Method for controlling the access to a data network
First Claim
Patent Images
1. A method for controlling access to a data network with a medical data source and a plurality of end points engaged in data exchange with the data source, comprising:
- interfacing with a user at an end point of the data network including receiving a user log-in at the end point from which the end point is able to determine an end point user identification of the user at the end point and log the user into the end point;
receiving a request at the end point from the user for data exchange of medical data with the data source which is arranged for granting authorization for medical data exchange based on a data source user identification;
transmitting the request for medical data exchange from the end point to the data source including transmitting an end point identifier of the end point and without transmitting the end point user identification;
assigning properties of a non-interactive data source user identification to the end point identifier;
treating the end point identifier as data source user identification by the data source; and
granting authorizations for medical data exchange between the end point and the data source corresponding to the end point identifier.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling access to a data network uses an end point identifier associated with an end point for control of the access to the data network. When a user X is logged in at the end point and a data query is directed from the end point to a data server, the data server uses the end point identifier of the end point in order to grant the user authorizations for data access.
-
Citations
13 Claims
-
1. A method for controlling access to a data network with a medical data source and a plurality of end points engaged in data exchange with the data source, comprising:
-
interfacing with a user at an end point of the data network including receiving a user log-in at the end point from which the end point is able to determine an end point user identification of the user at the end point and log the user into the end point; receiving a request at the end point from the user for data exchange of medical data with the data source which is arranged for granting authorization for medical data exchange based on a data source user identification; transmitting the request for medical data exchange from the end point to the data source including transmitting an end point identifier of the end point and without transmitting the end point user identification; assigning properties of a non-interactive data source user identification to the end point identifier; treating the end point identifier as data source user identification by the data source; and granting authorizations for medical data exchange between the end point and the data source corresponding to the end point identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A data network including a medical data source and an end point computer connected on the data network, comprising:
-
a process for checking an end point user identification of a user working at the end point computer including a user log-in at the end point computer, the process using the user log-in at the end point computer to determine the end point user identification of the user and to log the user into the end point computer; a process for granting, to the user, authorizations for medical data exchange between the user and the data source via the end point computer, the authorizations for medical data exchange being dependent on the user being logged in to the end point computer and being determined to have an end point user identification; and assigning properties of a non-interactive data source user identification to the end point identifier without receiving the end point user identification at the data source, wherein the end point identifier is treated as a data source user identification, and wherein the authorization is granted corresponding to the end point identifier.
-
-
11. An end point computer on a data network, comprising a processor configured to exchange medical data with a data source, the exchange of medical data being based on an authorization granted based on a data source user identification that corresponds with an end point identifier, wherein the processor operates to perform the steps of:
-
receiving a user log-in on the end point computer from which the end point computer is able to log in the user and determine an end point user identification of the user at the end point computer, receiving a request for medical data exchange with the data source from the logged-in user having the end point user identification, sending the request for medical data exchange with the data source by the end point computer without transmitting the end point user identification from the end point computer over the data network, the request including an end point identifier of the end point computer, wherein properties of a non-interactive data server user identification are assigned by the data server to an end point identifier; and exchanging the medical data between the end point computer and the data source based on the data source treating the end point identifier as a data source user identifier.
-
-
12. A computer program product including tangible non-transitory computer readable media on which is stored a program for execution on a data server connected via a data network to an end point,
the computer program product comprising code that when executed performs the steps of granting, to the user working at the end point, authorizations for data processing, which authorizations are associated with the user having an end point user identification and being logged-in to the end point, wherein properties of a non-interactive data server user identification are assigned by the data server to an end point identifier that is received from an end point at which the user is logged-in with an end point user identification without the end point transmitting the end point user identification from the end point to the data server, wherein the end point identifier is treated as a data server user identification by the data server, and wherein authorization for medical data exchange between the end point and the data server as requested by the user is granted based on the end point identifier received by the data server.
-
13. A computer program product including tangible non-transitory computer readable media on which is stored a program for execution on an end point computer connected via a data network to a data server, the computer program product comprising code that when executed on the end point computer performs the steps of exchanging data with a data source, based on an authorization granted based on an end point identifier,
wherein the user logs in to the end point to determine the end point user identification of the user, wherein a request for medical data exchange from the end point to the data source by a logged-in user having the end point user identification includes the end point transmitting the end point identifier of the end point to the data source with the request for medical data exchange without transmitting the end point user identification to the data source so that the data is exchanged between the end point and the data source as a result of the data source treating the end point identifier as a data source user identifier, wherein properties of a non-interactive data server user identification are assigned by the data server to an end point identifier.
Specification