Method and system for the secure transmission and storage of protectable information
First Claim
1. A storage and information transmission system comprising:
- a chip card to which an owner can be assigned;
a computer;
an authorizing terminal connected with said computer by means of which an authorization of an user can be effected;
a read/write device coupled to the computer and the chip card, wherein data is exchanged between the computer and the chip card; and
at least one storage medium coupled to said computer such that data can be exchanged between the computer and the storage medium,wherein said chip card includes a generator with which a new cryptographic key can be produced whenever the computer requires said new cryptographic key and the data in said at least one storage medium comprises encrypted data and an encryption of its cryptographic key generated by the chip card, the chip card generating and storing a second cryptographic key for encrypting the encrypted cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for the secure transmission and storage of protectable information, such as patient information, by means of a patient card. The data stored on the patient card are protected by cryptographic methods. The data is decrypted only with the same patient card if a doctor is authorized and the patient has given his agreement. All information which the patient card needs in order to decide whether the doctor is authorized, and the key for protecting the control data and the random key are held on the chip. The patient data can be freely transmitted to any storage medium. The chip controls both the access to the data and the encryption and decryption functions. Random keys, which are themselves stored encrypted together with the data, ensure that every data record remains separate from every other data record, and that only authorized persons can access it. Every patient card has its own record key. The system and method in accordance with the invention is not directed exclusively to patient data but can be applied to any protectable data to which right of access is to be restricted.
-
Citations
20 Claims
-
1. A storage and information transmission system comprising:
-
a chip card to which an owner can be assigned; a computer; an authorizing terminal connected with said computer by means of which an authorization of an user can be effected; a read/write device coupled to the computer and the chip card, wherein data is exchanged between the computer and the chip card; and at least one storage medium coupled to said computer such that data can be exchanged between the computer and the storage medium, wherein said chip card includes a generator with which a new cryptographic key can be produced whenever the computer requires said new cryptographic key and the data in said at least one storage medium comprises encrypted data and an encryption of its cryptographic key generated by the chip card, the chip card generating and storing a second cryptographic key for encrypting the encrypted cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for storing information on at least one storage medium with the aid of a chip card, comprising the steps of:
-
authorizing a user by means of an identification feature assigned to a user group; generating for a computer one or more cryptographic keys in the chip card; transmitting at least one of the cryptographic keys from the chip card to the computer; encrypting at least one set of data by means of the cryptographic key in the computer; encrypting at least one of the cryptographic keys in the chip card with a second cryptographic key which is not provided to the computer to form an encrypted key; and storing the set of encrypted data with the encrypted key on the storage medium. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for reading information from a storage medium with the aid of a chip card comprising the following steps:
-
authorizing a user by means of an identification feature which is assigned to a user group; transmitting a file from the storage medium to a computer, said file comprising an encrypted data header and an encrypted data record; transferring the encrypted data header from the computer to the chip card; decrypting the encrypted data header into a decrypted data header by means of a card key on the chip card, the decrypted header having a cryptographic key; transmitting the decrypted data header from the chip card to the computer; determining a target user group from the decrypted data header; and decrypting the encrypted data record by means of the cryptographic key when the user group of the user and the target user group of the data header are verified, limiting access to the data record otherwise.
-
Specification