高级检索

    基于区块链和同态加密的电子健康记录隐私保护方案

    Privacy-Preserving Scheme of Electronic Health Records Based on Blockchain and Homomorphic Encryption

    • 摘要: 电子健康记录(electronic health records, EHR)的隐私保护成为现代人越来越关注的问题.区块链是随着比特币等数字加密货币普及而兴起的技术,具有“去中心化”和“不可篡改”等特点.现有的电子健康记录管理系统往往注重保护用户隐私数据而忽略了患者与其他角色交互时存在的安全问题,尤其是并未针对理赔过程中保险公司可查看患者敏感数据侵犯患者隐私这一问题提出明确的解决方案.故提出了一个基于区块链的可同时解决以上3个问题的方案,并将同态加密和以太坊的智能合约技术相结合,实现了保险公司在无法获取用户EHR明文和理赔对象ID的情况下仍能判断是否理赔的功能,交互过程中不向非授权用户泄露患者的任何敏感数据,加强了对用户数据的隐私保护.分析了在保护患者隐私的前提下不同角色在不同应用需求下的交互过程,并对该方案进行安全性分析和性能评估.

       

      Abstract: The privacy protection of electronic health records (EHR) has become an issue which attracts more and more attention in public. Blockchain is a technology that has emerged with the spread of digital cryptocurrency such as Bitcoin and has features of “decentralization” and “unmodifiable”. Existing electronic health record management systems ignore the security problems of patients’ interaction with other roles while focusing on protecting the user’s privacy data, especially there is no such an appropriate solution to problem nowadays that insurance can view patients’ sensitive data and invade privacy. This paper proposes a scheme based on blockchain for solving the above three problems. In combination with homomorphic encryption and smart contract technology based on Ethereum, we implement the feature that the insurance company can judge whether to handle the claim requests, although it has no way to obtain the plaintext of EHR and the ID. So there is no sensitive data of the patient which will be leaked to unauthorized users during interaction, thus the privacy protection of users’ data is strengthened. This thesis focuses on analyzing the interaction process of different roles under different application requirements based on the premise of patients’ privacy and carries out security analysis and performance evaluation.

       

    /

    返回文章
    返回