1.Medical data security risks
In recent years, medical data security has received increasing attention. Due to the particularity of medical services, medical data protection is facing a large number of threats at any time. The information security and privacy protection issues of medical data have become increasingly prominent, and medical personal sensitive information leakage incidents have occurred from time to time. These sensitive information data leakage incidents have violated personal privacy, which has a negative social impact. Medical data security risks exist in the entire life cycle of medical data, including privacy leakage in the stages of medical data generation, collection, storage, exchange, and use.
The current global epidemic is raging, seriously threatening people's lives. Medical data plays an important role in epidemic prevention and control. It is of great significance to strengthen the application of cryptographic technology to protect sensitive information of medical data.
2.Application of Privacy Computing Technology
Privacy computing is an emerging technology that provides privacy protection, covering the intersection of many disciplines, including cryptography-based secure multi-party computation (MPC), hardware-based Trusted Execution Environment (TEE), and artificial intelligence-based federated learning (FL). ). Among them, the secure multi-party computing based on cryptography is not a single technology, it includes homomorphic encryption, secret sharing (key segmentation), inadvertent transmission, obfuscation circuits and other technologies.
The need for sharing and utilizing medical data is a focus of privacy computing. Medical research, clinical diagnosis, and medical services have strong demands for statistical analysis and application mining based on medical data, but the privacy of medical data makes sharing and utilization difficult. On the one hand, it is difficult to collect and integrate data across institutions, and on the other hand, it is difficult to combine data across institutions. Privacy computing provides a solution for this. Using privacy computing, on the basis of establishing a standardized database of decentralized storage, distributed joint statistical analysis can be realized, so as to obtain the research results of clinical research. In the process of fighting against the new crown pneumonia epidemic, secure multi-party computing technology is used to realize joint analysis and share results, realize real-time tracking of virus epidemiology and prediction of future virus strain evolution, and help epidemic prevention and control.
Here are two examples to introduce the application of homomorphic encryption and secret sharing (key segmentation) in medical data protection.
Homomorphic encryption and its applications
Homomorphic encryption technology plays an important role in the field of encryption technology. In essence, homomorphic encryption refers to an encryption function that performs addition and multiplication operations on the plaintext and then encrypts it, and performs the corresponding addition and multiplication operations on the ciphertext after encryption, and the result is equivalent. Due to this good nature, one can entrust a third party to process the data without revealing the information. In this regard, homomorphic encryption technology can well solve the problems faced by the big data storage layer in the process of cloud computing platform.
Compared with professional big data companies, medical institutions usually have relatively weak data processing capabilities and require third parties such as cloud computing centers to realize data processing and analysis to achieve more efficient analysis results. However, hospitals are obliged to protect sensitive information and privacy of patients, and cannot directly hand over data to third parties in clear text. With the support of homomorphic encryption technology, medical institutions can send encrypted data to a third party (cloud platform party). Sensitive patient information is stored in the cloud through homomorphic encryption, and the homomorphically encrypted data can be subjected to ciphertext-based operations in the cloud, including query, retrieval, statistics and other operations. The operation results are still in ciphertext form, and the cloud will The operation result data is sent back, and the medical party performs the corresponding homomorphic decryption on the operation result to obtain the result corresponding to the plaintext operation. The entire data processing result and data content are completely unknown to the cloud, thus effectively protecting patient privacy.
Haitai FangyuanThe developed privacy computing service system, as the cryptographic infrastructure of the cloud platform, not only has the function of general commercial cryptographic services, but also provides homomorphic services for the cloud platform and provides privacy protection for medical data. Using the privacy computing service system, the statistical analysis of medical data security can be realized under the protection of data privacy, which can be applied to epidemiological research, clinical medical research, precision epidemic prevention, etc. In fact, the privacy computing service system, as an important part of the Haitai Fangyuan cryptographic service platform, can also be used in financial, public security, transportation and TOC (such as shopping, takeaway, travel, etc.) scenarios to provide personal information protection and data security services. Realize the safe use of private data without revealing the original information.
Secret sharing and its application
Medical data sharing in the context of network environment and distributed environment can be summarized as secure multi-party computation in many cases. The main idea of secure multi-party computing is: in a distributed network, two or more parties execute an algorithm based on their secret input, so that each party can obtain the correct output while protecting the secrecy of their own input information. Secret sharing is an important technology for secure multi-party computing. The principle of secret sharing is to divide the input data of each participant into several shards, distribute them to all participants to save, and use these shards for security Multi-party computation. By performing computations based on data shards, each participant's input can be protected. A classic scheme of secret sharing is the threshold secret sharing scheme proposed by Shamir, which is characterized in that the recovery of secret data does not require all data fragments, but only some data fragments. Secret sharing is also often applied to the protection of keys. When the secret data is the key in the cryptographic operation, the secret sharing is the key splitting.
Haitai FangyuanIt has a number of technical invention patents in terms of key segmentation, including SM2 joint encryption and decryption scheme, SM9 collaborative signature scheme and SM9 collaborative decryption scheme. Sensitive data is encrypted and protected inside, and collaborative decryption is realized.
As an important technology to solve the problem of data value circulation and sharing, privacy computing technology has become a hot topic, but it also faces constraints. First, there is a lack of technical application standards to support the application of privacy computing technology. There are many problems to be clarified, which affects the promotion of the technology. Second, to achieve large-scale application of privacy computing technology, further improvements in performance are required. It is recommended to gradually establish privacy computing technology application standards and product certification systems, strengthen algorithm standard compilation and algorithm optimization research, and promote the development of privacy computing technology application specifications.