A Privacy Risk Assessment Model for Medical Big Data Based on Adaptive Neuro-Fuzzy Theory

School of Information, Yunnan University of Finance and Economics, Kunming, China Key Laboratory of Service Computing and Security Management of Yunnan Provincial Universities, Kunming, China Kunming Key Laboratory of Information Economy & Information Management, Kunming, China School of Finance, Yunnan University of Finance and Economics, Kunming, China School of Logistics, Yunnan University of Finance and Economics, Kunming, China


Introduction
With the development of information technology, the era of big data has come quietly, bringing opportunities and different challenges to all walks of life. Among them, the medical field is a very special field. Its particularity lies in that all its data are closely related to everyone's life, involving the whole life process such as people's food, clothing, housing, life, illness, and death, which is the core asset of big data. e outline of the "Healthy China 2030" plan issued by the CPC central committee and the State Council in October 2016 pointed out that the total size of the health service industry would reach 8 trillion by 2020 and 16 trillion by 2030. In the future holographic digital era, everyone will generate about 605 Tbit of data in their lifetime, and the country will generate 1,000 Zbit of data every year, which has extremely broad industry prospects [1]. Looking at the global development pattern, medical big data has become an emerging industry that promotes the development of economic industries, and it has provided a primitive resource base for scientific and technological innovation [2].
At present, China has realized major "Internet + medical" engineering projects such as telemedicine and cross-domain medical care, which has brought great convenience to people's lives. But technology is a double-edged sword that brings convenience to people's lives while also bringing some disadvantages. Symantec released the top ten industries with severe data leakage in the 2016 "Internet Security reat Report," ranking the first is the medical industry. In addition, the survey found that more than 90% of medical social security information in the United States has been sold in the recent years, and more and more medical equipment is out of control. In most hospitals in China, the HIS system has no privacy at all. If a higher-level doctor wants to obtain patient information, he only needs to log in to the terminal to obtain the entire patient's medical record information, while ordinary doctors can obtain all patient information in their own workstation. We can view the current status of the medical industry through a set of data from the United States: medical machinery without any security protection accounts for 77%, and medical equipment with a certain security strategy accounts for 27%. Of these attacks, 17% came from medical equipment, and 75% of the traffic on the hospital's LAN was not monitored and audited, and the hospital itself knew that patient privacy was leaking every day. Although the privacy leak rate of medical big data in China is slightly lower, personal privacy leaks occur from time to time, and there are currently no complete laws and regulations on personal privacy protection. Medical data have their particularity, because their data source is mainly "people." No matter what level of application, it involves human privacy and social stability [1]. erefore, in the process of the rapid development of the big data Internet, in order to better serve the people, accelerate the development of the digital economy, and promote the integration and open sharing of medical data resources, research on the privacy protection of medical big data is imperative. e rest of this paper is organized as follows: the second part discusses the research progress and current situation at home and abroad from the two aspects of medical big data security and privacy protection technology, risk-based access control, and summarizes the research status at home and abroad; the third part first introduces the relevant theories and principles, then formalizes the definition of risk indicators, and finally, combines fuzzy theory and a neural network to establish a risk quantification model based on adaptive neural fuzzy theory; the fourth part has carried out simulation experiments to prove that the model in this paper is feasible and efficient; and the fifth part mainly summarizes the work of this paper.

Medical Big Data Security and Privacy Protection
Technology. Scholars at home and abroad have carried out related research on medical big data security and privacy leakage. rough the collection of relevant literature analysis, it is found that the current academic research in this field mainly adopts technologies such as differential privacy, encryption algorithms, anonymization, and authentication. Research on access control is scarce. For example, literature [2,3] protects sensitive information in the patient's genome sequence by the differential privacy method and homomorphic encryption method; literature [4,5] mainly researches medical big data generated by wearable medical sensors and through agitation thresholds and the introduction of binary trees achieve user privacy protection; literature [6][7][8][9][10] researches personal privacy protection issues from the technical level and has established differential privacy protection models, in which the privacy protection of medical big data is given suggestions; Zhang and Zhang [11] advocated the use of data encryption technology to ensure the security of medical data from the first, middle, and last three aspects of the incident; Tian et al. [12] proposed an attribute-based encryption method that structured data access As an authorization policy, the decryptor is allowed to request access to data only when the attributes of the decryptor satisfy the structure; He et al. [13], through the anonymity of user identity and mutual authentication between the client, server, and network administrator, protect patient identity information and data confidentiality.
Xing [14] designed the disease-based secure routing protocol and emergency response scheduling mechanism based on the social layer and cloud service layer of the wireless medical network; Wei and Xu [15] proposed that, from the generation and storage of medical big data starting from the calculation of three nodes, I believe that privacy protection technology should take these three aspects as the starting point to strengthen the "medical network technology structure"; Wang et al. [16] analyzed the privacy leakage of regional medical care and suggested that the data sharing platform started to study privacy protection work; Chen [17] analyzed the possible causes of medical data leakage from a systematic perspective and suggested that information protection should be performed through means such as anonymization, access control, and hierarchical management; Mounia and Habiba [18] analyzed the opportunities and challenges faced by the medical field in the context of big data and, finally, proposed privacy protection issues and coping methods for medical information; Gao and Sang [19] first combined the characteristics of medical big data. Based on this, the entire life cycle of medical data is summarized, and finally, the problems faced at each stage are discussed.
In addition, some scholars have studied the security and privacy protection of medical big data from the perspective of ethics and law. Liu and Wang [20] analyzed the ethical problems existing in the protection of medical information privacy from the perspective of the patient's right of informed consent and the relationship between risks and benefits and gave coping strategies; we should adhere to the principles of transparency and autonomy, establish a comprehensive medical information privacy protection law, and construct a medical-oriented access control system to achieve the privacy protection of medical big data.

Risk-Based Access Control
Technology. Risk refers to the harm that may occur when an event occurs. From a management perspective, risk-based access control is actually applying risk assessment as an effective decision-making tool to access control and dynamically giving subjects access. e concept of risk was proposed for the first time in literature [21], which provides the principles and suggestions that the risk-based access control model should satisfy. Kandala et al. [22] proposed an attribute-based risk access control framework. e author mainly constructed an attributebased RAdAC model from the user's access purpose, user credibility, historical access behavior, and device attributes, but did not provide a specific risk quantification method. However, literature [23,24] have given a method for quantifying risk based on factors such as the subject's security level, the sensitivity of the objects, and the mutually exclusive relationship between the objects. In addition, an RBAC model based on risk awareness has been proposed in literature [25], which mainly includes the following three parts: user trust, user's ability to assume roles, and the compatibility between roles and permissions. Finally, a risk assessment model combining these three factors is presented.
In literature [26,27], according to the risk assessment principles, context, and other information, users' behaviors of viewing, modifying, and deleting medical records are evaluated from the integrity, availability, and confidentiality of medical records. Wang and Hong [28] statically calculated the doctor's access behavior risk by measuring the deviation between the resources accessed by the doctor and the objective. Literature [29] is not specifically for the medical field, but it is a risk decision access control system proposed for a dynamic environment such as the medical industry.
is system not only considers the user's historical access behavior, but also considers the user's recent access behavior, and the user's trust and access risk are dynamically adjusted based on the user's access behavior. Choi et al. [30] constructed a context-based medical information risk access control framework, and this framework mainly judges whether to grant users access rights based on authority files, user access logs, and context information. Hui et al. [31] improved on literature [28] not only considering the deviation degree between medical information accessed by doctors and work objective but also considering that doctors may steal patients' privacy by forging work objectives, that is, the deviation degree between work objectives selected by doctors and patients' conditions. Literature [32,33] mainly analyzed the risk indicator system affecting the privacy leakage of medical big data in the cloud environment from the stages of collection, transmission, storage, and use of medical big data, without designing a specific risk quantification model. Literature [34][35][36] established the risk assessment model of medical big data with the help of fuzzy theory, but this method has some obvious disadvantages, such as fuzzy rules and membership function are determined based on expert experience and the results are highly subjective.

Summary and Analysis of Research Status at Home and Abroad.
A comprehensive analysis of the relevant research literature at home and abroad found that there are already some scholars doing research in the cross section of information and medicine and also achieved good results. However, from the perspective of the technology and method of privacy protection, it can be roughly divided into privacy protection technology based on anonymity and differential privacy; from the perspective of big data security technology, current research is mainly based on cryptography; however, from a management perspective, analysis can be summarized into the following two categories: one is the use of electronic information technology to monitor networks, platforms, and management systems; the other is the use of computer methods to analyze and mine medical data, such as machine learning.
Although there are some similar studies from the perspective of risk, this is still in the initial stage of exploration, and there is no mature theoretical model system; especially for the privacy protection of medical big data based on risk, it is extremely scarce. e main contributions of this article are as follows: (1) Due to the particularity of the medical field, it is difficult to determine whether a user is an "illegal user" based on the user's access behavior. erefore, this article introduces the user's trust value as one of the risk evaluation indicators. e two jointly evaluate users' access requests to reduce the possibility of system misjudgment. (2) is paper uses mathematical methods such as information entropy, neural network, fuzzy theory, and probability to establish an adaptive fuzzy neural network model. First, information entropy and probability are used to quantify risk indicators. en, the knowledge expression ability of the fuzzy theory and the self-learning ability of the neural network are combined, so that the data processing process can be presented in a way that people can easily accept, and at the same time, the risk can be dynamically predicted according to scene changes.

Risk Assessment Model Based on Adaptive Neural Fuzzy Theory
Fuzzy theory solves the problems of unclear and uncertain boundaries in intelligent systems by imitating human perception and reasoning [37]. From the perspective of practical application, the application of fuzzy theory mainly focuses on the fuzzy system, especially on fuzzy control. For example, the fuzzy expert system in the medical field is often used for medical diagnosis and decision support [38]. However, there are some disadvantages of fuzzy theory in practical application. For example, in the fuzzy control system, the corresponding rule base should be established according to experience, and the number of rules increases exponentially with the increase of input variables. In addition, the selection of membership functions and optimization work need to be completed manually, and the workload of fuzzy systems in the big data environment becomes extremely complicated [39]. However, the biggest feature of neural networks is to automatically learn new things by imitating the thinking mode of the human brain. e introduction of neural networks into fuzzy theory can help people deal with complex tasks such as rule bases and membership function optimization in fuzzy systems. erefore, the combination of the two methods can not only improve the expression and learning ability of fuzzy systems Security and Communication Networks 3 but also make the processing of neural networks appear in a way that people can easily accept. Before introducing how to deal with the security and privacy issues of medical big data with an adaptive neurofuzzy system, the relevant theories involved in this model are firstly introduced.

Relevant eories and Principles.
e risk assessment model based on adaptive neural fuzzy theory mainly involves three key concepts of neural network, neural fuzzy theory, and adaptive neural fuzzy theory. e related content will be described in detail below.

Basic Principles of Neural Networks.
A neural network is a network structure formed by the interconnection of many neurons. According to the different connection methods, neural networks can be divided into feed-forward neural networks, feedback neural networks, and self-organizing networks. is article mainly uses feed-forward neural networks, so the other two connection methods will not be introduced here.
Feed-forward neural networks are mainly composed of three parts: the input layer, hidden layer, and output layer. As shown in Figure 1, each circle represents a neuron node, and the output of each layer of neurons will be used as the input of the next layer of neurons [40].
A BP neural network is a typical feed-forward neural network, and the basic idea is to calculate the error value of the previous layer according to the output layer and, then, further calculate the error value of the previous layer based on this error value. At the same time, the weight coefficients of neurons in each layer are adjusted, and so, it went on until the final error value is within the acceptable range [41].

Neural Fuzzy eory.
Although the neural network has strong self-learning ability, its modeling process and data processing process have the characteristics of black box learning, and the processing process cannot be presented in a way that people can easily accept. erefore, combining the ability of fuzzy theory to express the learning process and the self-learning ability of neural networks is undoubtedly the best choice. In the fuzzy system, the fuzzy models can be divided into two types according to the different output results. One is a Mamdani-type fuzzy model, and the other is a Takagi-Sugeno-type fuzzy model. e former output is a fuzzy set, while the latter outputs the input result in linear combinations or constants of variables [42]. Because the specific risk value is finally calculated in this article, this section mainly introduces the combination of the Takagi-Sugeno fuzzy model and neural network, as shown in Figure 2 [43]. e first layer is used to receive the input variable x i and pass the input variable x � [x 1 , x 2 , . . . , x n ] Τ to the second layer. e role of the second layer is mainly to blur the input variables and calculate the membership function u j i (i � 1, 2, . . . , n; j � 1, 2, . . . , m i ) of each variable, where n represents the input variable and m i represents the number of fuzzy sets corresponding to the variable x i . e third layer is used to train the antecedents of fuzzy rules, and each node represents a rule. For a specific input x, · · ·, i n ∈ 1, 2, . . . , m n , j � 1, 2, . . . , m, and m represents the total number of rules. e fourth layer performs normalization processing according to the antecedent of the rule, that is, e fifth layer performs deblurring processing on the results of each rule aggregation to obtain the output result y i � m j�1 y ij × a j , i � 1, 2, . . . , r. For a more intuitive representation, y i can be written in the form of the following vector [44]: But, this kind of fuzzy control system completed with the help of neural networks has certain problems when dealing with practical problems, such as adjusting parameters and determining the number of hidden layers.

Quantification of Medical Big Data Risk Based on Adaptive
Neuro-Fuzzy eory. At present, hospital data are basically stored in a local area network. Generally, the outside world cannot steal the patient's private information. In addition, the patient's information will be printed out and stored in the medical record room after the patient is discharged. e workstation of the ordinary user can only query the recent patient's medical information. However, in order not to affect the normal work of the doctor, some highly qualified doctors or experts will be granted extremely high permissions. ey can not only access the patient information of their workstations but also log in to the hospital's information center to view all the patients' treatment information. erefore, their access behavior needs to be evaluated to prevent them from stealing or snooping on patient information.
For the convenience of description, this article divides users into two categories, one is called legal user and the other is called illegal user. Legal users generally only access medical records within their own scope of responsibility, while illegal users, in order to steal more patient

Input layer
Hidden layer Output layer information, will also access related medical records by falsifying the patient's condition while completing their own work or access some patients medical records unrelated to the condition [28]. erefore, legal users can be distinguished from illegal users based on differences in user access behavior. However, we also need to consider some special situations, such as encountering a patient's condition is rare and difficult. In order to ensure the accuracy of the diagnosis, legal users may access additional information from the database that is not related to their work objective, and the more senior the expert, the more often the incurable diseases diagnosed.
In this case, it is difficult for the system to judge whether the user is legitimate or illegal just based on the access behavior, and the access request of the legitimate user may be rejected because of misjudgment. In order to solve this problem, we introduce the user's trust and the user through the user's access behavior trust together to evaluate the user's access request; when a user's access behavior is abnormal, the system will be combined to determine the user's trust, if the user's trust is very high, the system will may be allowed to access, but if the user's trust is lower, then the user will have the risk of stealing the patient's privacy, which, to some extent, can reduce the possibility of miscalculation. erefore, this article mainly evaluates user access requests from two aspects: user access behavior and user trust.

Formal Definition of Risk Indicators.
Before quantifying the risk of privacy leakage of medical big data, this section first formalizes the key index factors that affect the privacy of medical data and turns it into specific mathematical problems. A user's access is recorded as a six-tuple: where U � u 1 , u 2 , . . . , u I u represents the set of all access requesters, including doctors, nurses, technicians, administrators, or the initiators of other actions; S � s 1 , s 2 , . . . , s I s represents the set of all patients in the hospital, and each patient has corresponding medical records; O � o 1 , o 2 , . . . , o I o represents a set of task objectives, which is an activity set corresponding to a business process, and each user has his own work objective; M � m 1 , m 2 , . . . , m I m represents the collection of patient medical information, including basic patient information, medical conditions, and medical records; UT � ut 1 , ut 2 , . . . , ut I u represents the trust of all users; Risk is the result value of risk quantification; and I u , I s , I o , and I m , respectively, represent the number of users, patients, work objectives, and medical records.
Since the Adaptive Neural Fuzzy Inference System (ANFIS) cannot identify qualitative index factors, it is necessary to formally describe the user's access behavior and trust so that it turns into a quantitative mathematical problem. is section mainly quantifies the user's access behavior and trust value. e following will introduce the quantification method and process of indicators in detail: (1) Quantification of User Access Behavior. In order to compare the differences in access behavior between users, we use information entropy to describe the user's access behavior. Suppose X is a random variable and the random distribution of Xis P(X); then, the entropy of Xis

Security and Communication Networks
Reference literature [31], according to the user's historical access records, respectively, defines the probability of the user choosing the work objective o k and accessing the medical record m l stage and, then, defines the information entropy of the user's selection of the work objective stage and access to the medical record.
Definition 1. Probability that user u i selects work objective o k when diagnosing patient s j .
where O u i ||s j represents the set of work objective that user u i accesses when treating patients j and ‖f(o k )‖ represents the number of times the user selects work objective o k .
Definition 2. Probability that user u i selects medical record m l under job objective o k .
where M s j |o k represents the set of medical records accessed by the user when patient s j and work objective are determined and ‖f(m l )‖ represents the number of times the user accesses medical records m l .
(2) Quantification of User Trust. Based on the existing research, this paper mainly divides it into direct trust and recommended trust according to the way of obtaining trust. e following first introduces the related concepts and definitions.
Definition 5 (trust). Trust refers to the dependency relationship between entities. In spite of believing that the other party is trustworthy and upright, trust also has certain risks because trusting the other party means bearing the losses caused and hurt by the other party's behavior.
Definition 6 (trust value). Trust is an evaluation between entities, which itself has a certain degree of uncertainty and ambiguity, and trust value is a quantification of this uncertainty and is expressed by Td.
Among them, Td ij � DT(u i , u j )represents direct trust, Td ij � RT(u i , u j ) represents recommendation trust, and u i and u j represent two entities.
Definition 7 (trust matrix). It refers to a matrix composed of the trust between entities in a specific context, denoted by M.
where the element Td ij represents the trust degree of entity u i to entity u j and the diagonal elements are all 1.
According to the relevant definitions, we will evaluate the user's trust from two aspects: direct trust and recommended trust.
(a) Direct Trust. When evaluating the trust degree of the user u j , if the evaluation result is the direct experience from the user u i , the relationship between u i and u j is called a direct trust relationship. Assuming that, during the user's historical interaction, the number of successful interactions between user u i and user u j is m and the number of interaction failures is n; then, the direct trust relationship function between user u i and user u j is defined as in which δ(0 < δ < 1) increases with the number of successful interactions. e premise of ensuring the validity of the relationship function is to have sufficient historical data; that is, the number of interactions between two users must be sufficient. If the number of interactions is very small, the accuracy of the results will be affected. In order to solve this problem, reference literature [25] in this paper introduces the interaction threshold π. When the number of interactions is less than the threshold π, the abovementioned formula is adjusted as follows: erefore, the direct trust relationship between end user u i and user u j can be expressed by the following relationship function: (b) Recommendation Trust. e key to recommending trust different from direct trust is that there is no direct empirical relationship between the trustee u i and the client u j , but the trust relationship is established indirectly through the introduction of acquaintances. When there is no direct interaction experience between u i and u j , or the interaction experience is very limited, in order to be able to objectively evaluate the trust of u j , u j can establish an indirect trust relationship with u i through the introduction of acquaintance u k . As shown in Figure 3, u i and u k are direct trust relationships, u k and u j are also direct trust relationships, but u i and u j are recommended trust relationships established through u k .
As shown in Figure 3, there are two indirect recommended paths between users u i and u j : u i ⟶ u k 1 ⟶ u k 2 ⟶ u j and u i ⟶ u k ⟶ u j ; each path corresponds to a trust value, and the greater the path depth, the lower the trust between entities. erefore, it is necessary to comprehensively calculate all reachable paths to obtain the final trust degree between u i and u j . Assuming that the path depth is ω(ω ≥ 2) and the reachable path is c, the corresponding recommendation trust degree has the following definition [45]: Finally, the comprehensive recommended trust degree RT(u i , u j ) between u i and u j is calculated for all possible path depths and corresponding reachable paths.
where min dph and max dph , respectively, represent the minimum path depth and the maximum path depth and α ω indicates the weight of the corresponding recommendation trust when the path depth is ω and satisfies α ω ∈ (0, 1), max dph ω�min dph α ω � 1. (c) Comprehensive Trust. e comprehensive trust degree CT is the result of combining the direct trust degree and the recommended trust degree in a certain way. is article uses the following expression to express it: Among them, α(0 < α < 1) represents the proportion of direct trust DT(u i , u j ) in the comprehensive trust. At present, there is no unified standard for the value of α, which is generally subjectively determined based on expert experience.

Risk Quantification Method Based on Adaptive Neural
Fuzzy eory. Quantifying the risk of medical big data privacy leakage is a very complicated process because the access behavior and trust of users at each stage are mutually independent and interrelated, and different indicators have different effects on the final risk, which is a nonlinear changing relationship. is article establishes a risk quantification method based on adaptive neuro-fuzzy theory, aiming at solving some problems existing in existing methods, providing a risk assessment model and method specifically for medical big data information security, achieving academic innovation, and providing reference for relevant institutions. e adaptive neural fuzzy theory mainly uses the selflearning ability of the neural network to learn the existing Security and Communication Networks data, automatically generates the rule base and membership function in the fuzzy system, and does not rely on subjective factors such as expert experience. Matlab provides an adaptive neuro-fuzzy inference system based on the Takagi-Sugeno model [46]. As shown in Figure 4, the quantification process of medical big data privacy leakage risk based on this inference system can be roughly divided into the following four steps: Step 1: the user's access behavior data and trust data are preprocessed, and the processed data are loaded into the Matlab workshop Step 2: fuzzy C-means clustering or subtractive clustering is used to process the input data to generate the initial fuzzy inference system (FIS) Step 3: on the basis of the initial FIS, the adaptive neural fuzzy inference system trains the inference system according to the existing data, so as to correct and adjust the parameters of each membership function and output function and generate the final FIS Step 4: according to the final training results, the user's access behavior, trust, and final risk membership function and rule base are recorded

Experimental Environment.
e experimental part mainly uses Matlab software to model and analyze the design of the network structure and the specific processing of the data in this paper. en, the performance of the model is tested and the configuration of the specific experimental environment is shown in Table 1.

Experimental Data.
It is known from the foregoing that, before training a fuzzy neural network, not only an input data set but also a corresponding output data set should be obtained. erefore, this article not only obtains the following input data before the experimental test, entropy for choosing work objectives (EFCWO), entropy of access to medical records (EATMR), and the user's trust (UT), but also the output data, risk (Risk).
At present, we have obtained part of the user information form, the doctor's advice, and the user's access record form from a hospital. e user information table mainly includes fields such as the user's ID, department, and title; the medical order is what we usually call the electronic medical record, which mainly records the patient's medical records, medical plans, and other information; the user's access record is mainly extracted from the user's access log, which records the computer model, login time, user access information, and user's operation. In addition, for partial missing fields, we assume that there are appropriate software components that can automatically obtain information from the system, such as the number of successful and failures interactions between users and the interaction relationship and dynamically adjust these factors when the context changes. e initial value of δ is set as 0.5, the interaction threshold as π � 50, and the weight of the direct trust as α � 0.6. Formulas (5), (6), and (14) are combined to simulate the generation of the user's EFCWO, EATMR, and UT. e output data are calculated through the risk index; in literature [25,28,31,[34][35][36], the related risk quantitative method is introduced, and this paper is based on the existing research by cross entropy to measure individual user's access behavior deviating from all user access behavior of entropy to calculate the risk. Assume that the trust of a user is ϕ(u), the risk caused by choosing the work objective is risk 1 , and the risk caused by accessing medical records is risk 2 ; then, the risk calculation formula introduced in literature [25] (Risk � min 1, (W * 1 Risk 1 + W * 2 Risk 2 + W * 3 (1 − ϕ(u))) ) can simulate and generate the corresponding output data set.
In summary, 1500 pieces of data were generated for simulation experiments in this paper. In order to avoid omission of data and reduce the chance of test results, this paper uses 10-fold cross validation to test the accuracy of the model. e data set is divided into ten equal parts. First, the first data set for testing data is used, then the remaining 9 parts for training data are used, the second data set was used for testing, and the remaining 9 parts are used for training, and ten verifications are run in turn. In this paper, the first group of data (training data1, testing data1) is used to introduce the whole experimental process in detail. Figure 4, the risk quantization method based on adaptive neural fuzzy theory is roughly divided into five steps: loading data, generating initial FIS, training FIS, generating final FIS, and outputting   . is section will follow these five steps to conduct the following operations and display the results.

Load Data.
First, we need to load the training data into the workspace to form a multi-input single-output data matrix, where the last column defaults to output data because only single-output data formats are supported in the Takagi-Sugeno model-based fuzzy inference system. rough the graphical interface window shown in Figure 5, the training data1 is loaded into the workshop of Matlab, and the final data distribution is shown in Figure 6.

Generating the Initial FIS.
Before training FIS, an initial FIS structure is required. In this paper, fuzzy C-means clustering is used to extract the features of the input data to generate the initial FIS. e output of the clustering method represents the membership degree of each data point to each cluster center. rough constant correction of the clustering center point, until the weighted sum of the distance from each data point to the clustering center and the membership degree is the smallest, the output result can be further used to establish the fuzzy inference system. However, the subtractive clustering method is mainly used to estimate the number of data clusters and the location of the cluster center, so the fuzzy C-means clustering algorithm is selected. Among them, the fuzzy subsets of the input variables EFCWO, EATMR, and UT are all divided into 4 categories, which are very low (VL), low (L), medium (M), and high (H). At the same time, according to the distribution characteristics of the user's risk indicators, most users' EFCWO, EATMR, and UT are distributed near the mean, and the number of users with very low or very high values of the three indicator variables accounts for only a few parts. e general trend is consistent with the characteristics of the Gaussian distribution. erefore, the input variable of type selects Gaussian membership functions, and the type of the output variable can only be constant or linear combination of the input variables. e resulting neural network structure and membership function corresponding to each index before system training are shown in Figures 7-10.

Training the Initial FIS and Generating the Final FIS.
Based on the initial FIS structure, the neural fuzzy inference system is trained by data loaded into the workspace. But, before training, we need to determine the training method, error accuracy, and training times. e training method mainly includes a hybrid algorithm and BP algorithm. In this paper, the hybrid algorithm is used to train the FIS, the error accuracy is set to 1e-5, and the training number is set to 20 times. As shown in Figure 11-13, after training, the range of fuzzy subsets of input variables and the membership function shape of each index have changed, but the general trend still conforms to the Gaussian distribution. In addition, the ANFIS model structure will not change after training, only some structural parameters will change.

Output Results.
is article combines fuzzy theory and neural networks to utilize the self-learning ability of neural networks to adaptively train membership functions and rule bases in fuzzy inference systems. At the same time, the fuzzy theory is used to present the relationship between the input and output of the neural network learning data in a way that people can easily accept. erefore, this section mainly presents the results of the training in Section 4.3.3 in a formal way.
(1) Membership function of input variables: the membership functions after the training of input variables are given, as shown in Figures 11-13, and all conform to the Gaussian distribution. From this, the parameters of each membership function can be obtained, as shown in Table 2.
(2) Membership function of output variables: it is known that there are 3 input variables, and each input variable corresponds to 4 fuzzy subsets. erefore, the result of all input combinations will produce 64 output records. As shown in Figure 14, the output variable ucorresponds to 64 membership functions. Among them, the membership function parameter corresponding to u1after training in the neural network is [0.03051 0.01467 0.01683 0.1191]; then, the function expression corresponding to the output function u1 is u1 � 0.03051 * EFCWO+ 0.01467 * EATMR + 0.01683 * UT + 0.1191, and so, all the output functions can be obtained. For convenience, only the parameters corresponding to each output function are listed here, as shown in Table 3.
(3) Rule base: according to the input and output membership function of each indicator, the rule base shown in Table 4 is easy to obtain. For convenience of writing, a, b, and c are used instead of the indicators EFCWO, EATMR, and     Figure 18. If the risk value is within the range that the system can tolerate, the system will allow the user to access; otherwise, it will deny its access or pass a risk reduction policy until it meets the system tolerable range.

Performance Analysis.
Firstly, the overall effect of the model is evaluated using testing data 1, and the degree of agreement between the output of the model and the actual output is analyzed through comparative experiments. Figure 19 shows a partial screenshot of the experimental work area in this paper, where the variable ANFIS is the Adaptive Neuro-Fuzzy Inference System after training. From the foregoing, the system has three input variables and one output variable. erefore, the input variable of testing data 1 is named testing data 1_input and the output variable is named testing data 1_output to generate 150 * 3 and 150 * 1 data structures, respectively. en, the comparative analysis results, as shown in Figure 20, can be achieved through the following code: x � (1 : 1 : 150); y � evalfis (Testingdata1_input, ANFIS); y1 � plot (x, Testingdata1_output, "or") hold on; y2 � plot(x, y, "+k"); legend ([y1, y2], "Actual output,""ANFIS output") From the comparison results in Figure 20, it can be clearly seen that the ANFIS output results after training are basically consistent with the actual output results. ere is no very obvious error, and the sum of error squares is 7.53521e − 06. e same method was used to perform the remaining nine experiments in sequence, and the results are shown in Table 5.
According to Table 5, the final error value of 10-fold cross validation is 7.0159e − 6, which is less than 1e − 5. erefore, the model in this paper is feasible in predicting the risk of medical big data privacy disclosure.
Next, the accuracy rate, recall rate, and F1 value of the model will be specifically analyzed under the conditions of different proportions of illegal users. In order to facilitate comparative analysis, this article will refer to the experimental methods of Hui et al. [31] and Wang and Hong [28] to evaluate the performance of the medical big data security and privacy protection model based on risk access control proposed in this paper. It is known from the foregoing that illegal users have more diversity and instability in selecting work goals and accessing medical records, and their risk value is higher than that of legitimate users. erefore, when the users with higher risk values are illegal users and the risk values of illegal users are higher, the model is considered to be effective. is article will set up 6 groups of experiments, each of which will generate 600 users' EFCWO, EATMR, and UT values and, then, calculate their  corresponding risk values through the risk quantification model based on the adaptive neural fuzzy theory. e number of curious doctors accounts for 2.5%, 5%, 7.5%, 10%, 12.5%, and 15%, then each group of data is sorted according to the magnitude of the risk value from high to low, and finally, the experimental results are calculated, as shown in Table 6.
e experimental results show that the performance of the model in this paper improves with the increase of the number of illegal users. is is because when the number of users is constant, the more the number of illegal users, the less the number of legal users and the larger the If (a is VL) and (b is VL) and (c is VL) then (risk is u1) 2 If (a is VL) and (b is VL) and (c is L) then (risk is u2) 3 If (a is VL) and (b is VL) and (c is M) then (risk is u3) 4 If (a is VL) and (b is VL) and (c is H) then (risk is u4) 5 If (a is VL) and (b is L) and (c is VL) then (risk is u5) 6 If (a is VL) and (b is L) and (c is L) then (risk is u6) 7 If (a is VL) and (b is L) and (c is M) then (risk is u7) 8 If (a is VL) and (b is L) and (c is H) then (risk is u8) 9 If (a is VL) and (b is M) and (c is VL) then (risk is u9)  proportion of illegal users among high-risk users. In addition, through a comparative analysis with the methods of Hui et al. [31] and Wang and Hong [28], it is found that when the number of illegal users reaches 15%, the performance of the model does not change significantly, but when the number of illegal users is less than 15%, the performance of the model is significantly superior to the methods of Hui et al. [31] and Wang et al. [28] because this      paper considers the user's historical trust value on the basis of both, and the possibility of system misjudgment is reduced to some extent.

Conclusions
is article proposes a risk assessment model for the medical field. is model not only considers the risks that users may bring when choosing work objectives and accessing medical records but also considers the user's trust and reduces the misjudgment rate of the system on legitimate users under special circumstances. In our model, when a user requests access to medical information, the system can evaluate the risk of the model based on the membership function, output function, and rule base after training and decide whether to grant access based on the size of the risk, which can not only prevent illegal doctors' excessive access but also will not affect the normal work of the legitimate doctors. In addition, it is proved by comparison experiments that the evaluation output of the model is basically consistent with the actual output, and the recall and accuracy methods are superior to the existing models.

Data Availability
e original data of this article have been signed in a confidentiality agreement with the hospital and are temporarily unavailable, but the processed data (data used to support the research in this article) can be shared publicly and submitted with the manuscript.

Conflicts of Interest
e authors have no conflicts of interest to declare.