Scheme For Health File Privacy Protection Based On Trusted Computing Technology

ABSTRACT:With the development of information technology, electronic information privacy leak occurred frequently so that the society is relies on the information security increasely. The information in Health Information System (HIS) has extremely high sensitivity and privacy, so its privacy protection becomes a new hot issue. The present main measures are security network facilities deployment, protection software installation, database encryption. However, hardware has high cost and difficult deployment, while protection software cannot assure safety in malicious attacks. Therefore, the research on privacy protection based on hardware security and excellent application ability, has higher theoretical and significant practical value.Trusted platform module (TPM) is the base of trusted computing. TPM can provide cryptography algorithm and guarantee upper application security. TPM solved the deficiencies and limitations of privacy protection, instead of solely relies on software. Therefore, trusted computing is a great research direction in information security systemIn order to make trusted computing better applied to HIS privacy protection, this paper proposes a health information privacy protection method, including trusted key management, file secure storage, file integrity protection, file safety transmission, which can protect the privacy of HIS system documents.Based on trusted computing, we provide the following fuctions.Firstly, we provide key certralization management mechanism, which consists of management, distribution, protectection of cryptology key in HIS.Secondly, we provide trusted file secure storage, it transmit encrypted file to file server. Thirdly, the scheme is put forward a kind of digital signatures based on combination of Merkle Tree structure and trusted computing. It provides integrity protection and reduces storage space and complexity of the signature, while improves computation efficiency. We also proposes trusted platform identity authentication, which based on TPM metrics data, instead of the traditional password-based identity authentication and providing a guarantee to documents transmission.Finally, we implement the prototype system for medical information privacy protection method, simulating the actual effect of HIS operation environment.