透過您的圖書館登入 IP:3.17.150.89
透過您的圖書館登入
IP:3.17.150.89
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

在雲端加密資料庫中電子病歷資料之安全存取控制-使用屬性授權加密機制

Secure Access Control for Cloud Electronic Medical Record using Attribute-Based Encryption

林浚騰(Chun-Teng Lin)
指導教授 : 曾文貴
國立交通大學/資訊學院/資訊科學與工程研究所/碩士(2015年)
https://doi.org/10.6842/NCTU.2015.00803
全文下載

摘要

在臺灣全民健保已經行之有年,至今累積了大量的醫療紀錄與病歷資料,使得Electronic Medical Record(EMR)走上檯面。儘管EMR的出現降低了管理成本以及減少錯誤率,但是這些EMR都是由各自的醫療機構所保存管理,病人的病歷資訊因此四散各地而缺乏完整性,因此如何整合、管理EMR使得病人可以獲得更好的醫療服務是一個重要的議題。隨著雲端科技的興起,將醫療資料統一儲存到雲端系統,不僅可以降低管理成本,也可以達到便於交流的目標。但將EMR上傳到雲端儲存系統,我們必須考慮到如何保障EMR的隱私性以及如何整控EMR的存取控制。 針對上述的議題,我們提出了一個醫療資料庫系統的架構,以MIT CSAIL團隊開發的CryptDB[1]。為基礎,CryptDB的洋蔥式加密法不僅保障了EMR的隱私性還支援一般資料庫的操作,例如新增、查詢、排序、比對等功能,讓EMR在使用上更加方便;而利用Yang et al.[13]所提出的MA-ABE來作為存取控制機制,讓病人能夠彈性地管理他的EMR,使得授權的使用者可以取用EMR而非授權的使用者便無法取用,達成在雲端儲存服務上,對EMR安全的存取控制與共享的目標。最後,我們實作了這個系統來證明我們的架構是可行的。

關鍵字

電子化病歷 加密資料庫 屬性授權加密法

並列摘要

In Taiwan, the government has carried out National Health Insurance for many years. Therefore, lots of medical records are generated, so now it is the Electronic Medical Record (EMR) time. EMR not only keeps the cost down but also reduces the error rate. Although EMR solves many questions, there is still a question that the hospitals keep the part of the same patient’s EMR by themselves. It makes the patient’s EMR incomplete. As a result, how to integrate the EMR has been an important issue. According to the development of cloud technology, it’s a good way to store EMR in the cloud storage so that it can bring the managing cost down and it is convenient to share EMR. Before uploading the EMR, we have to consider two questions that how to protect the privacy of EMR and how to keep the access control of EMR. In our research, we design a new medical database system SDEMR based on the technology of CryptDB and MA-ABE. CryptDB is an open source database system developed by MIT CSAIL team. It takes the onion encryption to protect the privacy of EMR and it still supports the MySQL queries. In order to keep the access control , we take the Yang et al. .Under the access control mechanism, the unauthorized user cannot access the EMR. Finally, we implement the our system to prove the system is workable.

並列關鍵字

Electronic Medical Record Encrypted Database Attribute-Based Encryption

參考文獻

5. W. B. Lee, and C.D. Lee. “A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations.” In Proceedings of the Information Technology in Biomedicine, IEEE Transactions on 12.1(2008)
7. P. K. Patil, and P. M. Pawar. “PHR Model using Cloud Computing and Attribute based Encryption,” In International Journal of Computer Applications volume 65-number 18 2013.
8. S. Alshehri, S. P. Radziszowski, and Rajendra K. Raj. “Secure Access for Healthcare Data in the Cloud Using Ciphertext-Policy Attributed-Based Encryption,” IEEE 28th International Conference on Data Engineering Workshops(ICDEW 2012), pages 143-146, Arlington, VA, April 2012.
9. C. Wang, X. Liu, and W. Li. “Implementing a Personal Health Record Cloud Platform Using Ciphertext-Policy Attribute-Based Encryption,” IEEE 4th International Conference on Intelligent Networking and Collaborative Systems(INCos 2012), pages 8-14, Bucharest, Romania, September 2012.
12. M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou. “Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption,” IEEE Transactions on Parallel and Distributed Systems, pages 131-143, January 2013.

延伸閱讀

全文下載