【摘要】：報(bào)告顯示,我國(guó)逐漸進(jìn)入人口老齡化社會(huì),并且由于醫(yī)療資源緊張的緣故,使得整個(gè)國(guó)家呈現(xiàn)出看病難的現(xiàn)象。因此,關(guān)注中老年人的身體健康狀況并利用網(wǎng)絡(luò)資源緩解醫(yī)療資源的緊張現(xiàn)象,具有重要的現(xiàn)實(shí)意義。無(wú)線(xiàn)體域網(wǎng)是將功能傳感器布置在身體上并實(shí)時(shí)持續(xù)地收集生理數(shù)據(jù)。而將無(wú)線(xiàn)體域網(wǎng)用于遠(yuǎn)程醫(yī)療,不僅可以讓病患可以在家接受專(zhuān)業(yè)的監(jiān)護(hù),還可以讓出部分醫(yī)療資源,從而緩解看病難的狀況。在基于無(wú)線(xiàn)體域網(wǎng)的移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)中,病患傳輸?shù)臄?shù)據(jù)中包含著病患的敏感隱私,如病種,病的程度等。由于無(wú)線(xiàn)網(wǎng)絡(luò)的開(kāi)放性,網(wǎng)絡(luò)中存在的主動(dòng)與被動(dòng)攻擊者,會(huì)對(duì)病患的隱私安全造成威脅。因此,移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)中的認(rèn)證機(jī)制,與其功能、性能同等重要。病患通過(guò)無(wú)線(xiàn)網(wǎng)絡(luò)接入醫(yī)療服務(wù),醫(yī)療服務(wù)提供方需要對(duì)病患的身份進(jìn)行認(rèn)證,現(xiàn)在隨著網(wǎng)絡(luò)監(jiān)管力度的增大,對(duì)注冊(cè)身份的核實(shí)也越來(lái)越嚴(yán)。同樣地,這也會(huì)伴隨著個(gè)人隱私信息泄露的風(fēng)險(xiǎn)。另外,在醫(yī)療服務(wù)中,只需要對(duì)生理數(shù)據(jù)進(jìn)行分析進(jìn)而可以給出診療意見(jiàn),無(wú)需身份信息。因此,在移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)的認(rèn)證機(jī)制中,有著身份認(rèn)證與身份信息隱匿的安全需求。本文圍繞移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)中保護(hù)隱私的認(rèn)證協(xié)議進(jìn)行研究,主要的工作體現(xiàn)在以下兩個(gè)方面:(1)對(duì)移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)身份認(rèn)證過(guò)程中病患的身份隱匿性進(jìn)行研究,分析總結(jié)現(xiàn)有的匿名方法,得出基于假名池的和基于驗(yàn)證表的匿名認(rèn)證協(xié)議中病患手持移動(dòng)設(shè)備處和醫(yī)療服務(wù)器端的存儲(chǔ)代價(jià)與假名池的長(zhǎng)度和系統(tǒng)中用戶(hù)數(shù)量成正比,存儲(chǔ)代價(jià)較高。另外,假名池的定期更新需要額外的維護(hù)代價(jià),驗(yàn)證表中信息的不及時(shí)更新,會(huì)使得系統(tǒng)的風(fēng)險(xiǎn)系數(shù)增高。因此,為了降低病患手持移動(dòng)設(shè)備處和醫(yī)療服務(wù)器端的存儲(chǔ)代價(jià),針對(duì)移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)的特點(diǎn),在醫(yī)療服務(wù)器網(wǎng)關(guān)處布置一個(gè)只能執(zhí)行固化程序的安全中間件,只負(fù)責(zé)將來(lái)自病患的簽名消息轉(zhuǎn)換為自己的簽名消息,從而使得遠(yuǎn)程醫(yī)療服務(wù)器端接收到的簽名消息都由安全中間件簽名。結(jié)合代理重簽名技術(shù),提出一個(gè)基于安全中間件的匿名認(rèn)證協(xié)議。病患端和醫(yī)療服務(wù)器端由于不需要存儲(chǔ)額外的密鑰信息,從而在較大程度上降低存儲(chǔ)代價(jià)。經(jīng)過(guò)安全性分析,證明所提協(xié)議不僅可以滿(mǎn)足基本的安全需求,還可以抵抗各種網(wǎng)絡(luò)攻擊。通過(guò)性能評(píng)估,證實(shí)所提協(xié)議不僅提高了系統(tǒng)的安全性,存儲(chǔ)代價(jià)和計(jì)算代價(jià)較低,較適用于移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)。(2)對(duì)移動(dòng)醫(yī)療監(jiān)護(hù)網(wǎng)絡(luò)中保護(hù)隱私的認(rèn)證協(xié)議的用戶(hù)密鑰可撤銷(xiāo)性進(jìn)行研究,發(fā)現(xiàn)現(xiàn)有的密鑰可撤銷(xiāo)研究工作中用戶(hù)的密鑰存儲(chǔ)量過(guò)大,并由于增加用戶(hù)撤銷(xiāo)功能而使得認(rèn)證效率較大程度地降低。本文分析總結(jié)現(xiàn)有的密鑰管理方法,結(jié)合無(wú)證書(shū)公鑰密碼學(xué)與輕量級(jí)的帶密鑰哈希鏈技術(shù),提出一個(gè)無(wú)配對(duì)的可撤銷(xiāo)無(wú)證書(shū)公鑰加密方案。將用戶(hù)密鑰分為獨(dú)立的兩部分:與身份有關(guān)的密鑰和與時(shí)間有關(guān)的密鑰。用戶(hù)只有擁有完整的兩部分密鑰才能完成認(rèn)證。用戶(hù)被撤銷(xiāo)時(shí),只更新未撤銷(xiāo)用戶(hù)的時(shí)間密鑰。通過(guò)在隨機(jī)預(yù)言模型下,證明我們的方案在適應(yīng)性選擇消息攻擊下是密文不可區(qū)分的�；谠摲桨�,結(jié)合移動(dòng)醫(yī)療監(jiān)護(hù)系統(tǒng)模型,提出一個(gè)用戶(hù)可撤銷(xiāo)的保護(hù)隱私的認(rèn)證協(xié)議。經(jīng)過(guò)安全性分析,證明所提協(xié)議不僅能滿(mǎn)足基本的安全需求,也能夠抵抗各種網(wǎng)絡(luò)攻擊。由于我們的協(xié)議是無(wú)配對(duì)的,通過(guò)性能評(píng)估,證實(shí)所提協(xié)議在安全和效率上達(dá)到了較好的折中性。
[Abstract]:The report shows that China has gradually entered the aging society of the population, and because of the shortage of medical resources, it has made the whole country difficult to see the disease. Therefore, it is of great practical significance to pay attention to the physical health of the middle-aged and the elderly and to use the network resources to alleviate the tension of medical resources. The sensor is arranged on the body and collects physical data in real time. The use of wireless body domain network in telemedicine can not only allow patients to receive professional care at home, but also give out part of the medical resources to alleviate the difficult condition of seeing the disease. Data transmitted by patients in mobile medical monitoring network based on wireless body domain network It contains the sensitive privacy of the patient, such as the disease and the degree of the disease. Because of the openness of the wireless network, the presence of active and passive attackers in the network threatens the privacy and security of the patient. Therefore, the authentication mechanism in the mobile medical monitoring network is equally important to its function and nature. The provider of medical services needs to authenticate the identity of the patient. With the increase of network supervision, the verification of the registered identity is becoming more and more strict. Similarly, this will also accompany the risk of disclosure of personal privacy information. In addition, in medical services, it is necessary to analyze the physiological data and give the advice of diagnosis and treatment, no need. Identity information. Therefore, in the authentication mechanism of mobile medical monitoring network, there is a security requirement of identity authentication and identity information concealment. This paper studies the authentication protocol of privacy protection in mobile medical monitoring network. The main work is embodied in the following two aspects: (1) disease in the process of identity authentication in mobile medical monitoring network The identity concealment is studied, and the existing anonymous methods are analyzed and summarized. The storage costs of the patient's handheld mobile devices and the medical server end are proportional to the length of the pseudonym pool and the number of users in the system, and the storage cost is higher. In order to reduce the storage cost of the patient's handheld mobile device and the medical server side, a cure can only be performed at the medical service gateway in order to reduce the storage cost of the patient's handheld mobile device and the medical server side. All middleware is responsible for the conversion of signature messages from patients to their own signature messages in the future, so that the signature messages received by the telemedicine server end are signed by the security middleware. An anonymous authentication protocol based on the security middleware is proposed. Through security analysis, it is proved that the proposed protocol can not only meet the basic security requirements, but also resist various network attacks. Through performance evaluation, it is proved that the proposed protocol not only improves the security of the system, the storage cost and the computational cost are lower, and is more applicable. In mobile medical monitoring network (2) research on user key revocation of authentication protocol for privacy protection in mobile medical monitoring network. It is found that the user's key storage capacity is too large in the existing key revocable research work, and the efficiency of authentication is greatly reduced due to the increase of user revocation function. The existing key management method, combining the certificate public key cryptology and the lightweight key hash chain technology, presents an unpaired certificate free public key encryption scheme. The user key is divided into two independent parts: identity related key and time related key. Only the user has a complete two part key. When the user is revoked, only the time key of the unrevoked user is updated. Through the random prophecy model, it is proved that our scheme is ciphertext undistinguishable under the adaptive choice message attack. Based on this scheme, a user revocable authentication protocol for privacy protection is proposed in combination with the mobile medical monitoring system model. Security analysis shows that the proposed protocol can not only meet the basic security requirements, but also resist various network attacks. Because our protocol is unmatched, the performance evaluation proves that the proposed protocol has achieved good neutrality in security and efficiency.
【學(xué)位授予單位】：安徽大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類(lèi)號(hào)】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 劉毅;宋余慶;;無(wú)線(xiàn)體域網(wǎng)技術(shù)研究[J];小型微型計(jì)算機(jī)系統(tǒng);2013年08期

2 洪璇;陳克非;萬(wàn)中美;;簡(jiǎn)單的通用可組合代理重簽名方案[J];軟件學(xué)報(bào);2010年08期

，

本文編號(hào)：2165964