Article Preview
TopIntroduction
As the next level of mobile Internet and the Internet of Things develops quickly, the cost of computing and storage of medical data is decreasing, while the efficiency of data processing is also increasing. In particular, high-tech technologies, such as artificial intelligence and sensing devices, are gradually being integrated into the medical industry, generating and accumulating a substantial quantity of medical data, both organized and unorganized. Because of its clear boundaries and consistent format for creation and storage, structured data may be integrated and analyzed automatically. Conversely, unstructured data must undergo extensive pre-processing to be usable by analysis tools because it cannot be read by machines. Meanwhile, the development and improvement of health-care information systems (HIS) has organized and summarized the scattered data from numerous departments of medical facilities or cooperation among facilities. An HIS facilitates accessibility, analysis, and sharing of medical data, which has played a great role in improving the efficiency of medical treatment and modern management of medical institutions and has become an essential technical tool in medical activities (Huo et al., 2014). An HIS enables health-care institutions to gather, store, manage, analyze, and optimize patient treatment histories and other important data. Additionally, these technologies make it simple for medical professionals to obtain data regarding large-scale environments, such as trends in community health. Traditionally, the source of medical big data is mainly the vast quantity of information produced by individuals seeking medical care at communities and health-care facilities.
In the big data environment, how to minimize the misuse of information or misuse of permissions originating from within the system and thus causing damage to patient privacy is an important issue facing users of medical big data. Unauthorized access to patient medical records happens when a person accesses data, including protected health information (PHI), that is contained in those records without the proper consent, authorization, or other legal authority. Medical records for patients can be unlawfully accessed from a variety of places. Access control technology secures medical data at the use stage from the root cause of data leakage (an access rights assignment problem). This technology ensures that the data can be accessed by the right users with legal privileges through certain condition constraints. Access control technology ultimately serves the purpose of protecting the privacy and security of medical big data. Therefore, this paper proposes a big data access control model that meets the needs of the medical industry by combining the characteristics of the medical industry and the behavior patterns of doctors. On the basis of this model, a set of trust-based evaluation methods and constraint mechanisms are designed to evaluate users’ trust from their behaviors and improve the access control granularity of the model.
Policymakers face a challenge to establish if the material accessible by physicians is required from a personal standpoint to create effective access control rules because of the profession, difficulty, and cost of learning clinical qualifications. The traditional coarse-grained access control policy can no longer meet the highly complex medical big data system. This paper proposes a trust-based access control system for medical big data that combines the traditional task-based access control (TBAC) model and role-based access control (RBAC) model and introduces trust assessment as a constraint to build a trust-based T-RBAC model to meet the needs of the medical industry. The model combines the advantages of TBAC and RBAC and introduces a behavior alert module that dynamically monitors user access behavior in real time and gives certain warnings to illegal users. Finally, it is experimentally proven that the warning mechanism can effectively reduce the frequency of malicious access to the system and improve the overall behavior of users.
In the rest of the paper we explain existing work in detail, discuss the process of cybersecurity of medical data based on big data, and share the details of the experiment and result analysis.