| Over the past few years,the advancement of informatization and the arrival of big data era have promoted the explosive growth of electronic medical data in the medical industry.In the process of data management,two medical records systems emerge as the times require,personal health records(PHR)system and electronic medical records(EMR)system.PHR system is a user-oriented system,which can provide data owners with higher dominance and support more comprehensive data forms comparing with traditional EMR.So it has received widespread attention and promotion.But the huge amount of data leads to the problem of data storage,which is still a major obstacle in the popularization of the PHR system.The cloud-fog system is a combination of cloud computing and fog computing,in which cloud computing provides low-cost storage and computing services,and fog nodes extend these services to the edge of the network.It solves the problems of large communication delay and serious bandwidth waste when a large number of users access traditional cloud servers,and becomes an ideal storage platform for delaysensitive medical data.However,due to the high-security requirements of medical data,measures must be taken to solve the security and privacy issues in the cloud before these data are outsourced to the cloudfog system.Attribute-based signcryption(ABSC)is a logical combination of attribute-based encryption(ABE)and attribute-based signature(ABS),which has high security.It can not only ensure the confidentiality,validity,and privacy of the data owner,but also provide fine-grained access control.This thesis first proposes a secure and efficient access control scheme(SEAC)based on the ABSC algorithm in the cloudfog system.On this basis,we combined the characteristics of the PHR system to propose a traceable and accountable PHR sharing scheme in the cloud-fog system.The main contributions are as follows:First,we analyze the current research status of attribute-based signcryption algorithm and find that the existing scheme has two drawbacks that cannot be applied to cloud-fog systems: one is the construction of single-authority,which makes it have a single point of failure and poor system scalability;the other is the complex calculation caused by the combination of ABE and ABS,which is not friendly to mobile devices.Based on the above two problems,this thesis proposes a secure and efficient access control scheme,SEAC.The scheme is based on multi-authority and transfers a large amount of computing burden to fog nodes through outsourcing computing,which not only effectively improves the system performance,but also reduces the system response delay of uploading and accessing data.Secondly,combined with the actual application needs of the PHR system,this thesis designs a traceable and accountable PHR sharing scheme in the cloud-fog system,TRES.The composition of authority in the PHR system is quite complex,which may include medical institutions,research institutions,or commercial institutions.Medical records contain highly sensitive information such as health records and treatment records.The malicious disclosure of these data may cause very serious consequences.Therefore,TRES implements malicious user tracking and accountability functions.At the same time,because users in the PHR system may need to upload real-time health information collected by wearable devices,precalculation is used to reduce the actual signcryption time and allow users to reuse pre-calculation results to reduce the overall amount of calculation.In the designcryption phase,the fog node provides auxiliary calculations to reduce the calculation overhead on the user side.The results of security analysis and performance analysis show that while ensuring high security,TRES significantly improves the computing performance in the data upload and access phases,which is extremely friendly to the mobile devices of users in the PHR system,and effectively reduces the system response time of malicious user tracking and revocation.It has significant applied value. |
PDF Full Text Request