Research And Implementation Of Electronic Health Record Access Control Based On Cloud Computing

With the rapid development of cloud computing,the electronic medical cloud system shows its potential to improve the quality of medical care and personal life.Electronic health records(EHR)often contain sensitive personal information,and encryption and access control technologies are widely used in electronic medical cloud systems to solve EHR security and privacy protection issues.At present,there are two main forms of access control to the electronic medical cloud system: role-based access control(RBAC)and attribute-based access control(ABAC).RBAC cannot implement fine-grained access control,and ABAC cannot implement the role management resource function of RBAC.This paper studies EHR access control in cloud computing.The main research work is as follows:(1)Research and analyze the status quo of EHR security privacy protection and access control encryption schemes in cloud computing at home and abroad;research and analyze the concept of cloud computing,including the characteristics,architecture and security problems of cloud computing;research and analyze several This paper presents an access control structure and several common access control technologies in cloud computing,and compares the advantages and disadvantages of these technologies.(2)For the secure storage and sharing of EHRs in cloud computing,a patient-centric fine-grained access control scheme based on a combination of roles and attributes is proposed.The scheme uses the Ciphertext Policy Attribute Based Encryption Algorithm(CP-ABE)to encrypt data,and uses the Linear Secret Sharing Scheme(LSSS)access control structure to implement attribute-based access control,and uses the Casbin access control framework to implement role-based access control.The patient uses the CP-ABE algorithm to encrypt the EHR on the client,and then stores the encrypted EHR to the cloud.When data users want to access the patient EHR,they need to submit their roles or attributes to the cloud.The cloud will judge whether the user’s role or attribute meets the access request according to the access control policy,and return the ciphertext to the user when the request is passed.The user first sends the ciphertext to the proxy server to request partial decryption,and then decrypts part of the decrypted ciphertext to obtain the plaintext.The correctness and security of the proposed scheme are proved,and the performance of the scheme is analyzed,which confirms the effectiveness and efficiency of the scheme.(3)Based on the proposed access control scheme,this paper designs an access control system based on the combination of roles and attributes under cloud computing.For the secure storage and sharing of EHRs,the system implements encrypted transmission and storage of EHRs,and implements fine-grained access control for EHRs to achieve secure sharing.The test results of the system show that the system can effectively ensure the privacy and security of EHR in the cloud,and has good practicability.