Information record infrastructure, system and method

US 8,380,630 B2
Filed: 05/29/2010
Issued: 02/19/2013
Est. Priority Date: 07/06/2000
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for security mediation, comprising:

receiving an information request for information stored within a plurality of external databases (“

POEDs”

) from a user, wherein the information request is received by an automated security mediator (“

ASM”

) which is neither an owner nor custodian of the requested information;

authenticating the user;

querying an automated centralized index (“

ACI”

), maintained by the ASM to locate the requested information within the POEDs, wherein the ACI includes a location and a set of access rules for each entry;

applying the access rules associated with the located requested information (“

LRI”

);

automatically communicating from the ASM to each of the POEDs storing the LRI;

a query corresponding to the information request, and information sufficient to apply a set of native access rules of the respective POEDs storing the LRI to further control access to the LRI;

receiving at least a status response from at least one of the POEDs storing the LRI indicating whether the LRI is accessible or inaccessible;

automatically indexing the accessible and inaccessible LRI; and

at least one of;

retrieving, by the ASM, the accessible LRI from the POEDs storing the LRI and communicating, from the ASM to the user a consolidation of the retrieved accessible LRI; and

communicating, from the ASM to the user a consolidated index of the accessible LRI.

View all claims

6 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A security mediator, comprising an input configured to receive a user information request; an automated index, stored in a memory, configured to store information for determining which of a plurality of remote databases stores information responsive to the request; an automated security rule base, stored in a memory, containing rules applicable to information responsive to the request stored in the plurality of remote databases; a communication port configured to communicate to a plurality of remote databases which store information responsive to the request: security information, a query corresponding to the request and associated rules applicable to the information responsive to the request at the respective remote database; and at least one processor being configured to apply at least one security rule responsive to the query of the automated security rule base, and index information derived from a plurality of the remote databases, in a manner which permits application of the rules and which restricts insecure use of the index.

182 Citations

22 Claims

1. A method for security mediation, comprising:
- receiving an information request for information stored within a plurality of external databases (“
  
  POEDs”
  
  ) from a user, wherein the information request is received by an automated security mediator (“
  
  ASM”
  
  ) which is neither an owner nor custodian of the requested information;
  
  authenticating the user;
  
  querying an automated centralized index (“
  
  ACI”
  
  ), maintained by the ASM to locate the requested information within the POEDs, wherein the ACI includes a location and a set of access rules for each entry;
  
  applying the access rules associated with the located requested information (“
  
  LRI”
  
  );
  
  automatically communicating from the ASM to each of the POEDs storing the LRI;
  
  a query corresponding to the information request, and information sufficient to apply a set of native access rules of the respective POEDs storing the LRI to further control access to the LRI;
  
  receiving at least a status response from at least one of the POEDs storing the LRI indicating whether the LRI is accessible or inaccessible;
  
  automatically indexing the accessible and inaccessible LRI; and
  
  at least one of;
  
  retrieving, by the ASM, the accessible LRI from the POEDs storing the LRI and communicating, from the ASM to the user a consolidation of the retrieved accessible LRI; and
  
  communicating, from the ASM to the user a consolidated index of the accessible LRI.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein the access rules stored by the ASM in the ACI are role based.
  - 3. The method according to claim 1, further comprising defining at least one compensation rule, which imposes a cost for access to the LRI.
  - 4. The method according to claim 1, further comprising logging at least:
    - the information request the communications from the ASM to each of the POEDs storing the LRI and the indexing of the accessible and inaccessible LRI.
  - 5. The method according to claim 1, further comprising automatically restricting redistribution of the information responsive to the request.
  - 6. The method according to claim 1, wherein the querying the ACI comprises determining a set of records associated with a common entity.
  - 7. The method according to claim 1, wherein at least one of the access rules stored by the ASM in the ACI is based on the context or is defined by the ASM or by the owner or custodian of the LRI.
  - 8. The method according to claim 1, further comprising generating a security applet to apply to the transmission of the consolidation of the retrieved accessible LRI to the user.

9. A method for security mediation, comprising:
- receiving an information requestfor information stored within a plurality of external databases (“
  
  POEDs”
  
  ) from a user, wherein the information request is received by an automated security mediator (“
  
  ASM”
  
  ) which is neither an owner nor custodian of the requested information;
  
  authenticating the user;
  
  querying an automated centralized index (“
  
  ACI”
  
  ), maintained by the ASM to locate the requested information within the POEDs, wherein the ACI includes a location and a set of stored access rules (“
  
  SAR”
  
  ) for each respective record representing the requested information;
  
  applying the set of access rules associated with the located requested information (“
  
  LRI”
  
  );
  
  automatically communicating from the ASM to each of the POEDs storing LRI;
  
  a query corresponding to the information request, and information sufficient to apply a set of native access rules (“
  
  NARs”
  
  ) of the respective POEDs storing the LRI to further control access to the LRI;
  
  automatically indexing the LRI that have complied with the SARs and the NARs; and
  
  at least one of;
  
  automatically retrieving, by the ASM, the indexed LRI from the POEDs storing the LRI and communicating, from the ASM to the user a consolidation of the retrieved LRI; and
  
  automatically communicating, from the ASM to the user a consolidated index of the indexed LRI.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 22)
- - 10. The method according to claim 9, wherein the access rules stored by the ASM in the ACI are role based.
  - 11. The method according to claim 9, further comprising defining at least one compensation rule, which imposes a cost for access to the LRI.
  - 12. The method according to claim 9, further comprising logging at least the information request, the communication from the ASM to each the POEDs storing the LRI, and the indexing of the LRI.
  - 13. The method according to claim 9, further comprising automatically restricting redistribution of the LRI.
  - 14. The method according to claim 9, wherein at least one of the access rules stored by the ASM in the ACI is based on the context or is defined by the ASM or by the owner or custodian of the LRI.
  - 15. The method according to claim 9, wherein the querying the ACI comprises determining a set of records associated with a common entity.
  - 22. The method according to claim 9, further comprising generating a security applet to apply to the transmission of the consolidation of the retrieved LRI to the user.

16. A security mediator, comprising:
- an input port configured to receive a request for information stored in a plurality of external databases (“
  
  POEDs”
  
  ) from a user;
  
  an automated centralized index (“
  
  ACI”
  
  ), stored in a memory, configured to store location information and associated access rules for information stored in the POEDs;
  
  at least one processor, configured to;
  
  locate requested information;
  
  generate a query corresponding to the request;
  
  apply the access rules stored in the ACI to restrict access to the located requested information (“
  
  LRI”
  
  );
  
  generate instructions to each of the POEDs storing the LRI to apply native access rules (“
  
  NARs”
  
  ) of the respective POED to further restrict access to the LRI;
  
  consolidate the requested information retrieved from the POEDs storing the LRI, wherein access to the LRI has not been restricted by an access rule stored in the ACI or by an NAR; and
  
  generate an index of POEDs storing the LRIs, wherein access to the LRI has not been restricted by an access rule stored in the ACI or by an NAR; and
  
  a communication port configured to communicate to each of the POEDs storing the LRI;
  
  a query corresponding to the request and instructions to apply the respective NARs; and
  
  communicate to the user at least one of the consolidated index of the LRIs and the consolidation of the LRIs.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The security mediator according to claim 16, further comprising a memory configured to store at least one compensation rule, which defines at least a cost for access to the requested information.
  - 18. The security mediator according to claim 16, wherein the at least one processor is further configured to log at least the request for information stored in the POEDs, the communications from each of the POEDs storing the LRI, and the indexing of the POEDs storing the LRI, wherein access to the LRI has not been restricted by an access rule stored in the ACI or by an NAR.
  - 19. The security mediator according to claim 16, wherein the at least one processor is further configured to automatically restrict redistribution of the LRI.
  - 20. The security mediator according to claim 16, wherein the at least one processor is further configured to query the ACI to determine a set of records associated with a common entity.
  - 21. The security mediator according to claim 16, wherein the at least one processor is further configured to generate a security applet to transmit the consolidation of the LRI to the user.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
RPX Corporation
Original Assignee
David Paul Felsher
Inventors
Felsher, David Paul
Primary Examiner(s)
Nigh, James D

Application Number

US12/790,818
Publication Number

US 20100241595A1
Time in Patent Office

997 Days
Field of Search

705/2, 705/3, 705/50, 707781-785
US Class Current

705/50
CPC Class Codes

G06F 21/6227   where protection concerns t...

G06F 21/6245   Protecting personal data, e...

G06Q 10/10   Office automation; Time man...

G06Q 30/0283   Price estimation or determi...

G16H 10/60   for patient-specific data, ...

G16H 10/65   stored on portable record c...

G16H 40/67   for remote operation

Information record infrastructure, system and method

First Claim

6 Assignments

Litigations

0 Petitions

Accused Products

Abstract

182 Citations

22 Claims

Specification

11 Family Members

Thank you for your feedback