一种病人可控的电子病历安全访问方案

doi:10.3969/j.issn.0255-8297.2020.01.010

应用科学学报 ›› 2020, Vol. 38 ›› Issue (1): 127-138.doi: 10.3969/j.issn.0255-8297.2020.01.010

一种病人可控的电子病历安全访问方案

潘恒¹, 潘磊², 姚中原¹, 斯雪明^1,3

1. 中原工学院前沿信息技术研究院, 郑州 450007;
2. 中原工学院计算机学院, 郑州 450007;
3. 复旦大学计算机学院, 上海 201203

收稿日期:2019-10-31 出版日期:2020-01-31 发布日期:2020-01-19
作者简介:潘恒,副教授,研究方向为网络系统安全态势评估、区块链技术.E-mail:panheng@zut.edu.cn
基金资助:
河南省高等学校重点项目基础研究计划项目基金（No.19A520047）；中原工学院自主创新应用研究项目基金（No.K2018YY017）资助

A Patient-Controlled Security Access Mechanism for Electronic Health Records

PAN Heng¹, PAN Lei², YAO Zhongyuan¹, SI Xueming^1,3

1. Research Institute of Frontier Information Technology, Zhongyuan University of Technology, Zhengzhou 450007, China;
2. School of Computer Science, Zhongyuan University of Technology, Zhengzhou 450007, China;
3. School of Computer Science, Fudan University, Shanghai 201203, China

Received:2019-10-31 Online:2020-01-31 Published:2020-01-19

摘要/Abstract

摘要： 部分病人对其电子病历访问有全程管控的特殊需求，而现有云环境下的电子病历共享系统却无法满足这一需求，于是提出了一种基于超级账本和星际文件系统的电子病历安全访问方案HyperEHR.该方案设计了由病历请求者所在机构以及病人双重审核且由病人决定病历最终访问权的方法.为保证跨机构之间的医疗数据安全互访，将病历生成、更新以及访问等信息存储在联盟链区块中，而将各医院、诊所产生的具体病历信息和访问控制策略加密存储在云端星际文件系统中.系统实现及分析表明：该方案有较好的可扩展性、互操作性及安全性，可满足病人对其医疗数据访问的管控，有效防止病历隐私泄露.

关键词: 病人可控, 电子病历, 联盟区块链, 安全访问, 星际文件系统

Abstract: In the existing cloud environment, the special requirements of patients to make full control of his/her electronic health record can hardly be fulfilled. In order to solve this problem, a secure access scheme HyperEHR based on Hyperledger fabric and interplanetary file system (IPFS) is proposed. In the proposal, the medical record requester first needs to obtain the consent of his/her organization, and the patient have the final right to make the decision of accessing permission. To ensure the security of cross-organization medical data access, information like medical record generation, update and access is stored in collaborative blockchain. Moreover, specific medical record information and access control policies generated by hospitals and clinics are encrypted and stored in the cloud interplanetary file system. System implementation and analysis show that the scheme has good scalability, interoperability and security. HyperEHR can not only help patient to make control of his/her medical data accessing, but also prevent the privacy disclosure of electronic health record effectively.

Key words: patient controlled, electronic health record, consortium blockchain, security access, interplanetary file system (IPFS)

中图分类号:

TP309.2

潘恒, 潘磊, 姚中原, 斯雪明. 一种病人可控的电子病历安全访问方案[J]. 应用科学学报, 2020, 38(1): 127-138.

PAN Heng, PAN Lei, YAO Zhongyuan, SI Xueming. A Patient-Controlled Security Access Mechanism for Electronic Health Records[J]. Journal of Applied Sciences, 2020, 38(1): 127-138.

参考文献

[1] Raham M S, Khalil I, Arachchige P C M. A novel architecture for tamper proof electronic health record management system using blockchain wrapper[C]//Proceedings of the 2019 ACM International Symposium, 2019:97-105.
[2] Al Omar A, Bhuiyan M Z A, Basu A, et al. Privacy-friendly platform for healthcare data in cloud based on blockchain environment[J]. Future Generation Computer Systems, 2019, 95(6):1-34.
[3] AbuKhousa E, Mohamed N, Al Jaroodi J. E-health cloud:opportunities and challenges[J]. Future Internet, 2012, 4(4):621-645.
[4] Hölbl M, Kompara M, Kamišalić A, et al. A systematic review of the use of blockchain in healthcare[J]. Symmetry, 2018, 10(10), 470:1-22.
[5] Azaria A, Ekblaw A, Vieira T, et al. Medrec:using blockchain for medical data access and permission management[C]//Proceedings of IEEE 2nd International Conference on Open and Big Data, 2016:25-30.
[6] 邵奇峰,金澈清,张召,等.区块链技术:架构及进展[J].计算机学报,2018, 41(5):969-988. Shao Q F, Jin C Q, Zhang Z, et al. Blockchian:architecture and research progress[J]. Chinese Jorunal of Computers, 2018, 41(5):969-988.(in Chinese)
[7] 袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016, 42(4):481-494. Yuan Y, Wang F Y. Blockchain:the state of the art and future trends[J]. Acta Automatica Sinica, 2016, 42(4):481-494.(in Chinese)
[8] 何蒲,于戈,张岩峰,等.区块链技术与应用前瞻综述[J].计算机科学,2017, 44(4):1-7, 15. He P, Yu G, Zhang Y F, et al. Survey on blockchain technology and its application prospect[J]. Computer Science, 2017, 44(4):1-7, 15.(in Chinese)
[9] Zheng Z B, Xie S A, Dai H N, et al. Blockchain challenges and opportunities:a survey[J]. International of Web and Grid Services, 2018, 14(4):352-375.
[10] 薛腾飞,傅群超,王枞,等.基于区块链的医疗数据共享模型研究[J].自动化学报,2017, 43(9):1555-1562. Xue T F, Fu Q C, Wang C, et al. A medical data sharing model via blockchain[J]. Acta Automatica Sinica, 2017, 43(9):1555-1562.(in Chinese)
[11] Zheng Z, Xie S, Dai H, et al. An overview of blockchain technology:architecture, consensus, and future trends[C]//Proceedings of IEEE 6th International Congress on Big Data, 2017:557-564.
[12] McGhin T, Choo K K R, Liu C Z C, et al. Blockchain in healthcare applications:research challenges and opportunities[J]. Journal of Network and Computer Applications, 2019, 135(6):62-75.
[13] Loizou C, Karastoyanova D, Schizas C. Measuring the impact of blockchain on healthcare applications[C]//Proceedings of the 2nd International Conference on Applications of Intelligent Systems, 2019, 34:1-5.
[14] Yue X, Wang H J, Jin D W, et al. Healthcare data gateways:found healthcare intelligence on blockchain with novel privacy risk control[J]. Journal of Medical Systems, 2016, 40(10), 218:1-8.
[15] Nguyendinh C, Pathiranapubudu N, Ding M, et al. Blockchain for secure EHRs sharing of mobile cloud based E-health systems[J]. IEEE Access, 2019, 7(5):66792-66806.
[16] Vora J, Nayyar A, Tanwar S, et al. BHEEM:ablockchain-based framework for securing electronic health records[C]//Proceedings of the 2018 IEEE Globe com Workshops, 2018:9-13.
[17] Prisco G. The blockchain for healthcare:gem launches gem health network with philips blockchain lab[EB/OL].(2016-04-26)[2019-10-20]. https://bitcoinmagazine.com/articles/the-blockchain-for-heathcare-gem-launches-gem-health-network-with-philips-blockchain-lab-1461674938.
[18] Zhang P, Walker M A, White J, et al. Metrics for assessing blockchain-based healthcare decentralized APPs[C]//Proceeding of the IEEE 19th International Conference on E-Health Networking, Applications and Services, 2017:1-4.
[19] Dubovitskaya A, Xu Z, Ryu S, et al. Secure and trustable electronic medical records sharing using blockchain[C]//AMIA Annual Symposium Proceedings. American Medical Informatics Association, 2017:650-660.
[20] Yang J, Onik M M H, Lee N Y, et al. Proof-of-familiarity:a privacy-preserved blockchain scheme for collaborative medical decision-making[J]. Applied Sciences, 2019, 9(7):1370:1-24.
[21] Zhang P, White J, Schmidt D C, et al. Fhirchain:applying blockchain to securely and scalably share clinical data[J]. Computational and Structural Biotechnology Journal, 2018, 16:267-278.
[22] 邵奇峰,张召,朱燕超,等.企业级区块链技术综述[J].软件学报,2019, 30(9):2571-2592. Shao Q F, Zhang Z, Zhu Y C, et al. Survey of enterprise blockchains[J]. Journal of Software, 2019, 30(9):2571-2592.(in Chinese)
[23] Androulaki E, Barger A, Bortnikov V, et al. Hyperledger fabric:a distributed operating system for permissioned blockchains[C]//Proceedings of the ACM 13th EuroSys Conference, 2018:30-40.
[24] Benhamouda F, Halevi S, Halevi T. Supporting private data on Hyperledger fabric with secure multiparty computation[C]//Proceedings of IEEE International Conference on Cloud Engineering (IC2E), 2018:357-363.
[25] Sandner P, Valenta M. Comparison of Ethereum, Hyperledger fabric and corda[EB\OL].[2019-10-20].https://medium.com/@philippsandner/comparison-of-ethereum-hyperledger-fabric-and-corda-21c1bb9442f6.
[26] Steichen M, Norvill R, Pontiverosb F, et al. Blockchain-based decentralized access control for IPFS[C]//Proceeding of 2018 IEEE International Conference on Blockchain, Jul, 2018:1499-1506.
[27] Son M, Kim H. Blockchain-based secure firmware management system in IoT environment[C]//Proceedings of International Conference on Advanced Communications Technology, 2019:142-146.
[28] Chen Y, Li H, Li K, et al. An improved P2P file system scheme based on IPFS and blockchain[C]//Proceedings of the IEEE Big Data (Big Data), Dec., 2017:2652-2657.
[29] Watanabe H, Fujimura S, Nakadaira A, et al. Blockchain contract:securing a blockchain applied to smart contracts[C]//Proceedings of the 2016 IEEE International Conference on Consumer Electronics, 2016:467-468.
[30] Mohandas A, Sabitha S. Privacy preserving content disclosure for enabling sharing of electronic health records in cloud computing[C]//Proceedings of 7th ACM India Computing Conference, 2014:1-7.
[31] Narayan S, Gagnémartin, Safavi-naini R. Privacy preserving EHR system using attributebased infrastructure[C]//Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, 2010:47-52.
[32] Ying Z, Wei L, Li Q, et al. A lightweight policy preserving EHR sharing scheme in the cloud[J]. IEEE Access, 2018(6):53698-53708.
[33] Azarm M, Peyton L. An ontology for a patient-centric healthcare interoperability framework[C]//Proceedings of 2018 IEEE/ACM International Workshop on Software Engineering in Healthcare Systems (SEHS). IEEE Computer Society, 2018, 1:34-41.

一种病人可控的电子病历安全访问方案

A Patient-Controlled Security Access Mechanism for Electronic Health Records

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 1

编辑推荐

Metrics

本文评价