开放环境下卫生保健研究的安全协作平台[j]卡塔尔世界杯8强波胆分析访问控制中的问责性展望[A Kang,Giluk, A Kim,Young-Gab] +世宗大学计算机与信息安全与智能无人机融合工程,209,首尔广津区陵洞路,05006,82 0269352424alwaysgabi@sejong.ac.kr % K区块链% K属性加密% K电子健康数据% K安全% K隐私% K云计算% K为卫生保健研究平台% K问责% K物联网% K互操作性% K手机% D原始论文7 14.10.2022 % 9 2022% % J J互联网Res % G英语% X背景:最近使用的卫生保健,各种电子健康数据越来越被国家卫生机构收集和储存。由于这些电子健康数据可以推进现代医疗保健系统并使其更智能,许多研究人员希望在他们的研究中使用这些数据。然而,使用电子健康数据会带来隐私和安全问题。支持医疗保健研究的分析环境也必须考虑许多要求。由于这些原因,各国通常提供卫生保健研究平台,但一些数据提供者(如患者)仍然担心其电子卫生数据的安全和隐私。因此,需要一个更安全的医疗保健研究平台,以保证电子健康数据的实用性,同时注重其安全性和隐私性。目的:本研究旨在实现一个比以往医疗保健研究平台更安全的医疗保健大数据平台(HBDP)。HBDP采用基于属性的加密技术,在开放环境下实现对eHealth存储数据的细粒度访问控制和加密。 Moreover, in the HBDP, platform administrators can perform the appropriate follow-up (eg, block illegal users) and monitoring through a private blockchain. In other words, the HBDP supports accountability in access control. Methods: We first identified potential security threats in the health care domain. We then defined the security requirements to minimize the identified threats. In particular, the requirements were defined based on the security solutions used in existing health care research platforms. We then proposed the HBDP, which meets defined security requirements (ie, access control, encryption of stored eHealth data, and accountability). Finally, we implemented the HBDP to prove its feasibility. Results: This study carried out case studies for illegal user detection via the implemented HBDP based on specific scenarios related to the threats. As a result, the platform detected illegal users appropriately via the security agent. Furthermore, in the empirical evaluation of massive data encryption (eg, 100,000 rows with 3 sensitive columns within 46 columns) for column-level encryption, full encryption after column-level encryption, and full decryption including column-level decryption, our approach achieved approximately 3 minutes, 1 minute, and 9 minutes, respectively. In the blockchain, average latencies and throughputs in 1Org with 2Peers reached approximately 18 seconds and 49 transactions per second (TPS) in read mode and approximately 4 seconds and 120 TPS in write mode in 300 TPS. Conclusions: The HBDP enables fine-grained access control and secure storage of eHealth data via attribute-based encryption cryptography. It also provides nonrepudiation and accountability through the blockchain. Therefore, we consider that our proposal provides a sufficiently secure environment for the use of eHealth data in health care research. %M 36240003 %R 10.2196/37978 %U //www.mybigtv.com/2022/10/e37978 %U https://doi.org/10.2196/37978 %U http://www.ncbi.nlm.nih.gov/pubmed/36240003