Research On Privacy Protection Of Medical Data Sharing Based On Access Control

The medical industry is related to people's health.With the rapid development of big data and cloud computing,smart health has also been favored by the Internet of Things,which is expected to significantly improve the quality of health care.Most of the smart health systems store patient's sensitive information.Once are maliciously accessed illegally,it will bring huge losses to both the patient and the hospital.In the smart health system dominated by medical information systems,the security of information is inseparable from the protection of access control.CP-ABE is widely used in smart health that can achieve fine-grained access control.Firstly,several traditional access control models in the field are studied,compares the advantages and disadvantages of DAC,MAC,and RBAC,and points out their inapplicability in medical information systems.The encryption based on key policy attributes and encryption based on ciphertext policy attributes are analyzed.There are still two problems in using traditional CP-ABE directly in the medical information system.First,access policies are stored in clear text and are often directly related to the data of the data owner.In the medical information system,these data are the sensitive information of the patient and do not want to be leaked.Second,the algorithm flow used by traditional CP-ABE supports the attribute set linearly,that is,as the attribute value increases,the size of the public key will also increase linearly,so the complexity of the algorithm will also increase linearly,Not conducive to deployment and use in real scenarios.Secondly,to solve the above two problems,a partially hidden access control mechanism is implemented based on the traditional CP-ABE.Ensure that the ciphertext can be decrypted only when the accessor's attribute characteristics meet the access control strategy,support fine-grained access control,and implement complex encryption strategies to meet the needs of people with various characteristics.In addition,a partly hidden access strategy is adopted to solve that users who do not meet the decryption strategy can snoop the leak caused by user privacy from the plaintext access strategy.Eliminate the security risks caused by the access policy in plain text.Simulation experiments show that the scheme has further improved time efficiency and space efficiency,reduced algorithm complexity and storage costs.Finally,consider that there are emergencies that cannot be handled by standard access control mechanisms in real medical scenarios.The occurrence of this situation may lead to delays in treatment or even death.An emergency access control mechanism is implemented on the basis of partially hidden access control mechanism.The standard authorization and emergency authorization are separated.Under the standard authorization process,a data user has a set of attribute values that can indicate his identity,and performs encryption and decryption operations according to the process in Chapter 3.In an emergency,use the password specified by the user in advance for emergency authorization operations.Simulation experiments show that the emergency model has further improved the time efficiency,but its price is increased storage cost.