System and Method for Anonymously Indexing Electronic Record Systems

US 20070245144A1
Filed: 03/15/2005
Published: 10/18/2007
Est. Priority Date: 03/15/2004
Status: Active Grant

First Claim

Patent Images

1-95. -95. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for issuing Anonymous Public Key Certificates to Registered Persons in an electronic record system, where pointers for indexing the record system are stored within the Anonymous Public Key Certificates, and where associated Private Keys are controlled by smartcards or similar devices. Electronic records may be identifiably indexed when the smartcard has been activated by its holder correctly entering their secret pass-phrase, or anonymously indexed when only the value of a pointer is known. The only direct linkage between each Anonymous Public Key Certificate and the associated Registered Person is through the associated Private Key as controlled by a smartcard or similar device. Using this invention the retrieval of identifiable records pertaining to a given Registered Person from an electronic record system is normally only possible with the agency of the Person'"'"'s smartcard or similar device, and therefore normally only possible with the Person'"'"'s consent.

Citations

115 Claims

1-95. -95. (canceled)

96. A method for anonymously indexing an electronic record system, the method comprising:
- storing an asymmetric cryptographic private key under the control of a portable storage device of a registered user;
  
  storing an anonymous public key certificate, the anonymous public key certificate being associated with an asymmetric cryptographic public key matching the asymmetric cryptographic private key;
  
  providing the portable storage device with information for associating the registered user with the portable storage device; and
  
  indexing within an electronic record system personal information of the registered user, whereby association of the information with the registered user is anonymously verifiable by use of the anonymous public key certificate.
- View Dependent Claims (97, 98, 99, 100, 101, 102)
- - 97. The method of claim 96 wherein the portable storage device is provided with at least one of:
    - human readable information for associating the registered user with the portable storage device; and
      
      machine readable information for associating the registered user with the portable storage device upon presentation of the portable storage device.
  - 98. The method of claim 96 wherein the portable storage device is at least one of:
    - a smartcard; and
      
      an electronic passport.
  - 99. The method of claim 96 wherein the indexing comprises associating with each item of personal information of the registered user an electronic record pointer, and wherein the anonymous public key certificate contains the electronic record pointer.
  - 100. The method of claim 96, wherein storing of the asymmetric cryptographic private key under the control of the portable storage device comprises at least one of:
    - storing the asymmetric cryptographic private key in the portable storage device;
      
      storing an access code in the portable storage device allowing access to the asymmetric cryptographic private key; and
      
      copying the asymmetric cryptographic private key into the possession of an authorised user.
  - 101. The method according to claim 99 wherein digital signature codes are created for given data items within the electronic record system in order to explicitly link each digitally signed data item to the value of an electronic record pointer associated with the digital signature codes.
  - 102. The method according to claim 96 wherein digital signature codes are created for given data items in the electronic record system using an asymmetric cryptographic private key issued to the registered person, where each digital signature code is interpreted as explicitly recording the consent of the registered person to the creation of each respective digitally signed data item.

103. An anonymously indexed electronic record system comprising:
- a portable storage device for a registered user, an asymmetric cryptographic private key being under the control of the portable storage device, the portable storage device being provided with information for associating the registered user with the portable storage device;
  
  a stored anonymous public key certificate associated with an asymmetric cryptographic public key matching the asymmetric cryptographic private key, an electronic storage indexing personal information of the registered user, whereby association of the information with the registered user is anonymously verifiable by use of the anonymous public key certificate.
- View Dependent Claims (104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114)
- - 104. The system of claim 103 wherein the portable storage device is provided with at least one of:
    - human readable information for associating the registered user with the portable storage device; and
      
      machine readable information for associating the registered user with the portable storage device upon presentation of the portable storage device.
  - 105. The system of claim 103 wherein the portable storage device is at least one of:
    - a smartcard; and
      
      an electronic passport.
  - 106. The system of claim 103 wherein the electronic storage indexes the personal information by having associated with each item of personal information of the registered user an electronic record pointer, and wherein the anonymous public key certificate contains the electronic record pointer.
  - 107. The system of claim 106 wherein digital signature codes are created for given data items within the electronic record system in order to explicitly link each digitally signed data item to the value of an electronic record pointer associated with the digital signature codes.
  - 108. The system of claim 103 wherein digital signature codes are created for given data items in the electronic record system using an asymmetric cryptographic private key issued to the registered person, where each digital signature code is interpreted as explicitly recording the consent of the registered person to the creation of each respective digitally signed data item.
  - 109. The system of claim 103 wherein the anonymous public key certificate contains a personal data component.
  - 110. The system of claim 109 wherein the personal data component comprises biometric data of the registered user.
  - 111. The system of claim 103, wherein the asymmetric cryptographic private key is stored in the portable storage device.
  - 112. The system of claim 103, wherein an access code is stored in the portable storage device allowing access to the asymmetric cryptographic private key.
  - 113. The system of claim 103, wherein the asymmetric cryptographic private key can be copied with the registered user'"'"'s authorization into the possession of an authorised user.
  - 114. The system of claim 113 wherein the authorised user is a health care professional authorised by the registered user to enter an update to the registered user'"'"'s indexed personal information.

115. A portable storage device for a registered user of an anonymously indexed electronic record system, the portable storage device being provided with information for associating the registered user with the portable storage device, wherein an asymmetric cryptographic private key is under the control of the portable storage device, wherein an anonymous public key certificate is associated with an asymmetric cryptographic public key matching the asymmetric cryptographic private key, and wherein association of anonymously indexed personal information with the user is anonymously verifiable by use of the anonymous public key certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockstep Consulting Pty Limited
Original Assignee
Lockstep Consulting Pty Limited
Inventors
Wilson, Stephen

Granted Patent

US 8,347,101 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06F 21/6254   by anonymising data, e.g. d...

G06Q 20/38215   Use of certificates or encr...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3263   involving certificates, e.g...

System and Method for Anonymously Indexing Electronic Record Systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

115 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Anonymously Indexing Electronic Record Systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

115 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links