Secure information vault, exchange and processing system and method

US 20060085344A1
Filed: 10/14/2004
Published: 04/20/2006
Est. Priority Date: 10/14/2004
Status: Active Grant

First Claim

Patent Images

1. A secure information repository system, comprising:

data storage for securely storing encrypted information, associated with an account holder;

a deposit system for securely depositing encrypted information into the data storage;

an information access system for accessing the encrypted information stored in the data storage;

an information withdrawal system for removing the encrypted information stored in the data storage; and

a tracking system for logging at least any one of a deposit to the data storage, a withdrawal from the data storage, a deletion to the data storage, an account creation, an account deletion, and an access to the data storage.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing an information vault so that individual owners of personal data may control and manage the access and dissemination of the personal data and provides for the owner of the personal data to receive compensation for the use of the personal data, thus, in effect, the personal data becomes a valuable commodity analogous to money. A business model is provided that allows competitive, unbiased trusted third parties whose business is protecting the information analogous to how a commercial bank protects money. Centralized protected storage of personal data is provided, thereby minimizing the number of copies that may be in existence. Second party access to the centralized storage of personal data may be made on-demand, as required for commerce, with a provision for assessing fees for accesses.

Citations

42 Claims

1. A secure information repository system, comprising:
- data storage for securely storing encrypted information, associated with an account holder;
  
  a deposit system for securely depositing encrypted information into the data storage;
  
  an information access system for accessing the encrypted information stored in the data storage;
  
  an information withdrawal system for removing the encrypted information stored in the data storage; and
  
  a tracking system for logging at least any one of a deposit to the data storage, a withdrawal from the data storage, a deletion to the data storage, an account creation, an account deletion, and an access to the data storage.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, wherein the data storage, the deposit system, the information access system, and the information withdrawal system are services of an information vault and each service accessible via a network.
  - 3. The system of claim 1, wherein the deposit system, the information access system and the information withdrawal system use a dual key security mechanism to authenticate a transaction.
  - 4. The system of claim 1, further comprising a charging system for charging a user for at least any one of a deposit of information into the information vault, a withdrawal of information from the information vault, and an access to information in the data storage.
  - 5. The system of claim 1, wherein the data storage stores personal information associated with the account holder including at least any one of a credit card information, a demographic information, a medical record, a user identification information, an age, a date of birth, an address, and a financial information.
  - 6. The system of claim 1, wherein the deposit system provides for a user to identify an item of information with a handle and associate the item of information with an account, the item of information being encrypted with a private key associated with the user or account holder and the item is identified as being one of sharable, commercial, and private.
  - 7. The system of claim 1, wherein the information access system provides for a user to access an item of information identified by a handle.
  - 8. The system of claim 7, wherein the user is other than the account holder and the user gains access to the item of information via a contract, wherein the contract specifies at least the account holder'"'"'s public key, the user'"'"'s public key, and contract details.
  - 9. The system of claim 8, wherein the contract is digitally signed by the user by hashing the contract using a private key of the user and encrypting a result of the hashing.
  - 10. The system of claim 9, wherein the contract defines access restriction to the item of information to entities specified in the contract.
  - 11. The system of claim 1, further comprising a contract data token that specifies a first party and a second party, the first party being the account holder and the second party being another user given access to the encrypted information by the first party.
  - 12. The system of claim 11, wherein the contract data token is provided to the second party for accessing the encrypted information and controls the functions that the second party may perform with the encrypted information.
  - 13. The system of claim 11, wherein the contract data token is digitally signed and encrypted with a private key of the first party.
  - 14. The system of claim 12, wherein the contract data token is authenticated by one of the information access system and information withdrawal system when the second party presents the contract data token for accessing the at least one item of first party information.

15. A system for providing a protected information repository, comprising:
- an information vault having data storage comprising;
  
  a means for securely creating an account in the information vault;
  
  a means for securely depositing information in the information vault;
  
  a means for accessing information in the information vault; and
  
  a means for charging for transactional activity involving the information.
- View Dependent Claims (16, 17, 18)
- - 16. The system of claim 15, further comprising:
    - a means for creating a digital certificate;
      
      a means for tracking transactional activity with the information vault; and
      
      a means of mutually authenticating parties using the digital certificate during a transaction with the information vault.
  - 17. The system of claim 15, further comprising:
    - a means for expiring information associated with the account in the information vault;
      
      a means for removing information from the account;
      
      a means for reading information from the account; and
      
      a means for deleting the account.
  - 18. The system of claim 15, further comprising:
    - a means for creating a second party contract;
      
      a means for a second party contract fulfillment;
      
      a means for a commercial information deposit by a first party; and
      
      a means for commercial access to the commercial information deposited by the first party.

19. A method of providing an information repository, comprising:
- accessing an information vault to perform a transaction involving a secured item of information stored in the information vault;
  
  authenticating an identity of an entity performing the accessing;
  
  executing the transaction when the identity of the entity is authenticated; and
  
  logging the transaction.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 20. The method of claim 19, further comprising charging a fee for the transaction.
  - 21. The method of claim 20, wherein at least a portion of the fee is remitted to an owner of the secured item of information.
  - 22. The method of claim 19, wherein the secured item of information is associated with an account and the secured item of information is encrypted.
  - 23. The method of claim 19, further comprising creating a digital certificate for use in authenticating the identity of the entity.
  - 24. The method of claim 19, wherein the secured item of information includes at least any one of personal information, financial information, account information, and commercial information.
  - 25. The method of claim 19, further comprising:
    - creating a digital certificate for an applicant associated with the secured item of information and authenticating the applicant using a witness and third party identity authenticator; and
      
      accessing the information vault to create an account associated with the applicant and presenting the digital certificate as identity.
  - 26. The method of claim 19, wherein the authenticating authenticates using a trusted third party authenticator.
  - 27. The method of claim 19, wherein the accessing includes at least any one of depositing the item of information, reading the item of information, removing the item of information, deleting an account, depositing commercial information, and querying commercial information.
  - 28. The method of claim 27, wherein the deleting account includes removing all user information from an information vault map.
  - 29. The method of claim 19, further comprising:
    - searching the contents of the information vault for information for information about to expire;
      
      notifying an owner of the information about to expire; and
      
      when the owner permits the information to expire, deleting all information, associated metadata, and associated contracts for the information that has expired.
  - 30. The method of claim 19, wherein the entity performing the accessing is a second party other than the owner of the secured item of information and further comprises:
    - verifying a contract token by validating the digital signature of the contract token;
      
      verifying that the second party is the second party as specified by the contract token;
      
      performing the functions as specified by the contract token; and
      
      returning any results of the performed functions to the second party completing the transaction.
  - 31. The method of claim 30, wherein when the any results is data, the any results is decrypted with the information vault'"'"'s private key and re-encrypted with the second party'"'"'s public key.
  - 32. The method of claim 31, further comprising decrypting the any results using the second party'"'"'s private key.
  - 33. The method of claim 19, wherein the accessing is a deposit of commercial information by an owner of the commercial information and the secured item of information is an item of commercial information, wherein the commercial information item has at least any one of an expiration time, an identifier, a permission, a format type, a security level, one or more keywords and an owner ID.
  - 34. The method of claim 33, further comprising building a commercial information index.

35. A method of charging for personal information comprising:
- depositing personal data by an owner into an information vault;
  
  establishing a contract with at least one entity and the owner to enable access to the personal data by the at least one entity;
  
  accessing the personal data by the at least one entity according to terms of the contract; and
  
  charging a fee for accessing the personal data.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The method of claim 35, wherein the personal data is encrypted using the owner'"'"'s public key.
  - 37. The method of claim 35, wherein the accessing step includes authenticating at least the at least one entity.
  - 38. The method of claim 35, wherein the establishing the contract includes authenticating the identity of the owner and the identity of the at least one entity, and specifying terms of the contract, the terms defining functions that the at least one entity can perform with the personal data.
  - 39. The method of claim 35, wherein at least a portion of the fee is remitted to the owner of the personal data.
  - 40. The method of claim 35, wherein the information vault authenticates the owner and the at least one entity.
  - 41. The method of claim 35, wherein the depositing provides for the owner to encrypt the personal data with a private key associated with the owner, the personal data identified as being one of shareable, commercial and private.

42. A computer program product comprising a computer usable medium having readable program code embodied in the medium, the computer program product includes at least one component to:
- access an information vault to perform a transaction involving a secured item of information stored in the information vault;
  
  authenticate an identity of an entity performing the accessing;
  
  execute the transaction when the identity of the entity is authenticated; and
  
  log the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Wilson, John D., Schmidt, Christopher I., Grim, Clifton III

Granted Patent

US 7,587,366 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06Q 20/40 Authorisation, e.g. identif...

G06Q 30/02 Marketing; Price estimation...

Secure information vault, exchange and processing system and method

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Secure information vault, exchange and processing system and method

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links