Trusted records using secure exchange
First Claim
1. An information system for secure permission-based access to records, comprising:
- a readable/writable optical data card having dimensions conforming to conventional business cards, said data card including record data stored in optical format, and a magnetic stripe storing personal authentication information; and
a client/server network of computers, said client/server network comprising at least one optical reader/writer and at least one magnetic stripe reader, and running software including,an application process associated with an application,a user-authentication agent for identifying and authenticating each user attempting access to said record data;
a security policy broker including a security policy look-up table comprising apredetermined hierarchy of rights assigned to a plurality of predetermined users for accessing and manipulating said record data;
an enforcement agent associated with said application process and interactingwith said application and with the security policy broker, said enforcement agent enforcing said security policy look-up table in accordance with the identity of a user attempting access to said record data, whereby said enforcement agent runs independent of and does not modify said application.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure method and apparatus for data exchange that allows a client'"'"'s or patient'"'"'s financial data, medical records, and other information to be stored on a card-shaped compact disk, with multiple levels of encryption to preserve privacy. The trusted record disc can be read on any computer with a network or internet connection, but access to the information on the disc is restricted according to a password protected hierarchical encryption policy. In order to obtain access to the restricted information, an individual user needs to enter a unique password that is sent to a central server. The server confirms the password and returns an electronic key to the user'"'"'s computer. The electronic key unlocks the encryption and allow the user to view only the information that is permitted (under federal patient, financial privacy or other laws). Thus, in the medical setting, physicians can review the patient'"'"'s entire medical record and make changes to it. Nurses, pharmacists, and billing clerks have differing predetermined levels of access.
94 Citations
17 Claims
-
1. An information system for secure permission-based access to records, comprising:
-
a readable/writable optical data card having dimensions conforming to conventional business cards, said data card including record data stored in optical format, and a magnetic stripe storing personal authentication information; and a client/server network of computers, said client/server network comprising at least one optical reader/writer and at least one magnetic stripe reader, and running software including, an application process associated with an application, a user-authentication agent for identifying and authenticating each user attempting access to said record data; a security policy broker including a security policy look-up table comprising a predetermined hierarchy of rights assigned to a plurality of predetermined users for accessing and manipulating said record data; an enforcement agent associated with said application process and interacting with said application and with the security policy broker, said enforcement agent enforcing said security policy look-up table in accordance with the identity of a user attempting access to said record data, whereby said enforcement agent runs independent of and does not modify said application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification
-
- Resources
-
Current AssigneeSecure Exchange Solutions LLC
-
Original AssigneeSecure Exchange Solutions LLC
-
InventorsTrotter, Douglas H.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/20
-
CPC Class CodesG06F 21/6245 Protecting personal data, e...H04L 63/0853 using an additional device,...H04L 63/105 Multiple levels of securityH04L 9/3226 using a predetermined code,...
