| The development and application of mobile Internet,Internet of things,cloud computing and other technologies have promoted the development of online medical industry.Under the cloud environment,medical big data not only improves the accuracy of medical consultation,but also breaks the regional restrictions,bringing convenience to patients.On the one hand,due to the storage of medical big data in the cloud,the security of the cloud server cannot be guaranteed.On the other hand,medical data has great research value,data publishing is essential,and the system contains a lot of patient privacy information,so it is of great significance to study how to protect the confidentiality and privacy of medical data.Through the research and analysis of existing schemes,a security protection scheme of medical data based on cloud environment is proposed,and deploys the scheme to jiukang cloud system.The work is as follows: first,a scheme of medical privacy data encryption is designed,in which the account and password in the medical software are hashed and stored,and sensitive fields related to the user’s privacy,such as the user’s body,are stored In order to ensure the security of data transmission and storage,AES is used to encrypt the certificate number,address and condition description.Only encrypting the sensitive data reduces the unnecessary calculation overhead.Then,a cp-abe encryption method based on jiukang cloud platform is applied,which takes hospitals and departments as attributes.Through mixed encryption of the key of file encryption,the cost of system access control encryption compared with traditional cp-abe is effectively reduced.Finally,a k-anonymity desensitization algorithm based on data privacy level is designed to distinguish sensitive attributes from non sensitive attributes in medical data table.For sensitive attribute columns,anonymity methods with different intensities are adopted according to the level of privacy level.For non sensitive attribute columns,data distortion is used as threshold to restrict data generalization level and ensure data availability At the same time,it effectively avoids the attacker to determine the patient’s identity information through the link attack after the data is published.Thispaper studies and analyzes the existing schemes,proposes a privacy protection scheme suitable for big data medical environment,and deploys the scheme to the Jiukang Cloud system.The work is as follows: First,we design a medical privacy data encryption scheme.In the scheme,the password is stored in the medical software with hash value,and the sensitive fields related to the user’s privacy,such as the user ID number,address,and condition description,are encrypted to ensure data transmission and storage security,because we only encrypte sensitive data that reduce unnecessary computational overhead.Then,we design a k-anonymous desensitization algorithm based on data privacy level.It distinguishs sensitive attributes and non-sensitive attributes of data attributes in medical data tables.For sensitive attribute columns,take different strengths of anonymous methods according to the level of privacy.For non-sensitive attribute columns,uses data distortion as a threshold,constrains the data generalization level,and ensures data availability while effectively preventing the attacker from determining the patient identity information through link attacks after data is published.Finally,we deployed the solution on an online telemedicine consulting software,the Jiukang Cloud platform.The test results show that front and back data encryption,cp-abe attribute encryption mechanism,and k-anonymous desensitization algorithm can reduce the risk of user privacy disclosure without affecting the normal use of the system,and achieve the expected goal of protecting the medical cloud system. |
PDF Full Text Request