標題: | A4: 基於屬性加密演算法之電子病歷系統的身分認證、授權與存取控制機制 A4: An Authentication, Authorization and Access Control Scheme for Electronic Health Records using Attribute-based Encryption Algorithm |
作者: | 施惟堯 黃育綸 Shih, Wei-Yao Huang, Yu-Lun 電機工程學系 |
關鍵字: | 電子病歷;屬性加密;Electronic Health Records;Attribute-based Encryption Algorithm;BAN logic;Patient Control Encryption |
公開日期: | 2016 |
摘要: | 隨著雲端的快速發展,紙本的病歷已經逐漸數位化並儲存在雲端系統上。電子健康紀錄相較於紙本更容易搜集病人完整的訊息,也讓醫療名詞統一,避免醫療錯誤。目前的電子健康紀錄系統會加密病人的病歷來保護其機密性與完整性,避免遭受惡意攻擊導致資料被竊取或竄改。但是現有的系統中,病人僅能將就診醫院的病歷授權給醫生讀取,不能線上授權跨院的病歷給醫生,造成重覆的醫療檢查。在這篇論文中,我們提出了基於屬性加密演算法的身分認證、授權與存取控制機制 (我們稱為 A4) 來保護在網路上傳送的和儲存在雲端上的病歷資料。A4用代理屬性加密的演算法來保護病人在雲端上的電子健康紀錄。A4包含了七個階段: 初始、註冊、預約、讀取I、讀取II、會診和診斷階段。這七個階段滿足在看診時會遇到的情境。A4允許醫生透過網路取得跨院的病歷,減少醫療重覆檢測的資源浪費。此外,也能夠讓不同的醫生共享病人的電子健康紀錄進行會診。另外,我們用BAN邏輯方法來證明我們提出的A4是可以滿足BAN的安全需求,像彼此認證、訊息的立即性。我們也說明A4是可以抵擋常見的網路攻擊像重送攻擊、中間人攻擊、監聽攻擊和分散式阻斷服務攻擊。 As the rapid development of cloud computing technologies, health records are stored in a cloud system for information sharing and ease access. The electronic health record system running on a cloud needs to preserve the confidentiality and integrity of the health records. Nevertheless, in the current design, a patient can only share his/her health records with a doctor in a single hospital. Therefore, the doctor who needs to refer to the patient's health records in other hospitals may fail to access the records crossing hospitals, and similar examinations need to be reconducted. In this thesis, we propose an Auth, Auz and Access control scheme using Attribute-based encryption (called A4) to secure the confidentiality of the electronic health records transmitted over the Internet. A4 leverages ciphertext-policy attribute-based proxy re-encryption (CP-ABPRE) algorithm to encrypt and decrypt the health records stored in the cloud. A4 is composed of seven phases including "Init", "Reg", "Appoint", "EHRReqI", "EHRReqII", "Condult" and "Diagnosis" phases. The seven phases is to fulfill the health record requests in different scenarios. A4 allows a doctor to access the medical data crossing the hospitals when the doctor has to refer to a patient's health records in a different hospital for better diagnosis. $A^4$ also provides the functionality that allows a doctor to consult with other doctors specializing in different ontologies. By using BAN logic, we demonstrate the $A^4$ is secure enough to fulfill the fundamental security requirements, such as parties authentication and message freshness, etc. We also prove that $A_4$ can resist common attacks, including Replay Attack, Man-in-the-middle Attack, Eavesdropping Attack and DDOS Attack. |
URI: | http://etd.lib.nctu.edu.tw/cdrfb3/record/nctu/#GT070250723 http://hdl.handle.net/11536/140629 |
Appears in Collections: | Thesis |