Method for protecting personal data read in a terminal station by a server
First Claim
Patent Images
1. A method of protecting personal data read from a user terminal station by a server, comprising the steps of:
- storing, in a computer-readable memory at the user terminal station, private policy data including a plurality of personal data items and at least one usage rule associated with each personal data item from the plurality of personal data items;
receiving, at the user terminal, server policy data transmitted from the server, the server policy data including a request for a personal data item stored in said computer-readable memory and indicating a desired use of said requested personal data item;
comparing the server policy data received from said server with said private policy data stored in said computer-readable memory to determine if the desired use of said personal data item requested by said server complies with the at least one usage rule stored in said computer-readable memory associated with said personal data item;
determining whether said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item;
if said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item, determining a signature for signing the server policy data received in the user terminal station; and
transmitting, to the server, the signature for the server policy data and the requested personal data item when said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention concerns a method enabling a server manager to prove subsequently that the server was authorized to read a user'"'"'s personal data in a terminal station (ST), comprising: transmitting server policy data (PS) to the station; comparing the server policy data with private policy data (PP) pre-stored in the station; determining a signature (SGST) of server policy data received in the station; and transmitting the signature with the personal data (DP) read in the station to the server when the compared policy data (PS, PP) are compatible.
-
Citations
13 Claims
-
1. A method of protecting personal data read from a user terminal station by a server, comprising the steps of:
-
storing, in a computer-readable memory at the user terminal station, private policy data including a plurality of personal data items and at least one usage rule associated with each personal data item from the plurality of personal data items; receiving, at the user terminal, server policy data transmitted from the server, the server policy data including a request for a personal data item stored in said computer-readable memory and indicating a desired use of said requested personal data item; comparing the server policy data received from said server with said private policy data stored in said computer-readable memory to determine if the desired use of said personal data item requested by said server complies with the at least one usage rule stored in said computer-readable memory associated with said personal data item; determining whether said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item; if said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item, determining a signature for signing the server policy data received in the user terminal station; and transmitting, to the server, the signature for the server policy data and the requested personal data item when said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification