引用本文
  • 胡荣磊,丁安邦,李莉,段晓毅.基于可截取签名的药品管理隐私保护方案[J].信息安全学报,2024,9(1):56-70    [点击复制]
  • HU Ronglei,DING Anbang,LI Li,DUAN Xiaoyi.A Privacy Protection Scheme for Drug Management Based on Content Extraction Signature[J].Journal of Cyber Security,2024,9(1):56-70   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

←前一篇|后一篇→

过刊浏览    高级检索

本文已被:浏览 8304次   下载 5561 本文二维码信息
码上扫一扫!
基于可截取签名的药品管理隐私保护方案
胡荣磊, 丁安邦, 李莉, 段晓毅
0
(北京电子科技学院电子与通信工程系 北京 中国 100070)
摘要:
药品的安全问题关乎民生健康与社会稳定,而近年来我国药品安全事故频发,保障药品的质量安全,对人民群众来说至关重要。建设药品品种档案管理方案能够整合、统一管理药品的相关信息,保证药品来源可查、去向可追、责任可究,是减少药品质量安全事故发生的有效举措。为了解决药品品种档案在不同省市各部门之间共建共享以及隐私保护的问题,本文提出了一种基于区块链的药品品种管理模型。该模型融合了Fabric联盟链、无证书密码体制、可截取签名等多种技术,以实现药品档案数据的安全存储与共享。同时,引入Baas区块链管理平台,实时监控并动态配置区块链网络中的节点与链码,并按照模型中功能性的不同设计了链上交易表单及其对应的智能合约存储字段。随后,针对管理模型中的药品核查场景,结合传统的数字签名方案,设计了一种无证书可截取签名方案,利用可截取签名技术实现对药企机密数据的隐私保护。安全性分析表明,本文所提方案具有签名的不可伪造性、消息的保密性等特征。性能分析表明,该方案的运算量明显降低,相比于同类方案效率更高,开销更低,可满足药品品种档案管理场景下的各种需求,为药品品种档案管理过程中进行数据验真提供了一种新的思路。
关键词:  区块链  药品档案  可截取签名  隐私保护  数据共享
DOI:10.19363/J.cnki.cn10-1380/tn.2024.01.04
投稿时间:2022-04-20修订日期:2022-07-12
基金项目:本研究成果受以下项目资助: 中央高校基本科研业务费课题“针对有防御密码设备的能量分析攻击研究” (No. 328202207); 北京电子科技学院培育孵化教学类项目-一流本科专业建设-通信工程(No. jy202104); 北京高校“高精尖”学科建设项目; 国家自然科学基金资助项目(No. 62072014)。
A Privacy Protection Scheme for Drug Management Based on Content Extraction Signature
HU Ronglei, DING Anbang, LI Li, DUAN Xiaoyi
(Department of Electronics and Information Engineering, Beijing Electronic Science and Technology Institute, Beijing 100070, China)
Abstract:
The safety of drugs is related to people’s health and social stability. However, in recent years, our country’s drug safety accidents have shown the characteristics of high incidence and frequent occurrence. It is very important to ensure the quality and safety of drugs for people. The establishment of drug variety archives management system can integrate and manage drug-related information uniformly. It ensures that drug sources can be found, whereabouts can be traced, and responsibilities can be investigated, which is an effective measure to reduce the occurrence of drug quality and safety accidents. In order to solve the problem of co-construction, sharing and privacy protection of drug product archives among various departments in different provinces and cities, a blockchain-based drug archives management model is proposed. The model integrates various technologies such as Fabric consortium chain, certificateless cryptosystem, and content extraction signature to realize the safe storage and sharing of drug archive data. At the same time, a blockchain management platform Baas is introduced to this paper to realize the real-time monitoring and dynamic configuration of nodes and chaincodes in the blockchain network. Also, according to the different functionalities in the model, this paper designs the transaction forms and its corresponding smart contract’s storage fields. Subsequently, for the drug verification scenario in the management model, a certificateless content extraction signature scheme is designed combining traditional digital signature schemes, in which the content extraction signature technology is used to realize the privacy protection of confidential data within pharmaceutical companies. Security analysis shows that the proposed scheme has the features such as unforgeability of signatures and confidentiality of messages. Performance analysis shows that the computational complexity of this scheme is significantly reduced. It is more efficient and has lower overhead than similar schemes, which can meet the needs of drug archive management, providing a new idea for data verification in the process of drug variety file management.
Key words:  blockchain  drug product archives  CES  privacy protection  data sharing