Method and system for providing a secure multi-user portable database
First Claim
1. A method of providing, managing, and accessing a multi-user portable secure database comprising:
- providing a database with a secure portion and a non-secure portion;
storing security components for encrypting and decrypting data files in the secure portion;
storing encrypted data files in the non-secure portion; and
controlling access to the encrypted data files, wherein said controlling access step further comprises;
assigning an access control matrix to each encrypted data file according to a hierarchical structure, wherein the access control matrix defines access rights of each user to each encrypted data file, the access control matrix assigning a level of access to each type of access;
associating a user requesting access with one of the security components comprising a key for allowing the requested access; and
allowing the requested access to one or more of the encrypted data files in accordance with the access control matrix.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing, managing, and accessing a multi-user secure portable database using secure memory cards is provided. The database has a secure portion for storing security keys and a non-secure portion for encrypted data files. Access to the encrypted data files is controlled by assigning access rights through an access control matrix to each encrypted data file according to a hierarchical structure of users. A user requesting access is identified in the hierarchy, associated with a key for allowing the requested access, and the requested access allowed to a file in accordance with the rights allocated through the access control matrix. A patient can selectively grant access to encrypted medical records on his card to a physician. Authentication of the owner/patient is preferably required. Other records required by emergency medical personnel are readable from the same card without requiring permission from the patient.
-
Citations
45 Claims
-
1. A method of providing, managing, and accessing a multi-user portable secure database comprising:
-
providing a database with a secure portion and a non-secure portion;
storing security components for encrypting and decrypting data files in the secure portion;
storing encrypted data files in the non-secure portion; and
controlling access to the encrypted data files, wherein said controlling access step further comprises;
assigning an access control matrix to each encrypted data file according to a hierarchical structure, wherein the access control matrix defines access rights of each user to each encrypted data file, the access control matrix assigning a level of access to each type of access;
associating a user requesting access with one of the security components comprising a key for allowing the requested access; and
allowing the requested access to one or more of the encrypted data files in accordance with the access control matrix. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A multi-user system for storing, updating, and accessing secure data records using a portable database comprising a secure portion and a non-secure portion, said system comprising:
-
a data structuring module, configured to embed a hierarchical structure for each user into each secure data record in the portable database, wherein the hierarchical structure identifies each user and allows for assigning access rights to each secure data record; and
an access control module, configured to embed a security element into each secure data record and to cooperate with a security management module for managing a plurality of security elements associated with a plurality of users and with said data structuring module, wherein said access control module is configured to assign the access rights for each user to each secure data record and to allow a user access to a secure data record in accordance with the assigned access rights, and wherein the non-secure portion of the portable database comprises the secure data records and the secure portion comprises at least one of the plurality of security elements. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
-
Specification