CN111445235A - Key management method based on medical block chain - Google Patents
Key management method based on medical block chain Download PDFInfo
- Publication number
- CN111445235A CN111445235A CN201910038836.3A CN201910038836A CN111445235A CN 111445235 A CN111445235 A CN 111445235A CN 201910038836 A CN201910038836 A CN 201910038836A CN 111445235 A CN111445235 A CN 111445235A
- Authority
- CN
- China
- Prior art keywords
- key
- patient
- block chain
- secret key
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 28
- 238000000034 method Methods 0.000 claims description 12
- 238000010586 diagram Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The invention discloses a key management method based on a medical block chain, which is executed by a third-party platform and comprises the following modules: s1, a patient information obtaining module is used for obtaining a block chain secret key to be encrypted of a patient; s2, a block chain splitting module is used for splitting the block chain secret key and splitting the block chain into a plurality of sub-secret keys to obtain a secret key I, a secret key II and a secret key III; s3, an encryption module is used for obtaining an encryption key encrypted by the secret key I, the secret key II and the secret key III, and encrypting the secret key II and the secret key III by adopting the encryption key; s4, a storage module is used for providing the first secret key for the patient and storing a second secret key and a third secret key which are encrypted; and S5, a decryption module is used for restoring the first secret key, the second secret key and the third secret key to obtain the block chain secret key. The key management method ensures that the block chain key is not easy to lose, and better ensures the safety and reliability of the block chain key.
Description
Technical Field
The invention relates to a key management method based on a medical block chain, belonging to the field of block chain technology and key management.
Background
The block chain technology is a decentralized and distributed data storage, transmission and certification method, and replaces the current dependence of the internet on a central server with data blocks. Some core principles of the blockchain are applicable to medical treatment, for example, the blockchain has the characteristics of data transparency, non-falsification, permanent operation and the like, all data on the blockchain is public and transparent, so that data processing of the intelligent contract is also public and transparent, and any party can view codes and data of the intelligent contract during operation. All data of the blockchain is not falsifiable, so that the intelligent contract code deployed on the blockchain and the data generated by running are not falsifiable, and a node running the intelligent contract does not need to worry about malicious modification of the code and the data by other nodes. The number of the nodes supporting the block chain network is hundreds or even thousands, the failure of part of the nodes can not cause the stop of the intelligent contract, the reliability of the intelligent contract is close to the permanent operation theoretically, and therefore the intelligent contract can be guaranteed to be effective at every moment like a paper contract. The health condition of an individual belongs to personal data, and relates to personal privacy and safety problems, the ownership of the personal data is owned by the individual, and only authorized patients can access related medical records.
The block chain carries out data encryption and decryption through various cryptographic mechanisms, the basis of the ownership verification mechanism is an asymmetric encryption algorithm, and a public and private key pair of asymmetric encryption in the block chain is a foundation for constructing a whole trust system: the public key is used to express an address and the private key is used to sign a transaction. However, the public and private key pair has the problems that storage is difficult and the like, the public and private key pair can be stored in the forms of pure character strings, texts, certificates, hardware Ukey and the like, but no matter how the public and private key pair exists, a client has the possibility of losing private key control rights such as media loss, Ukey pin forgetting and the like, and the block chain platform expresses a client account or a wallet through a public key address, and once the control right of the private key is lost, the corresponding asset cannot be controlled. Most of the block chain keys are completely kept by the patient, however, the block chain keys completely kept by the patient are easily stolen illegally, once the block chain keys of the patient are lost, the digital asset rights and interests of the patient are attacked, and great economic loss is brought to the patient.
Therefore, how to use the key management technology of the block chain to realize the security management of the patient key is a very important issue.
Disclosure of Invention
The invention provides a key management method based on a medical block chain to solve the problems that a block chain key in the existing medical system is easy to be stolen illegally and patient information is leaked.
The technical scheme adopted by the invention for solving the technical problems is as follows:
the invention provides a key management method based on a medical block chain, which is executed by a third-party platform and comprises the following modules:
s1, a patient information obtaining module is used for obtaining a block chain secret key to be encrypted of a patient;
s2, a block chain splitting module is used for splitting the block chain secret key and splitting the block chain into a plurality of sub-secret keys to obtain a secret key I, a secret key II and a secret key III;
s3, an encryption module is used for obtaining an encryption key encrypted by the secret key I, the secret key II and the secret key III, and encrypting the secret key II and the secret key III by adopting the encryption key;
s4, a storage module provides the first secret key for the patient and stores a second secret key and a third secret key after encryption;
and S5, the decryption module restores the first secret key, the second secret key and the third secret key to obtain a block chain secret key.
Preferably, each sub-key corresponds to a position sequence number in the block chain key.
Preferably, the encryption key is associated with pre-acquired identity information of the patient.
Preferably, the encrypted second key and the encrypted third key are stored by the hospital and the third-party institution, respectively.
Preferably, the module for obtaining patient information comprises the following steps:
s101, registering a patient, and verifying the real name of the patient by a medical data platform;
s102, the patient obtains identity authentication;
s103, the medical data platform generates identity card voucher information for the patient;
s104, storing the patient identity voucher information into a block chain;
and S105, obtaining a block chain key to be encrypted of the patient.
Further preferably, the method for verifying the real name of the patient by the medical data platform comprises the following steps: the identity of the individual patient is confirmed by the domicile's domicile management system or other means.
Further preferably, the patient voucher information comprises a voucher serial number, a patient name, a certificate number and a signature of the medical data platform; the patient name and the certificate number are subjected to coding and encryption processing, and privacy exposure of the patient is prevented.
Preferably, the block chain is sequentially provided with a first block chain, a second block chain, a third block chain, … …, an N-1 block chain and an Nth block chain.
Further preferably, the first block chain, the second block chain, the third block chain, … …, the (N-1) th block chain, and the nth block chain are connected to each other to form a cross-block chain network, and information can be transmitted between the block chains and updated simultaneously.
Preferably, the decryption module comprises the steps of:
s501, when a request of a patient for decrypting the encrypted block chain key is received, receiving a first key submitted by the patient, and searching a stored encrypted second key and a stored encrypted third key corresponding to the patient;
s502, acquiring identity information of a patient;
s503, searching an encryption key associated with the identity information based on the acquired identity information of the patient;
s504, decrypting the encrypted second secret key and the encrypted third secret key through the searched encryption secret key to obtain a decrypted second secret key and a decrypted third secret key;
and S505, restoring to obtain a block chain key based on the first key, the second key and the third key.
The invention provides a key management method based on a medical block chain. The encryption mode provided by the invention divides the block chain key, the patient stores a part of key, namely key one, the hospital and the third party platform respectively store another part of encrypted key, namely key two and key three, and the encrypted keys of the encrypted key two and key three are associated with the identity information of the patient
The encryption mode greatly improves the stealing difficulty of the block chain key, so that the block chain key is not easy to lose, and the safety and reliability of the block chain key are better guaranteed. When the block chain key is used for decryption, the third-party platform firstly receives a first key submitted by a patient, searches a stored encrypted third key, requests a hospital and obtains a second encrypted key, and searches a corresponding encrypted key through collected patient identity information, so that the second encrypted key and the third encrypted key are decrypted by adopting the encrypted key, the second decrypted key and the third decrypted key are obtained, and the block chain key is restored based on the first key, the second encrypted key and the third encrypted key. The decryption method provided by the invention can find the corresponding encryption key by using the patient identity information, so that a second key and a third key are obtained by using the encryption key, and the block chain key is reduced according to the first key of the patient and the second key and the third key obtained by decryption. The decryption mode further improves the security and reliability of the block chain key.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a block flow diagram of a key management method based on a chain of medical blocks;
FIG. 2 is a block chain system schematic diagram based on a key management method based on a medical block chain;
FIG. 3 is a block flow diagram of a patient information acquisition module based on a key management method based on a medical blockchain;
FIG. 4 is a block flow diagram of an encryption method based on a key management method based on a medical blockchain;
fig. 5 is a block diagram of a decryption method based on a key management method based on a medical blockchain.
Detailed Description
The embodiments of the present invention will be described in detail below, and the embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention. This is further explained below with reference to the drawings.
As shown in fig. 1 to 5, a key management method based on a medical block chain, which is executed by a third party platform, includes the following modules:
s1, a patient information obtaining module is used for obtaining a block chain secret key to be encrypted of a patient;
s2, a block chain splitting module is used for splitting the block chain secret key and splitting the block chain into a plurality of sub-secret keys to obtain a secret key I, a secret key II and a secret key III;
s3, an encryption module is used for obtaining an encryption key encrypted by the secret key I, the secret key II and the secret key III, and encrypting the secret key II and the secret key III by adopting the encryption key;
s4, a storage module is used for providing the first secret key for the patient and storing a second secret key and a third secret key which are encrypted;
and S5, a decryption module is used for restoring the first secret key, the second secret key and the third secret key to obtain the block chain secret key.
Each sub-key corresponds to a position sequence number in the block chain key. The encryption key is associated with pre-acquired identity information of the patient. And the encrypted second secret key and the encrypted third secret key are respectively stored by the hospital and a third-party institution.
The module for obtaining patient information comprises the following steps:
s101, registering a patient, and verifying the real name of the patient by a medical data platform;
s102, the patient obtains identity authentication;
s103, the medical data platform generates identity card voucher information for the patient;
s104, storing the patient identity voucher information into a block chain;
and S105, obtaining a block chain key to be encrypted of the patient.
The method for verifying the real name of the patient by the medical data platform comprises the following steps: the identity of the individual patient is confirmed by the domicile's domicile management system or other means.
The patient voucher information comprises a voucher serial number, a patient name, a certificate number and a signature of a medical data platform; the patient name and the certificate number are subjected to coding and encryption processing, and privacy exposure of the patient is prevented.
The block chain is sequentially provided with a first block chain, a second block chain, a third block chain, … …, an N-1 block chain and an Nth block chain. The first block chain, the second block chain, the third block chain, … …, the (N-1) th block chain and the Nth block chain are connected with each other to form a block-crossing chain network, and information can be transmitted between the block chains and updated synchronously.
The decryption module comprises the following steps:
s501, when a request of a patient for decrypting the encrypted block chain key is received, receiving a first key submitted by the patient, and searching a stored encrypted second key and a stored encrypted third key corresponding to the patient;
s502, acquiring identity information of a patient;
s503, searching an encryption key associated with the identity information based on the acquired identity information of the patient;
s504, decrypting the encrypted second secret key and the encrypted third secret key through the searched encryption secret key to obtain a decrypted second secret key and a decrypted third secret key;
and S505, restoring to obtain a block chain key based on the first key, the second key and the third key.
The identity information of the patient includes face information, fingerprint information, voice information, iris information, and the like of the patient. Specifically, biometric information of the patient may be collected using biometric techniques, including but not limited to face recognition, fingerprint recognition, iris recognition, voice recognition, and the like.
The patient can log in the third-party platform, and after the third-party platform verifies that the login information (including the third-party platform account, the password and the like of the patient) of the patient is legal, the third-party platform can receive a request of the patient for decrypting the encrypted block chain key, namely, the pre-encrypted block chain key can be decrypted. The block chain key is divided into n sub-keys in equal parts in advance during encryption, and a part of the sub-keys are assumed to be stored in a patient, wherein the part of the sub-keys form a first key; the hospital keeps b parts of sub-keys, the third-party platform keeps n-a-b parts of encrypted sub-keys, and the b parts of sub-keys and the n-a-b parts of sub-keys respectively form a second key and a third key; and each sub-key corresponds to a location number. When a request for decrypting the encrypted blockchain key by the patient is received, the third-party platform receives the first key submitted by the patient, can also search and locate a third encrypted key corresponding to the patient based on the login information of the patient, and provides a request for decrypting the second key to the hospital. And then decrypting the second key and the third key, and restoring the block chain key according to the first key, the second key and the third key.
The invention provides a key management method based on a medical block chain. The encryption mode provided by the invention segments the block chain key, the patient keeps a part of key, namely key one, the hospital and the third party platform respectively keep another part of encrypted key, namely key two and key three, and the encryption keys of the encryption keys two and key three are associated with the identity information of the patient.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
Claims (10)
1. A key management method based on a medical block chain is characterized in that the method is executed by a third-party platform and comprises the following modules:
s1, a patient information obtaining module is used for obtaining a block chain secret key to be encrypted of a patient;
s2, a block chain splitting module is used for splitting the block chain secret key and splitting the block chain into a plurality of sub-secret keys to obtain a secret key I, a secret key II and a secret key III;
s3, an encryption module is used for obtaining an encryption key encrypted by the secret key I, the secret key II and the secret key III, and encrypting the secret key II and the secret key III by adopting the encryption key;
s4, a storage module is used for providing the first secret key for the patient and storing a second secret key and a third secret key which are encrypted;
and S5, a decryption module is used for restoring the first secret key, the second secret key and the third secret key to obtain the block chain secret key.
2. The method according to claim 1, wherein each sub-key corresponds to a position number in the blockchain key.
3. The method according to claim 1, wherein the encryption key is associated with pre-acquired identity information of the patient.
4. The key management method based on the medical block chain according to claim 1, wherein the encrypted second key and the encrypted third key are stored by a hospital and a third-party institution respectively.
5. The key management method based on the medical block chain according to claim 1, wherein the module for obtaining the patient information comprises the following steps:
s101, registering a patient, and verifying the real name of the patient by a medical data platform;
s102, the patient obtains identity authentication;
s103, the medical data platform generates identity card voucher information for the patient;
s104, storing the patient identity voucher information into a block chain;
and S105, obtaining a block chain key to be encrypted of the patient.
6. The key management method based on the medical block chain as claimed in claim 5, wherein the method for verifying the real name of the patient by the medical data platform comprises: the identity of the individual patient is confirmed by the domicile's domicile management system or other means.
7. The method of claim 5, wherein the patient credential information comprises a credential serial number, a patient name, a credential number, and a signature of a medical data platform; the patient name and the certificate number are subjected to coding and encryption processing, and privacy exposure of the patient is prevented.
8. The key management method based on medical blockchain according to claim 1, wherein the blockchain is sequentially provided with a first blockchain, a second blockchain, a third blockchain, … …, an N-1 blockchain, and an N blockchain.
9. The key management method according to claim 8, wherein the first blockchain, the second blockchain, the third blockchain, … …, the (N-1) th blockchain, and the nth blockchain are connected to each other to form a cross-blockchain network, and information can be transmitted between the blockchains and updated simultaneously.
10. The key management method based on the medical block chain according to claim 1, wherein the decryption module comprises the following steps:
s501, when a request of a patient for decrypting the encrypted block chain key is received, receiving a first key submitted by the patient, and searching a stored encrypted second key and a stored encrypted third key corresponding to the patient;
s502, acquiring identity information of a patient;
s503, searching an encryption key associated with the identity information based on the acquired identity information of the patient;
s504, decrypting the encrypted second secret key and the encrypted third secret key through the searched encryption secret key to obtain a decrypted second secret key and a decrypted third secret key;
and S505, restoring to obtain a block chain key based on the first key, the second key and the third key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910038836.3A CN111445235A (en) | 2019-01-16 | 2019-01-16 | Key management method based on medical block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910038836.3A CN111445235A (en) | 2019-01-16 | 2019-01-16 | Key management method based on medical block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111445235A true CN111445235A (en) | 2020-07-24 |
Family
ID=71626613
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910038836.3A Pending CN111445235A (en) | 2019-01-16 | 2019-01-16 | Key management method based on medical block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111445235A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112039901A (en) * | 2020-09-02 | 2020-12-04 | 联仁健康医疗大数据科技股份有限公司 | Data transmission method, device and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107423565A (en) * | 2017-07-26 | 2017-12-01 | 中山大学 | A kind of medical rescue contract method based on intelligent contract technology |
| CN108667815A (en) * | 2018-04-18 | 2018-10-16 | 价值互联(广州)信息技术有限公司 | Block chain secret key encipher-decipher method, device and terminal based on bio-identification |
| CN108881160A (en) * | 2018-05-07 | 2018-11-23 | 北京信任度科技有限公司 | Medical treatment & health data managing method and system based on block chain intelligence contract |
| CN109003185A (en) * | 2018-06-29 | 2018-12-14 | 中国银联股份有限公司 | A kind of method for building up, device, calculating equipment and the storage medium of intelligence contract |
-
2019
- 2019-01-16 CN CN201910038836.3A patent/CN111445235A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107423565A (en) * | 2017-07-26 | 2017-12-01 | 中山大学 | A kind of medical rescue contract method based on intelligent contract technology |
| CN108667815A (en) * | 2018-04-18 | 2018-10-16 | 价值互联(广州)信息技术有限公司 | Block chain secret key encipher-decipher method, device and terminal based on bio-identification |
| CN108881160A (en) * | 2018-05-07 | 2018-11-23 | 北京信任度科技有限公司 | Medical treatment & health data managing method and system based on block chain intelligence contract |
| CN109003185A (en) * | 2018-06-29 | 2018-12-14 | 中国银联股份有限公司 | A kind of method for building up, device, calculating equipment and the storage medium of intelligence contract |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112039901A (en) * | 2020-09-02 | 2020-12-04 | 联仁健康医疗大数据科技股份有限公司 | Data transmission method, device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3451578B1 (en) | Turn-control rewritable blockchain | |
| CN107925581B (en) | Biometric authentication system and authentication server | |
| CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
| CN106534092B (en) | The privacy data encryption method of key is depended on based on message | |
| WO2020182151A1 (en) | Methods for splitting and recovering key, program product, storage medium, and system | |
| CN100432889C (en) | System and method providing disconnected authentication | |
| US20190377889A1 (en) | Verifiable version control on authenticated and/or encrypted electronic documents | |
| KR20190075793A (en) | Authentication System for Providing Instant Access Using Block Chain | |
| US9698974B2 (en) | Method for creating asymmetrical cryptographic key pairs | |
| CN103563325A (en) | Systems and methods for securing data | |
| WO2014167525A1 (en) | Secure backup and recovery system for private sensitive data | |
| US10630474B2 (en) | Method and system for encrypted data synchronization for secure data management | |
| Chidambaram et al. | Enhancing the security of customer data in cloud environments using a novel digital fingerprinting technique | |
| Barman et al. | A blockchain‐based approach to secure electronic health records using fuzzy commitment scheme | |
| CN114065169B (en) | Privacy protection biometric authentication method and device and electronic equipment | |
| EP2988291B1 (en) | Method, system and computer program for personal data sharing | |
| CN110188545A (en) | A kind of data ciphering method and device based on chain database | |
| CN111445235A (en) | Key management method based on medical block chain | |
| Benzekki et al. | A verifiable secret sharing approach for secure multicloud storage | |
| Xu et al. | A decentralized pseudonym scheme for cloud-based eHealth systems | |
| Lyu et al. | NSSIA: A New Self‐Sovereign Identity Scheme with Accountability | |
| KR20030097550A (en) | Authorization Key Escrow Service System and Method | |
| KR102357595B1 (en) | Blockchain-based authentication system and method for preventing interception hacking attacks | |
| CN110445756B (en) | Method for realizing searchable encryption audit logs in cloud storage | |
| Hakim et al. | Blockchain for Secure Medical Records Storage and Medical Service Framework using SHA 256–Verifiable Key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200724 |