System, method, and apparatus for proximity-based authentication for managing personal data

US 8,693,988 B2
Filed: 06/16/2009
Issued: 04/08/2014
Est. Priority Date: 06/16/2009
Status: Active Grant

First Claim

Patent Images

1. A computer program product comprising a non-transitory computer useable storage medium to store a computer readable program for proximity-based authentication for managing personal data wherein the computer readable program, when executed on a computer, causes the computer to perform operations comprising:

receiving, at an access controller, a request for personal data from a data access device of a requesting party, wherein the personal data belongs to a personal data owner, wherein the personal data does not belong to the requesting party, wherein the data access device comprises a request transmitter to transmit the request, wherein the data access device comprises a personal data receiver to receive the personal data;

maintaining a first access level and a second access level for the personal data, wherein the first access level permits access to a first subset of the personal data and the second access level permits access to a second subset of the personal data;

determining a first location corresponding to a location of the data access device;

determining a second location corresponding to a location of an authentication device; and

transmitting the personal data to the data access device in response to determining that the first location is within a threshold distance of the second location and in response to receiving a confirmation code indicating that a personal data owner authorizes release of the personal data, wherein the confirmation code is separate and distinct from the second location data, wherein the confirmation code is input by the personal data owner.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer program product that includes a computer useable storage medium to store a computer readable program for proximity-based authentication for managing personal data that, when executed on a computer, causes the computer to perform operations. The operations include receiving a request for personal data from a data access device, determining a first location corresponding to a location of the data access device, and determining a second location corresponding to a location of an authentication device. The operations also include transmitting the personal data to the data access device if the first location is within a threshold distance of the second location.

Citations

13 Claims

1. A computer program product comprising a non-transitory computer useable storage medium to store a computer readable program for proximity-based authentication for managing personal data wherein the computer readable program, when executed on a computer, causes the computer to perform operations comprising:
- receiving, at an access controller, a request for personal data from a data access device of a requesting party, wherein the personal data belongs to a personal data owner, wherein the personal data does not belong to the requesting party, wherein the data access device comprises a request transmitter to transmit the request, wherein the data access device comprises a personal data receiver to receive the personal data;
  
  maintaining a first access level and a second access level for the personal data, wherein the first access level permits access to a first subset of the personal data and the second access level permits access to a second subset of the personal data;
  
  determining a first location corresponding to a location of the data access device;
  
  determining a second location corresponding to a location of an authentication device; and
  
  transmitting the personal data to the data access device in response to determining that the first location is within a threshold distance of the second location and in response to receiving a confirmation code indicating that a personal data owner authorizes release of the personal data, wherein the confirmation code is separate and distinct from the second location data, wherein the confirmation code is input by the personal data owner.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer program product of claim 1, further comprising receiving navigation satellite system data for the authentication device to determine the second location.
  - 3. The computer program product of claim 1, further comprising receiving cell phone tower data for the authentication device to determine the second location.
  - 4. The computer program product of claim 1, further comprising:
    - assigning the first access level to the received request for personal data in response to determining that the data access device is entitled to access the first subset of the personal data; and
      
      wherein transmitting the personal data to the data access device further comprises limiting the personal data transmitted to the data access device to the first subset of the personal data in response to assigning the first access level to the received request for personal data.
  - 5. The computer program product of claim 4, further comprising receiving input from a personal data owner indicating one or more data items to be included in the first subset of the personal data.
  - 6. The computer program product of claim 4, further comprising maintaining a data access device database associating the data access device with an allowed access level indicating allowed access to one or more data items, and wherein determining that the data access device is entitled to access the first subset of the personal data comprises comparing the allowed data access level to the first access level.
  - 7. The computer program product of claim 4, further comprising establishing a default set of data items to be included in the first subset of the personal data.
  - 8. The computer program product of claim 1, further comprising allowing continued access to the personal data by the data access device for a limited time.

9. A system for proximity-based authentication for managing personal data, the system comprising:
- an access controller to manage access to personal data, the access controller comprising;
  
  a request receiver to receive a request for the personal data from a data access device of a requesting party, wherein the data belongs to a personal data owner, wherein the personal data does not belong to the requesting party;
  
  a first location determiner to determine a first location corresponding to a location of the data access device;
  
  a second location determiner to determine a second location corresponding to a location of an authentication device to authenticate the request for personal data; and
  
  a personal data transmitter to transmit the personal data to the data access device in response to determining that the first location is within a threshold distance of the second location and in response to receiving a confirmation code indicating that a personal data owner authorizes release of the personal data, wherein the confirmation code is separate and distinct from the second location data, wherein the confirmation code is input by the personal data owner;
  
  the data access device coupled to the access controller to access the personal data, the data access device comprising;
  
  a request transmitter to transmit the request for personal data to the access controller; and
  
  a personal data receiver to receive the personal data from the access controller; and
  
  a personal data store coupled to the access controller to store the personal data, wherein the personal data store maintains a first access level and a second access level for the personal data, wherein the first access level permits access to a first subset of the personal data and the second access level permits access to a second subset of the personal data.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, wherein the authentication device is coupled to the access controller and comprises:
    - a second location sensor to sense location data corresponding to the location of the authentication device;
      
      a second location transmitter to transmit the location data to the access controller; and
      
      a secure identifier to establish the identity of the authentication device.
  - 11. The system of claim 10, wherein:
    - the authentication device further comprises a data access device interface to communicate with the data access device;
      
      the authentication device transmits the secure identifier to the data access device; and
      
      the request for personal data from the data access device comprises the secure identifier.
  - 12. The system of claim 10, wherein the authentication device further comprises a navigation satellite receiver to receive navigation satellite system data, and wherein the navigation satellite system data is transmitted to the access controller to determine the second location.
  - 13. The system of claim 10, wherein the authentication device further comprises a cell phone receiver to receive cell phone tower data, and wherein the cell phone tower data is transmitted to the access controller to determine the second location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
HCL Technologies Limited
Original Assignee
International Business Machines Corporation
Inventors
Wanderski, Michael, Facemire, Michael D, Jania, Frank L, Rankin, Tracy L
Primary Examiner(s)
Patel, Nimesh

Application Number

US12/485,736
Publication Number

US 20100317323A1
Time in Patent Office

1,757 Days
Field of Search

455/411, 455/456.1, 455/410, 455/414.2, 455/414.3, 455/457, 455/556.1
US Class Current

455/411
CPC Class Codes

H04L 63/0492   by using a location-limited...

H04L 63/08   for authentication of entit...

H04L 63/107   wherein the security polici...

H04W 4/023   using mutual or relative lo...

System, method, and apparatus for proximity-based authentication for managing personal data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System, method, and apparatus for proximity-based authentication for managing personal data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links