Abstract
With the rapid development of modern information technology, the health care industry is entering a critical stage of intelligence. Faced with the growing health care big data, information security issues are becoming more and more prominent in the management of smart health care, especially the problem of patient privacy leakage is the most serious. Therefore, strengthening the information management of intelligent health care in the era of big data is an important part of the long-term sustainable development of hospitals. This paper first identified the key indicators affecting the privacy disclosure of big data in health management, and then established the risk access control model based on the fuzzy theory, which was used for the management of big data in intelligent medical treatment, and solves the problem of inaccurate experimental results due to the lack of real data when dealing with actual problems. Finally, the model is compared with the results calculated by the fuzzy tool set in Matlab. The results verify that the model is effective in assessing the current safety risks and predicting the range of different risk factors, and the prediction accuracy can reach more than 90%.
Similar content being viewed by others
References
Guan ZJ (2014) Reflections on the Theory and Practice of Medical Management Science[J]. China Medical Management Science 4(4):5–7 (In Chinese)
Niu Y, Yan MM, Zheng H, Yang JJ (2016) A Review of Medical Data Access Control in Cloud Computing Environment [J]. Wisdom Health 2(23):23–27 (In Chinese)
Liu WW (2018) Discussion on the Significance of Hospital Archives Management under the Background of Wisdom Medical Management in the Big Data Era[J]. Information Medical 7(19):155–156 (In Chinese)
China academy of communications (2018) White paper on cloud computing [R]. (In Chinese)
Yu GJ, Yang JH (2015) Medical big data [M]. Shanghai science and technology press. (In Chinese)
Li H, Zhang M, Feng DG, Hui Z (2017) Big data access control research [J]. J Comput Sci 40(1):1–11 (In Chinese)
JASON (2004) Report: Broader Access Models for Realizing Information DomiCorporation[R]. MITRE Corporation JSR-04-132
Chen C, Han W, Yong J (20l0) Specify and enforce the policies of quantified riskadaptive access control[C]. In Proceedings of the 14th International Conference on Computer Supported Cooperative Work in Design Shanghai. China: CSCWD
Zheng Q, Han WL (2011) XACML based quantitative risk adaptive access control research and implementation [D]. Fudan University, Shanghai (In Chinese)
Pau-Chen C, Rohatgi P, Keser C (2007) Fuzzy Multi Level Security An Experiment on QuantifiedRisk Adaptive Access Control[C]. In Proceedings of the IEEE Symposium on Security and Privacy. Oakland, USA: S&P: 222–230
Wang Q,Hong J (2011) Quantified risk-adaptive access control for patient privacy protection in health information systems[C]. In Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security. Hong Kong, China: ASIACCS: 406–410
Hui Z, Li H, Zhang M, Feng DG (2015) Risk adaptive access control model for medical big data [J]. J Commun 36(12):190–199 (In Chinese)
Choi D, Kim D, Park S (2015) A framework for context sensitive risk-based access control in medical information systems[J]. Comput Math Methods Med 34(7):1–9
Wawrzyniak D (2006) Information Security Risk Assessment Model for Risk Management[J]. Springer Lect Notes Comput Sci 4083:21–30
Dipe N, Hung LX, Zhung Y, Lee S (2007) Enforcing Access Control Using Risk Assessment [J]. Universal Multiserv Netw 2:419–424
Sharma M, Bai Y, Chung S, Dai L (2012) Using Risk in Access Control for Cloud Assisted eHealth[A]. In Proceedings of the 14th International Conference on High Performance Computing and Communications .IEEE computer society 1047–1049
Yang HY, Ning YG (2018) Weight allocation method of adaptive risk assessment index for access control of cloud platform [J]. Comput Appl 3(20):1–5 (In Chinese)
Abouelmehdi K et al (2018) Big healthcare data: preserving security and privacy [J]. J Big Data 5:1
Xie WC, Yang YJ (2013) A risk-based access control framework and related technology research [D]. PLA Information Engineering University, Zhengzhou (In Chinese)
Smith E, Eloff J (2000) Cognitive Fuzzy Modeling for Enhanced Risk Assessment in a Health Care Institution [J]. IEEE Intell Syst 5(4):69–74
Li J, Bai Y, Zaman N (2103) A fuzzy modeling approach for risk-based access control in eHealth cloud[A]. In Proceedings of the 12th IEE internationl conference on trust , security and privacy in computing and communications 17–21
Shi XJ, Yu WH (2018) Access control risk quantization method based on fuzzy neural network [J]. Intell Comput Appl 8(1):1–4 (In Chinese)1
Silva MM, Gusmao APH, Poleto T (2014) A multidimensional approach to information security riskmanagement using FMEA and fuzzy theory [J]. Int J Int Manag 34:733–740
Shang WL, Gong TY, Chen CY et al (2019) Information Security Risk Assessment Method for Ship Control System Based on Fuzzy Sets and Attack Trees [J]. Secur Commun Netw. https://doi.org/10.1155/2019/3574675
Xu Y, Gao W, Zeng QR et al (2018) A feasible fuzzy-extended attribute-based access control technique [J]. Secur Commun Netw. https://doi.org/10.1155/2018/6476315
Fayaz M, Ahmad S, Hang L et al (2019) Water Supply Pipeline Risk Index Assessment Based on Cohesive Hierarchical Fuzzy Inference System [J]. Processes 7(128):1–15
Ak MF (2018) AHP–TOPSIS integration extended with Pythagorean fuzzy sets for information security risk analysis [J]. Complex Intell Syst 12:1–14
Gusmao APH, Silva LC, Silva MM et al (2016) Information security risk analysis model using fuzzy decision theoryAna [J]. Int J Int Manag 36:25–34
Bahrebar S, Blaabjerg F, Wang HA et al (2018) A Novel Type-2 Fuzzy Logic for Improved Risk Analysis of Proton Exchange Membrane Fuel Cells in Marine Power Systems Application [J]. Energies 11(721):1–16
Atlam HF, Walters RJ et al (2019) Fuzzy logic with expert judgment to implement an adaptive risk-based access control model for IoT [J]. Mob Netw Appl. https://doi.org/10.1007/s11036-019-01214-w
Niknam T, Khooban MH (2013) Fuzzy sliding mode control scheme for a class of non-linear uncertain chaotic systems[J]. IET Sci Meas Technol 7:249–255
Khooban MH, ShaSadeghi M, Niknam T, Blaabjerg F (2017) Analysis control and design of speed control of electric vehicles delayed model: Multi-objective fuzzy fractional-order controller[J]. IET Sci Meas Technol 11:249–261
Khooban MH, Ghaemi M, Hosseini-Sani SK (2014) Direct adaptive general type-2 fuzzy control for a class of uncertain non-linear systems[J]. IET Sci Meas Technol 8:518–527
Perez-Dominguez L, Rodriguez-Picon LA, Alvarado-Iniesta A, Luviano Cruz D, Xu Z (2018) MOORA under Pythagorean fuzzy set for multiple criteria decision making[J]. Complexity. https://doi.org/10.1155/2018/2602376
Yazdi M (2017) Hybrid probabilistic risk assessment using fuzzy FTA and fuzzy AHP in a process industry[J]. J Fail Anal Prev 17(4):756–764
Gul M (2018) A review of occupational health and safety risk assessment approaches based on multi-criteria decision-making methods and their fuzzy versions[J]. Hum Ecol Risk Assess Int J 24(7):1723–1760
Zeng J, An M, Smith NJ (2007) Application of a fuzzy based decision making methodology to contruction project risk assessment [J]. Int J Proj Manag 25(6):589–600
Khooban MH, Liaghat A (2017) A time-varying strategy for urban traffic network control: A fuzzy logic control based on an improved black hole algorithm[J]. Int J Bio-Inspired Comput 10:33–42
Garg H (2017) Confidence levels based Pythagorean fuzzy aggregation operators and its application to decision-making process[J]. Comput Math Organ Theory 23(4):546–571
Chang LY, Wang GY, Wu Y (1999) A method of attribute reduction and rule extraction based on Rough Set theory [J]. Softw J 10(11):1–5 (In Chinese)
Sun L, Xu J, Cao X (2009) Decision table reduction method based on new conditional entropy for rough set theory[J]. IEEE 5: 1–4
Zhou L, Jiang F (2011) A Rough Set Approach to Feature Selection Based on Relative Decision Entropy[J]. Springer 6:110–119
Garg H (2016) A novel accuracy function under interval-valued Pythagorean fuzzy environment for solving multicriteria decision making problem[J]. J Intell Fuzzy Syst 31(1):529–540
Garg H (2016) A new generalized Pythagorean fuzzy information aggregation using Einstein operations and its application to decision making[J]. Int J Intell Syst 31(9):886–920
Garg H (2018) Alinear programming method based on an improved score function for interval-valued pythagorean fuzzy numbers and its application to decision-making[J]. Int J Uncertain FuzzinessKnowl Based Syst 26(01):67–80
Gul M, Guneri AF (2016) A fuzzy multi criteria risk assessment based on decision matrix technique: a case study for aluminum industry[J]. J Loss Prev Process Ind 40:89–100
Acknowledgements
This work was supported by National Natural Science Foundation of China (Nos. 61763048,61263022, 61303234), National Social Science Foundation of China (No. 12XTQ012), Innovation and Promotion of Education Foundation Project of Science and Technology Development Center of Ministry of Education (No. 2018A01042), Science and Technology Foundation of Yunnan Province (No. 2017FB095), the 18th Yunnan Young and Middle-aged Academic and Technical Leaders Reserve Personnel Training Program (No.2015HB038).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Shi, M., Jiang, R., Hu, X. et al. A privacy protection method for health care big data management based on risk access control. Health Care Manag Sci 23, 427–442 (2020). https://doi.org/10.1007/s10729-019-09490-4
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10729-019-09490-4