| As one of the most basic services of cloud computing,cloud storage is provided with a configurable data storage model,which allows data owners to store their files in the cloud without keeping local copies,thus greatly reducing the storage and management burden.Compared with traditional storage methods,cloud storage services have many significant advantages,such as data access at anytime and anywhere,on-demand services independent of the location,and flexible resources.Nowadays,cloud storage is providing convenience to more and more individuals and enterprises.However,the cloud servers are not completely reliable,and cloud data may be damaged.The integrity of cloud data is the premise and foundation of reliable cloud computing and big data analysis.If the integrity of cloud data cannot be guaranteed,the correctness of big data analysis and cloud computing cannot be guaranteed too.Therefore,data owners need to take powerful measures to ensure the integrity of data in the cloud.Cloud storage is already used in a variety of fields,including healthcare.As more and more medical institutions adopt electronic medical records,cloud storage has become an urgent need to deploy electronic medical systems.Due to the cost-effectiveness of cloud storage services(data management and storage,as well as computing resources),and the features provided by cloud service providers,including portability,reliability,scalability,and elasticity,the cloud becomes the right platform for deploying electronic medical records.However,electronic medical records are usually private and confidential,since they include patients' identifiers and highly sensitive information,so storing sensitive information like medical records in the cloud may carry serious security and privacy risks.Therefore,it is important to seek a protocol that can ensure the integrity and privacy of medical files in the cloud.Firstly,this thesis proposes an application scenario of cloud medical files sharing based on real-world use cases,and then analyzes the security requirements of this application scenario: the integrity of medical files,the privacy protection of doctors' identities,the purification of sensitive data in medical files,and the verification by designated verifier.Then,considering that the ring signature can protect the identity privacy of signer,and the redactable signature can realize the purification of the sensitive data in the files,this thesis combines the ring signature and the redactable signature to propose a redactable ring signature scheme,and proves the validity,unforgeability,identity privacy and data privacy of the scheme.Based on the above scheme,this thesis designs a cloud medical files sharing protocol with privacy protection,which protects the privacy of the patient and verifies the integrity of cloud medical files by the designated verifier.The performance analysis shows that the protocol has good performance in the signature generation phase and the verification phase.Finally,considering that the group signature can not only protect the signer's privacy,but also reveal the identity of the signer by group manager when necessary,this thesis combines the group signature and redactable signature,proposes a redactable group signature scheme,and proves that the scheme satisfies validity,unforgeability,traceability and so on.Based on the above scheme,this thesis designs a cloud medical files sharing protocol that supports large groups.The protocol can protect patient's privacy,achieve the verification of designated verifier,and reveal the identity of the signature doctor when necessary.Performance analysis shows that the signature length and signature calculation overhead of the protocol are not affected when the number of doctors is large,so the performance of the protocol designed here is better than the first protocol designed above. |
PDF Full Text Request