| With the in-depth integration of the latest information technologies such as cloud computing,internet of things,edge computing,artificial intelligence,big data,etc.,Smart Medical is born to help medical staffs,patients and devices achieve fast-and-efficient communication without the constraints of time and space.Smart Medical provides remote medical care,intelligent monitoring,and disease medical services such as prevention and health analysis,plays an important role in our daily life,especially while the world is suffering from the COVID-19 epidemic.National Health Commission of the People’s Republic of China issued an official document to improve medical reservation policies and strengthen the construction of smart medical system on May 21,2020.Smart Medical improves service quality by accelerating the flow and openness of data in the entire medical ecosystem.The faster and wider the data flow,more serious the security risks will inevitably become,especially for the medical data involving personal sensitive information.Therefore,strengthening the security and privacy of smart medical networks is a primary task to ensure rapid development.The devices in the smart medical network are designed to be “small,light,and portable” for functionality.Due to these physical limitations,they cannot be equipped with large storage space and computing power.While hundreds of millions of smart devices collect and process real-time data continuously,the massive data have to be stored outside to cloud service platforms.Once data owners lose control of the data,it will further lead to other security risks such as data leakage,unauthorized access,and privacy leakage.In addition,in view of the large number of smart devices and the powerful but centralized characteristics of the cloud,edge computing technologies such as fog computing serve as bridges between the two.On one hand,they can help smart devices perform data caching and local computing to relieve network congestion and reduce latency.On the other hand,it will also bring security risks such as unauthorized access and data fraud.This limits the effective promotion of smart medical services in real life,which has been also attracting widespread attention from the academic community.In summary,in order to realize the further promotion of smart medical networks and ensure the quality of service and security,this dissertation proposes security solutions for secure authentication,secure storage,and secure sharing respectively in the smart medical network,aiming to achieve enhancing functions,ensuring security requirements and improving performance.The main contributions of this dissertation are concluded as follows:1)Key agreement and authentication between users and devices in the smart medical network is the first challenge as the limited CPU and battery makes strong publickey-encryption schemes not practical.Firstly,the dissertation proposes a secure and efficient key agreement mechanism based on a key-exposure resistant chameleon hash function.It does not require complex public encryption algorithms,and can quickly help users and fog nodes,devices and fog nodes to communicate session keys respectively.Subsequently,through adopting the devices’ privacy sensitivity and users’ attribute credential as two factors to establish trust between different entities,a secure and anonymous authentication protocol is proposed.This protocol differentiates the privacy sensitivity difference between data collected by distinct devices,achieves partial context privacy-aware access.Both formal and informal security analyses demonstrate that the proposed protocol can resist most regular attacks.Computation and communication analyses show the authentication protocol is efficient.2)Aiming at preventing the privacy leakage of keywords and trapdoors for users with limited resources in the smart medical network during data storage and access,this dissertation proposes a lightweight CP-ABE solution that protects the privacy of keywords and trapdoor,also supports keyword search,proxy re-encryption,and outsourcing decryption.In this scheme,users can achieve a fast and efficient service by delegating a majority part of the workloads and storage requirements to fog nodes and the cloud without extra privacy leakage,especially the terminal can recover message through a single-and-constant group exponential calculation.In addition,user and attribute revocation is achieved with the help of fog nodes.Security analyses prove the scheme satisfies the security requirements,also ensures the keyword privacy and indistinguishability of trapdoors.Theoretical analyses and simulation experiments are conducted and the results show that the scheme has good performance for users and is suitable for resource-constrained environment.3)Considering smart devices are equipped with limited computing power,access policies may expose users’ privacy during data sharing,and fog nodes and attribute authorities may try to deceive users,this dissertation proposes a policy privacy protected multiattribute authorities CP-ABE scheme,supporting verifiable outsourcing computing,and also preventing attribute authorities from collusion.The expensive decryption operations are delegated to fog nodes by constructing an outsourcing decryption mechanism,also a decryption verification is performed to verify whether fogs return the right decryption results.At the same time,the scheme can prevent the attribute authorities from colluding to obtain benefits.Formal proof of the security requirements,verifiability and policy-privacy are presented.The final performance analyses also fully demonstrate that the solution can significantly reduce the user’s calculation burden.The thesis consists of 6 chapters,including 20 figures,14 tables and 146 references. |