A privacy protection model for health care big data based on trust evaluation access control in cloud service environment

Abstract

In order to solve the trust problem generated by each node in the medical cloud system during the interaction process, a dynamic access control model based on trust evaluation is proposed in this paper. The model uses entropy weight method and fuzzy theory to fit the comprehensive interaction trust value of nodes, add the role-based two-way selection mechanism and third-party real-time monitoring mechanism for dynamic access control. Give the specific procedures and methods. Through simulation and comparison experiments with the classic Eigen-Trust model and RBAC, we can see that the model proposed in this paper has great advantages in dynamic controllability, time complexity and trust accuracy.

Keywords

Cloud computing health care big data information entropy trust evaluation fuzzy relation matrix access control

1. Introduction

Cloud computing is to place computing, storage and other resources in the virtual network rather than the local servers, which enables users easily and quickly to access computing resources and storage resources that they need [1]. Because the statistical analysis of data can find the correlation between different data, the law of disease occurrence in seemingly unrelated data, effectively realize the prevention of disease and help doctors make accurate diagnosis and treatment, the medical cloud has shown vigorous vitality. The data which are stored in the medical cloud is a collection of all health-related data, including various types of information that can help solve medical problems [2]. For example, the famous oncology big data startup Flatiron Health has developed a medical cloud platform "Oncology-Cloud" specifically for oncology, which provides a very valuable clinical guidance for doctors in the diagnosis and treatment of patients. It collects information through the patients’ electronic medical records, and integrates the cluttered information to mine valuable data. Combining with "non-structural" data in the hands of experts and doctors, greatly improved the type and accuracy of tumor data [3]. Cloud computing can bring great convenience to people’s lives and work in theoretical aspect, however, it has been greatly hindered in practical application. On the one hand, users do not know the reliability of the data protection methods provided by service providers. They worry that the security of data in the shared cloud will not be guaranteed. Once leaked, the consequences will be incalculable. On the other hand, service providers face huge security challenges in terms of access rights and management of shared data. The problem of trust caused by data security has become increasingly prominent with the popularity of cloud computing, especially the medical data which involves more personal privacy information. Once criminals want to steal and misappropriate these data, their owners may face the problems of data lost and illegal use. A survey by IDC pointed out that cloud storage users are more willing to choose local storage due to concern about unnecessary security issues caused by losing control of data and systems [1]. However, data sharing has extremely broad development prospects, it’s an inevitable trend of the data era. Therefore, stability, integrity, and trust in cloud security have become urgent issues to be solved [4].

2. Related work

2.1 Medical cloud

With the explosive growth of the population, the medical demand situation is becoming increasingly critical, limited resources can no longer meet the huge demand. Big data and cloud computing drive the rapid development of medical system, the expansion of data healthcare has brought a solution to the problems, but the number of digital medical devices and electronic medical records are increasing dramatically at the same time. Therefore, cloud storage and sharing of medical data has become an inevitable choice due to the electronic records can provide doctors with more convenient access, easier to save, thrift storage space and decline the costs. The medical cloud database contains various types of medical information. By using cloud computing, data mining and other methods, the reference and helpful information to doctors’ diagnosis and treatment can be obtained from the huge data, which is a substantive application of cloud services.

By analyzing and summarizing the development background and history of medical big data, Fadia Shah et al. [2] proposed that the application of big data is an inevitable trend in the medical field and we should actively cope with it. In view of that security problems of private data in health care in the cloud environment, Sk Md Mizanur Rahman et al. [5] have proposed a security model for preserving the privacy of medical big data in a healthcare cloud using a fog computing facility with pairing-based cryptography. Narn-yih Lee et al. [6] proposed a medical big data privacy protection system based on DiffieHellman protocol, which protects patients’ privacy information and avoids disclosure of medical data from the perspective of granting access rights. Tiago Marques Godinho et al. [7] proposed a method to create simulated big data repository to solve the problem of poor image data available for medical images in database. Xu Luo et al. [8] pointed out the necessity of big data research in the medical field by analyzing the connotation of medical big data and its impact on medical research by combining clinical medicine. Yi Wang et al. [9] focused on the visualization of medical big data, divided the existing visualization methods into spatiotemporal data visualization and non-spatiotemporal data visualization according to the different data types, and gave a comparison list of visualization methods including classification, legend and characteristics. You-fu Wu et al. [10] discussed the roles that the government should play in the security of privacy health data of the public from the points of data governance, technical standards, management, laws and regulations from the perspective of health privacy risks brought by big data medical treatment to the medical field, and proposed suggestions on relevant public policy directions. Jian-wen Zhou [11] analyzed the current researches and application status of medical big data and discussed the safety problems in the application of big data in depth.

2.2 Trust evaluation and access control

Access control based on trust assessment is one of the main methods to solve the security problems of cloud services. Classic trust models include: Eigen-Trust model, Bayes model, cloud model, JrmPhisang subjective trust model, etc. Eigen-Trust model is proposed by Stanford University’s Sepandar D Kamvar and others, which calculate the comprehensive trust value of nodes using a global iterative algorithm. This model considers the comprehensive trust value of the node through an iterative algorithm, which can not only evaluate the trust values of the nodes in real time, but the credibility obtained is a convergent value. At the same time, Kamvar et al. believe that the higher the trust value, the higher the trust value of the nodes recommended by the nodes [12]. But the Eigen-Trust model also has some disadvantages. First, the algorithm pre-sets a number of trusted nodes which the system fully trusts, thus reducing the objectivity of it. Secondly, the number of iterations of the model is closely related to the complexity of the environment, and it will increase proportionally as the network environment changes. In a highly complex network, the rapid expansion of the number of iterations will bring a very large computational pressure to the system itself and reduce the system’s operating efficiency. In addition, when calculating the trust value, the Eigen-Trust model simply counts the number of the transaction whether it was satisfied, taking the difference between the two, and the decline in reference ability over time has not took into account [13]. The Bayes model is based on Bayes’ theorem, which was originally used mainly in probability theory to measure the probability of event A occurring under the condition of event B. Because trust is transitive, it is possible to build a trust evaluation model based on Bayes’ theorem. This type of model builds the Bayesian trust network, starting from the belief source, and calculating the trust value through probabilistic reasoning from the belief source to the trust layer [14]. This type of model premeditates the impact of constant changes in the source of beliefs on basic beliefs, thereby dynamically calculating trust values. Compared with the Eigen-Trust model, the Bayesian model takes the time inertia and decay type of trust into consideration and improves the accuracy of trust. However, this model divides the belief source and basic belief into two layers with no interaction relationship when building a trust network, which reduces the scalability of the model. Moreover, the model is sensitive with a single fraud, which may produce the excesses punishment policy, discrepancies with the actual situation [15]. The cloud model was first proposed by Li Deyi, an academician of the Chinese Academy of Engineering. This theory is based on the cross-permeation of probability theory and fuzzy set theory. Formed a transformation model between qualitative concepts and descriptions through the specific constructors [16]. The trust evaluation model based on this can map chaotic elements to an ordered universe, and the cloud in the model can be realized by both software and firmware which can simplify calculation. JrmPhisang’s subjective trust model divides trust into three levels. The users evaluate the service based on subjective perception, and finally, the quantitative data will be transferred into the qualitative concept through the probability density function calculation. This type of method is mainly based on the users’ personal experience and is susceptible to personal emotions and malicious evaluation nodes.

In addition to the above-mentioned classic trust models, many scholars have put forward a series of trust assessment methods and access control models by using different tools and methods which based on their research fields. To resolve the uncertainty problems of the ambiguity of trust in the process of access control, Yuan-bing Liu et al. [17] proposed an access control scheme based on multi-attribute fuzzy trust assessment in the cloud manufacturing environment by comparing and analyzing the effectiveness and defects of trust evaluation schemes in different application scenarios. They combined the dynamic traditional hierarchical fuzzy system with trust assessment to achieve dynamic access control and improve the granularity and control efficiency. However, this scheme is not sensitive to malicious evaluation, there are still some security risks. Laura Gheorghe et al. [18] proposed a target monitoring system (GTMS) based on trust management, which is used for trust control. The system extends the period of the network by reducing each node’s energy consume to improve trust level. Aiming at the problems of users’ trust in cloud service providers, Man-fu Ma et al. [19] combined the existing reputation based on the trust mechanism, proposed a SLA-based trust model which based on the agreements of service level and cloud computing trust models of users’ evaluation while introduced the System-trust. They pointed out that only the service providers who’s trust value is higher than the specified threshold can enter the cloud system to publish services, this mechanism effectively controls the occurrence of deceptive behaviors of service providers, but this model does not consider the control of the users’ cheating. According to the traceability of block chain technology and the performance of intelligent contract to automatically execute default instructions, Yue LI et al. [20] proposed a trusted big data sharing model based on block chain technology and intelligent contract, aiming at solving the problems on safe circulation of data resources. Yan et al. [21] quantified fuzzy indexes by using intuitionistic fuzzy set (IFS), introduced the third-party trust evaluation model and time decomposition factors based on the existing direct and indirect (recommended) trust evaluation model, not only extended the trust evaluation model, but also improved the credibility of the trust evaluation on service transactions.

Based on obtaining the comprehensive interaction trust value between nodes, this paper introduces a selection mechanism to perform two-way screening of cloud users and service nodes. In addition, third-party real-time monitoring is used to prevent users’ violations in a timely manner. The article gives the specific building process of the model and algorithm. Through simulation and comparison experiments, we can see that our model has largely improved time complexity and dynamics compared with the classic access control model.

3. Relevant theories

3.1 Fuzzy theory

Fuzzy theory was proposed by L.A. Zadeh in 1965. The core content is to establish a mathematical model of language analysis for complex systems or processes, so that natural languages can be directly converted into algorithmic languages acceptable to computers [22]. The fuzzy matrix can be used to represent the fuzzy relationship between nodes when the domains discussed are finite. Due to the trust relationship between nodes is fuzzy and transitivity, the fuzzy matrix can be used to calculate the correlation degree.

The fuzzy matrix is defined as: For any i ⩽ n, j ⩽ m, there is r_ij ∈[0,1], then $\tilde{R} = (r_{ij})_{m \times n}$ is the fuzzy matrix. r_ij represents the degree to which the i-th element in set U and the j-thelement in set W belong to fuzzy relation $\tilde{R}$ .

3.2 Information entropy

Information is an abstract concept. People measured the amount of information they received through their own perception until Claude Shannon put forward the concept of "information entropy" in his paper: A Mathematical Theory of Communication in 1984. Shannon describes the uncertainty of information source with "entropy" in this paper, pointing out that the average amount of information obtained which has discard the redundant information is "information entropy" [23], and giving the calculation formula of it: $H = - \sum_{i = 0}^{N} P_{i} {lnP}_{i}$ (1)

Information entropy theory provides the basis for quantifying information, thus it has been widely used in various fields of information technology. Minhhuy Ho et al. [24] calculated the atomic and molecular information entropy of the wave function expanded in gaussian concentration by using three-dimensional mathematical integration, and applied entropy to the energy measurement problem of physical chemistry. According to the theories of dissipative structure and urban nature-economy-society complex ecosystem, Yan Zhang et al. [25] proposed an indicator system and model for evaluating the change direction of urban development based on information entropy, aim to measure the development level of urban ecosystem.

Since the entropy can measure the uncertainty of the information, aiming at the problem that the information sent by each node in the cloud system is uncertain, the information entropy can be used to calculate the weight of an evaluation element.

4. Trust based access control model

Access control is an effective way to determine whether the visitors have the right to obtain the protected data resources in the system and prevent legitimate users from illegally using the protected information. Commonly used access control techniques are based on roles, rules, time, space, probability, dynamic, semantic, etc. [26]. The purpose of building access control model under medical cloud environment is to protect data related to personal medical records from the source and provide technical protection for establishing reliable medical cloud system.

4.1 Model description

To establish the trust-based access control model in the medical cloud environment, five elements including subjects, objects, role, interactive trust value and role permission scope are mainly considered. The basic relationship model diagram of each element is shown in Fig. 1.

Visitors: a collection of users of a medical cloud system;

Medical cloud: a collection of resources and nodes providing cloud services;

Roles: the position in the system that indicates eligibility or authority to manipulate data in the system. In the medical cloud environment, roles mainly include: doctor, patient, and other visitors;

Condition set: a collection of conditions required by a visitor to perform an action;

Action set: a collection of actions taken by a visitor to a system;

Service set: a collection of services that can be provided by the system;

Permission: a set of intersections consisting of actions, conditions and services (defined as p_i = (action, service, terms).

Fig. 1

Basic relationship figure.

The model process is as follows:

Step 1: the visitor submits the access application and conducts authentication. If the identity is legitimate, proceed to the next step.

Step 2: operate on the trust database of the visitor based on his identity, calculate the trust value a, if a is less than the threshold, prevent the operation and interrupt the service; Instead, proceed to the next step;

Step 3: identify visitor requests, filter service nodes, and add optional nodes to the candidate queue;

Step 4: filter the nodes in the queue to find the best nodes;

Step 5: the visitor gains access to the node and gets the service;

Step 6: the node trust value is updated and the process ends.

The flow chart of the model is shown in Fig. 2.

Fig. 2

Process of the model.

4.2 Calculate the evaluation factors’ weight

It is a complete process from the beginning of the information generation to the end of the transmission, however, the signals sent by each node are random and have great uncertainty, thus a specific measure is needed to evaluate the degree of order in the system, which is, information entropy. Using information entropy to measure the weights of evaluation factors is an objective method. The larger the value of the entropy function, the worse the orderliness of the target values, that is, the less effective information provided, the more weight the indicators should be. On the contrary, the smaller the value of the entropy function, the better the orderliness, the more effective information provided, the larger the corresponding indicator weight should be [27, 28].

Suppose that there are m nodes need to be evaluated and n indicators in the evaluation system. x_ij represents the value of the j-th evaluation index of the i-th node. The judgment matrix X can be obtained from all the original values is as follows:

$X = [\begin{matrix} x_{11} & x_{12} & \dots & x_{1 n} \\ x_{21} & x_{22} & \dots & x_{21} \\ ⋮ & ⋮ & ⋮ & ⋮ \\ x_{m 1} & x_{m 2} & \dots & x_{mn} \end{matrix}]$

The larger the value of an index X_ij in the matrix, the greater its role in comprehensive evaluation.

Calculation steps to obtain factor weights based on entropy weight method:

1) normalization of matrix values:

Here, we use the L2 normalization method for matrix normalization to avoid the problems of the model overfitting and renewing the extreme values while using the maximum and minimum method when generating new data. Considering the original matrix as a combination of mrow vectors, the L² norm of the vector x_m = (x_m1, x_m2, …, x_mn) is defined as: normal $normal x_{m} = \sqrt{x_{m 1}^{2} + x_{m 2}^{2} + \dots + x_{mn}^{2}}$ [29]. Create a mapping from x to x′, let the L²norm of x′is 1. which is: ${x^{'}}_{i} = \frac{x_{i}}{n o r m (x)}$ (2)

get normalized matrix X′: $X^{'} = [\begin{matrix} x_{11}^{'} & x_{12}^{'} & \dots & x_{1 n}^{'} \\ x_{21}^{'} & x_{22}^{'} & \dots & x_{2 n}^{'} \\ ⋮ & ⋮ & ⋱ & ⋮ \\ x_{m 1}^{'} & x_{m 2}^{'} & \dots & x_{mn}^{'} \end{matrix}]$ (3)

2) Calculating the weight of the j-th evaluation index of the i-th node P_ij: $P_{ij} = \frac{x^{'} ij}{\sum_{i = 1}^{m} x^{'} ij}$ (4)

get the weight matrix (P_ij) _m×n .

3) The entropy value of the j-th node can be obtained from formula (1): $e_{j} = - k \sum_{i = 1}^{m} P_{ij} \ln P_{ij}$ (5)

let $k = \frac{1}{\ln m}$ , 0≤e (i) _j ≤1 .

4) Using f to represent the difference coefficient of factor j, f_i = 1 - e_i.

For index j, the smaller f_j, the less effective information provided by the index, the smaller the impact value on the evaluation value, that is, the smaller the weight; otherwise, the larger.

5) Weight calculation of index j: $W_{j} = \frac{fj}{\sum_{j = 1}^{n} fj}$ (6)

get the weight matrix W_n.

6) The evaluation value EV (j) of the index j is obtained from the matrix (3) and formula (6): $EV (j) = W_{j} \times X_{ij}^{'}$ (7)

7) To sum up, the evaluation value matrix EV _mn of the evaluation index is obtained.

4.3 Calculation of trust value

1) Calculating the direct trust value by fuzzy distribution:

Fuzzy theory is defined by membership function. This kind of function is essentially a quantitative description of the unambiguous extension of the subjective concept of objective things, which is essentially objective [22]. The membership function of the real field R is also called fuzzy distribution.

Set EV is the evaluation value of the evaluation index, and μ (EV) represents its membership function. Here, the fuzzy distribution of the normal distribution is used to calculate the membership of the evaluation index. which is: $μ (EV) = e^{- {(\frac{EV - a}{b})}^{2}}$ (8)

Get the membership matrix μ (i) of the i-th evaluated node: $μ (i) = {(μ_{i 1}, μ_{i 2}, \dots, μ_{in})}^{- 1}$ (9)

Combined with formula (6), we get the direct trust value of the i-th evaluated node: $D (i) = W_{i} \times μ_{i}$ (10)

The direct trust value matrix of the evaluated node is obtained as D_m.

2) Using the transitive fuzzy relation matrix to evaluate the global trust value:

Set the initial fuzzy relation matrix: $\begin{matrix} \begin{matrix} e_{1} & e_{2} & \dots & e_{m} \end{matrix} \\ U = \begin{matrix} e_{1} \\ e_{2} \\ ⋮ \\ e_{m} \end{matrix} [\begin{matrix} 1 & u_{12} & \dots & u_{1 m} \\ u_{21} & 1 & \dots & u_{2 m} \\ ⋮ & ⋮ & ⋱ & ⋮ \\ u_{m 1} & u_{m 2} & \dots & 1 \end{matrix}] \end{matrix}$ (11)

Among them, e₁, e₂, …, e_m are nodes in the system, and u_ij (i, j ∈ m) is the trust value of interaction between node i and node j. In the initial fuzzy relationship matrix, we consider that the interaction between a node and itself is a full trust interaction relationship with a trust value of 1. In addition, the interactive trust value between the nodes that directly interact is equal to the average value of the direct trust values of the two nodes, that is, if there is a direct interaction between node a and node b, then u_ab = [D (a) + D (b)]/2.

The cloud environment is a complex of many nodes. Referring to the social relationship network between nodes in the Internet environment, it can be considered that there is not only direct interaction between nodes, but also some indirect relationship. Since its direct interaction trust value cannot be calculated, we introduce transitive fuzzy relation matrix to calculate the interaction trust value between indirect interaction nodes [30, 31].

Transitive fuzzy relation matrix is such a situation that may exist in the initial fuzzy relation: there is a direct fuzzy relationship between e_i and e_s, e_j and e_s, but there is no such relationship between the two interval elements e_i and e_j. Fuzzy relation synthesis is made by using the transitive nature of fuzzy relations, the relationship between e_i and e_j is obtained by the power of (j-i) of the product of the direct fuzzy values. The derived degree function which is used to fit indirect trust values is: idt_ij = IDT (e_i, e_j) = ∨ e_k∈E (D (e_i, e_k) ∧ D (e_k, e_j)) (i, j = 1, 2, …, n).

In addition, since the data of the relationship between nodes is constantly changing, in the process of fuzzy relationship transfer, the fuzzy relationship transfer closure theorem can be used to obtain the global fuzzy relationship matrix [32]. Therefore, problems which cause distortion by the new data may overwrite the original relational data can be avoided. Global fuzzy relation matrix GT=D ∪ D² ∪ D³ … Dⁿ. $\begin{matrix} \begin{matrix} e_{1} & e_{2} & \dots & e_{m} \end{matrix} \\ GT = \begin{matrix} e_{1} \\ e_{2} \\ ⋮ \\ e_{m} \end{matrix} [\begin{matrix} 1 & {u^{'}}_{12} & \dots & {u^{'}}_{1 m} \\ {u^{'}}_{21} & 1 & \dots & {u^{'}}_{2 m} \\ ⋮ & ⋮ & ⋱ & ⋮ \\ {u^{'}}_{m 1} & {u^{'}}_{m 2} & \dots & 1 \end{matrix}] \end{matrix}$ (12)

Here, n can be adjusted according to the specific environment. Changing the value of n according to the actual environment can maximize the optimization of accuracy and time.

4.4 Two-way selection mechanism

There are two types of entities in the medical cloud system: users and servers. If we consider the credibility of a single type of entity, we cannot guarantee the success rate of the overall interaction in the cloud environment. So it makes sense to add a two-way selection mechanism to the model. On the one hand, the user is evaluated by the service node, and the corresponding authority is given to prevent the users’ malicious behavior. On the other hand, users filter the service nodes to reduce the potential danger of the service.

This mechanism is expressed as: given a trust threshold Tu and Ts. For a user with a trust value lower than Tu, the service node refuses its access and terminates the user operation. Otherwise, the corresponding service can be obtained; a service node with a trust value lower than Ts cannot enter the selection queue as a serviceable node to provide services to the user. The decision result is represented by Tr, Tr ∈{0, 1}. $T_{r} = {\begin{matrix} 1 & (trust value ⩾ T_{u} / T_{s}) \\ 0 & others \end{matrix}$ (13)

While T_r is 1, allowing the users to interact with the nodes, conversely, block the interaction.

5. Dynamic access control model

In the trust relationship, the longer the interval time is, the lower the referability of the trust value is. Only when the interval of the investigation time is short, the corresponding value can effectively reflect the real-time status of the users. In medical cloud systems, with time goes by, the authorization level increases as the trust value of users continues to accumulate, which means that the cloud environment may face a large potential safety hazard of malicious attacks by authorized users. For example, an authorized user can continuously accumulate trust values to obtain higher-level data operation permissions, and then perform illegal operations such as tampering and copying data.

To avoid the security risks caused by the accumulation of trust values, adding a monitoring mechanism into the access control model based on two-way trust will be an effective solution to this problem. The idea of the mechanism is: on the basis of the dual roles of users and service providers, the third-party monitoring role is introduced. By monitoring the behavior of authorized users in unit time, the users’ trust value is continuously updated. Taking several monitoring cycles as a time interval to measure the user’s level. The level is re-determined to immediately change the user’s operation permissions to achieve dynamic control.

The monitoring mechanism is expressed as follows:

1) Set the user node’s trust value as ST_x. There are four levels of trust: full trust (0.75 ⩽ ST_x ⩽ 1), general trust (0.50 ⩽ ST_x < 0.75), general distrust (0.25 ⩽ ST_x < 0.5), no trust (0.00 ⩽ ST_x < 0.25). The unit time monitored by the third party is t, and each mt is a period T. There are n executable operations and the threshold of operation permissions is V_n (0< V_n<1);

2) The user’s initial trust value is ST₀ (the initial global trust value of this node). When ST₀ > V_n, the corresponding operation authority is obtained, otherwise the operation is blocked;

3) This mechanism monitors the user’s behavior during the time period t. If illegal behavior occurs, close its operation and re-measure the user’s trust value and get ST¹. Definition: ${ST}^{m} = 1 - \sum_{i = 1}^{n} ({ST}^{(m - 1)} φ_{i})$ , φ_i is the trust value reduction coefficient of operation i which sets according to the specific operating environment (The higher the operating environment density, the larger the reduction factor). Re-determine its operation authority according to the value of ST¹;

4) According to the analogy of step 3), m trust values are obtained in a period T:ST¹ST² … ST^m;

5) Calculate the variance σ² of each group of trust values obtained in x (x ⩾ 1) periods, and take the mean of the variance $\bar{σ^{2}}$ . If $\bar{σ^{2}}$ is bigger than x initial trust value variances, it means that the user’ trust value fluctuates greatly and then reduce its access level. The user’s global trust value will also be changed from ST^m to the minimum value of the lower level of trust authority, and then return this number as the user’s initial trust value (when the returned value is different from the global trust value updated in real time, whichever is smaller). Conversely, save the trust level;

6) Repeat the process.

The flowchart of the improved trust-based access control model is shown in Fig. 3:

Fig. 3

Dynamic access control model flow chart.

6. Experimental simulation and analysis

We use matlab2016a and Python to test the reliability of our model. First, comparing with Eigen-Trust model in terms of time complexity and trust accuracy, which proves that our model has certain advantages in these two aspects. Secondly, for the dynamic controllability of the model, a simulation comparison test with the single access control model is performed to prove the advantage of the model in terms of dynamic controllability.

6.1. Parameter setting

Use Random function in matlab2016a to randomly take a 200 * 6 matrix as the initial value: 200 user / cloud nodes and 6 corresponding evaluation indicators; When calculating the direct trust value, set a = 0.25, b = 0.75; In the global fuzzy trust value calculation, let n be 50; In the third-party monitoring mechanism, the unit monitoring time t is set to 10s, every 6t is a monitoring period T, every 10T is a user level measurement interval, the node can perform 10 operations, and the trust value reduction coefficient φ_i are all set to 0.01.

6.2 Experimental results and analysis

1) Some data obtained through simulation experiments based on the model algorithm are shown in the following table:

Table 1 is the entropy value e_j of the evaluation index of service provider / user nodes; Table 2 is the weight w_j of the evaluation index of service provider / user nodes; Table 3 is the nodes’ evaluation index evaluation value EV; Table 4 is the node’s direct trust value D (i).

Table 1
The tropy value of the evaluation index of the nodes

Evaluation Index j_n j ₁ j ₂ j ₃ j ₄ j ₅ j ₆

Entropy e_j 0.4838 0.4601 0.4781 0.4570 0.4511 0.4477

Evaluation Index j_n	j ₁	j ₂	j ₃	j ₄	j ₅	j ₆
Entropy e_j	0.4838	0.4601	0.4781	0.4570	0.4511	0.4477

Table 2

The weight of the evaluation index of the nodes

Evaluation Index j_n	j ₁	j ₂	j ₃	j ₄	j ₅	j ₆
Weight w_j	0.1602	0.1675	0.1619	0.1685	0.1703	0.1714

Table 3

The evaluation value of the evaluation index

Node i \ $\begin{matrix} j_{n} \\ EV \end{matrix}$	j ₁	j ₂	j ₃	j ₄	j ₅	j ₆
Node 1	0.0990	0.0475	0.0171	0.0013	0.1533	0.0041
Node 2	0.0681	0.0728	0.0754	0.0884	0.0439	0.0865
Node 3	0.0995	0.0521	0.1049	0.0023	0.0624	0.1036
Node 4	0.1564	0.0335	0.1345	0.0676	0.1075	0.0062
Node 5	0.1064	0.0680	0.0769	0.1521	0.1174	0.0184
Node 6	0.0183	0.0207	0.0479	0.0370	0.0277	0.1180
Node 7	0.1481	0.1641	0.0070	0.0488	0.1320	0.1443
Node 8	0.0845	0.0427	0.0659	0.0482	0.0212	0.0175
Node 9	0.0504	0.0722	0.0386	0.1086	0.0077	0.1063
…	…	…	…	…	…	…
Node 200	0.0238	0.0481	0.1115	0.0791	0.0860	0.0101

Table 4

The direct trust value of the nodes

Node i	1	2	3	4	5	6	7	8	9	…	200
D (i)	0.9293	0.9453	0.9424	0.9475	0.9526	0.9266	0.9596	0.9281	0.9387	…	0.9359

2) Time complexity comparison of the trust model

When comparing the time complexity with the Eigen-Trust model, the number of test samples increased from 0 to 200, and the unit of running time was ms. The experimental results are shown in Fig. 4. When the number of samples is small, the running time of our model and Eigen-Trust model are almost equal, but as the number of samples increases, the advantage in time complexity of our model gradually emerges.

Fig. 4

Time complexity comparison.

Analysis of experimental results: When calculating the global trust value, the size of n in Qⁿ in our model algorithm can be adjusted according to the environment of the model, so its complexity (comp) is between comp (n) and comp (n²). The Eigen-Trust model uses global iteration when calculating global trust values, making the time complexity at comp (n²). Therefore, compared with the Eigen-Trust model, the time complexity of our model is significantly reduced.

3) Comparison of trust value

Here we test the accuracy of the trust value. Given an ideal trust value of DV: $DV = \frac{50 \times (0.25 + 0.50 + 0.75 + 1)}{200} = 0.625$ . The model’s overall trust value expression is: $DV = \sum_{i, j = 1}^{n} u_{ij} / n^{2}$ . |DV - 0.625| is the degree of deviation of the trust value. Two hundred samples were tested on these two models. Under the same operating environment, 20 tests with a time interval of 10T are recorded accordingly, and the total monitoring time is 200min. The experimental results are shown in Fig. 5: In some cases, the accuracy of the trust value of the Eigen-Trust model is better than our model, but on the whole, our model is more stable and the performance is better than the Eigen-Trust model.

Fig. 5

Comparison of trust value.

Analysis of experimental results: Since the Eigen-Trust model only considers the number of satisfied/unsatisfied transactions in calculating the trust value, the granularity of the reference index is relatively large, and the time decay of the trust value is not taken into account. Therefore, as the monitoring time increases, the degree of deviation of the trust value gradually increases. When our model was established, not only the number of reference indicators was increased, but also the trust value attenuation index φ was added. As the time increases, the trust value changes in real time, which is more in line with actual needs.

4) Comparison of the number of accessible resources

In terms of dynamic controllability, we compare our model with the single item access control model. Test according to the access control rules of the two models, compared the number of authorized resources. The experimental results are shown in Fig. 6. The number of accessible resources of the node in one-way access control model is fixed. While in our model, the number is dynamic which can change over time.

Fig. 6

Dynamic controllability comparison.

According to the experimental results and analysis above: The trust-based dynamic access control model in this paper has relatively good improvements in terms of time complexity, trust value deviation, and dynamic controllability. In addition, since our model considered the problem of model over-fitting in algorithm design, the trust value reduction coefficient and monitoring period can also be set with appropriate parameters according to the specific environment, which means that our model has better adaptability to specific operating environments.

7. Conclusion

This paper presented and analyzed the research status of medical big data, trust evaluation and access control, and proposed a trust-based dynamic access control model. Quantified trust by calculating the global interaction trust value of the interacting parties in the cloud system. Based on this algorithm, a two-way selection mechanism and a third-party monitoring mechanism were added to achieve real-time access control.

Through simulation and comparison experiments, it can be seen that the model has better improvements in terms of time complexity, trust accuracy, and dynamic controllability while the algorithm has good environmental adaptability at the same time. However, the simulation experiment environment performed in this paper is relatively simple. In the complex and variable practical application environment, whether the model still has good and stable performance remains to be tested. In addition, we will do the research on how to screen the trust evaluation indicators in the medical cloud environment to establish a practical evaluation index system, identify the attack risk of illegal nodes, and further reduce the time complexity of the model in the future work.

Footnotes

Acknowledgments

This work is supported by National Natural Science Foundation of China (Nos. 71972165, 61763048, 61263022, 61303234), National Social Science Foundation of China (No. 12XTQ012), Innovation and Promotion of Education Foundation Project of Science and Technology Development Center of Ministry of Education (No. 2018A01042), Science and Technology Foundation of Yunnan Province (Nos. 2017FB095, 201901S070110), The 18th Yunnan Young and Middle-aged Academic and Technical Leaders Reserve Personnel Training Program (No.2015HB038).

References

Jian

, Research on trust-based access control model in cloud computing environment: Hebei University; 2015. (in Chinese)

Shah

, Li

, Shamil

F.R.

and Iqbal

, Medical Big Data Existence Flavors; A Review, 2017 2nd International Conference on Robotics and Automation Engineering; 2017; Guangzhou, China (2017), pp. 487-490.

Arterial Network. Flatiron Health: Building an oncology cloud platformwill be the next digital healthcare IPO? 2015. (in Chinese)

Huang

C-T.

, Qin

and Kuo

C-CJ.

, Medical Big Data Existence Flavors; A Review, IEEE (2011) 1-6.

Hamid

A.l.

, Rahman

H.A.

, Hossain

S.M.M.

and Almogren

M.S.

, A Security Model for Preserving the Privacy of Medical Big Data in a Healthcare Cloud Using a Fog Computing Facility with Pairing-Based Cryptography. (2017), 1-17.

Lee

N-Y.

and Wu

B-H.

, Privacy Protection Technology and Access Control Mechanism for Medical Big Data. (2017), 424-429.

Godinho

T.M.

, Costa

and Oliveira

J.L.

, Generating Big Data Repositories for Research in Medical Imaging. In: IEEE, editor. IEEE 2016 11th Iberian Conference on Information Systems and Technologies (CISTI); Gran Canaria, Spain 2016.

Luo

and Liu

Y.-J.

, Research status and application of medical big data, Journal of Medical Information 36 (2015), 10–14. (in Chinese)

Wang

and Ren

S.-X.

, A review of medical big data visualization, Computer Science and Exploration 11 (2017), 681–699. (in Chinese)

10.

Y.-F.

, Wan

, Fan

Q.-L.

and Gao

, Research on government behavior of health information privacy management in the era of big data, Management World 1 (2017), 173–175. (in Chinese).

11.

Zhou

J.-W.

, Privacy protection of medical data in big data environment, China Management Informatization 18 (2015), 51–51. (in Chinese).

12.

Zhou

, “Research on Trust Management Model and Evaluation Method of Cloud Services,” Master, Computer Science and Technology, Harbin Engineering University 2015. (in Chinese)

13.

Cheng

Z.-Y.

, “Research on Intelligent Device Network Access Control Strategy,” Master, Communication and Information System, Beijing Jiaotong University 2018. (in Chinese)

14.

Fan

W.-J.

, “Research on Trust Model and Framework in Cloud Computing Environment,” Ph.D., Management Science and Engineering, Hefei University of Technology 2014. (in Chinese)

15.

Urbano

, Rocha

A.P.

and Oliveira

, “Computing confidence values: Does trust dynamics matter?[C],” presented at the Portuguese Conference on Artificial Intelligence, Berlin, Heidelberg, 2009.

16.

Tian

J.-F.

and Cai

H.-Y.

, “The Status and Progress of Trust Model,” Journal of Hebei University 31(5) (2011), 555–560. (in Chinese)

17.

Liu

Y.-B.

, Zhang

W.-F.

and Wang

X.-M.

, Access control scheme based on multi-attribute fuzzy trust evaluation in cloud manufacturing environment, Computer Integrated Manufacturing System 24(2) (2018), 321–330. (in Chinese).

18.

Gheorghe

, Ra

and Tătăroiu

, Adaptive Trust Management Protocol based on Intrusion Detection forWireless Sensor Networks. In: IEEE, editor. 2013 RoEduNet International Conference 11th Edition: Networking in Education and Research; 2013; Romania (2013) p. 1-7.

19.

and Wang

, Trust evaluation model based on service level protocol in cloud environment, Computer Application 35 (2018), 1567–1572 (in Chinese).

20.

Yue

, Junqin

, Shengzhi

and Ruijin

, Big Data Model of Security Sharing Based on Blockchain, (2017), 117–21.

21.

Yan

, Cheng

and Tao

, A trust evaluation model towards cloud manufacturing, The International Journal of Advanced Manufacturing Technology 84 (2016), 133–46.

22.

Dang

J.-W.

, Zhao

S.-X.

and Wang

Y.-P.

, Fuzzy control technology, Beijing: China Railway Publisher 2007. 203 p. (in Chinese)

23.

Zhang

M.-l.

, Research on trust model of wireless sensor network based on information entropy: Nanchang University; 2016. (in Chinese)

24.

Hô

, Sagar

R.P.

, Pérez-Jordá

J.M.

, Smith

V.H.

and Esquivel

R.O.

, A numerical study of molecular information entropies Chemical, Physics Letters 219 (1994), 15–20.

25.

Zhang

, Yang

and Li

, Analyses of urban ecosystem based on information entropy, Ecological Modelling (2006), pp. 1-12. Elsevier

26.

Jayabalan

and O’Daniel

, “Access control and privilege management in electronic health record: a systematic literature review,” Springer 40 (2016), 1–9.

27.

Jing

, Rong

, Qiujun

, Jia

and Xiaoyun

, “Cloud Computing Credibility Evaluation Based on Grey Clustering and Entropy,” presented at the 12th International Conference on Natural Computation & Fuzzy Systems & Knowledge Discovery, 2016.

28.

Gao

Y.-F.

, Application of entropy weight method in management decision-making, Journal of Jilin Agricultural Science and Technology University 24 (2015), 41–42. (in Chinese)

29.

Common matrix normalization methods. 2018 [Available from: https://blog.csdn.net/u011089523/article/details/80196465. (in Chinese)

30.

Xia

, Jia

and Sha

E.H.-M.

, “Research of trust model based on fuzzy theory in mobile ad hoc networks, IET Journals & Magazines 8(2) (2014), 88–103.

31.

Hao

, et al., “An Optimized Computational Model for Multi-Community-Cloud Social Collaboration,”, IEEE Transactions on Services Computing 7(3) (2014), 346–358.

32.

Zhao

, Calculation, simplification and application of general fuzzy matrix transitive closure: Ocean University of China; 2003. (in Chinese)

A privacy protection model for health care big data based on trust evaluation access control in cloud service environment

Abstract

Keywords

1. Introduction

2. Related work

2.1 Medical cloud

2.2 Trust evaluation and access control

3. Relevant theories

3.1 Fuzzy theory

3.2 Information entropy

4.1 Model description

6.1. Parameter setting

6.2 Experimental results and analysis

Table 1 The tropy value of the evaluation index of the nodes Evaluation Index j n j 1 j 2 j 3 j 4 j 5 j 6 Entropy e j 0.4838 0.4601 0.4781 0.4570 0.4511 0.4477

Footnotes

Acknowledgments

References

Table 1
The tropy value of the evaluation index of the nodes

Evaluation Index j_n j ₁ j ₂ j ₃ j ₄ j ₅ j ₆

Entropy e_j 0.4838 0.4601 0.4781 0.4570 0.4511 0.4477