| 摘要 |
A measurement device measures vital data, encrypts the vital data using an encryption key to generate encrypted vital data, and generates, from a decryption key of the vital data, two pairs of a first share FSD and a second share SSD which enable reproduction of the decryption key. The measurement device generates an encrypted second share by encrypting the second share SSD. The measurement device transmits the encrypted vital data, the first share FSD, and the encrypted second share to a server device via an intermediate device. |
| 主权项 |
1. A health care system for measuring vital data, comprising:
a measurement device which measures the vital data; a server device which collects the vital data; and an intermediate device which receives encrypted vital data from the measurement device, and transmits the encrypted vital data to the server device, wherein the measurement device includes: a measurement unit configured to measure the vital data of a patient; a vital data encryption unit configured to encrypt the vital data using a first encryption key generated by the measurement device to generate encrypted vital data; a share generation unit configured to generate a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; a second share encryption unit configured to generate an encrypted second share by encrypting the second share generated by the share generation unit using a second encryption key corresponding to a second decryption key that is stored in the server device but is not stored in the intermediate device; and a first communication unit configured to transmit, to the intermediate device, the encrypted vital data generated by the vital data encryption unit, the first share generated by the share generation unit, and the encrypted second share generated by the second share encryption unit, the intermediate device includes: a second communication unit configured to receive, from the measurement device, the encrypted vital data, the first share, and the encrypted second share; and a third communication unit configured to transmit, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the second communication unit, and the server device includes: a fourth communication unit configured to receive, from the intermediate device, the encrypted vital data, the first share, and the encrypted second share; a share decryption unit configured to decrypt the encrypted second share received by the fourth communication unit using the second decryption key stored in the server device, to generate the second share; a reconstruction unit configured to reconstruct the first decryption key for decrypting the encrypted vital data using the first share received by the fourth communication unit and the second share generated by the share decryption unit; and a vital data decryption unit configured to decrypt the encrypted vital data received by the fourth communication unit, using the first decryption key reconstructed by the reconstruction unit, to generate the vital data. |
