| With the rapid development of information technology and the improvement of living standards,people’s requirements for the quality of medical services are also constantly improving.In particular,the informatization construction of medical institutions is in full swing today,medical information sharing has been paid more and more attention by the public,in which the issues related to identity authentication and medical privacy protection have become hot issues that need to be solved urgently.From the scope,medical information sharing can be divided into information sharing among medical institutions and information sharing of telemedicine system as supplementary medical services.In this paper,the research status of the two is studied in depth,the security threats and shortcomings of telemedicine authentication protocol and medical information sharing authentication protocol among medical institutions proposed at present are analyzed,and the security requirements are clarified.Aiming at the problems of identity authentication and privacy protection in the process of medical information sharing,a telemedicine authentication protocol and a blockchain-based medical information sharing authentication protocol are proposed respectively,and the security and performance of the protocol are analyzed.The main research results are summarized as follows:(1)A telemedicine authentication protocol is proposed in this paper,which uses SHA-1 hash function,time stamp,and random number to achieve two-way identity authentication among patients,doctors and medical servers,to reduce the authentication delay and authentication cost to a certain extent.Temporary identity is introduced instead of the real identity of patients and doctors to provide medical data and diagnosis results to the medical server to ensure the anonymity of patients and doctors.RSA public key encryption and digital signature technology are used to realize the privacy protection of medical data in the process of telemedicine transmission,to ensure that medical data can only be queried by doctors,and the diagnosis results can only be parsed by patients.In the process of data transmission,the medical server only forwards the medical data and diagnosis results as a third party,which reduces the threat of medical data and diagnosis results being attacked in the medical server,so as to realize the protection of personal medical data.Compared with the existing protocols in security,authentication delay and authentication cost,the telemedicine authentication protocol proposed in this paper can not only ensure the security of medical privacy,but also improve the authentication efficiency of telemedicine system,which is more suitable for telemedicine authentication system.(2)Combining the blockchain technology and attribute-based authentication scheme with multiple authorities(MA-ABA),a blockchain-based medical information sharing authentication protocol is proposed in this paper.MA-ABA uses multiple attribute authorities to reduce the strong dependence on a single authentication center and avoid single point of failure.The operation records are stored in the blockchain to be open,transparent and auditable,which can realize the anonymity of authentication and trace the identity of visitors.Through the security,transparency,non-tamperability of blockchain technology and the confidentiality,efficiency and auditability of MA-ABA,efficient and secure authentication of medical sharing information can be jointly realized. |
PDF Full Text Request