| dc.contributor.advisor | 陳恭<br>廖峻鋒 | zh_TW |
| dc.contributor.advisor | Kung Chen<br>Chun-Feng Liao | en_US |
| dc.contributor.author (Authors) | 賴廷恩 | zh_TW |
| dc.contributor.author (Authors) | Lai, Ting-En | en_US |
| dc.creator (作者) | 賴廷恩 | zh_TW |
| dc.creator (作者) | Lai, Ting-En | en_US |
| dc.date (日期) | 2024 | en_US |
| dc.date.accessioned | 5-Aug-2024 12:08:32 (UTC+8) | - |
| dc.date.available | 5-Aug-2024 12:08:32 (UTC+8) | - |
| dc.date.issued (上傳時間) | 5-Aug-2024 12:08:32 (UTC+8) | - |
| dc.identifier (Other Identifiers) | G0111356052 | en_US |
| dc.identifier.uri (URI) | https://nccur.lib.nccu.edu.tw/handle/140.119/152419 | - |
| dc.description (描述) | 碩士 | zh_TW |
| dc.description (描述) | 國立政治大學 | zh_TW |
| dc.description (描述) | 資訊管理學系 | zh_TW |
| dc.description (描述) | 111356052 | zh_TW |
| dc.description.abstract (摘要) | 在當代醫療領域,人工智慧於影像分析的應用推動了醫療影像資料
共享平台的發展。這些平台整合多機構醫療影像資料,確保僅授權使
用者讀寫敏感資訊。然而,傳統中心化資料庫存儲授權資料面臨資料
竊取、篡改及單點故障風險,挑戰隱私保護與授權透明度。如果授權
資料保存不當或是授權過程出現錯誤,將可能導致未經授權者存取敏
感資料,進而引發嚴重的隱私洩露和法律糾紛,同時削弱公眾對資料
共享平台的信任,影響平台的長期運作和發展。
本研究開發出一套基於以太坊區塊鏈技術的授權驗證系統,該系統
通過RESTfulAPI 與醫療平台進行整合,並搭配rabbitMQ等分散式系
統處理大量整合資料。應用區塊鏈的去中心化和不可篡改性質,本系
統能夠安全地將授權資料儲存在智能合約中,並透過智能合約自動化
方法審核存取權限,將驗證和資料存取機制過程封裝在智能合約中,
大幅降低了資料洩漏的風險,並保障了授權驗證的準確性。本系統還
應用Vault-BX 技術,實現對私鑰調用權和管理權的分離,使智能合
約上資料的讀寫過程更加嚴謹。本研究通過所述方法和系統架構,提
升了資料共享的可追蹤性和安全性,進一步促進了這些平台的順利運
作,從而構建了一個良好的資料共享生態系。 | zh_TW |
| dc.description.abstract (摘要) | In modern healthcare, AI-driven image analysis has fostered the develop
ment of medical image data sharing platforms that integrate data from mul
tiple sources. These platforms ensure only authorized users can access sen
sitive information, but traditional centralized databases pose risks like data
theft and tampering, potentially leading to privacy breaches and undermining
public trust.
ThisstudyintroducesanauthorizationverificationsystembasedonEthereum
blockchain technology, interfacing with medical platforms through RESTful
API and managing data with systems like RabbitMQ. The blockchain’s de
centralized nature ensures secure storage of authorization data in smart con
tracts, significantly reducing data breach risks. The use of VaultBX technol
ogy enhances private key management, ensuring robust data handling. This
systemenhancesdatasecurity andtraceability, thereby facilitating the smooth
operation of platforms and fostering a robust data sharing ecosystem | en_US |
| dc.description.tableofcontents | 1緒論 1
2文獻回顧及技術背景 5
2.1技術背景 5
2.1.1區塊鏈 5
2.1.2批次處理RabbitMQ 9
2.1.3 vault-BX 11
2.2相關研究 14
2.2.1陽明交大資料授權系統架構 14
2.2.2區塊鏈強化授權資料安全相關研究 16
2.2.3智能合約授權自動化處理相關研究 17
2.2.4授權資料細粒度研究相關研究 17
3系統設計 18
3.1名詞定義 18
3.1.1資料授權平台定義的名詞 18
3.1.2本系統定義的名詞 19
3.2系統設計 19
3.2.1整合現有架構概念 19
3.2.2系統擴充的資料批次處理 21
3.2.3智能合約與私鑰管理設計 21
3.3系統架構 22
3.3.1 TrustChain區塊鏈架構 22
3.3.2系統架構圖 23
3.3.3授權資料統一格式 26
3.4系統主流程 27
3.4.1 TPDSPs整合與資料上鏈流程 27
3.4.2 TPDSPs整合後驗證RP授權流程 29
4系統實作與展示 31
4.1 TPDSPs於TrustChain註冊及登入 31
4.2 TPDSPs於TrustChain使用資料上鏈功能 33
4.2.1 TPDSPs資料傳遞至TrustChainServer及前處理流程 33
4.2.2 TPDSPs資料上鏈流程 39
4.3 TPDSPs於TrustChain使用RP身分驗證功能 45
4.4系統評估與限制 49
4.4.1性能與可擴展性評估 50
4.4.2安全性評估 50
4.4.3去中心化程度的評估 50
4.4.4系統局限性 50
5結論與未來展望 51
5.1研究目的實現情況 51
5.1.1去中心化的資料管理 51
5.1.2有效追蹤資料授權紀錄權限和歷史 51
5.1.3資料授權條件的保存持久性和恢復能力 51
5.1.4易於整合現行醫療共享平台 52
5.2研究限制 52
5.2.1系統依賴單一中央伺服器 52
5.2.2 Vault-BXserver效能瓶頸問題 53
5.2.3系統防禦措施不足 53
5.2.4資料上鏈的效能瓶頸問題 53
5.3未來展望 54
References 55 | zh_TW |
| dc.format.extent | 7480877 bytes | - |
| dc.format.mimetype | application/pdf | - |
| dc.source.uri (資料來源) | http://thesis.lib.nccu.edu.tw/record/#G0111356052 | en_US |
| dc.subject (關鍵詞) | 區塊鏈技術 | zh_TW |
| dc.subject (關鍵詞) | 智能合約 | zh_TW |
| dc.subject (關鍵詞) | 資料授權 | zh_TW |
| dc.subject (關鍵詞) | 隱私保護 | zh_TW |
| dc.subject (關鍵詞) | 以太坊 | zh_TW |
| dc.subject (關鍵詞) | 資料共享 | zh_TW |
| dc.subject (關鍵詞) | Blockchain technology | en_US |
| dc.subject (關鍵詞) | smart contracts | en_US |
| dc.subject (關鍵詞) | data authorization | en_US |
| dc.subject (關鍵詞) | privacy protection | en_US |
| dc.subject (關鍵詞) | Ethereum | en_US |
| dc.subject (關鍵詞) | data sharing | en_US |
| dc.title (題名) | 應用區塊鏈技術強化醫療資料授權分享的安全性與可溯源性 | zh_TW |
| dc.title (題名) | Leveraging Blockchain Technology to Enhance the Security and Traceability of Medical Data Sharing | en_US |
| dc.type (資料類型) | thesis | en_US |
| dc.relation.reference (參考文獻) | BSOS Vault. (2023). Tech partner: BSOS. https://www.hashicorp.com/partners/
tech/bsos. (Accessed: 2024-07-26)
Hardhat. (2024). Hardhat documentation. Retrieved from https://hardhat.org/docs/
(Accessed: date-of-access)
HashiCorp Vault. (2023). Vault by hashicorp. Official Website. Retrieved from https://
www.vaultproject.io
HSM. (2024). Security details- hsm integration- vault enterprise. Retrieved from
https://developer.hashicorp.com/vault/docs/enterprise/hsm/security
trieved from HashiCorp Developer)
(Re
Ismailova, R. (2024). Security aspects of decentralized systems in data management.
Advanced Security Protocols Journal, 5(2), 202–218.
Laturkar, K. (2024). The impact of decentralization in blockchain on data management
across industries. Journal of Blockchain Research, 7(1), 45–59.
Maharjan, R., Chy, M. S. H., Arju, M. A., & Cerny, T. (2023). Benchmarking message
queues. Telecom, 4(2), 298-312. Retrieved from https://www.mdpi.com/2673-4001/4/2/18 doi: 10.3390/telecom4020018
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Retrieved from
https://bitcoin.org/bitcoin.pdf (Accessed: date-of-access)
OpenZeppelin. (2024). Documentation. Retrieved from https://docs.openzeppelin
.com/contracts/5.x/extending-contracts (Accessed: date-of-access)
Praveen, G., Singh, P. K., & Ranjan, P. (2024). Enhancing record management security
through blockchain and ipfs. International Journal of Blockchain Innovations, 2(3),
112–130.
RabbitMQ. (2024). Rabbitmq tutorial- work queues with javascript. Retrieved
from https://www.rabbitmq.com/tutorials/tutorial-two-javascript (Accessed:
55
date-of-access)
Vitalik. (2014). Ethereum white paper: A next generation smart contract & decentral
ized application platform. Retrieved from https://ethereum.org/en/whitepaper/
(Accessed: date-of-access)
Wang, C., Wu,W.,Chen,F., Shu, H.,&Zhang, J. (2024). Ablockchain-based trustworthy
access control scheme for medical data sharing. Journal of Information Technology
in Healthcare, 2. Retrieved from https://ietresearch.onlinelibrary.wiley.com/
doi/10.1049/2024/5559522 (See abstract and introduction for foundational con
cepts and framework) doi: 10.1049/ietis.5559522
Zaabar, B., et al. (2021). Healthblock: A secure blockchain-based healthcare data man
agement system. Computer Networks, 200, 108500. Retrieved from https://
www.sciencedirect.com/science/article/abs/pii/S1389128621004382 (See ab
stract for initial discussion on the system’s design and security enhancements) doi:
10.1016/j.comnet.2021.108500
Zhao, X., & Su, Q. (2019). Revocable attribute-base scheme with enhanced security
and privacy for healthcare data sharing. In Ieee 14th international symposium
on parallel architectures, algorithms and programming (paap). Beijing, China:
IEEE. (This work highlights the use of blockchain for fine-grained access control
in healthcare data sharing, focusing on the enhancement of security and privacy.)
doi: 10.1109/PAAP60200.2023.10391571
中華民國憲法法庭. (2022). 111 年憲判第 13 號解釋. Retrieved from https://
cons.judicial.gov.tw/docdata.aspx?fid=38&id=309956 (取自中華民國憲法法
庭) | zh_TW |
