A health data security sharing method supporting multi-granularity access control
By constructing an intermediate value and consortium blockchain framework for authorized content combinations, the authorized object and content are decoupled, solving the high overhead problem caused by repeated encryption in blockchain health data sharing, realizing low-overhead multi-granularity access control, and ensuring the security and efficiency of data sharing.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SOUTHEAST UNIV
- Filing Date
- 2026-05-11
- Publication Date
- 2026-06-05
AI Technical Summary
Existing blockchain-based health data sharing solutions incur significant computational and on-chain transaction costs when health data is frequently updated, resulting in high authorization costs that cannot be effectively reduced.
By constructing intermediate values that are only related to the combination of authorized content, the authorized object and the authorized content are decoupled. The consortium blockchain framework and broadcast proxy re-encryption technology are used to reduce the computational overhead of repeated encryption.
This achieves the avoidance of repeated encryption when updating health data, reduces system computation and on-chain transaction overhead, and improves the efficiency and security of data sharing.
Smart Images

Figure CN122157937A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of blockchain secure sharing and medical data management technology, specifically relating to a method for secure sharing of health data that supports multi-granularity access control. Background Technology
[0002] With the continuous development of precision medicine driven by AIoT (Artificial Intelligence of Things), residents' health data needs to be continuously transferred and collaboratively used among hospitals, testing institutions, research institutions, and personal terminals. In practical applications, health data is usually characterized by dispersed sources, frequent updates, and high privacy sensitivity, thus placing higher demands on the security, controllability, and efficiency of the cross-entity sharing process.
[0003] Blockchain, with its decentralized collaboration, immutable ledger, and traceability, is widely used in health data sharing scenarios. However, existing blockchain-based health data sharing solutions directly encrypt health data into ciphertext that can be decrypted by the recipient, tightly binding the authorized content to the authorized object. When the shared content changes, the health data needs to be re-encrypted, and the authorization process needs to be repeatedly initiated for multiple recipients, resulting in significant computational and on-chain transaction overhead. Therefore, there is an urgent need to provide a new blockchain-based health data sharing method to reduce authorization costs when health data is frequently updated. Summary of the Invention
[0004] To address the aforementioned issues, this invention discloses a method for secure sharing of health data that supports multi-granularity access control. By constructing an intermediate value of a fixed size that is only related to the combination of authorized content, the authorized objects are decoupled from each other, avoiding repeated encryption caused by changes in shared content, and reducing authorization costs and system overhead.
[0005] To achieve the above objectives, the technical solution of the present invention is as follows:
[0006] A method for securely sharing health data that supports multi-granularity access control includes the following steps:
[0007] S1. A trusted organization is formed by participating entities such as hospitals and research institutions. This trusted organization constructs a consortium blockchain framework and initializes public parameters and a master key. The public parameters are recorded on the blockchain via smart contracts, making them available for viewing by participating entities and for use by the smart contracts.
[0008] S2. Legitimate users apply for public and private keys from a trusted institution. The public key is used to encrypt segmented health data, and the private key is used to decrypt the encrypted authorized content.
[0009] S3. Residents with health data segment the data according to their own needs, encrypt each data segment to form corresponding ciphertext, and upload all ciphertext to the world state of the Hyperledger Fabric consortium blockchain framework through a smart contract.
[0010] S4. The resident selects the authorized content and the authorized object, and generates ciphertext that can be decrypted by the recipient through the access control schemes at the authorized content level and the authorized object level in sequence. The two access control schemes are linked together by a segmented decryption key that is only related to the combination of authorized content.
[0011] S5. The data recipient uses the private key issued by the trusted authority to first obtain the segmented decryption key by decrypting the ciphertext bound to the recipient, and then uses the segmented decryption key to obtain all authorized content.
[0012] Furthermore, step S1 specifically includes:
[0013] System initialization: A trusted institution constructs a consortium blockchain hyperledger framework as an authorization platform to ensure the trusted, mutually recognized, and interoperable exchange of health data. The trusted institution generates two cyclic groups of prime order. and Satisfying a bilinear mapping Then the trusted organization generates an integer field. , It is a large prime number; then the generators of the group are calculated. random value and random group elements Generate master key And system parameters:
[0014] (1);
[0015] In equation (1), 𝑚 represents the maximum number of recipients supported in a single authorization.
[0016] The trusted institution then defines three hash functions. , and Combine hash function with It should be made public to the participants.
[0017] Furthermore, step S2 specifically includes:
[0018] Using the publicly available system parameters obtained in step S1 Hash function and generator Trusted institutions calculate random values ,in It is the integer field defined in step S1, using the master key defined in step S1. For identity Private keys are issued to legitimate users. With public key :
[0019] (2);
[0020] (3);
[0021] In equation (3), Indicates the maximum number of health data segments supported in a single authorization.
[0022] Furthermore, step S3 specifically includes:
[0023] Data Segmentation: Residents can segment their health passports according to their needs. There is no limit to the number of health passport segments, but a resident can only authorize a maximum of [number] segments per authorization. Segment data.
[0024] Data on-chain: Residents use the public key received from the trusted institution in step S2. , for the first Health data segment Select random integer pairs and random values ,in It is the integer field defined in step S1, and encrypted as:
[0025] (4);
[0026] In equation (4), , These are the generator and hash function defined in step S1, respectively. For the bilinear pairing operation defined in step S1, The private key defined in step S2 The generated health data ciphertext is then recorded in the blockchain via the "Create Health Data" smart contract.
[0027] Furthermore, step S4 specifically includes:
[0028] Determine the authorized content and recipients: Residents select the authorized content and recipients based on their own needs. Define the authorized content as follows: The authorized object is a set of receivers consisting of multiple entities. or organization ,in For authorized content segment number, For the number of individuals to be authorized, m is the maximum number of health data segments supported by a single authorization as defined in step S2, and m is the maximum number of receivers supported by a single authorization as defined in step S1.
[0029] Content-level access control: Residents select authorized content Then, use the corresponding ciphertext. set of integer pairs and private key substructure Construct polynomial ,in{ yes The polynomial coefficients are used to ultimately output the segmented decryption key. :
[0030] (5);
[0031] In equation (5), , , For the number of authorized content segments, , It is the sequence number variable of the ciphertext. With ciphertext substructure Bind and decrypt the corresponding health data.
[0032] Access control at the authorization object level: When the resident selects an authorization object as... At that time, the Private Data Collections (PDC) mechanism of the consortium blockchain framework will be used to... Secure sharing at the organizational level; if the resident's authorized recipient is a set of multiple recipients. First, generate random values. ,in It is the integer field defined in step S1, and then the private key is used. Substructure For a set of multiple receivers Generate re-encryption key :
[0033] (6);
[0034] In equation (6), = , = , = , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals awaiting authorization. The master key defined in step S1 substructures, , It is the sequence number variable of the ciphertext;
[0035] Finally, the "Authorize Health Data" smart contract will be invoked along with the segmented encryption key. The bound health data is authorized to the authorized object; the smart contract first samples random values. ,in It is the integer field defined in step S1, and then the resident public key is used. Encryption segment encryption key , recorded as :
[0036] (7);
[0037] In equation (7), , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The master key defined in step S1 Substructures;
[0038] Subsequently, the smart contract uses a re-encryption key. ,Will Transform into something that can only belong to The ciphertext decrypted by the recipient is denoted as :
[0039] (8);
[0040] In equation (8), , , , , , , , , The re-encryption key in equation (6) substructures, , In equation (7) substructures, This refers to the bilinear pairing operation defined in step S1; via a smart contract, It will be recorded in the blockchain for authorized objects to retrieve.
[0041] Furthermore, step S5 specifically includes:
[0042] Segmented decryption key acquisition: Part One recipient Using the private key issued by the trusted institution in step S2 substructure Decryption Obtain the segmented decryption key The specific decryption formula is as follows:
[0043] (9);
[0044] In equation (9), , , , , Defined in step S4 substructures, , , These are the generator and hash function defined in step S1, respectively. It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals to be authorized as defined in step S4. The master key defined in step S1 substructures, It is the segmented decryption key defined in step S4. , It is the sequence number variable of the ciphertext.
[0045] Health data acquisition: The recipient obtains the encrypted data defined in step S4. Substructure and segmented decryption key Integer pairs Reconstruct the polynomial defined in step S4 based on the Lagrange interpolation theorem. ,in{ It is a polynomial polynomial coefficients, For authorized content segment number, , It is the sequence number variable of the encrypted data, and then each segment of health data is calculated. Open Proof :
[0046] (10);
[0047] In equation (10), The private key defined in step S2 Substructures of.
[0048] Finally, the receiver uses Decryption Get data segment :
[0049] (11).
[0050] In equation (11), , It is the ciphertext defined in step S4. substructures, For the bilinear pairing operation defined in step S1, , These are the generator and hash function defined in step S1, respectively. , It is the sequence number variable of the ciphertext.
[0051] The beneficial effects of this invention are as follows:
[0052] This invention discloses a method for securely sharing health data that supports multi-granularity access control. First, it uses a consortium blockchain framework as the authorization platform. Through decentralization, traceability, and tamper-proof characteristics, it ensures that health data uploaded to the blockchain cannot be tampered with, and that related data updates and authorization behaviors are traceable, thereby ensuring the trustworthiness of health data and achieving mutual recognition and interoperability among different participating entities. Second, it provides residents with a multi-granularity access control scheme, allowing them to flexibly manage their access permissions for health data. At the authorization object level, it implements multi-granularity access control schemes for individuals and organizations based on broadcast proxy re-encryption and the Fabric PDC mechanism. On the one hand, broadcast proxy re-encryption transforms encrypted data into fixed-size re-encrypted ciphertext that can be decrypted by multiple receivers, enabling batch authorization for multiple individuals. On the other hand, the Fabric PDC mechanism writes data into the PDC field, ensuring that data can only be viewed by certain organizations, while other organizations can only obtain the hash value, achieving batch authorization at the organization level. At the authorization content level, it provides a low-overhead segmented authorization function, allowing residents to segment data and arbitrarily combine data segments as authorization content. To address the issue of excessive overhead caused by repeated encryption when shared data changes, an authorization credential bound to the data segment is constructed to decouple the authorized content from the authorized object. This avoids repeated encryption of all data ciphertext when health data content is updated or the authorization scope is adjusted, thus reducing system computation and on-chain overhead. Attached Figure Description
[0053] Figure 1 This is a schematic diagram of the overall architecture in an embodiment of the present invention. Detailed Implementation
[0054] The present invention will be further illustrated below with reference to the accompanying drawings and specific embodiments. It should be understood that the following specific embodiments are for illustrative purposes only and are not intended to limit the scope of the invention.
[0055] like Figure 1 As shown, this invention provides a method for secure sharing of health data that supports multi-granularity access control. This method aims to provide a multi-granularity access control scheme, while reducing the authorization cost of content updates by decoupling authorized objects from one authorized object to another, thereby reducing system overhead. The specific implementation steps are as follows:
[0056] S1. Initialize the health passport access control system;
[0057] A trusted institution constructs a consortium blockchain hyperledger framework as an authorization platform to ensure the trusted, mutually recognized, and interoperable exchange of health data. The trusted institution generates two prime-order cyclic groups. and Satisfying a bilinear mapping Then generate the integer field. , It is a large prime number. Then, the generators of the group are calculated. random value and random group elements Generate master key And system parameters:
[0058] (1);
[0059] In equation (1), 𝑚 represents the maximum number of recipients supported in a single authorization.
[0060] The trusted institution then defines three hash functions. , and Combine hash function with It should be made public to the participants.
[0061] S2, User Registration;
[0062] Using the publicly available system parameters obtained in step S1 Hash function and generator Trusted institutions calculate random values ,in It is the integer field defined in step S1, using the master key defined in step S1. For identity Private keys are issued to legitimate users. With public key :
[0063] (2);
[0064] (3);
[0065] In equation (3), Indicates the maximum number of health data segments supported in a single authorization.
[0066] S3, Health Data Segmentation and On-Chain;
[0067] Data Segmentation: Residents can segment their health passports according to their needs. There is no limit to the number of health passport segments, but a resident can only authorize a maximum of [number] segments per authorization. Segment data.
[0068] Data on-chain: Residents use the public key received from the trusted institution in step S2. , for the first Health data segment Select random integer pairs and random values ,in It is the integer field defined in step S1, and encrypted as:
[0069] (4);
[0070] In equation (4), , These are the generator and hash function defined in step S1, respectively. For the bilinear pairing operation defined in step S1, The private key defined in step S2 The generated health data ciphertext is then recorded in the blockchain via the "Create Health Data" smart contract.
[0071] S4, multi-granularity authorization of health data;
[0072] Determine the authorized content and recipients: Residents select the authorized content and recipients based on their own needs. Define the authorized content as follows: The authorized object is a set of receivers consisting of multiple entities. or organization ,in For authorized content segment number, For the number of individuals to be authorized, m is the maximum number of health data segments supported by a single authorization as defined in step S2, and m is the maximum number of receivers supported by a single authorization as defined in step S1.
[0073] Content-level access control: Residents select authorized content Then, use the corresponding ciphertext. set of integer pairs and private key substructure Construct polynomial ,in{ yes The polynomial coefficients are used to ultimately output the segmented decryption key. :
[0074] (5);
[0075] In equation (5), , , For the number of authorized content segments, , It is the sequence number variable of the ciphertext. With ciphertext substructure Bind and decrypt the corresponding health data.
[0076] Access control at the authorization object level: When the resident selects an authorization object as... At that time, the Private Data Collections (PDC) mechanism of the consortium blockchain framework will be used to... Secure sharing at the organizational level. If the resident's authorized recipient is a set of multiple recipients. First, generate random values. ,in It is the integer field defined in step S1, and then the private key is used. Substructure For a set of multiple receivers Generate re-encryption key :
[0077] (6);
[0078] In equation (6), = , = , = , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals awaiting authorization. The master key defined in step S1 substructures, , It is the sequence number variable of the ciphertext.
[0079] Finally, the "Authorize Health Data" smart contract will be invoked along with the segmented encryption key. The bound health data is authorized to the authorized object. The smart contract first samples a random value. ,in It is the integer field defined in step S1, and then the resident public key is used. Encryption segment encryption key , recorded as :
[0080] (7);
[0081] In equation (7), , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The master key defined in step S1 Substructures of.
[0082] Subsequently, the smart contract uses a re-encryption key. ,Will Transform into something that can only belong to The ciphertext decrypted by the recipient is denoted as :
[0083] (8);
[0084] In equation (8), , , , , , , , , The re-encryption key in equation (6) substructures, , In equation (7) substructures, This refers to the bilinear pairing operation defined in step S1. Through smart contracts, It will be recorded in the blockchain for authorized objects to retrieve.
[0085] S5, fine-grained access to health data;
[0086] Segmented decryption key acquisition: Part One recipient Using the private key issued by the trusted institution in step S2 substructure Decryption Obtain the segmented decryption key The specific decryption formula is as follows:
[0087] (9);
[0088] In equation (9), , , , , Defined in step S4 substructures, , , These are the generator and hash function defined in step S1, respectively. It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals to be authorized as defined in step S4. The master key defined in step S1 substructures, It is the segmented decryption key defined in step S4. , It is the sequence number variable of the ciphertext.
[0089] Health data acquisition: The recipient obtains the encrypted data defined in step S4. Substructure and segmented decryption key Integer pairs Reconstruct the polynomial defined in step S4 based on the Lagrange interpolation theorem. ,in{ It is a polynomial polynomial coefficients, For authorized content segment number, , It is the sequence number variable of the encrypted data, and then each segment of health data is calculated. Open Proof :
[0090] (10);
[0091] In equation (10), The private key defined in step S2 Substructures of.
[0092] Finally, the receiver uses Decryption Get data segment :
[0093] (11).
[0094] In equation (11), , It is the ciphertext defined in step S4. substructures, For the bilinear pairing operation defined in step S1, , These are the generator and hash function defined in step S1, respectively. , It is the sequence number variable of the ciphertext.
[0095] It should be noted that the above content merely illustrates the technical concept of the present invention and should not be construed as limiting the scope of protection of the present invention. For those skilled in the art, various improvements and modifications can be made without departing from the principle of the present invention, and all such improvements and modifications fall within the scope of protection of the claims of the present invention.
Claims
1. A method for securely sharing health data that supports multi-granularity access control, characterized in that, Includes the following steps: S1. Initialization of the health passport access control system: A trusted organization composed of hospitals and research entities constructs a consortium blockchain hyperledger framework and initializes public parameters and master keys; the public parameters are recorded on the blockchain through smart contracts for participating entities to view and use by smart contracts. S2. User registration: Legitimate users apply for public and private keys from a trusted institution. The public key is used to encrypt segmented health data, and the private key is used to decrypt the encrypted authorized content. S3. Health data segmentation and on-chaining: Residents with health data segment the data according to their own needs, encrypt each data segment to form corresponding ciphertext, and upload all ciphertext to the world state of the consortium blockchain hyperledger framework through smart contracts. S4. Health data multi-granularity authorization: Residents select the authorized content and authorized objects, and the ciphertext that can be decrypted by the recipient is generated through the access control schemes at the authorized content level and the authorized object level in turn. The two access control schemes are linked together by a segmented decryption key that is only related to the combination of authorized content. S5, Fine-grained access to health data: The data recipient uses a private key issued by a trusted institution to first obtain a segmented decryption key by decrypting the ciphertext bound to the recipient, and then uses the segmented decryption key to obtain all authorized content.
2. The method for securely sharing health data supporting multi-granularity access control as described in claim 1, characterized in that: Step S1 is as follows: A trusted institution constructs a consortium blockchain hyperledger framework as an authorization platform to ensure the trusted, mutually recognized, and interoperable exchange of health data; the trusted institution generates two prime-order cyclic groups. and Satisfying a bilinear mapping Then generate the integer field. , It is a large prime number; then the generators of the group are calculated. random value and random group elements Generate master key And system parameters: (1); In equation (1), 𝑚 represents the maximum number of recipients supported in a single authorization; The trusted institution then defines three hash functions. , and Combine hash function with It should be made public to the participants.
3. The method for secure sharing of health data supporting multi-granularity access control as described in claim 1, characterized in that: Step S2 is as follows: Using the publicly available system parameters obtained in step S1 Hash function and generator Trusted institutions calculate random values ,in It is the integer field defined in step S1, using the master key defined in step S1. For identity Private keys are issued to legitimate users. With public key : (2); (3); In equation (3), Indicates the maximum number of health data segments supported in a single authorization.
4. The method for secure sharing of health data supporting multi-granularity access control as described in claim 1, characterized in that: Step S3 is as follows: Data Segmentation: Residents can segment their health passports according to their needs; there is no limit to the number of health passport segments, but a resident can only authorize a maximum of [number] segments per authorization. Segment data; Data on-chain: Residents use the public key received from the trusted institution in step S2. , for the first Health data segment Select random integer pairs and random values ,in It is the integer field defined in step S1, and encrypted as: (4); In equation (4), , These are the generator and hash function defined in step S1, respectively. For the bilinear pairing operation defined in step S1, , The private key defined in step S2 The substructure; finally, the generated health data ciphertext is recorded in the blockchain through the "Create Health Data" smart contract.
5. A method for securely sharing health data supporting multi-granularity access control as described in claim 1, characterized in that: Step S4 is as follows: Determine the authorized content and authorized recipients: Residents select the authorized content and authorized recipients according to their own needs; define the authorized content as follows: The authorized object is a set of receivers consisting of multiple entities. or organization ,in For authorized content segment number, For the number of individuals to be authorized, m is the maximum number of health data segments supported by a single authorization as defined in step S2, and m is the maximum number of receivers supported by a single authorization as defined in step S1. Content-level access control: Residents select authorized content Then, use the corresponding ciphertext. set of integer pairs and private key substructure Construct polynomial ,in{ yes The polynomial coefficients are used to ultimately output the segmented decryption key. : (5); In equation (5), , , For the number of authorized content segments, , It is the sequence number variable of the ciphertext. With ciphertext substructure Bind and decrypt the corresponding health data; Access control at the authorization object level: When the resident selects an authorization object as... At that time, the private dataset mechanism of the consortium blockchain framework will be used to... Secure sharing at the organizational level; if the resident's authorized recipient is a set of multiple recipients. First, generate random values. ,in It is the integer field defined in step S1, and then the private key is used. Substructure For a set of multiple receivers Generate re-encryption key : (6); In equation (6), = , = , = , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals awaiting authorization. The master key defined in step S1 substructures, , It is the sequence number variable of the ciphertext; Finally, the "Authorize Health Data" smart contract will be invoked along with the segmented encryption key. The bound health data is authorized to the authorized object; the smart contract first samples random values. ,in It is the integer field defined in step S1, and then the resident public key is used. Encryption segment encryption key , recorded as : (7); In equation (7), , , , , These are the generator and hash function defined in step S1, respectively. , It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The master key defined in step S1 Substructures; Subsequently, the smart contract uses a re-encryption key. ,Will Transform into something that can only belong to The ciphertext decrypted by the recipient is denoted as : (8); In equation (8), , , , , , , , , The re-encryption key in equation (6) substructures, , In equation (7) substructures, This refers to the bilinear pairing operation defined in step S1; via a smart contract, It will be recorded in the blockchain for authorized objects to retrieve.
6. A method for securely sharing health data supporting multi-granularity access control as described in claim 3, characterized in that: Step S5 is as follows: Segmented decryption key acquisition: Part One recipient Using the private key issued by the trusted institution in step S2 substructure Decryption Obtain the segmented decryption key The specific decryption formula is as follows: (9); In equation (9), , , , , Defined in step S4 substructures, , , These are the generator and hash function defined in step S1, respectively. It is the random number taken in step S1. For the bilinear pairing operation defined in step S1, The number of individuals to be authorized as defined in step S4. The master key defined in step S1 substructures, It is the segmented decryption key defined in step S4. , It is the sequence number variable of the ciphertext; Health data acquisition: The recipient obtains the encrypted data defined in step S4. Substructure and segmented decryption key Integer pairs Reconstruct the polynomial defined in step S4 based on the Lagrange interpolation theorem. ,in{ It is a polynomial polynomial coefficients, For authorized content segment number, , It is the sequence number variable of the encrypted data, and then each segment of health data is calculated. Open Proof : (10); In equation (10), The private key defined in step S2 Substructures; Finally, the receiver uses Decryption Get data segment : (11); In equation (11), , It is the ciphertext defined in step S4. substructures, For the bilinear pairing operation defined in step S1, , These are the generator and hash function defined in step S1, respectively. , It is the sequence number variable of the ciphertext.