可验证的云存储医疗加密数据统计分析方案

doi:10.19678/j.issn.1000-3428.0058999

计算机工程 ›› 2021, Vol. 47 ›› Issue (6): 32-37,43. doi: 10.19678/j.issn.1000-3428.0058999

可验证的云存储医疗加密数据统计分析方案

张晓均^1,2, 张经伟¹, 黄超¹, 唐伟¹

1. 西南石油大学计算机科学学院, 成都 610500;
2. 西南石油大学网络空间安全研究中心, 成都 610500

收稿日期:2020-07-20 修回日期:2020-10-24 发布日期:2020-11-16
作者简介:张晓均(1985-),男,副教授、博士,主研方向为密码学、信息安全;张经伟、黄超、唐伟,硕士研究生。

Verifiable Statistical Analysis Scheme for Encrypted Medical Data in Cloud Storage

ZHANG Xiaojun^1,2, ZHANG Jingwei¹, HUANG Chao¹, TANG Wei¹

1. School of Computer Science, Southwest Petroleum University, Chengdu 610500, China;
2. Research Center of Cyberspace Security, Southwest Petroleum University, Chengdu 610500, China

Received:2020-07-20 Revised:2020-10-24 Published:2020-11-16
Contact: 国家自然科学基金（61902327，61872060）；金融数学福建省高校重点实验室（莆田学院）开放课题（JR201903）；西南石油大学青年科技创新团队项目（2019CXTD05）。 E-mail:zhangxjdzkd2012@163.com

摘要/Abstract

摘要： 为满足当前云存储医疗数据对敏感性、完整性以及统计分析可用性的需求，提出一种可验证的医疗加密数据统计分析方案。采用同态加密技术实现密文数据聚合并提高医疗数据的机密性，通过同态签名算法确保外包医疗加密数据的完整性。用户上传经过同态加密和签名的医疗数据到云服务器，云服务器在收到医疗数据分析中心的外包数据聚合请求后对密文医疗数据以及签名值进行聚合运算，并将相应结果返回给医疗数据分析中心，医疗数据分析中心验证云服务器外包同态加密数据聚合的完整性。在此基础上，医疗数据分析中心仅需使用私钥解密就能获得所有用户正确的原始医疗数据聚合结果，并据此进行统计分析。实验结果表明，该方案在医疗隐私大数据分析领域相对SPPDA等方案具有效率优势，医疗数据分析中心在验证数据完整性和分析聚合数据时计算开销保持恒定，与用户数量无关。

关键词: 云存储, 医疗数据, 加密聚合, 同态加密, 同态签名, 完整性验证

Abstract: In order to meet the requirements of medical data in cloud for sensitivity, integrity and statistical analysis applicability, this paper proposes a verifiable statistical analysis scheme for encrypted medical data.The scheme employs the homomorphic encryption technique to achieve medical data confidentiality and encrypted data aggregation.In addition, the homomorphic signature algorithm is used to ensure the integrity of outsourced medical data.The scheme enables users to upload the encrypted medical data and the corresponding signatures to the cloud server for storage.Once receiving a request for outsourced data aggregation from a medical Data Analysis Center(DAC), the cloud server aggregates those encrypted data and the corresponding signatures, and returns the results to DAC.The DAC could verify the integrity of the encrypted data aggregated by the cloud server.By the private key for decryption, DAC could directly obtain correct results of the aggregated original medical data of all users, and further perform statistical analysis.The experimental results show that the calculation cost of DAC in this scheme is constant and independent of the number of users in data integrity verification and aggregated data analysis, and the proposed scheme is more efficient than SPPDA and other schemes in massive private medical data analysis.

Key words: cloud storage, medical data, encrypted aggregation, homomorphic encryption, homomorphic signature, integrity verification

中图分类号:

TP391

张晓均, 张经伟, 黄超, 唐伟. 可验证的云存储医疗加密数据统计分析方案[J]. 计算机工程, 2021, 47(6): 32-37,43.

ZHANG Xiaojun, ZHANG Jingwei, HUANG Chao, TANG Wei. Verifiable Statistical Analysis Scheme for Encrypted Medical Data in Cloud Storage[J]. Computer Engineering, 2021, 47(6): 32-37,43.

http://www.ecice06.com/CN/Y2021/V47/I6/32

图/表 4

参考文献

[1] CAVALLARI R,MARTELLI F,ROSINI R,et al.A survey on wireless body area networks:technologies and design challenges[J].IEEE Communications Surveys and Tutorials,2014,16(3):1635-1657.
[2] DEY N,ASHOUR S A,SHI F Q,et al.Medical cyber-physical systems:a survey[J].Journal of Medical Systems,2018,42(74):1-13.
[3] ARTHUR G,YOUAKIM B,BERTR M,et al.Internet of medical things:a review of recent contributions dealing with cyber-physical systems in medicine[J].IEEE Internet of Things Journal,2018,5(5):3810-3822.
[4] LU Rongxing,ZHU Hui,LIU Ximeng,et al.Toward efficient and privacy-preserving computing in big data era[J].IEEE Network,2014,28(4):46-50.
[5] WU Xindong,ZHU Xingquan,WU Gongqing,et al.Data mining with big data[J].IEEE Transactions on Knowledge and Data Engineering,2014,26(1):97-107.
[6] ZHANG Y,QIU M K,TSAI C W,et al.Health-CPS:healthcare cyber-physical system assisted by cloud and big data[J].IEEE Systems Journal,2017,11(1):88-95.
[7] WAN J F,ZOU C F,ULLAH S,et al.Cloud-enabled wireless body area networks for pervasive healthcare[J].IEEE Network,2013,27(5):56-61.
[8] ULLAH S,VASILAKOS A,SUZUKI J,et al.Cloud-assisted wireless body area networks[J].Information Sciences,2014,28(4):81-83.
[9] ZHANG Yuan,XU Chunxiang,LI Hongwei,et al.HealthDep:an efﬁcient and secure deduplication scheme for cloud-assisted eHealth systems[J].IEEE Transactions on Industrial Informatics,2018,14(9):4101-4112.
[10] WANG Huaqun,WU Qianhong,QIN Bobo,et al.FRR:fair remote retrieval of put sourced private medical records in electronic health networks[J].Journal of Biomedical Informatics,2014,50(8):226-233.
[11] ZHOU Jun,CAO Zhenfu,DONG Xiaolei,et al.Security and privacy in cloud-assisted wireless wearable communica-tions:challenges,solutions,and future directions[J].IEEE Wireless Communications,2015,22(2):136-144.
[12] NHLABATSI A M,HONG J B,KIM D S,et al.Threat-speciﬁc security risk evaluation in the cloud[EB/OL].[2020-06-20].https://ieeexplore.ieee.org/document/8543671.
[13] ZHANG Y H,ZHENG D,DENG R H.Security and privacy in smart health:efficient policy-hiding attribute-based access control[J].IEEE Internet of Things Journal,2018,5(3):2130-2145.
[14] LU Rongxing,LIANG Xiaohui,LI Xu,et al.EPPA:an efficient and privacy-preserving aggregation scheme for secure smart grid communications[J].IEEE Transactions on Parallel & Distributed Systems,2012,23(9):1621-1632.
[15] CHEN Zhiwei,DU Min,YANG Yatao,et al.Homo-morphic cloud computing scheme based on RSA and Paillier[J].Computer Engineering,2013,39(7):35-39.(in Chinese)陈志伟,杜敏,杨亚涛,等.基于RSA和Paillier的同态云计算方案[J].计算机工程,2013,39(7):35-39.
[16] HE D B,ZEADALLY S,WU L B.Certificateless public auditing scheme for cloud-assisted wireless body area networks[J].IEEE Systems Journal,2018,12(1):64-73.
[17] ZHANG Xiaojun,ZHAO Jie,XU Chunxiang,et al.CIPPPA:conditional identity privacy-preserving public auditing for cloud-based WBANs against malicious auditors[J].IEEE Transactions on Cloud Computing,2019,15(6):15-39.
[18] GUI Yihong.Research on HEDSA data aggregation of wireless sensor networks[J].Computer Engineering,2011,37(7):160-162.(in Chinese)归奕红.无线传感器网络HEDSA数据聚合研究[J].计算机工程,2011,37(7):160-162.
[19] ZHANG K,LIANG X H,BAURA M,et al.PHDA:a priority based health data aggregation with privacy preservation for cloud assisted WBANs[J].Information Sciences,2014,284:130-141.
[20] HAN Song,ZHAO Shuai,LI Qinghua,et al.PPM-HDA:privacy-preserving and multifunctional health data aggrega-tion with fault tolerance for cloud assisted WBANs[J].IEEE Transactions on Information Forensics & Security,2016,11(9):1940-1955.
[21] LI R N,STURTIVANT C,YU J G,et al.A novel secure and efficient data aggregation scheme for IoT[J].IEEE Internet of Things Journal,2018,6(2):1551-1560.
[22] ARA A,AL-RODHAAN M,TIAN Y,et al.SPPDA scheme based on bilinear elgamal cryptosystem[J].IEEE Access,2017,5:12601-12617.
[23] LI Xiong,LIU Shanpeng,WU Fan,et al.Privacy preserving data aggregation scheme for mobile edge computing assisted IoT applications[J].IEEE Internet of Things Journal,2019,6(3):4755-4763.
[24] LU Rongxing.Privacy-enhancing aggregation techniques for smart grid communications[M].Berlin,Germany:Springer,2016.
[25] WANG Chenyu,WANG Ding,WANG Feifei,et al.Multi-factor user authentication scheme for multi-gateway wire-less sensor networks[J].Chinese Journal of Computers,2020,43(4):683-700.(in Chinese)王晨宇,汪定,王菲菲,等.面向多网关的无线传感器网络多因素认证协议[J].计算机学报,2020,43(4):683-700.
[26] WANG Ding,WANG Ping,LEI Ming.Cryptanalysis and improvement of gateway-oriented password authenticated key exchange protocol based on RSA[J].Acta Electronica Sinica,2015,43(1):176-184.(in Chinese)汪定,王平,雷鸣.基于RSA的网关口令认证密钥交换协议的分析与改进[J].电子学报,2015,43(1):176-184.
[27] WANG Ding,WANG Peng.Two birds with one stone:two-factor authentication with security beyond conventional bound[J].IEEE Transactions on Dependable and Secure Computing,2016,15(4):708-722.

选择文件类型/文献管理软件名称

选择包含的内容

可验证的云存储医疗加密数据统计分析方案

Verifiable Statistical Analysis Scheme for Encrypted Medical Data in Cloud Storage

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	杨越佳, 华蓓, 钟志威, 高咪. 基于同态加密的隐私保护逻辑回归协同计算[J]. 计算机工程, 2023, 49(4): 23-31.
[2]	张晓均, 刘庆, 郑爽, 王鑫, 薛婧婷, 王世雄. 支持隐私保护的可验证云端数据分享方案[J]. 计算机工程, 2023, 49(3): 49-57.
[3]	郑云涛, 叶家炜. 基于茫然传输协议的FATE联邦迁移学习方案[J]. 计算机工程, 2023, 49(2): 24-30.
[4]	温亚兰, 陈美娟. 融合联邦学习与区块链的医疗数据共享方案[J]. 计算机工程, 2022, 48(5): 145-153,161.
[5]	魏秀然, 王峰. 基于协调器与遗传算法的云存储数据复制策略[J]. 计算机工程, 2021, 47(8): 124-130,139.
[6]	牛淑芬, 刘文科, 陈俐霞, 杜小妮. 基于代理重加密的电子病历数据共享方案[J]. 计算机工程, 2021, 47(6): 164-171.
[7]	王元庆, 刘百祥. 一种去中心化的隐私保护匿名问卷方案[J]. 计算机工程, 2021, 47(6): 123-131.
[8]	李秋贤, 周全兴, 王振龙, 丁红发, 潘齐欣. 基于隐私保护的可证明安全委托计算协议[J]. 计算机工程, 2021, 47(5): 131-137.
[9]	张静, 何铮, 葛炳辉, 汤永利, 叶青. 一种高效的百万富翁问题协议及其应用[J]. 计算机工程, 2021, 47(2): 168-175.
[10]	黄保华, 黄丕荣, 赵伟宏, 彭丽. 云存储中支持属性撤销的多关键词可搜索加密方案[J]. 计算机工程, 2021, 47(11): 29-36.
[11]	杨小东, 陈桂兰, 李婷, 刘瑞, 赵晓斌. 基于无证书密码体制的多用户密文检索方案[J]. 计算机工程, 2020, 46(9): 129-135.
[12]	陈丽燕, 芮廷先, 吕光金. 基于区块链智能合约的个人征信隐私保护方案[J]. 计算机工程, 2020, 46(7): 30-35.
[13]	骆云鹏, 朱旎彤, 毛慈伟, 程晋雪, 许春根. 一种基于连接关键词的实用化可搜索加密方案[J]. 计算机工程, 2020, 46(2): 175-182.
[14]	杨小东, 裴喜祯, 陈桂兰, 王美丁, 王彩芬. 支持用户撤销的多用户多副本数据公开审计方案[J]. 计算机工程, 2020, 46(12): 150-156,192.
[15]	鲍禹含, 付印金, 陈卫卫. 多云存储关键技术研究进展[J]. 计算机工程, 2020, 46(10): 18-32,40.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

可验证的云存储医疗加密数据统计分析方案

Verifiable Statistical Analysis Scheme for Encrypted Medical Data in Cloud Storage

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献

相关文章 15

编辑推荐

Metrics

本文评价