跳到主要內容

臺灣博碩士論文加值系統

(44.201.97.0) 您好!臺灣時間:2024/04/19 13:54
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:朱庭樂
研究生(外文):Zhu, Ting-Le
論文名稱:基於區塊鏈的醫療資訊系統的金鑰管理之研究
論文名稱(外文):A Study of Blockchain-based Key Managements for Healthcare Information System
指導教授:陳宗和陳宗和引用關係
指導教授(外文):Chen, Tzung-Her
學位類別:碩士
校院名稱:國立嘉義大學
系所名稱:資訊工程學系研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2019
畢業學年度:108
語文別:英文
論文頁數:67
中文關鍵詞:區塊鏈橢圓曲線簽章演算法個人病歷紀錄群金鑰管理病人隱私
外文關鍵詞:blockchainelliptic curve digital signature algorithm (ECDSA)personal healthcare record(PHR)group key managementpatients’ privacy
相關次數:
  • 被引用被引用:0
  • 點閱點閱:504
  • 評分評分:
  • 下載下載:177
  • 收藏至我的研究室書目清單書目收藏:2
在現今環境中,病人的隱私安全是透過健康保險便利和責任法案(簡稱HIPAA)所保護。然而即使如此,現在的制度仍然是有疑慮的,因為在就診的過程中,病人是沒有直接參與到病歷的產生與管理。除此之外,現在有許多醫療相關的研究流行開發在分散世平台,像是雲端環境、區塊鏈等等。然而,這些研究並沒有注重在用來加解密的密鑰的金鑰管理問題。
隨著現今環境對於區塊鏈的蓬勃發展,給予有關醫療系統的隱私安全問題提供了一個新的可能性。區塊鏈提供了在可信任且分散式的環境下,一個共享、不可竄改且公開透明的交易歷史去建立一個系統。這個性質提供了一個機會去發展一個使用區塊鏈技術的安全且可信任的病歷管理系統。
在本篇論文,我們提供了一個主要注重於病人對金鑰的控制權的解法。在這個方法中,病人可以用自己持有的金鑰去控制他的個人病歷紀錄。
透過結合指定驗證者的設計,可以促進病人與指定醫療人員在個人病歷紀錄上的可互操作性。透過重新參考先前以遵守HIPAA規範所設計的密碼學金鑰管理解法,重新設計並以可以使用區塊鏈技術的版本可以達到不只確保其隱私和安全性同時還能受益於以區塊鏈做為平台所帶來的好處。
Even if patients’ privacy and security are protected by Health Insurance Portability and Accountability Act (HIPAA), they are still doubtful owing to the lack of the consideration of if the patient is directly involved. In addition, the researches about the privacy and security in healthcare are prevalent in decentralized platform, such as cloud environment, blockchain, etc. However, they do not focus on the key management of the encryption/decryption key used to encrypt/decrypt the personal healthcare record (PHR).
With the recent bloom of interest around blockchains, privacy and security issues in healthcare information system (HIS) should be revisited to try the new possibility. Blockchain provides a shared, immutable and transparent history of all the transactions to build systems with trusty and decentralized environment. This provides a unique opportunity to develop a secure and trusty PHR data management system by using blockchain technology.
In this thesis, we present the solutions and aims at the patient’s control by holding the knowledge of the corresponding key existing in blockchains. In such a way, a patient can control the PHR by controlling key usage.
By combining a designated-verifier design, a patient can cryptographically facilitate the interoperation on the PHR with the designated healthcare staff members. As revisiting the previous cryptographic key management solution of complying with the HIPAA regulations, the redesigned blockchain-enabled version achieves not only the privacy and security but also benefits much more from the blockchain platform.
摘要 i
Abstract ii
致謝 iv
Chapter 1. Introduction 1
Chapter 2. Preliminaries 5
2.1 Blockchain network 5
2.2 ECDSA 6
2.3 Key Exchange 8
2.4 Identity Authentication 8
2.5 The system architecture of the healthcare scheme 11
Chapter 3. The Blockchain-based Key Management Scheme for Personal Healthcare Record 16
3.1 System Definition 17
3.2 Security Model 18
3.2.1 Confidentiality 18
3.2.2 Unforgeability 19
3.3 Proposed scheme 20
3.3.1 Setup Phase 21
3.3.2 Key Generation Phase 21
3.3.3 Public Key Extraction Phase 22
3.3.4 Registration Phase 22
3.3.5 Record Encryption Phase 23
3.3.6 Record Decryption Phase 24
3.4 Security Analysis 25
3.4.1 Theorem 1 (IND-BKMPHR-CCA) 25
3.4.2 Theorem 2 (EU-BKMPHR-CMA) 29
3.5 Performance analysis 31
3.6 Discussions 36
Chapter 4. The Blockchain-based Group Key Management Scheme for Personal Healthcare Record 39
4.1 System Definition 40
4.2 Security Model 42
4.2.1 Confidentiality 42
4.2.2 Unforgeability 43
4.3 Proposed scheme 44
4.3.1 Setup Phase 44
4.3.2 Key Generation Phase 45
4.3.3 Public Key Extraction Phase 45
4.3.4 Registration Phase 46
4.3.5 Group Key exchange Phase 46
4.3.6 Record Encryption Phase 48
4.3.7 Record Decryption Phase 50
4.4 Security Analysis 51
4.4.1 Theorem 3 (IND-BGKMPHR-CCA) 51
4.4.2 Theorem 4 (EU-BKMPHR-CMA) 55
4.5 Performance analysis 58
4.6 Discussions 61
Chapter 5. Conclusions and Future Work 64
Reference 65
[1] Health Insurance Portability and Accountability Act of 1996, 104th Congress, Public Law 104–191, 1996.

[2] “Health Insurance Portability and Accountability Act,” Wikipedia. [Online]. Available: https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act.

[3] “Health Information Privacy,” U.S. Department of Health and Human Services, 2017. [Online]. Available: http://www.hhs.gov/hipaa/.

[4] K. Peterson, R. Deeduvanu, P. Kanjamala, and K. Boles,” A blockchain-based approach to health information exchange networks,” In Proc. NIST Workshop Blockchain Healthcare, 2016, vol. 1, pp. 1-10.

[5] W. B. Lee and C. D. Lee, "A cryptographic key management solution for HIPAA privacy/security regulations," IEEE Transactions on Information Technology in Biomedicine, vol. 12, no. 1, pp. 34-41, 2008.

[6] G. M. Stevens, "A brief summary of the medical privacy rule," Congressional Research Service, Library of Congress, 2003.

[7] A. Dubovitskaya, Z. Xu, S. Ryu, M. Schumacher and F. Wang, "Secure and trustable electronic medical records sharing using blockchain", in AMIA Annual Symposium Proceedings, 2017, vol. 2017, pp. 650-659.

[8] C. D. Lee, K. I. Ho, and W. B. Lee, “A novel key management solution for reinforcing compliance with HIPAA privacy/security regulations,” IEEE Transactions on Information Technology in Biomedicine, vol. 15, no. 4, pp. 550-556, 2011.

[9] L. Kish and E. Topol, "Unpatients—why patients should own their medical data," Nature Biotechnology, vol. 33, no. 9, pp. 921-924, 2015.

[10] P. B. Nichol and J. Brandt., "Co-creation of trust for healthcare: The cryptocitizen framework for interoperability with blockchain," Research Proposal. ResearchGate, 2016.

[11] W. Diffie and M. Hellman, "New directions in cryptography," IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644-654, 1976.

[12] L. M. Kohnfelder, “Towards a Practical Public Key Cryptosystem,” MIT S.B. Thesis, Massachusetts Institute of Technology, Cambridge, 1978.

[13] W. Ford, "Public Key Infrastructure Interoperation," in IEEE Aerospace Conference Proceedings, 1998, vol. 4, pp. 329-333.

[14] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.

[15] V. Buterin, “Ethereum white paper,” 2013.

[16] C. Cachin, “Architecture of the Hyperledger blockchain fabric,” in Proc. Workshop on Distributed Cryptocurrencies and Consensus Ledgers, 2016.

[17] G. Zyskind and O. Nathan,“Decentralizing privacy: Using blockchain to protect personal data,” 2015 IEEE Security and Privacy Workshops, pp. 180-184, 2015.

[18] A. Azaria, A. Ekblaw, T. Vieira, and A. Lippman, “Medrec: Using blockchain for medical data access and permission management,” In 2016 2nd International Conference on Open and Big Data, 2016, pp. 25-30.

[19] Q. Xia, E. Sifah, A. Smahi, S. Amofa, and X. Zhang, "BBDS: Blockchain-Based Data Sharing for Electronic Medical Records in Cloud Environments," Information, vol. 8, no. 2, p. 44, 2017.

[20] Q. Xia, E. Sifah, K. Asamoah, J. Gao, X. Du, and M. Guizani, "MeDShare: Trust-Less Medical Data Sharing Among Cloud Service Providers via Blockchain," IEEE Access, vol. 5, pp. 14757-14767, 2017.

[21] S. Rouhani, L. Butterworth, A. D. Simmons, D. G. Humphery, and R. Deters,” MediChainTM: A Secure Decentralized Medical Data Asset Management System,” IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2018, pp. 1533-1538.

[22] R. N. Nortey, L. Yue, P. R. Agdedanu, and M. Adjeisah, "Privacy module for distributed electronic health records (ehrs) using the blockchain," in 2019 IEEE 4th International Conference on Big Data Analytics (ICBDA), 2019, pp. 369-374.

[23] “TESTNET Ropsten (ETH) Blockchain Explorer.” [Online]. Available: https://ropsten.etherscan.io/.

[24] “Elliptic Curve Digital Signature Algorithm,” Wikipedia. [Online]. Available: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm.

[25] Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, ”A Fuzzy extractor: how to generate strong keys from biometrics and other noisy data,” SIAM Journal on Computing, pp. 97-139, 2008.

[26] J. D. Golić and M. Baltatu,“ Entropy analysis and new constructions of biometric key generation systems,” IEEE Transactions on Information Theory, pp. 2026-2040, 2008.

[27] F. Hao, R. Anderson, and J. Daugman,” Combining crypto with biometrics effectively, “ IEEE Transactions on Computers, pp. 1081-1088, 2006.

[28] U. Uludag, S. Pankanti, and A. K. Jain,“ Fuzzy vault for fingerprints,” in Proceedings of the 5th International Conference on Audio- and Video-Based Biometric Person Authentication, NY, 2005, pp. 310-319.

[29] S. Barman, S. Chattopadhyay, and D. Samanta,” An approach to cryptographic key exchange using fingerprint,” In International Symposium on Security in Computing and Communication, Springer, Berlin, Heidelberg, September 2014, pp.162-172.

[30] Y. Shibata, M. Mimura, and J. J. Hamamatsu,” A study on biometric key generation from fingerprints: F ingerprint—key generation from stable feature value[J],” 2007.

[31] “360° Market Overview of Coins & Cryptocurrencies,” CoinGecko. [Online]. Available: https://www.coingecko.com/.

[32] A. Poelstra, “MuSig: A New Multisignature Standard,” Blockstream. [Online]. Available: https://blockstream.com/2019/02/18/en-musig-a-new-multisignature-standard/.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top