Secure personal information card database system
First Claim
1. A method for accessing information about a user, the method comprising:
- providing a publicly accessible database;
providing a private cryptographic key to a user, permitting read, write and modify access to the user'"'"'s information in the database;
associating a public cryptographic key with the user information permitting read-only access to the user information in the database;
encoding the public key in a data format on business cards of the user; and
distributing the business cards to recipients who can gain access to the user'"'"'s information by reading the data format to obtain the public key and applying the public key to the database to obtain the user information.
10 Assignments
0 Petitions
Accused Products
Abstract
A database system for personal information includes storing personal information in a database remote from the person using the public key of a person as a record identifier. The person'"'"'s public key is published on a card, which may be a physical card or a virtual card, published on an Internet site in unencrypted form, together with unencrypted demographic information of the user. The person'"'"'s public key is a unique identifier which becomes the person'"'"'s record identifier, as well as possibly a social security number, medical record number, tax identification number, insurance file number, etc. The card contains the person'"'"'s public key in eye readable and machine readable format, such as bar-coded format and can be used to gain access to personal information in the database. In an alternate embodiment the personal information may additionally be encrypted with the public key of a target agency, such as an insurance company or a bank. The target agency for the personal information obtains the card and gains access to the information by scanning the bar code and using the acquired public key of the person, plus its own private key to decrypt the information.
73 Citations
15 Claims
-
1. A method for accessing information about a user, the method comprising:
-
providing a publicly accessible database;
providing a private cryptographic key to a user, permitting read, write and modify access to the user'"'"'s information in the database;
associating a public cryptographic key with the user information permitting read-only access to the user information in the database;
encoding the public key in a data format on business cards of the user; and
distributing the business cards to recipients who can gain access to the user'"'"'s information by reading the data format to obtain the public key and applying the public key to the database to obtain the user information. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A cryptographic data access method of the public and private key type comprising:
-
obtaining information associated with a person having a private key and a public key and storing a version of the information encrypted with the person'"'"'s private key in an online database;
recording the person'"'"'s public key on business cards of the person, distributing the business cards to others for whom the stored information is intended, whereby a recipient of the business card gains access to the information by applying the person'"'"'s public key to the database to obtain the information. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
encrypting said information with the agency'"'"'s public key as well as the person'"'"'s private key and storing the encrypted information in a database, whereby the target agency gains access to the encrypted information by applying the person'"'"'s public key and the agency'"'"'s private key.
-
-
15. The method of claim 6 further defined by targeting said information to a selected one of a plurality of possible target agencies, each agency having a unique private and public key comprising:
-
transmitting the person'"'"'s personal information to a database service provider using the provider'"'"'s public key and the person'"'"'s private key to encrypt the personal information, decrypting the person'"'"'s personal information by the provider using the provider'"'"'s private key and the person'"'"'s public key and re-encrypting the personal information using the provider'"'"'s private key and the selected target agency'"'"'s public key, transmitting the re-encrypted personal information to the selected target agency, whereby the target agency gains access to the information by applying the provider'"'"'s public key and the agency'"'"'s private key.
-
Specification
-
- Resources
-
Current AssigneeEastman Kodak Company
-
Original AssigneeEastman Kodak Company
-
InventorsBerman, Phillip
-
Primary Examiner(s)Barron, Gilberto
-
Assistant Examiner(s)Darrow, Justin T.
-
Application NumberUS09/262,983Time in Patent Office1,446 DaysField of Search713/155, 713/159, 713/182, 713/183, 713/184, 713/185, 713/201, 713/202, 705/66, 705/67, 705/72, 380/30, 380/51, 380/54, 235/380, 235/381, 235/382, 235/383US Class Current713/182CPC Class CodesG06F 21/6245 Protecting personal data, e...G06Q 20/3674 involving authenticationH04L 9/088 Usage controlling of secret...H04L 9/0897 involving additional device...
