基于区块链的电子病历抗合谋共享方案  

作　　者：潘森杉 王杰 PAN Senshan;WANG Jie(Jiangsu Key Laboratory for Industrial Network Security Technology,Zhenjiang 212013;School of Computer and Communication Engineering,Jiangsu University,Zhenjiang 212013)

机构地区：[1]江苏省工业网络安全技术重点实验室,镇江212013 [2]江苏大学计算机科学与通信工程学院,镇江212013

出　　处：《计算机与数字工程》2023年第11期2700-2706,共7页Computer & Digital Engineering

基　　金：国家重点研发计划(编号:2020YFB1005500);国家自然科学青年基金项目(编号:61702230,61902156,61802154);江苏省前沿引领技术基础研究专项(编号:BK20202001);中国博士后科学基金项目(编号:2019M651738)资助。

摘　　要：近年来,医疗数字化和医疗大数据的兴起提高了电子病历的价值,也带来了很多来自网络的攻击和威胁,如何保证电子病历存储和共享的安全已成为亟需解决的问题。从云计算到区块链,从多方可信假设到去中心化监管,电子病历存储和共享的安全性研究愈加深入,但由于权限撤销和加密机制的限制,合谋攻击的防御仍依赖于可信假设。针对这一问题,提出可更新的代理重加密算法,具备密文和密钥的独立更新功能,利用异步更新机制进行彻底的权限撤销,实现无可信存储假设的抗合谋攻击。根据该算法,设计了抗合谋电子病历共享方案,通过重加密密钥和更新密钥的分发来实现患者对其电子病历的访问权限管理。分析和实验结果表明,该代理重加密算法符合安全性要求,且比现有算法更高效,显示了共享方案中抗合谋设计的轻量化特征。In recent years,the rise of medical digitization and medical big data has not only improved the value of electronic medical records(EMRs),but also brought them many attacks and threats from the network.How to ensure the security of EMRs storage and sharing has become an urgent problem to be solved.From cloud computing to blockchain,from multi-party trusted hy⁃pothesis to decentralized supervision,the research on the security of EMRs storage and sharing is becoming more and more in-depth.However,due to the limitations of authority revocation and encryption mechanism,the defense of collusion attack still de⁃pends on trusted hypothesis.To solve this problem,an updatable proxy re-encryption algorithm is proposed,which update cipher⁃text and key independently.The complete authority revocation is carried out by using asynchronous update mechanism,so as to real⁃ize anti-collusion without the assumption of trusted storage.According to the algorithm,an anti-collusion EMR sharing scheme is designed.The scheme realizes the access rights management of patients to their EMRs through the distribution of re-encryption key and update key.Analysis and experimental results show that the proxy re-encryption algorithm meets the security requirements and is more efficient than the existing algorithms,which shows the lightweight characteristics of anti-collusion design in the sharing scheme.

关 键 词：区块链 电子病历 代理重加密 可更新加密 

分 类 号：TP311.52[自动化与计算机技术—计算机软件与理论]