Method and system for providing controlled access to information stored on a portable recording medium

US 6,131,090 A
Filed: 03/04/1997
Issued: 10/10/2000
Est. Priority Date: 03/04/1997
Status: Expired due to Term

First Claim

Patent Images

1. A system for recording information and controlling access to said information, said system comprising:

a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor, said microprocessor being responsive to input of an access code to enable access to said encrypted information;

b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information; and

a plurality of access codes corresponding to each of said plurality of authorized service providers, said access codes including a key for decrypting said encrypted information;

c) said database being created under the direction of said individual user;

d) a terminal communicating between said portable recording medium and said processing center;

whereine) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information, said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information, and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information;

f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing controlled access to information stored on a smartcard. The system includes a data processing center maintained by a trusted third party for storing a database of authorizations of various service providers to access information pertaining to individuals, and for responding to request by service providers for access from terminals which communicate with the data processing center and smartcards storing the individuals'"'"' information. The information is stored on the smartcard in encrypted form and the data processing center provides an access code, which includes a key for decrypting the information, only to service providers who are authorized to access the information. The service provider then sends the access code to the smartcard which verifies the access code and decrypts and outputs the requested information. The smartcard then computes a new key as a function of information unique to each access session and uses the new key to re-encrypt the information, and then erases the new key. The data processing center also computes the new key so that the data processing center can provide an access code including the new key for the next request for access.

Citations

22 Claims

1. A system for recording information and controlling access to said information, said system comprising:
- a) a portable recording medium including memory for storing encrypted individual user information locally and a microprocessor, said microprocessor being responsive to input of an access code to enable access to said encrypted information;
  
  b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information; and
  
  a plurality of access codes corresponding to each of said plurality of authorized service providers, said access codes including a key for decrypting said encrypted information;
  
  c) said database being created under the direction of said individual user;
  
  d) a terminal communicating between said portable recording medium and said processing center;
  
  whereine) said processing center being responsive to a request initiated at said terminal by said service provider for access to said encrypted information, said data processing center accessing said database to determine if said identified service provider is authorized to access said encrypted information, and to output said access code to said identified service provider only if said identified service provider is authorized to access said encrypted information;
  
  f) whereby accessing and decrypting said encrypted information at said portable medium only through use of said obtained access code.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A system as described in claim 1 wherein said processing center is controlled by a third party distinct from at least some of said service providers identified in said database.
  - 3. A system as described in claim 2 wherein said third party possesses a certificate issued by a certifying authority, said certificate serving to establish the identity and trustworthiness of said third party.
  - 4. A system as described in claim 1 wherein said portable recording medium is a smart card.
  - 5. A system as described in claim 1 wherein said portable recording medium includes a writable optical memory.
  - 6. A system as described in claim 1 wherein said information is medical information.

7. A system for recording information and controlling access to said information, said system comprising:
- a) a portable recording medium including memory for storing encrypted information and a microprocessor, said microprocessor being responsive to input of an access code to enable access to said encrypted information;
  
  b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information; and
  
  a plurality of authorization codes corresponding to each of said plurality of service providers, said access codes including a key for decrypting said encrypted information;
  
  c) said database being created under the direction of said individual user;
  
  d) a terminal communication between said portable recording medium and said processing center;
  
  whereine) said processing center being responsive to said request initiated at said terminal by said service provider for access to said encrypted information, said request identifying a service provider seeking emergency access to said information, to output said access code without regard to authorization of said service provider seeking emergency access, said access code enabling access to at least a predetermined part of said encrypted information; and
  
  f) said processing center recording at least a time and an identity for service provider seeking emergency access.

8. A method for controlling access to recorded information, said method comprising the steps of:
- a) establishing a remote data processing center;
  
  b) receiving at said data processing center data identifying service providers who can request access to encrypted information and second data identifying levels of authorization corresponding to said service providers who can access said encrypted information;
  
  c) said database being created under the direction of said individual userd) providing an individual user with a portable recording medium including memory for storing said encrypted information and a microprocessor, said microprocessor being responsive to input of an access code to enable access to said encrypted information;
  
  e) receiving a message from one of said service providers requesting access to said encrypted information, said encrypted information having been stored in said memory;
  
  f) accessing said database to determine if said one of said service provider is authorized to access said encrypted information;
  
  g) if said one of said service providers is authorized to access said encrypted information, providing said access code to said one of said service providers for accessing and decrypting said encrypted information contained in said portable medium.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. A method as described in claim 8 comprising the further steps of:
    - a) assigning a distinct public key pair including a public key and a privat key to each of said service providers for which said first data is accurate, whereby said request can be digitally signed with a private key assigned to said one of said service providers;
      
      b) verifying that said request is signed with said private key assigned to said one of said service providers; and
      
      c) accessing said data base to determine if said one of said service providers is authorized to access said information only if said request is successfully verified.
  - 10. A method as described in claim 8 wherein a different key is required to decrypt said information for each access to said information.
  - 11. A method as described in claim 8 wherein each service provider authorized to access said information is provided with a public key pair including a public key and a private key and said request is digitally signed by said identified service provider with a private key provided to said authorized service provider.
  - 12. A method as described in claim 8 herein said portable recording medium is a smart card.
  - 13. A method as described in claim 8 wherein said portable recording medium includes a writable optical memory.
  - 14. A method as described in claim 8 wherein said information is medical information.

15. A system for recording information and controlling access to said information, said system comprising:
- a) a portable recording medium including memory for storing individual user information locally, said information being encrypted with a current session key, and a microprocessor, said microprocessor being responsive to input of an access code, said access code comprising said current session key, to enable access to said information;
  
  b) a remote data processing center including a database of a plurality of authorized service providers with respect to said information; and
  
  a plurality of authorization codes corresponding to each of said plurality of service providers;
  
  c) said database being created under the direction of said individual userd) a terminal communication between said portable recording medium and said processing center;
  
  whereine) said processing center being responsive to a request initiated at said terminal by said service provider for access to said information, said data processing center accessing said database to determine if said identified service provider is authorized to access said information, and to output said access code to said identified service provider only if said identified service provider is authorized to access said information, said service provider inputting said access code to said microprocessor to access said information.
- View Dependent Claims (16, 17, 18)
- - 16. A system as described in claim 15 wherein said microprocessor decrypts said information with said current session key, outputs said decrypted information to said service provider, and re-encrypts said decrypted information with a next session key prior to rewriting said information to said memory, said next session key being determined as a predetermined function of access session information, said microprocessor then deleting said next session key, whereby said microprocessor cannot again decrypt said re-encrypted information until a new access code is input;
    - and wherein further said data processing center also determines said next session key in accordance with said predetermined function and said access session information, whereby said data processing center is able to provide said new access code.
  - 17. A system as described in claim 16 wherein at least a part of said access session information is comprised in said access code.
  - 18. A system as described in claim 16 wherein said access session information comprised in said access code includes a unique access sequence number.

19. A method for controlling access to recorded information, said method comprising the steps of:
- a)establishing a remote data processing center;
  
  b) receiving at said data processing center, first data identifying service providers who can request access to said information and second data identifying levels of authorization corresponding to said service providers who can access said information;
  
  c) providing an individual user with a portable recording medium including memory for storing said information, said information being encrypted with a current session key, and a microprocessor, said microprocessor being responsive to input of an access code, said access code comprising said current session key to enable access to said information;
  
  d) said database being created under the direction of said individual usere) receiving a message from one of said service providers requesting access to said information, said information having been stored in said memory;
  
  f) accessing said database to determine if said one of said service providers is authorized to access said information;
  
  g) if said one of said service providers is authorized to access said information, providing said access code to said one of said service providers;
  
  said service provider inputting said access code to said microprocessor to access said information.
- View Dependent Claims (20, 21, 22)
- - 20. A method as described in claim 19 wherein said microprocessor decrypts said information with a current session key, outputs said decrypted information to said service provider, and re-encrypts said decrypted information with a next session key prior to rewriting said information to said memory, said next session key being determined as a predetermined function of access session information, said microprocessor then deleting said next session key, whereby said microprocessor cannot again decrypt said re-encrypted information until a new access code is input;
    - and wherein further said data processing center also determines said next session key in accordance with said predetermined function and said access session information, whereby said data processing center is able to provide said new access code.
  - 21. A method as described in claim 20 wherein at least a part of said access session information is comprised in said access code.
  - 22. A method as described in claim 21 wherein said information access session comprised in said access code Includes a unique access sequence number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Original Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Inventors
Lee, Joonho, Basso, Micheal R. Jr., Li, Chunhua
Primary Examiner(s)
Hafiz, Tariq R.
Assistant Examiner(s)
Pender, Jr., Michael J.

Application Number

US08/810,746
Time in Patent Office

1,316 Days
Field of Search

706/2, 706/3, 380/23, 380/22, 705/18, 705/17, 705/3
US Class Current

706/23
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2115   Third party

G06F 2221/2153   Using hardware token as a s...

G06Q 20/204   comprising interface for re...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/357   Cards having a plurality of...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G16H 10/60   for patient-specific data, ...

G16H 10/65   stored on portable record c...

H04L 2209/88   Medical equipments

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

Method and system for providing controlled access to information stored on a portable recording medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing controlled access to information stored on a portable recording medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links