Health care system
First Claim
Patent Images
1. A health care system for measuring vital data, comprising:
- a measurement device which measures the vital data;
a server device which collects the vital data; and
an intermediate device which receives encrypted vital data from the measurement device, and transmits the encrypted vital data to the server device,wherein the measurement device includes;
a measurement unit configured to measure the vital data of a patient;
a vital data encryption unit configured to encrypt the vital data using a first encryption key generated by the measurement device to generate encrypted vital data;
a share generation unit configured to generate a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available;
a second share encryption unit configured to generate an encrypted second share by encrypting the second share generated by the share generation unit using a second encryption key corresponding to a second decryption key that is stored in the server device but is not stored in the intermediate device; and
a first communication unit configured to transmit, to the intermediate device, the encrypted vital data generated by the vital data encryption unit, the first share generated by the share generation unit, and the encrypted second share generated by the second share encryption unit,the intermediate device includes;
a second communication unit configured to receive, from the measurement device, the encrypted vital data, the first share, and the encrypted second share; and
a third communication unit configured to transmit, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the second communication unit, andthe server device includes;
a fourth communication unit configured to receive, from the intermediate device, the encrypted vital data, the first share, and the encrypted second share;
a share decryption unit configured to decrypt the encrypted second share received by the fourth communication unit using the second decryption key stored in the server device, to generate the second share;
a reconstruction unit configured to reconstruct the first decryption key for decrypting the encrypted vital data using the first share received by the fourth communication unit and the second share generated by the share decryption unit; and
a vital data decryption unit configured to decrypt the encrypted vital data received by the fourth communication unit, using the first decryption key reconstructed by the reconstruction unit, to generate the vital data.
1 Assignment
0 Petitions
Accused Products
Abstract
A measurement device measures vital data, encrypts the vital data using an encryption key to generate encrypted vital data, and generates, from a decryption key of the vital data, two pairs of a first share FSD and a second share SSD which enable reproduction of the decryption key. The measurement device generates an encrypted second share by encrypting the second share SSD. The measurement device transmits the encrypted vital data, the first share FSD, and the encrypted second share to a server device via an intermediate device.
-
Citations
21 Claims
-
1. A health care system for measuring vital data, comprising:
-
a measurement device which measures the vital data; a server device which collects the vital data; and an intermediate device which receives encrypted vital data from the measurement device, and transmits the encrypted vital data to the server device, wherein the measurement device includes; a measurement unit configured to measure the vital data of a patient; a vital data encryption unit configured to encrypt the vital data using a first encryption key generated by the measurement device to generate encrypted vital data; a share generation unit configured to generate a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; a second share encryption unit configured to generate an encrypted second share by encrypting the second share generated by the share generation unit using a second encryption key corresponding to a second decryption key that is stored in the server device but is not stored in the intermediate device; and a first communication unit configured to transmit, to the intermediate device, the encrypted vital data generated by the vital data encryption unit, the first share generated by the share generation unit, and the encrypted second share generated by the second share encryption unit, the intermediate device includes; a second communication unit configured to receive, from the measurement device, the encrypted vital data, the first share, and the encrypted second share; and a third communication unit configured to transmit, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the second communication unit, and the server device includes; a fourth communication unit configured to receive, from the intermediate device, the encrypted vital data, the first share, and the encrypted second share; a share decryption unit configured to decrypt the encrypted second share received by the fourth communication unit using the second decryption key stored in the server device, to generate the second share; a reconstruction unit configured to reconstruct the first decryption key for decrypting the encrypted vital data using the first share received by the fourth communication unit and the second share generated by the share decryption unit; and a vital data decryption unit configured to decrypt the encrypted vital data received by the fourth communication unit, using the first decryption key reconstructed by the reconstruction unit, to generate the vital data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A vital data measurement method of measuring vital data, the vital data measurement method comprising:
-
in a measurement device; measuring the vital data of a patient; encrypting the vital data using a first encryption key generated by the measurement device to generate encrypted vital data; generating a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, and the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; encrypting the second share using a second encryption key corresponding to a second decryption key that is stored in a server device but is not stored in an intermediate device, to generate an encrypted second share; and transmitting, to the intermediate device, the encrypted vital data, the first share, and the encrypted second share, the following performed by the intermediate device; receiving, from the measurement device, the encrypted vital data, the first share, and the encrypted second share; and transmitting, to the server device, the encrypted vital data, the first share, and the encrypted second share, and in the server device; receiving, from the intermediate device, the encrypted vital data, the first share, and the encrypted second share; decrypting the encrypted second share using the second decryption key stored in the server device, to generate the second share; reconstructing the first decryption key for decrypting the encrypted vital data, using the first share and the second share; and decrypting the encrypted vital data using the first decryption key to generate the vital data.
-
-
14. A measurement device which measures vital data, comprising:
-
a measurement unit configured to measure the vital data of a patient; a vital data encryption unit configured to encrypt the vital data using a first encryption key generated by the measurement device to generate encrypted vital data; a share generation unit configured to generate a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, and the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; a second share encryption unit configured to generate an encrypted second share by encrypting the second share generated by the share generation unit using a second encryption key corresponding to a second decryption key that is stored in a server device but is not stored in an intermediate device; and a first communication unit configured to transmit, to the intermediate device, the encrypted vital data generated by the vital data encryption unit, the first share generated by the share generation unit, and the encrypted second share generated by the second share encryption unit.
-
-
15. A measurement method of measuring vital data, comprising:
-
measuring the vital data of a patient; encrypting the vital data using a first encryption key generated by a measurement device to generate encrypted vital data; generating a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the measurement device, and the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; encrypting the generated second share using a second encryption key corresponding to a second decryption key that is stored in a server device but is not stored in an intermediate device, to generate an encrypted second share; and transmitting, to outside, the encrypted vital data, the first share, and the encrypted second share.
-
-
16. A non-transitory computer-readable recording medium having recorded thereon a program for measuring vital data, the program causing a computer to execute steps comprising:
-
measuring the vital data of a patient; encrypting the vital data using a first encryption key generated by the computer to generate encrypted vital data; generating a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the computer, and the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; encrypting the generated second share using a second encryption key corresponding to a second decryption key that is stored in a server device but is not stored in an intermediate device, to generate an encrypted second share; and transmitting, to outside, the encrypted vital data, the first share, and the encrypted second share.
-
-
17. An integrated circuit which measures vital data, comprising:
-
a measurement unit configured to measure the vital data of a patient; a vital data encryption unit configured to encrypt the vital data using a first encryption key generated by the integrated circuit to generate encrypted vital data; a share generation unit configured to generate a first share and a second share of a first decryption key which is for decrypting the encrypted vital data and generated by the integrated circuit, and the first share and the second share being two mutually different shares which enable reconstruction of the first decryption key only when both of the two shares are available; a second share encryption unit configured to encrypt the second share generated by the share generation unit using a second encryption key corresponding to a second decryption key that is stored in a server device but is not stored in an intermediate device, to generate an encrypted second share; and a first communication unit configured to transmit, to the intermediate device, the encrypted vital data generated by the vital data encryption unit, the first share generated by the share generation unit, and the encrypted second share generated by the second share encryption unit.
-
-
18. An intermediate device which relays vital data measured by a measurement device to a server device, the intermediate device comprising:
-
a reception unit configured to receive, from the measurement device, (i) encrypted vital data obtained by encrypting the vital data using an encryption key generated by the measurement device, (ii) a first share that is one of two mutually different shares which enable reconstruction of a decryption key which is for decrypting the encrypted vital data and generated by the measurement device only when both of the two shares are available, and (iii) an encrypted second share obtained by encrypting a second share, which is the other one of the two mutually different shares, using a second encryption key corresponding to a second decryption key that is stored in the server device but not stored in the intermediate device; a transmission unit configured to transmit, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the reception unit; and a storage unit configured to store only the first share received by the reception unit, wherein the reception unit is further configured to receive the second share from the measurement device, the intermediate device further comprising; an intermediate device side vital data decryption unit configured to reconstruct the decryption key for decrypting the encrypted vital data using the first share stored in the storage unit and the second share received by the reception unit, and to decrypt the encrypted vital data received by the reception unit using the reconstructed decryption key to generate the vital data; and a display unit configured to display the vital data generated by the intermediate device side vital data decryption unit.
-
-
19. A relay method of relaying vital data measured by a measurement device to a server device via an intermediate device, the relay method comprising:
-
receiving, from the measurement device, (i) encrypted vital data obtained by encrypting the vital data using an encryption key generated by the measurement device, (ii) a first share that is one of two mutually different shares which enable reconstruction of a decryption key which is for decrypting the encrypted vital data and generated by the measurement device only when both of the two shares are available, and (iii) an encrypted second share obtained by encrypting a second share, which is the other one of the two mutually different shares, using a second encryption key corresponding to a second decryption key that is stored in the server device but not stored in the intermediate device; and transmitting, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the reception unit, wherein, in the receiving, the second share is further received from the measurement device, the relay method further comprising; reconstructing the decryption key for decrypting the encrypted vital data using the first share stored in a storage unit and the received second share, and to decrypt the encrypted vital data received using the reconstructed decryption key to generate the vital data; and displaying the generated vital data.
-
-
20. A non-transitory computer-readable recording medium having recorded thereon a program for relaying vital data measured by a measurement device to a server device via an intermediate device, the program causing a computer to execute steps comprising:
-
receiving, from the measurement device, (i) encrypted vital data obtained by encrypting the vital data using an encryption key generated by the measurement device, (ii) a first share that is one of two mutually different shares which enable reconstruction of a decryption key which is for decrypting the encrypted vital data and generated by the measurement device only when both of the two shares are available, and (iii) an encrypted second share obtained by encrypting a second share, which is the other one of the two mutually different shares, using a second encryption key corresponding to a second decryption key that is stored in the server device but not stored in the intermediate device; and transmitting, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the reception unit, wherein, in the receiving step, the second share is further received from the measurement device, and the program causes the computer to further execute steps including; reconstructing the decryption key for decrypting the encrypted vital data using the first share stored in a storage unit and the received second share, and to decrypt the encrypted vital data received using the reconstructed decryption key to generate the vital data; and displaying the generated vital data.
-
-
21. An integrated circuit which relays vital data measured by a measurement device to a server device via an intermediate device, the integrated circuit comprising:
-
a reception unit configured to receive, from the measurement device, (i) encrypted vital data obtained by encrypting the vital data using an encryption key generated by the measurement device, (ii) a first share that is one of two mutually different shares which enable reconstruction of a decryption key which is for decrypting the encrypted vital data and generated by the measurement device only when both of the two shares are available, and (iii) an encrypted second share obtained by encrypting a second share, which is the other one of the two mutually different shares, using a second encryption key corresponding to a second decryption key that is stored in the server device but not stored in the intermediate device; a transmission unit configured to transmit, to the server device, the encrypted vital data, the first share, and the encrypted second share received by the reception unit; and a storage unit configured to store only the first share received by the reception unit, wherein the reception unit is further configured to receive the second share from the measurement device, the intermediate device further comprising; an intermediate device side vital data decryption unit configured to reconstruct the decryption key for decrypting the encrypted vital data using the first share stored in the storage unit and the second share received by the reception unit, and to decrypt the encrypted vital data received by the reception unit using the reconstructed decryption key to generate the vital data; and a display unit configured to display the vital data generated by the intermediate device side vital data decryption unit.
-
Specification