學術產出-Theses
Article View/Open
Publication Export
-
題名 應用ECQV自簽名憑證於遠距醫療之研究
A Study on ECQV Selfsigned Certificate on Telemedicine作者 洪士晟
Hung, Shih-Sheng貢獻者 左瑞麟
Tso, Ray-lin
洪士晟
Hung, Shih-Sheng關鍵詞 遠距醫療
Hyperledger Fabric
隱式憑證
Elliptic Curve Qu-Vanstone(ECQV)
Telemedicine
Hyperledger Fabric
Implicit certificate
Elliptic Curve Qu-Vanstone(ECQV)日期 2021 上傳時間 10-Feb-2022 13:21:43 (UTC+8) 摘要 隨著科技與通訊技術發展,遠距醫療改善醫療資源分配不均的問題,縮短醫療機構與病人的距離。遠距醫療服務除了提供優質的醫療品質,如何保障病人資料隱私性、通訊設備資料傳輸安全與有限度的共享醫療資料,也是重要的課題。Hewa 等人(2020)提出「遠距醫療平台」,於物聯網裝置與網路傳輸能力有限之場景,使用具有儲存空間較小、計算速度較快的 Elliptic Curve QuVanstone (ECQV)隱式憑證作為安全性標準。醫院與病人間,透過各自的 ECQV 憑證另外產生聯合公鑰,以建立醫療連結關係,但此方式金鑰需各自保管,將額外增加金鑰管理的負擔。本研究以 Hewa 方案之金鑰管理機制為基礎發展遠距醫療系統,採用雲端與多接取邊緣運算架構(Multi-access Edge Computing , MEC)技術並結合物聯網裝置,將病人醫療數據加密儲存於雲端資料庫;Hyperledger Fabric 與智能合約,負責管理角色權限、資料取用歷程與憑證資訊紀錄。並結合蘇等人(2018)的代理憑證機制,透過原始憑證使用者能自行產生代理憑證並分發給隸屬成員,且每張代理憑證皆能代表使用者的身分。本文將由醫院與 MEC 平台向憑證認證中心(CA)申請 ECQV 憑證,藉以減少各自申請憑證的成本,病人代理憑證為醫院產生的緣故,憑證本身已建立醫療連結關係,因此達到無需使用聯合公鑰的優點。
With the advancements of science and communication technology, telemedicine improves the issue of distribution of medical resources and shorten the distance between medical institutions and patients. Telemedicine also provides excellent medical quality. Ensuring the privacy of data, the security of data transmission and limited sharing of medical data are important issues.Hewa’s (2020)”telemedicine platform” used smaller storage and faster computation of Elliptic Curve Qu-Vanstone(ECQV) implicit certificate as security standard.Joint public key establish medical relationship between hospital and patients through generated their own ECQV. It needs to be kept separately.It will increase the loading of key management.This study based on Hewa’s key management mechanism to develop telemedicine platform. We adopted cloud service, Multi-access Edge Computing(MEC) architecture, combining Internet of things(IoT) devices to encrypt data.Hyperledger Fabric and smart contracts manage roles,permissions, data access audit log and certificate information.Combined with Su’s(2018) proxy certificate mechanism, certificate generated from original certificate and distributed to their members. To reduce cost of network transmission,hospital and MEC apply for ECQV from CA. Hospital generated patient’s proxy certificate to establish medical relationship, so joint public key do not required to be used.參考文獻 [1] “General Data Protection Regulation (GDPR),” 2021. [Online]. Available: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation[2] 中華民國107年5月11日衛生福利部衛部醫字第1071662596號令。通訊診察治療辦法.[3] 中華民國109年12月29日健保醫字第1090017665號公告。全民健康保險遠距醫療給付計畫.[4] S. Boeyen, S. Santesson, T. Polk, R. Housley, S. Farrell, and D. Cooper, “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,” RFC 5280, May 2008. [Online]. Available: https://rfceditor.org/rfc/rfc5280.txt[5] M. Campagna, “Sec 4: Elliptic curve quvanstone implicit certificate scheme (ECQV),” Standards for Efficient Cryptography, Version, vol. 1, 2013.[6] Z. W. Group et al., “Zigbee Smart Energy Profile Specification Revision 15,” ZigBee Alliance, Technical Report, Tech. Rep., 2008. [Online]. Available:https://people.ece.cornell.edu/land/courses/ece4760/FinalProjects/s2011/kjb79_ajm232/pmeter/Zigbee%20Smart%20Energy%20Profile%20Specification.pdf[7] T. Hewa, A. Braeken, M. Ylianttila, and M. Liyanage, “MultiAccess Edge Computing and Blockchainbased Secure Telehealth System Connected with 5G and IoT,” inThe 8th IEEE International Conference on Communications and Networking (IEEE ComNet’2020), 2020.[8] R. L. Tso and C. W. Su, “A Study on ECQV Selfsinged Certificate and Its Extensions ,” Master’s thesis, Department of Computer Science National Chengchi University,2018.[9] S. Nakamoto, “Bitcoin: A PeertoPeer Electronic Cash System,” https://bitcoin.org/bitcoin.pdf, 2008.[10] “An Introduction to Hyperledger,” https://www.hyperledger.org/wpcontent/uploads/2018/07/HL_Whitepaper_IntroductiontoHyperledger.pdf, 2018.[11] “A Blockchain Platform for the Enterprise,” https://hyperledgerfabric.readthedocs.io/zh_CN/latest/, 2020.[12] J. Benet, “IPFS Content Addressed, Versioned, P2P File System,” arXiv preprintarXiv:1407.3561, 2014.[13] “BitTorrent(BT).” [Online]. Available: https://en.wikipedia.org/wiki/BitTorrent[14] “git.” [Online]. Available: https://zh.wikipedia.org/wiki/Git[15] “Distributed Hash Table, DHT.” [Online]. Available: https://en.wikipedia.org/wiki/Distributed_hash_table[16] D. Mazières, “Selfcertifying file system,” Ph.D. dissertation, Massachusetts Institute of Technology, 2000.[17] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of computation, vol. 48,no. 177, pp. 203–209, 1987.[18] V. S. Miller, “Use of Elliptic Curves in Cryptography,” in Conference on the theoryand application of cryptographic techniques. Springer, 1985, pp. 417–426.[19] Standards for Efficient Cryptography Group (SECG), “Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography,” Released Standard Version, vol. 1,2000.[20] B. Daniel, “Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography,” Released Standard Version, vol. 2, 2009.[21] V. Kapoor, V. S. Abraham, and R. Singh, “Elliptic curve cryptography,” Ubiquity,vol. 2008, no. May, pp. 1–8, 2008.[22] W. Diffie and M. E. Hellman, “Multiuser cryptographic techniques,” in Proceedingsof the June 710, 1976, national computer conference and exposition, 1976, pp. 109–112.[23] D. Johnson, A. Menezes, and S. Vanstone, “The Elliptic Curve Digital SignatureAlgorithm (ECDSA),” International journal of information security, vol. 1, no. 1,pp. 36–63, 2001.[24] D. R. Brown, R. Gallant, and S. A. Vanstone, “Provably secure implicit certificateschemes,” in International Conference on Financial Cryptography. Springer, 2001,pp. 156–165.[25] D. H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: KeyedHashing forMessage Authentication,” RFC 2104, Feb. 1997. [Online]. Available: https://rfceditor.org/rfc/rfc2104.txt[26] 陳建成、陳昀暄 , “多接取邊緣運算 (MEC) 技術,” 電腦與通訊, no. 173, pp.34–37, 2018.[27] Z. Shelby, K. Hartke, and C. Bormann, “The Constrained Application Protocol(CoAP),” RFC 7252, Jun. 2014.[28] Cubie, “MQTT 教學(一):認識 MQTT.” [Online]. Available: https://swf.com.tw/?p=1002[29] A. Banks and R. Gupta, MQTT Version 3.1.1, OASIS, 2014. [Online]. Available:http://docs.oasisopen.org/mqtt/mqtt/v3.1.1/os/mqttv3.1.1os.html[30] A. Theodouli, S. Arakliotis, K. Moschou, K. Votis, and D. Tzovaras, “On the design of a blockchainbased system to facilitate healthcare data sharing,” in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom). IEEE, 2018, pp. 1374–1379.[31] M. Chen, W. Li, Y. Hao, Y. Qian, and I. Humar, “Edge cognitive computing basedsmart healthcare system,” Future Generation Computer Systems, vol. 86, pp. 403–411,2018.[32] P. Pace, G. Aloi, R. Gravina, G. Caliciuri, G. Fortino, and A. Liotta, “An edge based architecture to support efficient applications for healthcare industry 4.0,” IEEETransactions on Industrial Informatics, vol. 15, no. 1, pp. 481–489, 2018.[33] A. Islam and S. Y. Shin, “Bhmus: blockchain based secure outdoor health monitoring scheme using uav in smart city,” in 2019 7th international conference on informationand communication technology (ICoICT). IEEE, 2019, pp. 1–6.[34] Protocol Labs, “IPFS docs.” [Online]. Available: https://docs.ipfs.io/[35] J. H. Silverman and J. Suzuki, “Elliptic curve discrete logarithms and the index calculus,” in International Conference on the Theory and Application of Cryptology and Information Security. Springer, 1998, pp. 110–125. 描述 碩士
國立政治大學
資訊科學系碩士在職專班
108971018資料來源 http://thesis.lib.nccu.edu.tw/record/#G0108971018 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.advisor Tso, Ray-lin en_US dc.contributor.author (Authors) 洪士晟 zh_TW dc.contributor.author (Authors) Hung, Shih-Sheng en_US dc.creator (作者) 洪士晟 zh_TW dc.creator (作者) Hung, Shih-Sheng en_US dc.date (日期) 2021 en_US dc.date.accessioned 10-Feb-2022 13:21:43 (UTC+8) - dc.date.available 10-Feb-2022 13:21:43 (UTC+8) - dc.date.issued (上傳時間) 10-Feb-2022 13:21:43 (UTC+8) - dc.identifier (Other Identifiers) G0108971018 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/139000 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系碩士在職專班 zh_TW dc.description (描述) 108971018 zh_TW dc.description.abstract (摘要) 隨著科技與通訊技術發展,遠距醫療改善醫療資源分配不均的問題,縮短醫療機構與病人的距離。遠距醫療服務除了提供優質的醫療品質,如何保障病人資料隱私性、通訊設備資料傳輸安全與有限度的共享醫療資料,也是重要的課題。Hewa 等人(2020)提出「遠距醫療平台」,於物聯網裝置與網路傳輸能力有限之場景,使用具有儲存空間較小、計算速度較快的 Elliptic Curve QuVanstone (ECQV)隱式憑證作為安全性標準。醫院與病人間,透過各自的 ECQV 憑證另外產生聯合公鑰,以建立醫療連結關係,但此方式金鑰需各自保管,將額外增加金鑰管理的負擔。本研究以 Hewa 方案之金鑰管理機制為基礎發展遠距醫療系統,採用雲端與多接取邊緣運算架構(Multi-access Edge Computing , MEC)技術並結合物聯網裝置,將病人醫療數據加密儲存於雲端資料庫;Hyperledger Fabric 與智能合約,負責管理角色權限、資料取用歷程與憑證資訊紀錄。並結合蘇等人(2018)的代理憑證機制,透過原始憑證使用者能自行產生代理憑證並分發給隸屬成員,且每張代理憑證皆能代表使用者的身分。本文將由醫院與 MEC 平台向憑證認證中心(CA)申請 ECQV 憑證,藉以減少各自申請憑證的成本,病人代理憑證為醫院產生的緣故,憑證本身已建立醫療連結關係,因此達到無需使用聯合公鑰的優點。 zh_TW dc.description.abstract (摘要) With the advancements of science and communication technology, telemedicine improves the issue of distribution of medical resources and shorten the distance between medical institutions and patients. Telemedicine also provides excellent medical quality. Ensuring the privacy of data, the security of data transmission and limited sharing of medical data are important issues.Hewa’s (2020)”telemedicine platform” used smaller storage and faster computation of Elliptic Curve Qu-Vanstone(ECQV) implicit certificate as security standard.Joint public key establish medical relationship between hospital and patients through generated their own ECQV. It needs to be kept separately.It will increase the loading of key management.This study based on Hewa’s key management mechanism to develop telemedicine platform. We adopted cloud service, Multi-access Edge Computing(MEC) architecture, combining Internet of things(IoT) devices to encrypt data.Hyperledger Fabric and smart contracts manage roles,permissions, data access audit log and certificate information.Combined with Su’s(2018) proxy certificate mechanism, certificate generated from original certificate and distributed to their members. To reduce cost of network transmission,hospital and MEC apply for ECQV from CA. Hospital generated patient’s proxy certificate to establish medical relationship, so joint public key do not required to be used. en_US dc.description.tableofcontents 誌謝 i摘要 iiAbstract iii目錄 iv圖目錄 vi表目錄 vii第一章 緒論 11.1 研究背景 11.2 研究動機 21.3 研究目的與方法 31.4 論文架構 4第二章 背景知識 52.1 分散式技術 52.1.1 區塊鏈(Blockchain) 52.1.2 超級帳本(Hyperledger)─ Hyperledger Fabric 62.1.3 星際檔案系統(InterPlanetary File System,IPFS) 92.2 密碼學技術 132.2.1 橢圓曲線密碼學(Elliptic Curve Cryptography,ECC) 132.2.2 ECQV憑證與產生方法 172.2.3 ECQV代理憑證機制 192.2.4 雜湊訊息鑑別碼(Hashbased Message Authentication Code )212.3 通訊技術 212.3.1 多接取邊緣運算技術(Multiaccess Edge Computing) 222.3.2 CoAP(Constrained Application Protocol) 222.3.3 MQTT(Message Queuing Telemetry Transport) 242.4 遠距醫療 25第三章 遠距醫療數據收集平台 273.1 符號定義 293.2 架構說明 303.2.1 系統架構 303.2.2 Hyperledger Fabric 區塊鏈架構 323.3 主要流程 343.3.1 遠距醫療申請流程 343.3.2 註冊階段 353.3.3 認證階段 413.3.4 資料上傳階段 423.3.5 資料取用階段 43第四章 安全性分析與金鑰管理比較 454.1 安全性分析 454.2 金鑰管理比較 46第五章 結論 49參考文獻 50 zh_TW dc.format.extent 3088349 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0108971018 en_US dc.subject (關鍵詞) 遠距醫療 zh_TW dc.subject (關鍵詞) Hyperledger Fabric zh_TW dc.subject (關鍵詞) 隱式憑證 zh_TW dc.subject (關鍵詞) Elliptic Curve Qu-Vanstone(ECQV) zh_TW dc.subject (關鍵詞) Telemedicine en_US dc.subject (關鍵詞) Hyperledger Fabric en_US dc.subject (關鍵詞) Implicit certificate en_US dc.subject (關鍵詞) Elliptic Curve Qu-Vanstone(ECQV) en_US dc.title (題名) 應用ECQV自簽名憑證於遠距醫療之研究 zh_TW dc.title (題名) A Study on ECQV Selfsigned Certificate on Telemedicine en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [1] “General Data Protection Regulation (GDPR),” 2021. [Online]. Available: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation[2] 中華民國107年5月11日衛生福利部衛部醫字第1071662596號令。通訊診察治療辦法.[3] 中華民國109年12月29日健保醫字第1090017665號公告。全民健康保險遠距醫療給付計畫.[4] S. Boeyen, S. Santesson, T. Polk, R. Housley, S. Farrell, and D. Cooper, “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,” RFC 5280, May 2008. [Online]. Available: https://rfceditor.org/rfc/rfc5280.txt[5] M. Campagna, “Sec 4: Elliptic curve quvanstone implicit certificate scheme (ECQV),” Standards for Efficient Cryptography, Version, vol. 1, 2013.[6] Z. W. Group et al., “Zigbee Smart Energy Profile Specification Revision 15,” ZigBee Alliance, Technical Report, Tech. Rep., 2008. [Online]. Available:https://people.ece.cornell.edu/land/courses/ece4760/FinalProjects/s2011/kjb79_ajm232/pmeter/Zigbee%20Smart%20Energy%20Profile%20Specification.pdf[7] T. Hewa, A. Braeken, M. Ylianttila, and M. Liyanage, “MultiAccess Edge Computing and Blockchainbased Secure Telehealth System Connected with 5G and IoT,” inThe 8th IEEE International Conference on Communications and Networking (IEEE ComNet’2020), 2020.[8] R. L. Tso and C. W. Su, “A Study on ECQV Selfsinged Certificate and Its Extensions ,” Master’s thesis, Department of Computer Science National Chengchi University,2018.[9] S. Nakamoto, “Bitcoin: A PeertoPeer Electronic Cash System,” https://bitcoin.org/bitcoin.pdf, 2008.[10] “An Introduction to Hyperledger,” https://www.hyperledger.org/wpcontent/uploads/2018/07/HL_Whitepaper_IntroductiontoHyperledger.pdf, 2018.[11] “A Blockchain Platform for the Enterprise,” https://hyperledgerfabric.readthedocs.io/zh_CN/latest/, 2020.[12] J. Benet, “IPFS Content Addressed, Versioned, P2P File System,” arXiv preprintarXiv:1407.3561, 2014.[13] “BitTorrent(BT).” [Online]. Available: https://en.wikipedia.org/wiki/BitTorrent[14] “git.” [Online]. Available: https://zh.wikipedia.org/wiki/Git[15] “Distributed Hash Table, DHT.” [Online]. Available: https://en.wikipedia.org/wiki/Distributed_hash_table[16] D. Mazières, “Selfcertifying file system,” Ph.D. dissertation, Massachusetts Institute of Technology, 2000.[17] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of computation, vol. 48,no. 177, pp. 203–209, 1987.[18] V. S. Miller, “Use of Elliptic Curves in Cryptography,” in Conference on the theoryand application of cryptographic techniques. Springer, 1985, pp. 417–426.[19] Standards for Efficient Cryptography Group (SECG), “Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography,” Released Standard Version, vol. 1,2000.[20] B. Daniel, “Standards for Efficient Cryptography, SEC 1: Elliptic Curve Cryptography,” Released Standard Version, vol. 2, 2009.[21] V. Kapoor, V. S. Abraham, and R. Singh, “Elliptic curve cryptography,” Ubiquity,vol. 2008, no. May, pp. 1–8, 2008.[22] W. Diffie and M. E. Hellman, “Multiuser cryptographic techniques,” in Proceedingsof the June 710, 1976, national computer conference and exposition, 1976, pp. 109–112.[23] D. Johnson, A. Menezes, and S. Vanstone, “The Elliptic Curve Digital SignatureAlgorithm (ECDSA),” International journal of information security, vol. 1, no. 1,pp. 36–63, 2001.[24] D. R. Brown, R. Gallant, and S. A. Vanstone, “Provably secure implicit certificateschemes,” in International Conference on Financial Cryptography. Springer, 2001,pp. 156–165.[25] D. H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: KeyedHashing forMessage Authentication,” RFC 2104, Feb. 1997. [Online]. Available: https://rfceditor.org/rfc/rfc2104.txt[26] 陳建成、陳昀暄 , “多接取邊緣運算 (MEC) 技術,” 電腦與通訊, no. 173, pp.34–37, 2018.[27] Z. Shelby, K. Hartke, and C. Bormann, “The Constrained Application Protocol(CoAP),” RFC 7252, Jun. 2014.[28] Cubie, “MQTT 教學(一):認識 MQTT.” [Online]. Available: https://swf.com.tw/?p=1002[29] A. Banks and R. Gupta, MQTT Version 3.1.1, OASIS, 2014. [Online]. Available:http://docs.oasisopen.org/mqtt/mqtt/v3.1.1/os/mqttv3.1.1os.html[30] A. Theodouli, S. Arakliotis, K. Moschou, K. Votis, and D. Tzovaras, “On the design of a blockchainbased system to facilitate healthcare data sharing,” in 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom). IEEE, 2018, pp. 1374–1379.[31] M. Chen, W. Li, Y. Hao, Y. Qian, and I. Humar, “Edge cognitive computing basedsmart healthcare system,” Future Generation Computer Systems, vol. 86, pp. 403–411,2018.[32] P. Pace, G. Aloi, R. Gravina, G. Caliciuri, G. Fortino, and A. Liotta, “An edge based architecture to support efficient applications for healthcare industry 4.0,” IEEETransactions on Industrial Informatics, vol. 15, no. 1, pp. 481–489, 2018.[33] A. Islam and S. Y. Shin, “Bhmus: blockchain based secure outdoor health monitoring scheme using uav in smart city,” in 2019 7th international conference on informationand communication technology (ICoICT). IEEE, 2019, pp. 1–6.[34] Protocol Labs, “IPFS docs.” [Online]. Available: https://docs.ipfs.io/[35] J. H. Silverman and J. Suzuki, “Elliptic curve discrete logarithms and the index calculus,” in International Conference on the Theory and Application of Cryptology and Information Security. Springer, 1998, pp. 110–125. zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202200009 en_US
