and can also resist collusion attacks.Performance analysis shows that this scheme has advantages in communication overhead and computing overhead,and is suitable for controlled data sharing between patients or hospitals and research institutions.

Key words: blockchain, medical data, controlled sharing, proxy re-encryption, privacy protection

中图分类号:

TP309

郭庆, 田有亮. 支持受控共享的医疗数据隐私保护方案[J]. 西安电子科技大学学报, 2024, 51(1): 165-176.

GUO Qing, TIAN Youliang. Medicaldata privacy protection scheme supporting controlled sharing[J]. Journal of Xidian University, 2024, 51(1): 165-176.

图/表 10

图1

图2

表1

表2

表3

通信开销对比"

阶段	文中方案	文献[17]方案
系统初始化	\|G₁\|+\| $Z p *$ \|	5\|G₁\|+4\| $Z p *$ \|
数据存储	3\|G₁\|+\|G₂\|+l	2\|G₁\|+2\|G₂\|
数据访问	3\|G₁\|+\|G₂\|+l	\|G₁\|+2\|G₂\|

表3

表4

图3

图4

图5

图6

参考文献 23

[1]	PANDEY P, LITORIYA R. Implementing Healthcare Services on A Large Scale:Challenges and Remedies Based on Blockchain Technology[J]. Health Policy and Technology, 2020, 9(1):69-78. doi: 10.1016/j.hlpt.2020.01.004
[2]	应作斌, 斯元平, 马建峰, 等. 基于区块链的分布式 EHR 细粒度可追溯方案[J]. 通信学报, 2021, 42(5):205-215. doi: 10.11959/j.issn.1000-436x.2021033
	YING Zuobin, SI Yuanping, MA Jianfeng, et al. Blockchain-Based Distributed EHR Fine-Grained Traceability Scheme[J]. Journal on Communications, 2021, 42(5):205-215. doi: 10.11959/j.issn.1000-436x.2021033
[3]	JIANG J X, BAI G. Evaluation ofCauses of Protected Health Information Breaches[J]. JAMA Internal Medicine, 2019, 179(2):265-267. doi: 10.1001/jamainternmed.2018.5295
[4]	YANG Y, MA M D. ConjunctiveKeyword Search with Designated Tester and Timing Enabled Proxy Re-Encryption Function for E-Health Clouds[J]. IEEE Transactions on Information Forensics & Security, 2017, 11(4):746-759.
[5]	RAO S Y. A Secure and Efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records Sharing in Cloud Computing[J]. Future Generations Computer Systems, 2017, 67:133-151. doi: 10.1016/j.future.2016.07.019
[6]	LIANG J W, QIN Z, XIAO S, et al. Privacy-Preserving Range Query over Multi-Source Electronic Health Records in Public Clouds[J]. Journal of Parallel and Distributed Computing, 2020, 135:127-139. doi: 10.1016/j.jpdc.2019.08.011
[7]	曾辉祥, 习宁, 谢晴晴, 等. 抗属性篡改的去中心化密文数据安全共享[J]. 西安电子科技大学学报, 2022, 49(2):135-145.
	ZENG Huixiang, XI Ning, XIE Qingqing, et al. Decentralized Ciphertext Sharing based on Blockchain[J]. Journal of Xidian University, 2022, 49(2):135-145.
[8]	NAKAMOTO S. Bitcoin:A Peer-to-Peer Electronic Cash System(2008)[R/OL].[2022-06-26].http://bitcoin.org/bitcoin.pdf.
[9]	WANG Z, TIAN Y L, ZHU J M. DataSharing and Tracing Scheme based on Blockchain[C]//2018 8th International Conference on Logistics,Informatics and Service Sciences. Piscataway: IEEE, 2018:1-6.
[10]	李雪莲, 张夏川, 高军涛, 等. 支持属性和代理重加密的区块链数据共享方案[J]. 西安电子科技大学学报, 2022, 49(1):1-16.
	LI Xuelian, ZHANG Xiachuan, GAO Juntao, et al. Blockchain Data Sharing Scheme Supporting Attribute and Proxy Re-Encryption[J]. Journal of Xidian University, 2022, 49(1):1-16.
[11]	IVAN D. MovingToward a Blockchain-Based Method for the Secure Storage of Patient Records[C]//ONC/NIST Use of Blockchain for Healthcare and Research Workshop. Gaithersburg: ONC/NIST, 2016:1-11.
[12]	ZHANG A Q, LIN X D. TowardsSecure and Privacy-Preserving Data Sharing in E-Health Systems via Consortium Blockchain[J]. Journal of Medical Systems, 2018, 42(8):1-18. doi: 10.1007/s10916-017-0844-y
[13]	SHEN B Q, GUO J Z, YANG Y L. MedChain:Efficient Healthcare Data Sharing via Blockchain[J]. Applied Sciences, 2019, 9(6):1207. doi: 10.3390/app9061207
[14]	DAGHER GG, MOHLER J, MILOJKOVIC M, et al. Ancile:Privacy-Preserving Framework for Access Control and Interoperability of Electronic Health Records Using Blockchain Technology[J]. Sustainable Cities and Society, 2018, 39:283-297. doi: 10.1016/j.scs.2018.02.014
[15]	ZHENG X C, MUKKAMALA RR, VATRAPU R, et al. Blockchain-Based Personal Health Data Sharing System Using Cloud Storage[C]// 2018 IEEE 20th International Conference on e-Health Networking,Applications and Services(Healthcom). Piscataway: IEEE, 2018:1-6.
[16]	WU S H, DU J. ElectronicMedical Record Security Sharing Model Based on Blockchain[C]// International Conference on Cryptography,Security and Privacy. New York: ACM, 2019:13-17.
[17]	HUANG H P, ZHU P, XIAO F, et al. ABlockchain-Based Scheme for Privacy-Preserving and Secure Sharing of Medical Data[J]. Computers & Security, 2020, 99:102010. doi: 10.1016/j.cose.2020.102010
[18]	WANG R, TSAI W T, HE J, et al. A Medical Data Sharing Platform Based on Permissioned Blockchains[C]//Proceedings of the 2018 International Conference on Blockchain Technology and Application. New York: ACM, 2018:12-16.
[19]	CHEN Z, XU W, WANG B, et al. ABlockchain-Based Preserving and Sharing System for Medical Data Privacy[J]. Future Generation Computer Systems, 2021, 124:338-350. doi: 10.1016/j.future.2021.05.023
[20]	BLAZE M, BLEUMER G, STRAUSS M. DivertibleProtocols and Atomic Proxy Cryptography[C]//Advances in Cryptology-EUROCRYPT '98,International Conference on the Theory and Application of Cryptographic Techniques. Heidelberg: Springer, 1998:127-144.
[21]	SU M, ZHOU B, FU A M, et al. PRTA:AProxy Re-Encryption Based Trusted Authorization Scheme for Nodes on CloudIoT[J]. Information Sciences, 2020, 527:533-547. doi: 10.1016/j.ins.2019.01.051
[22]	WANG X, ZHANG A Q, XIE X J, et al. Secure-Aware and Privacy-Preserving Electronic Health Record Searching in Cloud Environment[J]. International Journal of Communication Systems, 2019, 32(8):e3925.1-e3925.11.
[23]	AMOFA S, SIFAH E B, AGYEKUM O, et al. ABlockchain-Based Architecture Framework for Secure Sharing of Personal Health Data[C]// 2018 IEEE 20th International Conference on e-Health Networking,Applications and Services(Healthcom). Piscataway: IEEE, 2018:1-6.

数据拥有者	医疗数据类型	研究机构
数据拥有者	医疗数据类型	研究机构R_a	研究机构R_b	研究机构R_c
患者P_i	基础医疗数据	可见	不可见	可见
	敏感医疗数据	可见	不可见	不可见
医院H_n	基础医疗数据	可见	可见	不可见
	敏感医疗数据	不可见	可见	不可见

方案	区块链	隐私保护	访问控制	数据防篡改	代理重加密	授权更新
文献[22]	×	√	√	×	√	×
文献[23]	√	√	√	×	×	×
文献[15]	√	√	√	×	×	×
文献[17]	√	√	√	√	√	×
文中方案	√	√	√	√	√	√

阶段	文中方案	文献[17]方案
初始加密	T_P+3T_E	2T_P+4T_E
重加密密钥构造	3T_E	3T_E
重加密	T_P+2T_E	T_P+3T_E
解密	T_P+T_E	T_P+2T_E