請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88872
標題: | 霧運算醫療環境下電子健康紀錄安全存取之身分驗證及密鑰協議 Secure Access Control and Identity Authentication in Fog-Driven Environment for Electronic Health Records |
作者: | 黃尹姿 Yin-Tzu Huang |
指導教授: | 王勝德 Sheng-De Wang |
關鍵字: | 存取控制,醫療資訊系統,電子健康紀錄,霧運算,金鑰協定, Access Control,Medical Information System,Electronic Health Records,Fog Computing,Key Agreement, |
出版年 : | 2023 |
學位: | 博士 |
摘要: | 隨著資訊科技的不斷發展,醫療資訊系統能即時提供個人的醫療記錄。為了確保儲存在雲端資料庫的電子健康紀錄(EHRs)的隱私,論文中首先提出基於拉格朗日插值多項式的存取機制,以確保醫療健康資訊的完整性和機密性。此方式嚴格控制系統使用者的訪問權限,根據授權角色的差異,每位使用者所能存取的檔案並不相同。透過這個方式,有效地防止未經授權的使用者越級存取電子健康紀錄,增加潛在攻擊者非法進入資料庫,和竊取敏感醫療資訊的難度。此機制運作於霧運算環境中,將部分驗證運算轉交給霧節點,以減輕雲端伺服器的計算負擔。此外隨著5G的普及,電子健康紀錄的數據來源也可能來自物聯網終端設備,但在霧運算環境下也存在安全相關問題,終端設備和霧節點容易受到駭客攻擊,進而導致敏感用戶資訊的外洩。因此,身份驗證和密鑰交換成為霧運算環境中需要考慮的議題。論文中提出的第二個方法則使用橢圓曲線密碼學,於霧運算環境中建立驗證和密鑰協定。此方法起初由雲端伺服器驗證霧節點的身份和合法性,而後便由霧節點對通訊的其餘終端設備進行驗證,從而減輕了雲端伺服器的計算負擔。透過此方式,雲端伺服器將驗證終端設備的任務轉移給霧節點。在完成身份驗證後,霧節點便會分配傳輸所需使用的金鑰,以增加訊息傳輸過程中的安全性,從而增強霧運算環境中醫療數據的隱私。 With the continuous development of information technology, the medical information system can now instantly provide individuals with their medical records. Secure access control is vital in facilitating convenient and secure information sharing. To address the security concerns and ensure the privacy of Electronic Health Records (EHRs) stored in cloud databases, the Lagrange-interpolation-driven access control mechanism is the first proposed method. This approach ensures the confidentiality and integrity of healthcare information, as it strictly regulates privacy settings and access authority for each user. This mechanism prevents unauthorized access to EHRs, making it more difficult for potential attackers to compromise the database and steal sensitive medical information. This mechanism operates in a fog-driven environment; part of the verification operation is handed over to fog nodes; therefore, it can reduce the calculation of the cloud server. In addition, with the rise of 5G communication, the data source of EHRs may also come from IoT devices. However, fog computing exists new security issues, particularly identity authentication. Fog computing needs to overcome the significant challenges of authentication and key exchange. Therefore, in the second method, the structure of the mutual authentication key establishment scheme based on elliptic curve cryptography for fog computing is proposed. After the process of mutual authentication, fog node will distribute the key used for transmission. Moreover, fog nodes will authenticate the device and distribute the established session key which can strengthen the security of message transmission and medical data privacy in the fog computing environment. |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88872 |
DOI: | 10.6342/NTU202303193 |
全文授權: | 同意授權(限校園內公開) |
顯示於系所單位: | 電機工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-111-2.pdf 目前未授權公開取用 | 1.77 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。