End-to-End Trusted Communications Infrastructure

US 20130345530A1
Filed: 06/25/2012
Published: 12/26/2013
Est. Priority Date: 06/25/2012
Status: Active Grant

First Claim

Patent Images

1. A method of delivery of medical data via a trusted end-to-end communication link, comprising:

obtaining a measurement of a parameter of a human being by a first sensor;

obtaining a biometric from the human being by a second sensor;

receiving input from the first and second sensors by a secure application executing in a trusted security zone of a processor, whereby access to the input from the first and second sensors by applications executing in a normal partition of the processor is blocked, wherein the input from the first and second sensor comprises the measurement of the parameter and the biometric; and

transmitting a message based on the input from the first and second sensor via a trusted end-to-end communication link to a medical data server, wherein an application that receives the message executes in a trusted security zone of the server.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of delivery of medical data via a trusted end-to-end communication link. The method comprises obtaining a measurement of a parameter of a human being by a first sensor, obtaining a biometric from the human being by a second sensor, receiving input from the first and second sensors by a secure application executing in a trusted security zone of a processor, whereby access to the input from the first and second sensors by applications executing in a normal partition of the processor is blocked, wherein the input from the first and second sensors comprises the measurement of the parameter and the biometric, and transmitting a message based on the input from the first and second sensors via a trusted end-to-end communication link to a medical data server, wherein an application that receives the message executes in a trusted security zone of the server.

Citations

20 Claims

1. A method of delivery of medical data via a trusted end-to-end communication link, comprising:
- obtaining a measurement of a parameter of a human being by a first sensor;
  
  obtaining a biometric from the human being by a second sensor;
  
  receiving input from the first and second sensors by a secure application executing in a trusted security zone of a processor, whereby access to the input from the first and second sensors by applications executing in a normal partition of the processor is blocked, wherein the input from the first and second sensor comprises the measurement of the parameter and the biometric; and
  
  transmitting a message based on the input from the first and second sensor via a trusted end-to-end communication link to a medical data server, wherein an application that receives the message executes in a trusted security zone of the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the trusted security zone is provided by the processor blocking access by the applications executing in the normal partition of the processor from accessing memory, reading inputs, and writing outputs while the secure application executes in the trusted security zone.
  - 3. The method of claim 1, wherein the trusted security zone is provided by a first virtual processor and wherein the normal partition is provided by a second virtual processor.
  - 4. The method of claim 1, wherein the trusted security zone is provided by a first physical processor and the normal partition is provided by a second physical processor.
  - 5. The method of claim 1, wherein the parameter of the human being is a blood sugar level, a blood thickness, a blood pressure, a bodily temperature, a blood oxygen saturation level, a pulse rate, or a heart rhythm.
  - 6. The method of claim 1, wherein the biometric is a fingerprint scan, a retinal scan, or a face scan.
  - 7. The method of claim 1, wherein the medical data server comprises a plurality of medical records associated with a plurality of different human beings, wherein each medical record comprises a measurement of a parameter of a one of the human beings and a biometric of the one of the human beings, further comprising analyzing the plurality of medical records to perform an efficacy of a medical treatment regime.

8. A method establishing a trusted end-to-end communication link, comprising:
- executing a communication application in a trusted security zone of a mobile access terminal;
  
  sending a message from the mobile access terminal to a trusted communication application executing in a trusted security zone of a trusted enterprise edge node; and
  
  sending the message from the trusted enterprise edge node to a trusted cloudlet executing on in a trusted security zone of a cloud based server.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the trusted enterprise edge node is one of a firewall server or a multi-protocol label switching (MPLS) port on a router.
  - 10. The method of claim 8, wherein the trusted security zone of the trusted enterprise edge node is provided by a processor of the trusted enterprise edge node blocking access by other applications executing in a normal partition of the processor from accessing memory, reading inputs, and writing outputs while the trusted communication application executes in the trusted security zone of the trusted enterprise edge node.
  - 11. The method of claim 8, wherein the trusted security zone of the trusted enterprise edge node is provided by a first virtual processor and wherein a normal partition is provided by a second virtual processor, and while the first virtual processor is executing, the second virtual processor does not execute instructions.
  - 12. The method of claim 8, wherein the mobile access terminal sends the message to the trusted communication application via a trusted end-to-end communication link.
  - 13. The method of claim 12, wherein a portion of the trusted end-to-end communication link comprises a cellular wireless communication link.
  - 14. The method of claim 13, wherein the cellular wireless communication link is provided based on at least one of a code division multiple access (CDMA), global system for mobile communication (GSM), a long-term evolution (LTE), or a worldwide interoperability for microwave access (WiMAX) communication protocol.

15. A method of accessing medical diagnostic information, comprising:
- obtaining a measurement of a parameter of a human being from a first sensor and a biometric from the human being from a second sensor;
  
  transmitting the measurement of the parameter and the biometric from the first and second sensors;
  
  receiving the measurement of the parameter and the biometric from the first and second sensors by a processor executing in a trusted security zone of a mobile access terminal, whereby access to the measurement of the parameter and the biometric from the first and second sensors by applications executing in a normal execution mode is blocked;
  
  transmitting a first message based on the measurement of the parameter and the biometric by the mobile access terminal via a trusted end-to-end communication link to a medical data server, wherein the trusted end-to-end communication link comprises a wireless communication link;
  
  receiving the first message by an application that executes in a trusted security zone of the medical data server;
  
  transmitting a second message based on the measurement of the parameter and the biometric by the medical data server via a trusted end-to-end communication link to a computer associated with a medical doctor; and
  
  determining a medical care instruction for the human being based on the second message.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the parameter of the human being is a blood sugar level, a blood thickness, a blood pressure, a bodily temperature, a blood oxygen saturation level, a pulse rate, or a heart rhythm.
  - 17. The method of claim 15, wherein the biometric is one of a fingerprint scan, a retinal scan, or a face scan.
  - 18. The method of claim 15, wherein the second message provides verifiably confidential medical records.
  - 19. The method of claim 15, wherein the medical data server maintains a data store of medical records associated with a plurality of different human beings, each medical record comprising a parameter of and a biometric from one of the human beings, further comprising analyzing a plurality of the medical records to determine an efficacy of a medical treatment regime.
  - 20. The method of claim 15, further comprising receiving with the first message a plurality of trust tokens, each trust token associated with a trusted security zone of a network node in the trusted end-to-end communication link from the mobile access terminal to the medical data server and analyzing the plurality of trust tokens to validate the trust level of the trusted end-to-end communication link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
McRoberts, Leo Michael, Paczkowski, Lyle W., Rondeau, David E.

Granted Patent

US 9,282,898 B2
Time in Patent Office

Days
Field of Search
US Class Current

600/323
CPC Class Codes

A61B 5/0022   Monitoring a patient using ...

A61B 5/01   Measuring temperature of bo...

A61B 5/021   Measuring pressure in heart...

A61B 5/024   Detecting, measuring or rec...

A61B 5/145   Measuring characteristics o...

A61B 5/1455   using optical sensors, e.g....

G06F 21/32   using biometric data, e.g. ...

G16H 40/67   for remote operation

G16Z 99/00   Subject matter not provided...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 67/141   Setup of application sessio...

H04W 12/06   Authentication

End-to-End Trusted Communications Infrastructure

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

End-to-End Trusted Communications Infrastructure

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links