Method for handling privacy data

US 9,830,472 B2
Filed: 05/09/2012
Issued: 11/28/2017
Est. Priority Date: 05/10/2011
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access, via an open communication network, to user private data comprising a plurality of data sets provided by a plurality of digital data source devices, said method comprising:

dividing, by at least one database controller, the user private data into a plurality of categories, each category defining a privacy level of the user private data, each category being associated with one respective category key, each data set being assigned to one of the plurality of categories, each category key being independent of other category keys such that when protection of data associated with one category key becomes violated data associated with other category keys remains protected;

encrypting by each digital data source device the user private data of each category with the respective category key associated with the category of the user private data, each data set only being encrypted with the one respective category key associated with the category of the data set;

storing temporally or permanently the encrypted user private data in at least one database controlled by the at least one database controller;

attributing to a stakeholder at least one client digital data processing device configured to access at least one category of user private data by the at least one database controller according to the categories corresponding to the category key made available to said client digital data processing device of the stakeholder; and

authorizing, by the at least one database controller, the access to the at least one category of user private data for the at least one client digital data processing device of the stakeholder by providing the at least one client digital data processing device with the respective category key associated with the at least one category of user private data via the open communication network,wherein the user private data are metering data divided into a plurality of categories, the metering data of each category being encrypted by a smart meter with a category key pertaining to the category of the metering data, the open communication network being entirely or partly a smart grid network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention aims to improve data protection against illegal access by a strong differentiation of the security level specific on a type of data so that when the protection on a part of the data is violated, the remaining data are still inaccessible. A method for controlling access, via an open communication network, to user private data, comprising steps of: dividing the user private data into a plurality of categories, each category defining a privacy level of the data, encrypting the user private data of each category with a category key pertaining to the category of the data, attributing to a stakeholder a device configured for accessing to at least one category of user private data, and authorizing the access to the at least one category of user private data for the device of the stakeholder, by providing the stakeholder with the category keys required for decrypting the user private data of the corresponding category.

23 Citations

View as Search Results

15 Claims

1. A method for controlling access, via an open communication network, to user private data comprising a plurality of data sets provided by a plurality of digital data source devices, said method comprising:
- dividing, by at least one database controller, the user private data into a plurality of categories, each category defining a privacy level of the user private data, each category being associated with one respective category key, each data set being assigned to one of the plurality of categories, each category key being independent of other category keys such that when protection of data associated with one category key becomes violated data associated with other category keys remains protected;
  
  encrypting by each digital data source device the user private data of each category with the respective category key associated with the category of the user private data, each data set only being encrypted with the one respective category key associated with the category of the data set;
  
  storing temporally or permanently the encrypted user private data in at least one database controlled by the at least one database controller;
  
  attributing to a stakeholder at least one client digital data processing device configured to access at least one category of user private data by the at least one database controller according to the categories corresponding to the category key made available to said client digital data processing device of the stakeholder; and
  
  authorizing, by the at least one database controller, the access to the at least one category of user private data for the at least one client digital data processing device of the stakeholder by providing the at least one client digital data processing device with the respective category key associated with the at least one category of user private data via the open communication network,wherein the user private data are metering data divided into a plurality of categories, the metering data of each category being encrypted by a smart meter with a category key pertaining to the category of the metering data, the open communication network being entirely or partly a smart grid network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1, wherein the database is distributed at a plurality of storage locations in the open communication network.
  - 3. The method according to claim 1, wherein the database is partially or entirely stored in at least one remote storage device at a predetermined location in the open communication network.
  - 4. The method according to claim 1, wherein the category keys are either of symmetrical type or asymmetrical type or of a combination of symmetrical and asymmetrical keys.
  - 5. The method according to claim 1, wherein the category keys are used in combination with other keys such as stakeholder-related keys or user-related keys.
  - 6. The method according to claim 1, wherein the at least one database controller includes a managing center managing the plurality of digital data source devices each sending, periodically or at scheduled time, data to the at least one database controller which feeds the database.
  - 7. The method according to claim 6 wherein the plurality of digital data source devices include smart meters, electrical vehicles, or radio-frequency identification (RFID) devices.
  - 8. The method according to claim 1, wherein the categories are user preferences, usage statistics, location, presence information, or a combination thereof, each of these categories being encrypted by the plurality of digital data source devices with a category key pertaining to the category of data.
  - 9. The method according to claim 1, wherein the plurality of digital data source devices and the at least one client digital data processing device are combined in a same physical device.
  - 10. The method according to claim 9, wherein the plurality of digital data source devices and the at least one client digital data processing device are a network access home gateway or a home energy gateway.
  - 11. The method according to claim 1, wherein the plurality of digital data source devices or the at least one client digital data processing device is combined with at least one database controller in a same physical device.

12. A system configured to control access, via an open communication network, to user private data comprising a plurality of data sets, said system comprising:
- a plurality of digital data source devices configured to provide user private data, wherein the user private data are divided into a plurality of categories, each category defining a privacy level of the user private data, each category being associated with one respective category key, each dataset being assigned to one of the plurality of categories, each category key being independent of other category keys such that when protection of data associated with one category key becomes violated data associated with other category keys remains protected, and wherein each digital data source device is configured to encrypt the user private data of each category with the respective category key associated with the category of the user private data, each data set only being encrypted with the one respective category key associated with the category of the data set;
  
  at least one client digital data processing device attributed to a stakeholder;
  
  at least one database configured to store temporally or permanently the encrypted user private data; and
  
  at least one database controller configured to control the at least one database;
  
  wherein the at least one client digital data processing device is configured to access at least one category of user private data by the at least one database controller according to the categories corresponding to the category key made available to said client digital data processing device of the stakeholder,wherein the at least one database controller is configured to authorize the stakeholder access to the at least one category of user private data by providing, to the at least one client digital data processing device, the respective category key associated with the at least one category of user private data via the open communication network, andwherein the user private data are metering data divided into a plurality of categories, the metering data of each category being encrypted by a smart meter with a category key pertaining to the category of the metering data, the open communication network being entirely or partly a smart grid network.
- View Dependent Claims (13, 14, 15)
- - 13. The system according to claim 12, wherein the database is distributed at a plurality of storage locations in the open communication network.
  - 14. The system according to claim 12, wherein the database is partially or entirely stored in at least one remote storage device at a predetermined location in the open communication network.
  - 15. The system according to claim 12, wherein the at least one database controller includes a managing center managing the plurality of digital data source devices, each digital data source device being configured to send, periodically or at scheduled time, data to the at least one database controller which feeds the database, the digital data source devices including smart meters, electrical vehicles, or radio-frequency identification (RFID) devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nagravision SA (Kudelski SA)
Original Assignee
Nagravision SA (Kudelski SA)
Inventors
Burckard, Antoine
Primary Examiner(s)
Gelagay, Shewaye
Assistant Examiner(s)
Lin, Amie C

Application Number

US14/114,873
Publication Number

US 20140068257A1
Time in Patent Office

2,029 Days
Field of Search

713166
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06Q 50/06   Energy or water supply

G16H 10/60   for patient-specific data, ...

H04L 63/0435   wherein the sending and rec...

Y04S 40/20   Information technology spec...

Method for handling privacy data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method for handling privacy data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links