| Regional medical informatization is considered as the future tendency in medical domain.It requires shared electronic medical data between different agencies,which also put forward an urgent need for accessing resources in hospital intranet.Though solutions to access intranet safely have been proposed,there are still much limitations and shortcomings for the existing ones.For example,the method based on open ports requires router permissions and have poor extendibility,also,it is complicated to achieve intranet penetration protocol,which means the existing products cannot meet the need in market.In response to the above problems,this thesis proposes an intranet accessing technical solution based on reverse-tunnel,and has achieved the system implementation.The proposed solution enables safe and efficient access to medical institutions’ intranet.The main contents of this thesis are as following:1)An overview of existing intranet access technology is presented.This thesis analyzes the basic needs of intranet access,and the requirements of intranet access to regional medical institutions.Meanwhile,This thesis gives in-depth analysis of the existing approaches to access intranet,including the underlying principles,technicality,and the current status and limitations of the application,and summarizes the advantages and disadvantages of various technologies.2)A reverse-tunnel based intranet access mechanism is proposed.The network topology graph which describes the relationship and hierarchical roles of the communication nodes is designed;the automatic registration and discovery of the node and the interaction between the external network terminal and the internal host is also proposed;the security problems in the whole communication process which requires extra attention is analyzed;the communication message between nodes is defined thoroughly.3)Develop a set of communication components for hospital intranet access,which implements seven communication processes,including running commands remotely,executing network requests act as an agent,operating files,transmitting files and so on.Through the exception handling and recovery,traffic shaping and other mechanisms the components can ensure the high availability of communication components.Communication security could also be ensured through authentication,access control and transmission encryption.The evaluation results showed that the components have high performance,safety and convenience.4)Based on the above communication components,a regional medical information integration platform was developed.Engneers could remotely deploy,linkage and monitor the integration engine which was deployed on a host in hospital,under the premise of ensuring network access security.It could avoid the issue of travel to the site for conducting integration implementation frequently.At present,the regional medical information integration platform has been applied in many regional projects.The results show that the platform can effectively save costs and improve work efficiency. |
PDF Full Text Request