[go: up one dir, main page]

CN119155320B - Distributed pathological data management method and system based on block chain - Google Patents

Distributed pathological data management method and system based on block chain Download PDF

Info

Publication number
CN119155320B
CN119155320B CN202411643915.4A CN202411643915A CN119155320B CN 119155320 B CN119155320 B CN 119155320B CN 202411643915 A CN202411643915 A CN 202411643915A CN 119155320 B CN119155320 B CN 119155320B
Authority
CN
China
Prior art keywords
data
pathology
control node
node
distributed control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411643915.4A
Other languages
Chinese (zh)
Other versions
CN119155320A (en
Inventor
袁依格
刘浏
王俊普
李啸海
韩付昌
刘晓亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xiangjiang Laboratory
Original Assignee
Xiangjiang Laboratory
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xiangjiang Laboratory filed Critical Xiangjiang Laboratory
Priority to CN202411643915.4A priority Critical patent/CN119155320B/en
Publication of CN119155320A publication Critical patent/CN119155320A/en
Application granted granted Critical
Publication of CN119155320B publication Critical patent/CN119155320B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H70/00ICT specially adapted for the handling or processing of medical references
    • G16H70/60ICT specially adapted for the handling or processing of medical references relating to pathologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Public Health (AREA)
  • Epidemiology (AREA)
  • Primary Health Care (AREA)
  • General Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Mathematical Physics (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a distributed pathology data management method and a system based on a blockchain, which relate to the technical field of pathology data management, and are used for constructing a pathology data blockchain network, setting a plurality of distributed management and control nodes according to local area network IP, uploading pathology data stored under each local area network IP corresponding to the local area network to respective distributed management and control nodes, carrying out node encryption and data encryption on each distributed management and control node, further generating an encrypted pathology data file corresponding to each distributed management and control node, establishing an authorized communication link between each distributed management and control node and the pathology data blockchain network, sharing the encrypted pathology data file of each distributed management and control node to the pathology data blockchain network through the authorized communication link, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user, thereby querying required pathology data.

Description

Distributed pathological data management method and system based on block chain
Technical Field
The invention relates to the technical field of pathological data management, in particular to a distributed pathological data management method and system based on a blockchain.
Background
With the development of medical technology, pathology data plays an increasingly important role in clinical diagnosis and treatment, however, the existing pathology data management method has the problems of low data security, inconvenient inquiry and the like, and the pathology data is an important basis for clinical diagnosis, so that the efficiency of clinical diagnosis and treatment is at a lower level, and how to solve the problems so as to provide a safe and reliable pathology data management method has become urgent.
Disclosure of Invention
In order to solve the above problems, an object of the present invention is to provide a distributed pathology data management method and system based on blockchain.
The invention aims at realizing the technical scheme that the distributed pathological data management method based on the block chain comprises the following steps:
Step S1, constructing a pathological data blockchain network, setting a plurality of distributed management and control nodes according to local area networks (IPs), and uploading pathological data stored under each local area network (IP) corresponding to the local area network to the distributed management and control nodes;
Step S2, node encryption and data encryption are carried out on each distributed management and control node, so that an encrypted pathological data file corresponding to each distributed management and control node is generated, and an authorized communication link between each distributed management and control node and a pathological data blockchain network is established;
And S3, sharing the encrypted pathology data file of each distributed management and control node to a pathology data blockchain network through an authorized communication link, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user so as to query the needed pathology data.
Further, the process of constructing the pathological data blockchain network comprises the following steps:
Creating a plurality of blockchain nodes, distributing a network ID and gateway ports for each blockchain node, wherein the gateway ports are provided with different types of port states, the port states comprise a normal communication state, an abnormal communication state and a shutdown maintenance state, and the initial port states of the plurality of gateway ports are all set to be the normal communication state;
When the gateway port is attacked by the outside, changing the port state of the gateway port attacked by the outside into an abnormal communication state, overhauling a remote overhaul program which is accessed to the gateway port in the abnormal communication state, and if the current overhaul of the gateway port cannot be completed through a remote overhaul code, changing the port state of the gateway port into a shutdown overhaul state and arranging corresponding network technicians for processing;
And carrying out node configuration on the blockchain nodes in a normal communication state, generating a node communication white list, a node communication protocol and a node communication black list corresponding to each blockchain node through the node configuration, and constructing a pathological data blockchain network according to the blockchain nodes with the nodes configured.
Further, setting a plurality of distributed management and control nodes according to the local area network IP, and uploading the pathological data stored under the local area network corresponding to each local area network IP to the respective distributed management and control nodes, wherein the process comprises the following steps:
Setting a plurality of distributed terminals, wherein each distributed terminal is used for storing a part of data in pathological data, the distributed terminals share and use own pathological data through local area networks connected with the distributed terminals respectively, acquiring local area network IP (Internet protocol) corresponding to each local area network, and setting corresponding distributed management and control nodes according to the local area network IP of each distributed terminal under the local area network;
setting a transmission rate and a transmission certificate of each distributed terminal for uploading pathological data, further uploading the pathological data stored by the distributed terminals under each local area network to corresponding distributed management and control nodes according to the corresponding transmission rate, and judging whether the received transmission certificate is tampered by the distributed management and control nodes;
if yes, the received pathological data are packed into abnormal pathological files and returned to the corresponding distributed terminals, and if not, the distributed control nodes store the current pathological data.
Further, the process of encrypting the nodes and encrypting the data of each distributed management and control node to generate the encrypted pathological data file corresponding to each distributed management and control node includes:
The encryption sequence of the node encryption and the data encryption is that the node encryption is carried out preferentially and then the data encryption is carried out, the node encryption carried out on each distributed management and control node comprises the steps of constructing a key pair, dynamically storing the key, testing node communication and authenticating node authorization, and the pathological data in each distributed management and control node is carried out in a segmented mode, so that a corresponding encrypted pathological data file is generated and stored by the distributed management and control node.
Further, the process of establishing an authorized communication link between each distributed management node and the pathological data blockchain network includes:
acquiring an authorization credential corresponding to each distributed management and control node, associating the authorization credential of each distributed management and control node with the encrypted pathological data file stored by the authorization credential of each distributed management and control node, and carrying out data backup on the authorization credential of each distributed management and control node so as to generate a copy authorization credential corresponding to the authorization credential;
each distributed management and control node sends a communication link request to the pathological data blockchain network, the communication link request is sent together with the duplicate authorization credentials, the pathological data blockchain network receives the communication link request and judges whether the duplicate authorization credentials are consistent with the authorization credentials of the corresponding distributed management and control node;
If yes, any block chain node in a normal communication state in the pathological data block chain network is distributed to establish data communication with the distributed management and control nodes, and then an authorized communication link between the corresponding distributed management and control nodes and the pathological data block chain network is established;
If not, judging that the distributed management and control node which transmits the copy authorization certificate is abnormal, refusing the communication link request transmitted by the distributed management and control node, and not establishing the authorization communication link.
Further, the process of sharing the encrypted pathology data file of each distributed management and control node over the pathology data blockchain network via the authorized communication link includes:
Setting a data sharing period, in the data sharing period, each distributed management and control node establishing an authorized communication link with the pathological data blockchain network shares the encrypted pathological data file of each distributed management and control node to the pathological data blockchain network, and creating a file storage space for storing the encrypted pathological data file on the pathological data blockchain network.
Further, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user, wherein the process of querying the required pathology data further comprises the following steps:
Creating a query index of each distributed management and control node in the pathological data blockchain network, wherein the query index is used for querying the corresponding encrypted pathological data file of the corresponding distributed management and control node in the pathological data blockchain network;
presetting a pathology database, wherein the pathology database is used for storing addresses to be searched of a plurality of encrypted pathology data files, wherein the addresses to be searched= < query index, and the position of a file storage space >, the user inputs the query index into the pathology database, and then the encrypted pathology data files which are required to be searched by the current user in a pathology data blockchain network are positioned through matching of the query index and the addresses to be searched;
decrypting the encrypted pathological data file to further obtain pathological data required by the user.
Further, a blockchain-based distributed pathology data management system, the system comprising:
The system comprises a block chain network and a management and control node module, wherein the block chain network and the management and control node module are used for constructing a pathological data block chain network, setting a plurality of distributed management and control nodes according to local area network IP, and uploading pathological data stored under each local area network IP corresponding to the local area network to the respective distributed management and control nodes;
The pathology data processing module is used for carrying out node encryption and data encryption on each distributed management and control node so as to generate an encrypted pathology data file corresponding to each distributed management and control node, and an authorized communication link between each distributed management and control node and the pathology data blockchain network is established;
And the pathology data query module is used for sharing the encrypted pathology data file of each distributed management and control node to the pathology data blockchain network through an authorized communication link, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user so as to query the needed pathology data.
Compared with the prior art, the method has the beneficial effects that the pathological data blockchain network is constructed, a plurality of distributed management and control nodes are arranged according to the local area network IP, the pathological data stored under each local area network IP corresponding to the local area network is uploaded into the respective distributed management and control nodes for node encryption and data encryption, so that the encrypted pathological data file corresponding to each distributed management and control node is generated, the authorized communication link between each distributed management and control node and the pathological data blockchain network is established, the encrypted pathological data file of each distributed management and control node is further shared onto the pathological data blockchain network, the corresponding query index is created in the pathological data blockchain network for each distributed management and control node, and the user inputs the query index to the preset pathological database to query the required pathological data, so that the safety of the pathological data is improved to a certain extent, and the query of the pathological data is facilitated.
Drawings
FIG. 1 is a flow chart of the present invention.
Detailed Description
As shown in fig. 1, the block chain-based distributed pathology data management method comprises the following steps:
Step S1, constructing a pathological data blockchain network, setting a plurality of distributed management and control nodes according to local area networks (IPs), and uploading pathological data stored under each local area network (IP) corresponding to the local area network to the distributed management and control nodes;
Step S2, node encryption and data encryption are carried out on each distributed management and control node, so that an encrypted pathological data file corresponding to each distributed management and control node is generated, and an authorized communication link between each distributed management and control node and a pathological data blockchain network is established;
And S3, sharing the encrypted pathology data file of each distributed management and control node to a pathology data blockchain network through an authorized communication link, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user so as to query the needed pathology data.
It should be further noted that, in a specific implementation, the process of constructing the pathological data blockchain network includes:
Creating a plurality of blockchain nodes, and distributing a network ID and a gateway port for each blockchain node, wherein the network ID is a unique identity corresponding to each blockchain node, and the gateway ports of the blockchain nodes are provided with different types of port states;
the port state type comprises a normal communication state, an abnormal communication state and a shutdown maintenance state; the initial port states of the gateway ports are set to be normal communication states;
When the gateway port is attacked by the outside, changing the port state of the gateway port corresponding to the outside attack into an abnormal communication state, accessing a set remote maintenance program to the gateway port in the abnormal communication state, generating a remote maintenance code by the remote maintenance program to maintain the gateway port, and changing the port state of the gateway port into a shutdown maintenance state and arranging corresponding network technicians to process if the current maintenance to the gateway port cannot be completed through the remote maintenance code;
Performing node configuration on each block chain node in a normal communication state, and generating a node communication white list, a node communication protocol and a node communication black list corresponding to each block chain node through the node configuration;
The node communication white list is used for defining the data content which each blockchain node allows to access, and the node communication black list is used for defining the data content which each blockchain node prohibits to access;
Judging whether a plurality of blockchain nodes in a normal communication state are all in the same node communication protocol, identifying the blockchain nodes not in the current node communication protocol as nodes to be changed, and unifying all the nodes to be changed into the current node communication protocol;
And constructing a pathological data blockchain network according to the blockchain link points of which the nodes are configured.
It should be further noted that, in a specific implementation process, a plurality of distributed management and control nodes are set according to the local area network IP, and a process of uploading the pathological data stored under each local area network IP corresponding to the local area network to the respective distributed management and control nodes includes:
Setting a plurality of distributed terminals, wherein each distributed terminal is used for storing a part of data in the pathological data, acquiring communication authorities corresponding to the plurality of distributed terminals stored with the pathological data, sharing and using the pathological data of the distributed terminals by the local area networks connected with the distributed terminals, acquiring local area network IP (Internet protocol) corresponding to each local area network, and setting corresponding distributed management and control nodes according to the local area network IP of each distributed terminal under the local area network;
setting a transmission rate and a transmission certificate of each distributed terminal for uploading pathological data, further uploading the pathological data stored by the distributed terminals under each local area network to corresponding distributed management and control nodes according to the corresponding transmission rate, and judging whether the received transmission certificate is tampered by the distributed management and control nodes;
if yes, packaging the received pathological data into an abnormal pathological file, and returning the abnormal pathological file to the corresponding distributed terminal;
if not, the distributed control node stores the current pathological data.
Setting a safe rate interval corresponding to the transmission rate, when the transmission rate is in the safe rate interval, not performing any operation, and when the transmission rate is not in the safe rate interval, generating corresponding abnormal rate early warning, and maintaining the distributed terminal with the abnormal early warning by network maintenance personnel.
It should be further noted that, in a specific implementation process, the process of performing node encryption and data encryption on each distributed management and control node, and further generating the encrypted pathological data file corresponding to each distributed management and control node includes:
The encryption sequence of the node encryption and the data encryption is that the node encryption is carried out preferentially and then the data encryption is carried out, wherein the node encryption carried out on each distributed management and control node comprises the steps of constructing a key pair, dynamic key storage, node communication test and node authorization authentication;
The key pair is constructed by constructing a pair of node public keys and node private keys for each distributed management and control node, wherein the node public keys are used for verifying the node integrity and the node environment safety of the distributed management and control node, and the node private keys are used for encrypting and decrypting the distributed management and control node;
Constructing a plurality of temporary storage areas for storing node private keys, numbering the temporary storage areas, and recording the numbers as i, wherein i=1, 2 and 3 are included, and n is a natural number greater than 0;
Setting a storage period corresponding to each temporary storage area, initially storing the node private key in any temporary storage area, setting a jump number when the storage time of the node private key in the current temporary storage area reaches the corresponding storage period, and acquiring the number of the temporary storage area of the next node private key to be stored according to the number of the current temporary storage area and the jump number;
The number of the temporary storage area of the private key of the next storage node=the number of the current temporary storage area+the number of the hops, for example, the number of the temporary storage area of the private key of the current storage node is 3, the number of the hops is 5, the corresponding number of the temporary storage area of the private key of the next storage node is 3+5=8, it is to be noted that, the number of the hops is generated through a random function, the temporary storage area of the private key of the current storage node is destroyed after the expiration of the storage period, if the temporary storage area of the private key of the next storage node acquired according to the number of the hops does not exist, the following is sequentially carried out according to the number until the next temporary storage area is acquired, for example, the number of the temporary storage area of the private key of the next storage node acquired is 9, but the temporary storage area of the number 9 is already stored in the private key of the node and destroyed after the expiration, and the following numbers are 10 and the following temporary storage areas;
Encrypting data communication between different distributed management and control nodes through SSL or TLS protocol, and testing the data security and communication intensity of each distributed management and control node;
When the data security and the communication intensity reach the standards, the test of the corresponding distributed management and control node is passed, at least any test which does not pass the standards of the data security and the communication intensity is marked as a node to be monitored, and the node to be monitored is encrypted again;
the node authorization authentication content is that an authorization certificate is associated with each distributed management and control node passing the test, and the distributed management and control node only holding the authorization certificate is set to carry out access authentication authority with the pathological data blockchain network.
The pathological data in each distributed management and control node is encrypted in a segmentation mode, and the specific content of the corresponding encrypted pathological data file is generated as follows:
Dividing pathological data in a distributed management and control node into a head data section, an intermediate data section and a tail data section, and selecting different paragraph encryption algorithms for the head data section, the intermediate data section and the tail data section, wherein the paragraph encryption algorithms comprise an AES encryption algorithm, an RSA encryption algorithm and an ECC encryption algorithm;
The corresponding relation between the head data segment, the middle data segment and the tail data segment and the corresponding paragraph encryption algorithm is as follows:
head data segment-AES encryption algorithm;
intermediate data segment-RSA encryption algorithm;
tail data segment-ECC encryption algorithm;
Encrypting the head data segment by an AES encryption algorithm to generate first encrypted pathological data, encrypting the middle data segment by an RSA encryption algorithm to generate second encrypted pathological data, and encrypting the tail data segment by an ECC encryption algorithm to generate third encrypted pathological data;
And integrating the corresponding first encryption pathological data, second encryption pathological data and third encryption pathological data in each distributed management and control node into a preset blank file, so as to generate an encryption pathological data file corresponding to each distributed management and control node.
It should be further noted that, in a specific implementation, the process of establishing an authorized communication link between each distributed management node and the pathological data blockchain network includes:
Associating the authorization credentials of each distributed management and control node with the encrypted pathological data files stored in the authorization credentials, and carrying out data backup on the authorization credentials of each distributed management and control node so as to generate corresponding duplicate authorization credentials of the authorization credentials;
Each distributed management and control node sends a communication link request to the pathological data blockchain network, the communication link request is sent together with a copy authorization credential, the pathological data blockchain network receives the communication link request and judges whether the copy authorization credential is consistent with the authorization credential of the corresponding distributed management and control node;
If yes, any block chain node in a normal communication state in the pathological data block chain network is distributed to establish data communication with the distributed management and control nodes, and then an authorized communication link between the corresponding distributed management and control nodes and the pathological data block chain network is established;
If not, judging that the distributed management and control node which transmits the duplicate authorization credential is abnormal, refusing the communication link request transmitted by the distributed management and control node, and not establishing the authorization communication link between the corresponding distributed management and control node and the pathological data blockchain network.
It should be further noted that, in a specific implementation, the process of sharing the encrypted pathology data file of each distributed management and control node onto the pathology data blockchain network through the authorized communication link includes:
setting a data sharing period, and recording the data sharing period as T Sharing ,T Sharing = [ T1, T2], wherein T1 is a starting time point of the data sharing period, and T2 is a termination time point of the data sharing period;
In the data sharing period, each distributed management and control node establishing an authorized communication link with the pathology data blockchain network shares the encrypted pathology data file of each distributed management and control node to the pathology data blockchain network, and creates a file storage space for storing the encrypted pathology data file on the pathology data blockchain network.
It should be further noted that, in a specific implementation process, a corresponding query index is created in the pathology data blockchain network for each distributed management and control node, and a user inputs the query index to a preset pathology database, so that a process of querying required pathology data includes:
Creating a query index of each distributed management and control node in the pathological data blockchain network, wherein the query index is used for querying the corresponding encrypted pathological data file of the corresponding distributed management and control node in the pathological data blockchain network;
Presetting a pathology database, wherein the pathology database is used for storing addresses to be searched of a plurality of encrypted pathology data files, wherein the addresses to be searched= < query index, and the position of a file storage space >, the user inputs the query index into the pathology database, and then the encrypted pathology data files required to be searched by the current user in a pathology data blockchain network are positioned through matching of the query index and the addresses to be searched;
decrypting the encrypted pathological data file to further obtain pathological data required by the user.
The invention also provides a distributed pathology data management system based on a blockchain, which comprises:
The system comprises a block chain network and a management and control node module, wherein the block chain network and the management and control node module are used for constructing a pathological data block chain network, setting a plurality of distributed management and control nodes according to local area network IP, and uploading pathological data stored under each local area network IP corresponding to the local area network to the respective distributed management and control nodes;
The pathology data processing module is used for carrying out node encryption and data encryption on each distributed management and control node so as to generate an encrypted pathology data file corresponding to each distributed management and control node, and an authorized communication link between each distributed management and control node and the pathology data blockchain network is established;
And the pathology data query module is used for sharing the encrypted pathology data file of each distributed management and control node to the pathology data blockchain network through an authorized communication link, creating a corresponding query index in the pathology data blockchain network for each distributed management and control node, and inputting the query index to a preset pathology database by a user so as to query the needed pathology data.
The above embodiments are only for illustrating the technical method of the present invention and not for limiting the same, and it should be understood by those skilled in the art that the technical method of the present invention may be modified or substituted without departing from the spirit and scope of the technical method of the present invention.

Claims (2)

1.基于区块链的分布式病理数据管理方法,其特征在于,包括以下步骤:1. A distributed pathology data management method based on blockchain, characterized in that it includes the following steps: 步骤S1:构建病理数据区块链网络,并根据局域网IP设置若干个分布式管控节点,将每个局域网IP对应局域网下存储的病理数据上传至各自的分布式管控节点;Step S1: Build a pathology data blockchain network, and set up several distributed control nodes according to the LAN IP, and upload the pathology data stored in the LAN corresponding to each LAN IP to their respective distributed control nodes; 步骤S2:对每个分布式管控节点进行节点加密以及数据加密,进而生成每个分布式管控节点对应的加密病理数据文件,建立每个分布式管控节点与病理数据区块链网络之间的授权通信链接;Step S2: Perform node encryption and data encryption on each distributed control node, thereby generating an encrypted pathology data file corresponding to each distributed control node, and establishing an authorized communication link between each distributed control node and the pathology data blockchain network; 步骤S3:将每个分布式管控节点的加密病理数据文件通过授权通信链接共享至病理数据区块链网络上,为每个分布式管控节点在病理数据区块链网络中创建相应的查询索引,由用户输入查询索引至预设的病理数据库,进而查询所需病理数据;Step S3: sharing the encrypted pathology data file of each distributed control node on the pathology data blockchain network through an authorized communication link, creating a corresponding query index for each distributed control node in the pathology data blockchain network, and allowing the user to input the query index into a preset pathology database to query the required pathology data; 构建病理数据区块链网络的过程包括:The process of building a pathology data blockchain network includes: 创建若干个区块链节点,为每个区块链节点分配一个网络ID以及网关端口,网关端口设置有不同类型的端口状态,端口状态包括正常通信状态、异常通信状态以及停机检修状态,若干个网关端口初始的端口状态都设置为正常通信状态;Create several blockchain nodes, assign a network ID and a gateway port to each blockchain node. The gateway port is set with different types of port states, including normal communication state, abnormal communication state, and shutdown maintenance state. The initial port states of several gateway ports are set to normal communication state; 当网关端口遭受外界攻击时,将被外界攻击的网关端口的端口状态变更为异常通信状态,并对处于异常通信状态的网关端口接入设置的远程检修程序进行检修,若通过远程检修代码无法完成当前对网关端口的检修,则将网关端口的端口状态变更为停机检修状态,并安排相应网络技术人员进行处理;When the gateway port is attacked from the outside, the port status of the gateway port attacked from the outside is changed to an abnormal communication state, and the gateway port in the abnormal communication state is accessed to the set remote maintenance program for maintenance. If the current maintenance of the gateway port cannot be completed through the remote maintenance code, the port status of the gateway port is changed to a shutdown maintenance state, and the corresponding network technicians are arranged to handle it; 对处于正常通信状态的区块链节点进行节点配置,通过节点配置生成每个区块链节点各自对应的节点通信白名单、节点通信协议以及节点通信黑名单,根据若干个节点配置完成的区块链节点构建病理数据区块链网络;Perform node configuration on the blockchain nodes in normal communication state, generate node communication whitelist, node communication protocol and node communication blacklist corresponding to each blockchain node through node configuration, and build a pathological data blockchain network based on several blockchain nodes with completed node configuration; 根据局域网IP设置若干个分布式管控节点,将每个局域网IP对应局域网下存储的病理数据上传至各自的分布式管控节点的过程包括:Several distributed control nodes are set up according to the LAN IP, and the process of uploading the pathological data stored in the LAN corresponding to each LAN IP to the respective distributed control nodes includes: 设置若干台分布式终端,每台分布式终端用于存储病理数据中的一部分数据,若干台分布式终端通过各自连接的局域网进行自身病理数据的共享与使用,获取每个局域网对应关联的局域网IP,根据每台分布式终端所处于局域网下的局域网IP设置相应的分布式管控节点;Several distributed terminals are set up, each of which is used to store a part of the pathological data. Several distributed terminals share and use their own pathological data through their respective connected local area networks, obtain the local area network IP corresponding to each local area network, and set the corresponding distributed control node according to the local area network IP of each distributed terminal in the local area network; 设置每个分布式终端用于上传病理数据的传输速率以及传输凭证,进而将每个局域网下分布式终端所存储的病理数据按照相应的传输速率上传至相应的分布式管控节点中,由分布式管控节点判断所接收到的传输凭证是否遭受篡改;Set the transmission rate and transmission credentials of each distributed terminal for uploading pathological data, and then upload the pathological data stored in each distributed terminal under the local area network to the corresponding distributed control node according to the corresponding transmission rate, and the distributed control node determines whether the received transmission credentials have been tampered with; 若是,则将所接收到的病理数据打包成异常病理文件返回至相对应的分布式终端;若否,则由分布式管控节点进行当前病理数据的存储;If yes, the received pathological data is packaged into an abnormal pathological file and returned to the corresponding distributed terminal; if no, the distributed control node stores the current pathological data; 对每个分布式管控节点进行节点加密以及数据加密,进而生成每个分布式管控节点对应的加密病理数据文件的过程包括:The process of performing node encryption and data encryption on each distributed control node and then generating an encrypted pathology data file corresponding to each distributed control node includes: 所述节点加密和数据加密的加密顺序为:优先进行节点加密,再进行数据加密;对每个分布式管控节点进行的节点加密包括构建密钥对、密钥动态存储、节点通信测试以及节点授权认证;对每个分布式管控节点内的病理数据进行分段加密,进而生成相应的加密病理数据文件由分布式管控节点进行存储;The encryption order of the node encryption and data encryption is: node encryption is performed first, and then data encryption is performed; the node encryption performed on each distributed control node includes building a key pair, dynamic key storage, node communication test, and node authorization authentication; the pathological data in each distributed control node is encrypted in sections, and then the corresponding encrypted pathological data files are generated and stored by the distributed control node; 建立每个分布式管控节点与病理数据区块链网络之间的授权通信链接的过程包括:The process of establishing an authorized communication link between each distributed control node and the pathology data blockchain network includes: 获取每个分布式管控节点对应的授权凭证,将每个分布式管控节点的授权凭证与其存储的加密病理数据文件进行关联,并对每个分布式管控节点的授权凭证进行数据备份,进而生成授权凭证相应的副本授权凭证;Obtain the authorization certificate corresponding to each distributed control node, associate the authorization certificate of each distributed control node with the encrypted pathology data file stored therein, and perform data backup of the authorization certificate of each distributed control node, thereby generating a copy of the authorization certificate corresponding to the authorization certificate; 每个分布式管控节点向病理数据区块链网络发送一个通信链接请求,通信链接请求携带副本授权凭证一同发送,由病理数据区块链网络接收通信链接请求,并判断副本授权凭证是否与相应分布式管控节点的授权凭证一致;Each distributed control node sends a communication link request to the pathology data blockchain network. The communication link request carries a copy of the authorization certificate. The pathology data blockchain network receives the communication link request and determines whether the copy of the authorization certificate is consistent with the authorization certificate of the corresponding distributed control node. 若是,则分配病理数据区块链网络中任意一个处于正常通信状态的区块链节点与分布式管控节点建立数据通信,进而建立相应分布式管控节点与病理数据区块链网络之间的授权通信链接;If so, any blockchain node in the pathology data blockchain network that is in a normal communication state is assigned to establish data communication with the distributed control node, and then an authorized communication link is established between the corresponding distributed control node and the pathology data blockchain network; 若否,则判断发送副本授权凭证的分布式管控节点存在异常,驳回其发送的通信链接请求,不建立授权通信链接;If not, it is determined that there is an abnormality in the distributed control node that sent the duplicate authorization certificate, and the communication link request sent by it is rejected, and the authorized communication link is not established; 将每个分布式管控节点的加密病理数据文件通过授权通信链接共享至病理数据区块链网络上的过程包括:The process of sharing the encrypted pathology data files of each distributed control node to the pathology data blockchain network through an authorized communication link includes: 设置数据共享时段,在数据共享时段内,每个与病理数据区块链网络建立授权通信链接的分布式管控节点,将自身的加密病理数据文件共享至病理数据区块链网络,并在病理数据区块链网络上创建一个用于存储加密病理数据文件的文件存储空间;Set a data sharing period, during which each distributed control node that establishes an authorized communication link with the pathology data blockchain network shares its own encrypted pathology data file to the pathology data blockchain network, and creates a file storage space on the pathology data blockchain network for storing encrypted pathology data files; 为每个分布式管控节点在病理数据区块链网络中创建相应的查询索引,由用户输入查询索引至预设的病理数据库,进而查询所需病理数据的过程包括:A corresponding query index is created for each distributed control node in the pathology data blockchain network. The user inputs the query index into the preset pathology database, and then the process of querying the required pathology data includes: 创建每个分布式管控节点在病理数据区块链网络中的查询索引,查询索引用于进行相应分布式管控节点在病理数据区块链网络中对应加密病理数据文件的查询;Creating a query index for each distributed control node in the pathology data blockchain network, where the query index is used to query the encrypted pathology data file corresponding to the corresponding distributed control node in the pathology data blockchain network; 预设病理数据库,病理数据库用于存储若干个加密病理数据文件的待检索地址,其中,待检索地址=<查询索引,文件存储空间的位置>,由用户向病理数据库中输入查询索引,进而通过查询索引与待检索地址的匹配,定位出病理数据区块链网络中当前用户所需要查找的加密病理数据文件;A pathology database is preset, and the pathology database is used to store the addresses to be retrieved of several encrypted pathology data files, where the address to be retrieved = <query index, location of file storage space>. The user inputs the query index into the pathology database, and then locates the encrypted pathology data file that the current user needs to find in the pathology data blockchain network by matching the query index with the address to be retrieved; 对加密病理数据文件进行解密,进而获取用户所需病理数据。Decrypt the encrypted pathology data file to obtain the pathology data required by the user. 2.基于区块链的分布式病理数据管理系统,用于实现权利要求1所述的分布式病理数据管理方法,其特征在于,该系统包括:2. A distributed pathology data management system based on blockchain, used to implement the distributed pathology data management method according to claim 1, characterized in that the system comprises: 区块链网络及管控节点模块,用于构建病理数据区块链网络,并根据局域网IP设置若干个分布式管控节点,将每个局域网IP对应局域网下存储的病理数据上传至各自的分布式管控节点;The blockchain network and control node module is used to build a pathology data blockchain network, set up a number of distributed control nodes according to the LAN IP, and upload the pathology data stored in the LAN corresponding to each LAN IP to their respective distributed control nodes; 病理数据处理模块,用于对每个分布式管控节点进行节点加密以及数据加密,进而生成每个分布式管控节点对应的加密病理数据文件,建立每个分布式管控节点与病理数据区块链网络之间的授权通信链接;The pathology data processing module is used to perform node encryption and data encryption on each distributed control node, thereby generating an encrypted pathology data file corresponding to each distributed control node, and establishing an authorized communication link between each distributed control node and the pathology data blockchain network; 病理数据查询模块,用于将每个分布式管控节点的加密病理数据文件通过授权通信链接共享至病理数据区块链网络上,为每个分布式管控节点在病理数据区块链网络中创建相应的查询索引,由用户输入查询索引至预设的病理数据库,进而查询所需病理数据。The pathology data query module is used to share the encrypted pathology data files of each distributed management and control node on the pathology data blockchain network through an authorized communication link, create a corresponding query index for each distributed management and control node in the pathology data blockchain network, and the user inputs the query index into the preset pathology database to query the required pathology data.
CN202411643915.4A 2024-11-18 2024-11-18 Distributed pathological data management method and system based on block chain Active CN119155320B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411643915.4A CN119155320B (en) 2024-11-18 2024-11-18 Distributed pathological data management method and system based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411643915.4A CN119155320B (en) 2024-11-18 2024-11-18 Distributed pathological data management method and system based on block chain

Publications (2)

Publication Number Publication Date
CN119155320A CN119155320A (en) 2024-12-17
CN119155320B true CN119155320B (en) 2025-02-14

Family

ID=93811520

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411643915.4A Active CN119155320B (en) 2024-11-18 2024-11-18 Distributed pathological data management method and system based on block chain

Country Status (1)

Country Link
CN (1) CN119155320B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112835912A (en) * 2021-04-20 2021-05-25 卓尔智联(武汉)研究院有限公司 Data storage method and device based on block chain and storage medium
CN116032937A (en) * 2022-11-28 2023-04-28 中国联合网络通信集团有限公司 A computing power trading method and system for an edge computing device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107862215B (en) * 2017-09-29 2020-10-16 创新先进技术有限公司 Data storage method, data query method and device
CN108632284B (en) * 2018-05-10 2021-02-23 网易(杭州)网络有限公司 User data authorization method, medium, device and computing equipment based on block chain
CN110046521B (en) * 2019-04-24 2023-04-18 成都派沃特科技股份有限公司 Decentralized privacy protection method
US20220343768A1 (en) * 2019-05-03 2022-10-27 Michele Di Cosola Data Exchange within a Layer Zero (L_0) HGTP, DAG, Web3 State Channel Smart Self-Healing Node Centric Blockchain Mesh Network
CN110365670B (en) * 2019-07-08 2022-07-08 深圳壹账通智能科技有限公司 Blacklist sharing method and device, computer equipment and storage medium
CN112135297B (en) * 2020-09-22 2024-05-07 平安科技(深圳)有限公司 Communication method, center server, equipment and medium of Internet of things
CN117688088A (en) * 2023-11-24 2024-03-12 浙江工业大学 Trusted storage method of distributed data based on blockchain in cloud and edge environment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112835912A (en) * 2021-04-20 2021-05-25 卓尔智联(武汉)研究院有限公司 Data storage method and device based on block chain and storage medium
CN116032937A (en) * 2022-11-28 2023-04-28 中国联合网络通信集团有限公司 A computing power trading method and system for an edge computing device

Also Published As

Publication number Publication date
CN119155320A (en) 2024-12-17

Similar Documents

Publication Publication Date Title
CN109190384B (en) Multi-center block chain fusing protection system and method
EP1833222A1 (en) Access control protocol for embedded devices
US20190243980A1 (en) Secure client-server communication
CN106416123A (en) Password-based authentication
CN108616504A (en) A kind of sensor node identity authorization system and method based on Internet of Things
AU2012227276A1 (en) Global terminal management using 2-factor authentication
CN110457928B (en) Hospital-enterprise cooperation internet hospital data security guarantee method based on block chain
CN109391617A (en) A kind of network equipments configuration management method and client based on block chain
CN114301624A (en) Block chain-based tamper-proof system applied to financial business
CN112738030B (en) Data acquisition and sharing working method for agricultural technicians through big data analysis
EP3900260A1 (en) System and method for protection of computer networks against man-in-the-middle attacks
CN113647080B (en) Providing digital certificates in a cryptographically secure manner
CN111371588A (en) SDN edge computing network system based on block chain encryption, encryption method and medium
CN100580652C (en) Method and apparatus for confidentiality protection of fiber channel public transmissions
CN119155320B (en) Distributed pathological data management method and system based on block chain
CN118713892A (en) A multi-factor authentication instant message processing method and system
CN118802159A (en) Authentication and authorization method, device, electronic device, storage medium and product
CN114978519B (en) Message sending method, signature information generation method and device
CN114741735A (en) Block chain-based mass offline data trusted storage method and system
CN210270894U (en) Enterprise database security access device
US20210328833A1 (en) Communication system and method of changing a setting
CN113259105B (en) Block chain data sharing method and system
CN119051872B (en) A cross-chain data sharing method based on IPFS secure search
JP7266925B1 (en) Diagnostic device and diagnostic method
CN117938479B (en) Remote operation and maintenance method, system, equipment and medium for edge terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant