Research And Implementation Of Privilege Separated Security Sharing Mechanism For Medical Data

With the increasing popularity of the application of health care in people's life, people pay more and more attention to the health of themselves and their families. To solve this problem, people store centrally their personal electronic medical record on the cloud server, enjoy the safe and convenient medical service, and use the medical resources effectively. While the state can know the health status of the people through the personal health record system, effectively integrate the existing medical resources, and realize the improvement of the national medical level.However, storing such sensitive personal medical information on the open Internet, whose security has been questioned by people. Therefore, there are a lot of security schemes for personal health record system, such as data encryption, authentication, etc., to ensure the security of medical data in the system. But, these schemes still have many security problems, which affect people's trust in the system. Such as, medical service providers have excessiveness access privilege to patients' medical records, they may access freely patients' medical records and even disclose patients' privacy; patient has right to modify his medical record, which may cause medical record information not accurate, and influence doctor's master and judge to patient's condition; when patient is in an emergency, the lack of the perfect access mechanism to solve the authorization of medical records will influence patient's timely treatment.In view of the medical data security problem mentioned above, this paper first presents a privilege separated security sharing mechanism for medical data. Specifically, in order to ensure the accuracy and professionalism of the medical records and provide a solid data foundation for secure health care, we leverage privilege separated technology to restrict the operation privileges for medical records, which allows patient to read records at any time, but can't write, while professional doctor can read and write records after obtaining authorization; we construct a secure and easy operation secret sharing scheme, which is used in authorization for medical record to solve the problem of legal and fast access to medical records, especially in the case of emergency, fast access mechanism can win the better treatment opportunity for patients; utilizing the advantages of fine-grained access control in attribute-based encryption technology, patient can set freely the records access privilege and only allow the relevant doctor to see medical records, which provides a flexible and secure access mechanism for system. Moreover, the revocation of users' access privileges is very simple.Secondly, with the proposed privilege separated security sharing scheme for medical data, this paper analyzes the security of the scheme in all aspects, including the privacy, accuracy and professionalism of medical records, and the fast and security authorization in emergency situations. Finally, according to the proposed security sharing scheme, this paper designs every function module of the system, and gives the detailed realization details and process of each module. Then the basic function test of the system is carried out, the system performance is compared and analyzed with other similar schemes, which proves that the system has good performance advantages.