In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal d...In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.展开更多
As a new form of network,the Internet of things(IoT)is becoming more widely used in people’s lives.In this paper,related theoretical research and practical applications of the IoT are explored.The security of the IoT...As a new form of network,the Internet of things(IoT)is becoming more widely used in people’s lives.In this paper,related theoretical research and practical applications of the IoT are explored.The security of the IoT has become a hot research topic.Access controls are methods that control reasonable allocations of data and resources and ensure the security of the IoT.However,most access control systems do not dynamically assign users’rights.Additionally,with some access control systems,there is a risk of overstepping other user’s authority,and there may exist a central authority that is a single point of failure.Therefore,to solve these problems,this paper proposes a Task-Attribute-Based Access Control scheme for the IoT via blockchain that combines the access control technologies of both the IoT and blockchain.This model,which merges the advantages of task-based access controls and attribute-based access controls,is perfectly integrated with blockchain technology.This model uses hash functions and digital signature algorithms to ensure the authenticity and integrity of the data,and it can dynamically allocate users’minimum privileges and thus perfectly solves the single point of failure problem.The model is implemented using a Geth client and solidity code,and the simulation results demonstrate the effectiveness of the model.展开更多
基金This work was supported by the National Key Research and Development Project of China(Grant No.2017YFB0802302)the Science and Technology Support Project of Sichuan Province(Grant Nos.2016FZ0112,2017GZ0314,and 2018GZ0204)+2 种基金the Academic and Technical Leaders Training Funding Support Projects of Sichuan Province(Grant No.2016120080102643)the Application Foundation Project of Sichuan Province(Grant No.2017JY0168)the Science and Technology Project of Chengdu(Grant Nos.2017-RK00-00103-ZF,and 2016-HM01-00217-SF).
文摘In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.
基金supported in part by the National Key Research and Development Project of China(No.2017YFB0802302)the Science and Technology Support Project of Sichuan Province(No.2016FZ0112,No.2017GZ0314,No.2018GZ0204)+2 种基金the Academic and Technical Leaders Training Funding Support Projects of Sichuan Province(No.2016120080102643)the Application Foundation Project of Sichuan Province(No.2017JY0168)the Science and Technology Project of Chengdu(No.2017-RK00-00103-ZF,No.2016-HM01-00217-SF).
文摘As a new form of network,the Internet of things(IoT)is becoming more widely used in people’s lives.In this paper,related theoretical research and practical applications of the IoT are explored.The security of the IoT has become a hot research topic.Access controls are methods that control reasonable allocations of data and resources and ensure the security of the IoT.However,most access control systems do not dynamically assign users’rights.Additionally,with some access control systems,there is a risk of overstepping other user’s authority,and there may exist a central authority that is a single point of failure.Therefore,to solve these problems,this paper proposes a Task-Attribute-Based Access Control scheme for the IoT via blockchain that combines the access control technologies of both the IoT and blockchain.This model,which merges the advantages of task-based access controls and attribute-based access controls,is perfectly integrated with blockchain technology.This model uses hash functions and digital signature algorithms to ensure the authenticity and integrity of the data,and it can dynamically allocate users’minimum privileges and thus perfectly solves the single point of failure problem.The model is implemented using a Geth client and solidity code,and the simulation results demonstrate the effectiveness of the model.
