Research And Application On Data Security Sharing Scheme In Medical Scenarios

In modern society,medical treatment has always been a hot topic of great concern.Driven by emerging technologies such as the Internet of Things and cloud computing,intelligent medical systems have emerged.Based on IoT and cloud computing technologies,the intelligent medical system facilitates the collection of user health data,cloud storage,and remote medical treatment,playing a critical role in the context of an aging population that is continuously intensifying.Cloud computing technology,with its powerful computing and storage capabilities,supports data sharing,making it more convenient for users to manage personal data.However,there are also a number of security risks associated with cloud computing.For instance,system failures or external attacks on cloud servers may result in information leakage and data damage,leading to severe losses for users and hospitals alike.Hence,ensuring data security and preventing malicious user access have become hot research topics.The Ciphertext-Policy Attribute-Based Encryption(CP-ABE)technology can ensure information confidentiality and flexible access control,while also achieving an "one-to-many"encryption mode that is ideally suited for the secure sharing of medical data.This paper centers on the issue of secure data sharing in medical scenarios,and the principal contributions are as follows:(1)A lightweight medical data sharing scheme has been proposed that addresses the problems of high decryption test cost,key leakage and high decryption computation overhead in CP-ABE-based access policy hiding schemes.Firstly,Intel SGX(Intel Software Guard Extensions)technology is used to pre-store part of master keys in enclaves for accurate and fast computation of test results,while avoiding the generation of redundant ciphertext components.Secondly,an identity is embedded in the decryption key of the data user for key tracking purposes.Finally,verifiable outsourcing techniques are employed to guarantee the correctness of decryption results and reduce user computational costs.Performance analysis indicates that the proposed scheme has certain advantages in both functionality and cost.Security analysis suggests that the solution has the option of plaintext indistinguishability and access policy hiding security.(2)A lightweight searchable medical data sharing scheme has been proposed to address the issues of restricted attribute space and access control,the inability to resist dictionary guessing attacks and the high computational overhead of decryption in CP-ABE schemes that support access policy hiding and keyword search.Firstly,a large attribute domain and Linear Secret Sharing Scheme structure are adopted to enhance the scalability and access control flexibility of the system.Further,the data is re-encrypted by Intel SGX technology,which effectively resists dictionary guessing attacks.Finally,fixed constant-level decryption calculations are suitable for user devices with limited computing resources.Performance analysis shows that the solution offers advantages in terms of functionality and overhead.Security analysis demonstrates that the scheme has selective plaintext indistinguishability security and is resistant to dictionary guessing attacks.(3)A CP-ABE-based health data sharing platform is designed and implemented using JavaWeb technology,the Java Pairing Based Cryptography library,the AES algorithm,and the CP-ABE algorithm,with adaptations to the two aforementioned medical data sharing solutions.The system supports data encryption,fine-grained access control,data sharing,access policy hiding,ciphertext data retrieval,data decryption verification and key tracking,providing a secure and convenient health data sharing platform for patients and doctors.