Method for protecting personal data read in a terminal station by a server

US 8,464,328 B2
Filed: 07/22/2002
Issued: 06/11/2013
Est. Priority Date: 07/25/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method of protecting personal data read from a user terminal station by a server, comprising the steps of:

storing, in a computer-readable memory at the user terminal station, private policy data including a plurality of personal data items and at least one usage rule associated with each personal data item from the plurality of personal data items;

receiving, at the user terminal, server policy data transmitted from the server, the server policy data including a request for a personal data item stored in said computer-readable memory and indicating a desired use of said requested personal data item;

comparing the server policy data received from said server with said private policy data stored in said computer-readable memory to determine if the desired use of said personal data item requested by said server complies with the at least one usage rule stored in said computer-readable memory associated with said personal data item;

determining whether said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item;

if said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item, determining a signature for signing the server policy data received in the user terminal station; and

transmitting, to the server, the signature for the server policy data and the requested personal data item when said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention concerns a method enabling a server manager to prove subsequently that the server was authorized to read a user'"'"'s personal data in a terminal station (ST), comprising: transmitting server policy data (PS) to the station; comparing the server policy data with private policy data (PP) pre-stored in the station; determining a signature (SGST) of server policy data received in the station; and transmitting the signature with the personal data (DP) read in the station to the server when the compared policy data (PS, PP) are compatible.

Citations

13 Claims

1. A method of protecting personal data read from a user terminal station by a server, comprising the steps of:
- storing, in a computer-readable memory at the user terminal station, private policy data including a plurality of personal data items and at least one usage rule associated with each personal data item from the plurality of personal data items;
  
  receiving, at the user terminal, server policy data transmitted from the server, the server policy data including a request for a personal data item stored in said computer-readable memory and indicating a desired use of said requested personal data item;
  
  comparing the server policy data received from said server with said private policy data stored in said computer-readable memory to determine if the desired use of said personal data item requested by said server complies with the at least one usage rule stored in said computer-readable memory associated with said personal data item;
  
  determining whether said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item;
  
  if said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item, determining a signature for signing the server policy data received in the user terminal station; and
  
  transmitting, to the server, the signature for the server policy data and the requested personal data item when said desired use of said personal data requested by said server complies with the at least one usage rule associated with said personal data item.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method according to claim 1, wherein the steps of comparing, determining, and transmitting the signature and the requested personal data item are automatically performed in the terminal station without user intervention.
  - 3. A method according to claim 2, wherein the received server policy data is converted into a form that is viewed in the terminal station and that is filled in automatically with the requested personal data item.
  - 4. A method according to claim 1, wherein the terminal station determines the signature also as a function of time-stamping data.
  - 5. A method according to claim 4, wherein the terminal station stores the signature and the time-stamping data.
  - 6. A method according to claim 1, further including the steps of transmitting a signature of the server policy data with the server policy data from the server to the terminal station, and storing said signature in the terminal station, with time-stamping data.
  - 7. A method according to claim 1, further including the step of providing means in the terminal station for modifying private policy data.
  - 8. A method according to claim 1, wherein the terminal station includes a central processing unit, wherein the computer-readable memory includes a smart card that is in communication with the central processing unit.
  - 9. A method according to claim 8, wherein the smart card contains an algorithm for signing the received server policy data and time-stamping data.
  - 10. A method according to claim 6, wherein the terminal station includes a central processing unit and a smart card that is in communication with the central processing unit and that has pre-stored said private policy data and the plurality of personal data items.
  - 11. A method according to claim 1, wherein the terminal station includes:
    - a central processing unit in communication with the computer-readable memory; and
      
      a smart card in communication with the central processing unit, said smart card containing an algorithm for signing the received server policy data and time-stamping data.
  - 12. A method according to claim 8, wherein the smart card itself compares the server policy data with private policy data.
  - 13. A method according to claim 10, wherein the smart card records the signature of the server policy data transmitted by the server, with time-stamping data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gemalto SA (Thales SA)
Original Assignee
Gemalto SA (Thales SA)
Inventors
Giraud, Jean-Luc, Girard, Pierre
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
AVERY, JEREMIAH L

Application Number

US10/484,524
Publication Number

US 20050050437A1
Time in Patent Office

3,977 Days
Field of Search

713/165
US Class Current

726/10
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

G06F 2221/2151 Time stamp

Method for protecting personal data read in a terminal station by a server

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting personal data read in a terminal station by a server

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links