IEEE J Biomed Health Inform. 2020 Sep;24(9):2499-2505. doi: 10.1109/JBHI.2020.2973467. Epub 2020 Feb 12.
The recent spades of cyber attacks have compromised end-users' data security and privacy in Medical Cyber-Physical Systems (MCPS) in the era of Health 4.0. Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end-users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety, and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted of a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as the end-users' smartphone and lets the end-user control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove efficiency.
在健康 4.0 时代,最近大量的网络攻击已经损害了医疗网络物理系统(MCPS)中终端用户的数据安全和隐私。传统的数据保护标准加密算法是基于系统架构的观点而不是基于终端用户的观点设计的。由于这些加密算法将数据的保护转移到了密钥的保护上,一旦密钥被泄露,数据的安全性和隐私性就会受到损害。在本文中,我们提出了一种安全的数据存储和共享方法,该方法由选择性加密算法结合分片和分散技术组成,即使在传输介质(如云服务器)和密钥都被泄露的情况下,也能保护数据的安全和隐私。该方法基于用户为中心的设计,保护终端用户智能手机等可信设备上的数据,并让终端用户控制数据共享的访问权限。我们还在智能手机平台上评估了算法的性能,以证明其效率。
