Information record infrastructure, system and method

US 7,587,368 B2
Filed: 07/05/2001
Issued: 09/08/2009
Est. Priority Date: 07/06/2000
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method, comprising the steps of:

storing a plurality of digital records and respective access rules for each digital record in a computer memory associated with a server system;

receiving a request for access, from a remote computer, to access a digital record stored in the computer memory;

validating, by the server system, the received request to access the digital record by applying a respective set of access rules for the digital record stored in the computer memory;

retrieving, by the server system, a public key having an associated private key, and associating a logging wrapper having a respective session key with the digital record, after validating the received request, wherein the session key is distinct from the public key and the private key;

encrypting and sending, by the server system, the requested digital record which has been validated, using the public key and the session key to encrypt the digital record;

receiving and decrypting the encrypted digital record, by the remote computer, using the private key, and the session key in conjunction with the logging wrapper;

generating by the logging wrapper, at the remote computer, a logging event; and

recording the logging event in an access log.

View all claims

6 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A method of maintaining electronic medical records, comprising the steps of receiving a medical transaction record, encrypted with an encryption key relating to a patient association of the file, accessing the encrypted medical transaction record according to a patient association; and further encrypting the encrypted accessed medical transaction record with an encryption key associated with an intended recipient of the medical record. The system and method according to the present invention presents a new business model for the creation, maintenance, transmission, and use of medical records, allowing financial burdens to be reallocated, for example more optimally or equitably, to decrease overall societal cost, or simply to provide a successful business model for a database proprietor. Secure entrusted medical records are held in trust by an independent third party on behalf of the patient, serving the medical community at large. Separately encrypted record elements may be aggregated as an information polymer.

1052 Citations

143 Claims

1. A method, comprising the steps of:
- storing a plurality of digital records and respective access rules for each digital record in a computer memory associated with a server system;
  
  receiving a request for access, from a remote computer, to access a digital record stored in the computer memory;
  
  validating, by the server system, the received request to access the digital record by applying a respective set of access rules for the digital record stored in the computer memory;
  
  retrieving, by the server system, a public key having an associated private key, and associating a logging wrapper having a respective session key with the digital record, after validating the received request, wherein the session key is distinct from the public key and the private key;
  
  encrypting and sending, by the server system, the requested digital record which has been validated, using the public key and the session key to encrypt the digital record;
  
  receiving and decrypting the encrypted digital record, by the remote computer, using the private key, and the session key in conjunction with the logging wrapper;
  
  generating by the logging wrapper, at the remote computer, a logging event; and
  
  recording the logging event in an access log.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77)
- - 2. The method according to claim 1, wherein the record is encrypted, further comprising the step of accounting for a decryption of the record after access to at least a portion thereof.
  - 3. The method according to claim 2, wherein said accounting is anonymous.
  - 4. The method according to claim 1, wherein the record has a plurality of portions, at least one portion being encrypted with at least one cryptographic key, said portions being independently accessible, said respective set of access rules applying to selectively limit access to portions of the record.
  - 5. The method according to claim 4, wherein said respective set of access rules limit access to portions based on an identity of an intended recipient.
  - 6. The method according to claim 1, further comprising the step of supplying a decryption key for a respective record portion in accordance with the respective set of access set of rules.
  - 7. The method according to claim 1, further comprising the step of accounting for attempted access to at least a portion of the record.
  - 8. The method according to claim 1, wherein the respective set of access rules are associated with an intended recipient of the record.
  - 9. The method according to claim 1, further comprising the step of referencing an index to define a record.
  - 10. The method according to claim 9, wherein the respective set of access rules comprise instructions to a trustee, defined under a legally enforceable trust agreement establishing a trust granting legal control over access to the record to a trustee subject to jurisdictional law of trusts, on behalf of a beneficiary.
  - 11. The method according to claim 1, further comprising the step of using an index to identify a record potentially responsive to a query.
  - 12. The method according to claim 1, further comprising the step of using an index comprising a set of associations of patient identities and medical transaction records to identify records relating to a respective patient.
  - 13. The method according to claim 1, further comprising the step of using an index comprising a set of associations of record identification, record characteristic, and said access rules to identify records relating to a query and limiting access to portions thereof.
  - 14. The method according to claim 1, wherein the record comprises a plurality of portions, the portions being separately encrypted and having associated sets of independent rules.
  - 15. The method according to claim 1, wherein the access rules are role based access rules relating to a role of the intended recipient.
  - 16. The method according to claim 1, wherein the access rules are context based access rules relating to a context of record access.
  - 17. The method according to claim 10, wherein the respective set of access rules are defined by a grantor of the trust.
  - 18. The method according to claim 1, wherein a decryption of the record triggers a remotely-sensed transaction.
  - 19. The method according to claim 18, wherein the remotely sensed transaction comprises a financial accounting transaction.
  - 20. The method according to claim 18, wherein the remotely sensed transaction comprises an access audit trail transaction.
  - 21. The method according to claim 2, wherein said accounting occurs upon supply of the respective decryption key.
  - 22. The method according to claim 2, wherein said accounting occurs upon use of the respective decryption key.
  - 23. The method according to claim 1, wherein the record comprises a medical record.
  - 24. The method according to claim 1, wherein the record comprises a media content record.
  - 25. The method according to claim 24, wherein the media content record is distributed peer-to-peer.
  - 26. The method according to claim 1, wherein the respective set of access rules are interpreted in accordance with a database of jurisdiction-dependent privacy laws.
  - 27. The method according to claim 10, further comprising the step of creating a trust comprising the record, implemented in accordance with the trust laws of a specified jurisdiction.
  - 28. The method according to claim 1, wherein the record comprises separate articles within a digital publication.
  - 29. The method according to claim 1, further comprising the step of receiving the respective set of access rules.
  - 30. The method according to claim 1, further comprising the step of generating the respective set of access rules based on the record.
  - 31. The method according to claim 1, wherein the record is encrypted with an encryption scheme having a rolling code.
  - 32. The method according to claim 10, wherein the trustee controls the records and implements the access rules without requiring access to a content of the records.
  - 33. The method according to claim 10, wherein the trustee acts without requiring access to the records.
  - 34. The method according to claim 10, wherein the trustee selectively processes the records.
  - 35. The method according to claim 1, wherein the records comprise a type selected from the group consisting of legal information, government records, financial records, commercially valuable trade secret legal information, manufacturing information, banking information, consumer entertainment media, digital music files, video information, cinema information, consumer information, personal demographic information, credit card information, personal contact information, social security number information, publication information, separate articles within a digital publication, and investment account information.
  - 36. The method according to claim 1, wherein the record comprises a patient file, placed in a privileged trust for the patient with a trustee, said trustee implementing the respective set of access rules with respect to each transaction record within the patient file defined by the patient and legal jurisdiction, wherein said trustee interacts with the patient record information to at least one of maintain, process, receive, deliver, and transmit portions of the patient file in secure and verifiable fashion to authorized entities in compliance with the trust.
  - 37. The method according to claim 10, wherein the record comprises a corpus of a medical information trust for holding medical records on behalf of a patient distinct from the caregiver;
    - the trustee charging for access to the medical record, and maintaining a record of each access of the medical record.
  - 38. The method according to claim 10, wherein the trust has a beneficiary and the respective set of access rules is applied to limit access by an identified intended recipient, without communicating an identity of the intended recipient to the beneficiary.
  - 39. The method according to claim 1, further comprising the steps of:
    - placing information represented by the record in legal trust under control of a trustee on behalf of the beneficiary, said information being stored in electronically readable form;
      
      automatically authorizing access to the information in trust based on compliance with a trust-defined rule, comprising requiring an electronic communication between a user and the trustee; and
      
      permitting an authorized user to access the information in the trust through an electronic communication.
  - 40. The method according to claim 39, wherein the trust defined rule comprises a compensation rule for obtaining a right to the information.
  - 41. The method according to claim 40, wherein the electronic communication comprises an electronic funds transfer.
  - 42. The method according to claim 40, wherein the compensation rule is integrally associated with the information, and wherein the implementing occurs as a result of user interaction with the information.
  - 43. The method according to claim 39, wherein the information comprises a patient medical record.
  - 44. The method according to claim 39, wherein the information comprises consumer entertainment media.
  - 45. The method according to claim 39, wherein the trustee is interposed between the beneficiary and the user, the trustee maintaining an anonymity of the user while accounting to the beneficiary.
  - 46. The method according to claim 39, wherein the trustee is interposed between the beneficiary and the user, the trustee characterizing the user based on a classification of information usage, while accounting to the beneficiary for the use, without specifically identifying information usage of a user.
  - 47. The method according to claim 39, wherein a transfer of the information to the user requires an electronic transfer of value from the user to the trustee, further comprising the step of accepting the value by the trustee while stripping an identification of the user from a retained transfer record.
  - 48. The method according to claim 39, further comprising the steps of receiving an identification of desired information content from a user;
    - and logging the access employing a digital signature of the user.
  - 49. The method according to claim 48, wherein the digital signature is anonymous with respect to the beneficiary.
  - 50. The method according to claim 48, wherein the authorizing step entails requiring the user to enter into a restrictive covenant.
  - 51. The method according to claim 40, wherein the trustee manages access to the information and implements the respective set of access rules as an intermediary for, and communicates compensation information to, the beneficiary.
  - 52. The method according to claim 40, wherein the information has an associated compensation value, and comprises digital media information, said digital media information being associated with subsidy content having an associated subsidy value, further comprising the step of accounting for use of the digital media information offset by the subsidy value.
  - 53. The method according to claim 1, further comprising the steps of:
    - defining information content of a record and an associated set of access rules;
      
      electronically transmitting the information content and associated set of access rules to the trustee subject to the terms of the trust agreement;
      
      storing the transmitted information content and associated set of access rules as a respective one of the plurality of records and a respective set of access rules; and
      
      automatically implementing, under control of the trustee, the associated access rules with respect to the information content, to establish a virtual trust in accordance therewith, whereby the trustee selectively authorizes access to the information content to selectively permit communication of the information content.
  - 54. The method according to claim 53, wherein the information content comprises media information, and the associated access rules comprise economic rules.
  - 55. The method according to claim 53, wherein the information content comprises medical record information, and the associated access rules comprise restrictive access rules based on an identity or characteristic of a requestor.
  - 56. The method according to claim 55, further comprising the step of transmitting, from the trustee, information content in accordance with the associated rules.
  - 57. The method according to claim 53, wherein the trustee controls the information content and implements the rules without requiring access to the information content.
  - 58. The method according to claim 1, wherein the logging wrapper logs the access based on a digital signature of the third party.
  - 59. The method according to claim 1, wherein the third party is required to enter into a restrictive covenant for access to the information.
  - 60. The method according to claim 1, wherein the record comprises a plurality of medical transaction information files, associated with the specific patient, each medical transaction information file being separately encrypted, and being subject to a separate role-based access rule and a searchable index identifying a content of said medical transaction information files, a search of said index being role-based rule sensitive to withhold index information from unauthorized users.
  - 61. The method according to claim 60, wherein the record comprises at least two medical transaction information files, each file being separately encrypted.
  - 62. The method according to claim 60, further comprising respective access rule embedded in the medical transaction information file.
  - 63. The method according to claim 60, wherein the respective access rule is not encrypted.
  - 64. The method according to claim 60, wherein the medical transaction file encryption comprises public key encryption.
  - 65. The method according to claim 60, wherein the medical transaction file encryption comprises multiple levels of public key encryption, employing differing keys.
  - 66. The method according to claim 60, wherein the medical transaction file encryption comprises a first public key encryption employing a patient-specific public key, and a second public key encryption employing a recipient specific public key.
  - 67. The method according to claim 60, wherein the medical transaction file encryption comprises a public key encryption employing a recipient-system interaction specific key.
  - 68. The method according to claim 67, wherein the medical transaction file encryption further comprises a first public key encryption employing a patient-specific public key, and a second public key encryption employing a recipient specific public key.
  - 69. The method according to claim 67, wherein said recipient-system interaction specific key interacts with an applet wrapper to decrypt the medical record.
  - 70. The method according to claim 60, wherein the record is in a database system for hosting the medical transaction information files, further comprising the step of accounting for access to a content of each of said encrypted medical transaction information files.
  - 71. The method according to claim 70, wherein the accounting is a financial accounting.
  - 72. The method according to claim 70, further comprising the step of generating an audit trail.
  - 73. The method according to claim 1, wherein at least one of the respective access rules comprises:
    - charging for access to or permission to access the record by causing at least one of a monetary transfer through a monetary transfer system and an accounting entry in an accounting database representing a proposed monetary transfer; and
      
      storing a record of at least one of each access of and permission to access the record in a database.
  - 74. The method according to claim 73, wherein the access permission comprises a cryptographic key.
  - 75. The method according to claim 1, further comprising the steps of:
    - establishing under jurisdictional trust laws, in an entity distinct from a rights holder, a virtual information trust in accordance with the legally enforceable trust agreement, to hold the record or associated access permission on behalf of a beneficiary;
      
      providing a database system, comprising a plurality of records, each record having an associated set of respective access rules;
      
      the trustee operating under the virtual information trust and applying the respective access rules on behalf of the beneficiary in accordance with the virtual information trust;
      
      charging for access to or permission to access the content record by causing at least one of a monetary transfer and an accounting entry representing a proposed monetary transfer; and
      
      maintaining a record of each access of or permission to access the content record.
  - 76. The method according to claim 75, wherein the access permission comprises a cryptographic key.
  - 77. The method according to claim 1, further comprising the steps of:
    - (a) defining the terms of a legally enforceable trust between a grantor and a trustee, on behalf of a beneficiary, for maintaining an information record in trust subject to the respective set of access rules, said information record comprising property of value;
      
      (b)conveying the information record to the trustee, as a corpus of the trust; and
      
      (c)accounting to the beneficiary for financial value attributable to the trust.

78. A database system, comprising a plurality of digital records, each digital record having an associated set of access rules, stored in a computer memory associated with a server system;
- an interface computer in communication with a remote computer, receiving a request for access from the remote computer to access a digital record stored in the computer memory;
  
  an automated processor. associated with the server system,validating the received request to access the digital record by applying a respective set of access rules for the digital record stored in the computer memory;
  
  retrieving a public key having an associated private key, and associating a logging wrapper having a respective session key with the digital record, after validating the received request, wherein the session key is distinct from the public key and the private key;
  
  encrypting and sending the requested digital record which has been validated, using the public key and the session key to encrypt the digital record, through the interface computer;
  
  receiving, through the interface computer, a logging event from the remote computer based on an operation of the wrapper and at least the session key; and
  
  recording the logging event in an access log.
- View Dependent Claims (79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132)
- - 79. The system according to claim 78, wherein the record is encrypted, further comprising means for accounting for a decryption of the record.
  - 80. The system according to claim 79, wherein said accounting is anonymous.
  - 81. The system according to claim 78, wherein the record has a plurality of portions, each portion being encrypted with at least one cryptographic key, said portions being independently accessible, said respective access rules applying to selectively limit access to portions of the record.
  - 82. The system according to claim 81, wherein said access rules limit access to portions based on an identity of an intended recipient.
  - 83. The system according to claim 78, wherein the record comprises a plurality of encrypted portions, further comprising the step of supplying a decryption key for a respective record portion in accordance with the respective access rules.
  - 84. The system according to claim 78, wherein at least a portion of the record is encrypted, further comprising an accounting system for accounting for a decryption of a portion of the record.
  - 85. The system according to claim 78, wherein the respective access rules are associated with an intended recipient of the record.
  - 86. The system according to claim 78, further comprising the step of referencing an index to define a record.
  - 87. The system according to claim 86, wherein the index further stores respective access rules for qualifying an intended recipient with respect to each of the records.
  - 88. The system according to claim 87, further comprising the step of using an index to identify a record potentially responsive to a query.
  - 89. The system according to claim 78, wherein the record comprises a medical record, and wherein an index of a set of associations of patient identities and medical transaction records is used to identify records relating to a respective patient.
  - 90. The system according to claim 78, wherein an index of a set of associations of record identification, record characteristic, and said respective access rules to identify records relating to a query and limiting access to portions thereof.
  - 91. The system according to claim 78, wherein the record comprises a plurality of portions, the portions being separately encrypted and having associated therewith sets of independent respective rules.
  - 92. The system according to claim 78, wherein the respective access rules are role based access rules relating to a role of an intended recipient.
  - 93. The system according to claim 78, wherein the respective access rules are context based access rules relating to a context of record access.
  - 94. The system according to claim 78, wherein the respective access rules are defined by a grantor of the trust.
  - 95. The system according to claim 78, wherein a decryption of the record triggers a remotely-sensed transaction.
  - 96. The system according to claim 95, wherein the remotely sensed transaction comprises a financial accounting transaction.
  - 97. The system according to claim 95, wherein the remotely sensed transaction comprises an access audit trail transaction.
  - 98. The system according to claim 79, wherein said accounting occurs upon supply of the respective decryption key.
  - 99. The system according to claim 79, wherein said accounting occurs upon use of the respective decryption key.
  - 100. The system according to claim 78, wherein the record comprises a medical record.
  - 101. The system according to claim 78, wherein the record comprises a media content record.
  - 102. The system according to claim 78, wherein the respective access rules are interpreted in accordance with a database of jurisdictional trust laws.
  - 103. The system according to claim 78, wherein the respective access rules are interpreted in accordance with a database of jurisdiction-dependent privacy laws.
  - 104. The system according to claim 78, further comprising the step of creating a virtual trust encompassing the record, implemented in accordance with the trust laws of an associated jurisdiction.
  - 105. The system according to claim 78, wherein the records comprise separate articles within a digital publication.
  - 106. The system according to claim 78, further comprising the step of receiving the respective access rules.
  - 107. The system according to claim 78, further comprising the step of generating the respective access rules based on the record.
  - 108. The system according to claim 78, wherein a record is encrypted with an encryption scheme having a rolling code.
  - 109. The system according to claim 78, wherein the rules are administered by a trustee who controls the records and implements the respective access rules without requiring access to a content of the record.
  - 110. The system according to claim 78, wherein the rules are administered by a trustee who controls access to the records.
  - 111. The system according to claim 110, wherein the trustee selectively processes the records.
  - 112. The system according to claim 78, wherein the records comprise a type selected from the group consisting of legal information, government records, financial records, commercially valuable trade secret legal information, manufacturing information, banking information, consumer entertainment media, digital music files, video information, cinema information, consumer information, personal demographic information, credit card information, personal contact information, social security number information, publication information, separate articles within a digital publication, and investment account information.
  - 113. The system according to claim 78, wherein a record comprises a patient file, placed in a privileged trust for the patient with a trustee, said trustee implementing the set of rules for access with respect to each transaction record within the patient file, the respective rules being defined by the patient and legal jurisdiction, wherein said trustee interacts with the patient record information to at least one of maintain, process, receive, deliver, and transmit portions of the patient record in secure and verifiable fashion to authorized entities in compliance with the trust.
  - 114. The method according to claim 78, wherein the wrapper logs the access based on a digital signature of the third party.
  - 115. The system according to claim 78, wherein the information comprises digital media information, said digital media information being associated with subsidy content, wherein an economic compensation for access by a user to the digital media information is offset by a value for subsidy content.
  - 116. The database system according to claim 78, further comprising:
    - a set of associated selective rights, corresponding to a record, held as at least a portion of a corpus of a trust, for restricting at least one of access, use, storage and transmission of a respective set of defined content information, organized as a legal entity under the laws of a jurisdiction; and
      
      a trustee acting under the trust laws of the jurisdiction, receiving the associated rights and implementing a virtual trust in accordance therewith,wherein the trustee communicates through an electronic communications system to selectively convey permission to at least one of access, use, store and transmit the respective set of defined content information in accordance with the respective access rules.
  - 117. The system according to claim 116, wherein the information content comprises media information, and the rights comprise economic rules.
  - 118. The system according to claim 116, wherein the information content comprises medical record information, and the rights comprise restrictive access rules based on an identity or characteristic of a user.
  - 119. The system according to claim 118, further comprising the step of transmitting, from the trustee, information content in accordance with the rights.
  - 120. The system according to claim 116, wherein the trustee controls the information content and implements rights-based restrictions without requiring access to the information content.
  - 121. The system according to claim 116, wherein the defined information content is provided as a set of records, each record having a plurality of portions, at least two such portions being associated with independent cryptographic keys, further comprising a database index providing an association between a record descriptor, a record identification, and a set of limiting access rules for each privileged database record;
    - and a cryptographic key database, for storing cryptographic keys associated with portions of a record.
  - 122. The system according to claim 116, wherein said rights are a set of rules selected from the group consisting of one or more of role based access rules, and context based access rules.
  - 123. The system according to claim 121, wherein each of the portions is encrypted with at least one cryptographic key, said portions being independently accessible.
  - 124. The system according to claim 121, further comprising means for accounting for a decryption of an encrypted record or portion of a record.
  - 125. The system according to claim 121, wherein the records comprise medical records.
  - 126. The system according to claim 116, wherein the rights are interpreted in accordance with a database of jurisdictional trust laws.
  - 127. The system according to claim 116, wherein the rights are jurisdiction-dependent, further comprising an input for receiving an identification of a relevant jurisdiction.
  - 128. The system according to claim 127, further comprising means for resolving inconsistencies between a plurality of relevant jurisdictions.
  - 129. The system according to claim 127, further comprising a plurality of sets of rights, each set of rights being associated with a different jurisdiction, further comprising means for applying a set of rights relevant to an associated jurisdiction.
  - 130. The system according to claim 116, further comprising a transaction log including a digital signature of a transactor, wherein the transaction log may be audited through authentication of the digital signature.
  - 131. The system according to claim 130, wherein the transaction log may be audited without revealing an identity of the transactor.
  - 132. The system according to claim 130, wherein the transaction log audited reveals an identity of the transactor.

133. A method, comprising the steps of:
- storing a plurality of digital records and respective access rules for each digital record in a computer memory associated with a server system;
  
  receiving a request for access, from a remote computer, to access a digital record stored in the computer memory;
  
  validating, by the server system, the received request to access the digital record by applying a respective set of access rules for the digital record stored in the computer memory;
  
  retrieving, by the server system, a public key having an associated private key, and associating a wrapper having a respective session key with the digital record, wherein the session key is distinct from the public key and the private key;
  
  encrypting and sending, by the server system, the requested digital record after validating the received request, using the public key and the session key to encrypt the digital record;
  
  receiving the encrypted digital record, by the remote computer, and decrypting the encrypted digital record using the private key and the session key in conjunction with the wrapper;
  
  generating by the wrapper, at the remote computer, a logging event; and
  
  accounting, at the server, for the decrypting by the remote computer using the wrapper.
- View Dependent Claims (134, 135, 136, 137, 138, 139)
- - 134. The method according to claim 133, wherein the respective set of access rules comprise instructions to a trustee, defined under a legally enforceable trust agreement establishing a trust granting legal control over access to the record to a trustee subject to jurisdictional law of trusts, on behalf of a beneficiary.
  - 135. The method according to claim 134, wherein the trustee generates commercial subsidies in conjunction with transactions involving a record.
  - 136. The method according to claim 134, wherein the trustee conducts a financial transaction with respect to a record, and financially compensates the beneficiary for the transaction.
  - 137. The method according to claim 133, further comprising the step of presenting paid advertising to an accessor of the record.
  - 138. The method according to claim 133, further comprising the step of presenting context-sensitive advertising to an accessor of the record, paid by the advertiser based on a quantity of presentation thereof.
  - 139. The method according to claim 138, wherein an accounting to the advertiser excludes confidential information.

140. A database system, comprising:
- at least one retrieval computer retrieving a plurality of digital records and having at least one access log, each digital record having an associated set of access rules;
  
  at least one communications interface computer in communication with a remote computer, communicating a request for access, from the remote computer, to access a digital record stored in the at least one retrieval computer; and
  
  at least one processor for;
  
  selectively controlling the at least one retrieval computer to retrieve a record in dependence on a compliance with a respective set of access rules;
  
  validating the received request to access the digital record by applying a respective set of access rules for the digital record stored in the at least one retrieval computer;
  
  retrieving a public key having an associated private key, and associating a wrapper having a respective session key with the digital record, after validating the received request, wherein the session key is distinct from the public key and the private key;
  
  encrypting and sending the requested digital record which has been validated, using the public key and the session key to encryp the digital record, through the at least one communications interface computer;
  
  receiving, through the at least one communications interface computer, a logging event from the remote computer based on an operation of the wrapper and at least the session key; and
  
  recording the logging event in an access log.
- View Dependent Claims (141)
- - 141. The database system according to claim 140, wherein each respective set of access rules represents instructions to a trustee operating under an established legal trust, applying the access rules on behalf of a beneficiary in accordance with the legal trust, the respective access rules, and the jurisdictional trust law.

142. A method, comprising the steps of:
- storing a set of access rules in a database stored in a first computer memory;
  
  defining a plurality of sets of information content stored in a second computer memory at a server system, the sets of information content being subject to associated access rules stored in the database;
  
  transmitting information defining the associated access rules for the respective plurality of sets of information content from the first computer memory to a database control system at the server system;
  
  automatically, under control of the database control system at the server system, analyzing the associated access rules with respect to the respective information content, and implementing the transmitted associated access rules dependent on a context of attempted access of the respective information content, to thereby validate a request for access;
  
  retrieving, by the server system, a public key having an associated private key, and associating a wrapper having a respective session key with the respective information content, wherein the session key is distinct from the public key and the private key;
  
  encrypting, by the server system, the requested respective information content using the public key and the session key to encrypt the digital record, and associating the respective information content in an encrypted form with a wrapper;
  
  communicating the respective information in an encrypted form and the wrapper, after validating the respective request for access, an access to a decrypted form of the information content at a remote computer being dependent on at least the wrapper, the session key and the private key;
  
  communicating an event from the remote computer to the server system, by the wrapper; and
  
  accounting for access to the information content and a respective context in an access log at the server system.
- View Dependent Claims (143)
- - 143. The method according to claim 142, wherein the respective set of access rules comprise instructions to a trustee, defined under a legally enforceable trust agreement establishing a trust granting legal control over access to the record to a trustee subject to jurisdictional law of trusts, on behalf of a beneficiary, the limitations of the trust being enforced under authority of the trustee in accordance with the trust agreement, the respective set of access rules, and the jurisdictional law of trusts.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
RPX Corporation
Original Assignee
David Paul Felsher
Inventors
Felsher, David Paul
Primary Examiner(s)
Hewitt, II, Calvin Loyd
Assistant Examiner(s)
SHERR, CRISTINA O

Application Number

US09/899,787
Publication Number

US 20020010679A1
Time in Patent Office

2,987 Days
Field of Search

705 50- 79, 713189-194, 380/286, 123/620, 123/640, 123/643
US Class Current

705/65
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 10/10   Office automation; Time man...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G16H 10/60   for patient-specific data, ...

Information record infrastructure, system and method

First Claim

6 Assignments

Litigations

0 Petitions

Accused Products

Abstract

1052 Citations

143 Claims

Specification

11 Family Members

Thank you for your feedback