| At present,with the rapid promotion of mobile Internet in China and the deepening of the national health care policy reform,the Big Data centre in hospital must gradually open the existing medical data resources to the relevant organizations or individuals by using mobile Internet remote sharing system.Building a convenient medical data sharing system is the basis of remote access and interconnection of medical data.However,as the existing laws and regulations of information security protection are not established,the protection for medical data security is a prerequisite for the sharing of medical data that involves a lot of personal privacy.Hospital is now widely used to protect data security programs are mainly data encryption and data masking.And hospital network security is mostly used for internal and external network physical isolation These security solutions to solve a single security problems,to achieve the security effect is not satisfactory,and exist difficult to overcome the security risks.For example,shared hospital data is cached and calculated at the user terminal so that hackers can easily obtain a copy of the data,and the data sharing terminal is always the primary source of security risk.Thus,the medical and healthcare institutions need to change the existing network and the way of data share,breaking the traditional data security protection concept,put forward a new mobile Internet data security mechanism in order to solve the contradictions between "guarantee security" and "open shared" with medical data.Aiming at the current data security problem,this paper puts forward a new idea of data security.First,Data confirmation right must be identified before sharing data,Such as who has the ownership of the data and the usage right of data.Different ownership structures determine the responsibility and usage rights for shared data.Through in-depth analysis of data ownership,the owner of medical data should be responsible for protecting the security,integrity and privacy of the data.But,according to the existing network and the way of sharing data,users transfers the ownership with the usage rights when they shared medical data,so it means ownership and the usage rights cannot be separated.Users use the data also obtain a copy of the data at the same time,you can arbitrarily dominate the data content.The original owner can no longer restrain and manage the data,this part of the data security has been unable to guarantee.In order to ensure the security of data,it is necessary to protect the ownership is not lost,just give users the usage rights of data to constrain their operations.This idea protected the security of the data onto the theoretical basis,.The paper mainly studies the data sharing security model which separates data ownership and the usage rights,establishes the mechanism which shared data ownership unchanged and the data centralized control.And then,design a data security sharing among the prototype system which reference mechanism and using desktop virtualization technology and trusted support,to achieve the hospital data center data more secure and effective sharing,as a result the shared data "can be see" but "can not take away ".The main work of this paper:(1)This paper puts forward a model of hospital data security sharing: an in-depth analysis of the concept of data ownership,according to the owner of data ownership is always effective management and control of the security concept of data copies,the data security sharing model is established.(2)The design of the hospital data security sharing system: based on the established security shared model design prototypes of data security sharing system,and applies it to the transformation and upgrading of the existing hospital networks structure..(3)To achieve and apply the hospital data security sharing prototype system: according to the hospital data security sharing system design to achieve its prototype system,and the actual project in the hospital to application,to verify the technical feasibility and effectiveness of the program. |
PDF Full Text Request