Patent application number | Description | Published |
20080209575 | License Management in a Privacy Preserving Information Distribution System - A system and method for transferring licenses from a first user to one or several other users in an information distribution system, while providing privacy for said users. The level of privacy is enhanced by the license format and the use of a master license, an anonymous license and by the inclusion of a revocation lists in the certificate corresponding to a license. | 08-28-2008 |
20080260351 | Recording of Protected Broadcast Content with Selectable User Rights - An apparatus for recording a signal having a signal content, where the apparatus comprises a receiver for receiving the signal, a processor configured to determine rights to the signal content received with the received signal, and a recorder for recording the received signal and a signal representing the determined rights to the signal content, wherein the processor is configured to give, to right holders, individual rights to the content respecting the determined rights to the content. A user who receives the signal can give individual rights to right holders respecting the rights to the content. The given rights comprise full rights and restricted rights such as owner rights corresponding to the rights to the content received with the received signal, and user rights that allow the right holder to use, such as view, the signal content. Use of the individual rights requires a corresponding individual key. | 10-23-2008 |
20080263370 | Cryptographic Role-Based Access Control - A hierarchical tree structure is used to facilitate the communication of encrypted keys to particular users having access to the tree. All users are in communication with a root node, but the information content of the material at the root node is decipherable only by the intended users of this information. Protected data is encrypted using a variety of data-keys specific to the data. These data-keys are encrypted using a combination of node-keys that are specific to particular users or groups of users. Users having access to the node-key associated with a particular encrypted data-key are able to decipher the data associated with the data-key; users without access to the particular node-key are unable to decrypt the data-key, and thus unable to decipher the data. The hierarchical tree is preferably structured based on a similarity of access rights among users, to minimize the overhead associated with providing user-specific access rights. | 10-23-2008 |
20090019516 | ROLE-BASED ACCESS CONTROL - A user interface and a processor coupled to the user interface wherein the processor receives access requests through the user interface and authorizes access through the user interface. The processor associates a rights request with a role based policy to determine access rights, modifies the determined access rights in accordance with an exception list related to particular users and records, and authorizes access to a record based upon the modified determined access rights. | 01-15-2009 |
20090022477 | RECORDING BROADCAST DIGITAL CONTENT IN A PRIVACY PRESERVING WAY - A method and device for making pre-scheduled recordings of broadcasted content in a recording device, comprising receiving (step S | 01-22-2009 |
20090193249 | PRIVACY-PRESERVING INFORMATION DISTRIBUTION SYSTEM - A system, device and method for keeping the identity of a user secret, while managing requests for information, in an information distribution system. The identity of the user is kept secret by the use of a persistent pseudonym and a temporary pseudonym, which are associated with a user identity device. The process of information distribution is enhanced by the use of licenses and certificates, which the user obtains by representing himself with the permanent pseudonym. When accessing the requested information, the user is represented by the temporary pseudonym. | 07-30-2009 |
20100179832 | A REPUTATION SYSTEM FOR PROVIDING A MEASURE OF RELIABILITY ON HEALTH DATA - This invention relates to a system and a method for providing a measure of reliability on a first set of health data ( | 07-15-2010 |
20110016328 | INFORMATION INTERCHANGE SYSTEM AND APPARATUS - To overcome the drawback of difficulties when interchanging a patient's health record among different health information management systems and yet keep the patient's privacy, this invention proposes a method comprising the steps of: extracting, from a certificate, a signature of a first service provider and a first identifier; generating a second identifier corresponding to the first identifier; sending a request to any one of a second identifier manager and the first service provider so as to request a record associated with the first identifier; receiving the requested record from any one of the second identifier manager and the first service provider; and associating the requested record with the second identifier. Use of the proposed method provides the advantage that there is no need to unify all health information management systems adopting the same pseudonymization service, and makes it easy to share health information among different health information management systems without disclosing the patient's privacy. | 01-20-2011 |
20110066846 | METHOD AND A SYSTEM OF HEALTHCARE DATA HANDLING - This invention relates to a method of healthcare data handling by a trusted agent possessing or having an access to decryption keys for accessing healthcare data. A request is received from a requestor requesting accessing healthcare data. A log is generated containing data relating to the request or the requestor or both. Finally, the requestor is provided with an access to the healthcare data. | 03-17-2011 |
20110066863 | IDENTITY-BASED ENCRYPTION OF DATA ITEMS FOR SECURE ACCESS THERETO - The invention uses the concept of identity-based encryption in the context of data-centric protection of electronic health records, where each data item is encrypted by using its own identifier as a public key. The corresponding decryption keys are managed by special trusted entities, which distribute the keys to authorized parties and provide logging facilities. This approach has the particular advantage that emergency access mechanisms can 5 be implemented in a secure and extremely efficient way. In contrast to previous approaches, it requires no large-scale distribution of secret decryption keys. Furthermore, the scheme allows limiting the impact of a compromised decryption key, as one key can only be used to decrypt one single document. | 03-17-2011 |
20110191837 | AUTHENTICATING A DEVICE AND A USER - A method of authenticating a device and a user comprises receiving a user input, generating a first key from the user input, performing a physical measurement of the device, obtaining helper data for the device, computing a second key from the physical measurement and the helper data, and performing an operation using the first and second keys. In a preferred embodiment, the method comprises performing a defined function on the first and second keys to obtain a third key. Additionally security can be provided by the step of receiving a user input comprising performing a biometric measurement of the user and the step of generating a first key from the user input comprises obtaining helper data for the user and computing the first key from the biometric measurement and the user helper data. | 08-04-2011 |
20110259091 | CUVETTE AND METHOD FOR AUTHENTICATING A CUVETTE - A cuvette ( | 10-27-2011 |
20110264809 | METHOD FOR EXCHANGING DATA - The present invention relates to a method for exchanging data between at least two servers with use of a gateway. Preferably the method is applied to healthcare systems. Each server holds a unique federated identifier, which identifier identifies a single patient (P). Thus, it is possible for the servers to communicate with each other without having to reveal the true identity of patient. By creating one session pseudonym for each pair of providing server ( | 10-27-2011 |
20110321122 | SPECIFYING AN ACCESS CONTROL POLICY - A system for specifying an access control policy comprises: A user interface ( | 12-29-2011 |
20120033807 | DEVICE AND USER AUTHENTICATION - A method of authenticating a device and a user comprises obtaining a device ID for the device, performing a biometric measurement of the user, obtaining helper data for the user, and generating a key from the biometric measurement and helper data. There is then generated a message comprising the key or a component derived from the key, which transmitted to a remote service, and at the service there is carried out the step of authenticating the device and the user with the message. In a preferred embodiment, the generating of the key further comprises generating the key from the device ID. | 02-09-2012 |
20120108910 | PERFORMING MEASUREMENT OF A SUBJECT - A method of performing measurement of a subject comprises measuring a physiological parameter of a subject, deriving data from the measured parameter, optionally, obtaining metadata relating to the measurement of the physiological parameter, determining the quality of the derived data from the derived data and/or the obtained metadata, and if the determined quality matches a predefined criteria, performing a predefined corrective action. In one embodiment, the method further comprises calculating one or more qualifiers from the derived data and/or from the obtained metadata, and wherein the step of determining the quality of the derived data comprises determining the quality of the derived data from the calculated qualifiers. | 05-03-2012 |
20120260094 | DIGITAL RIGHTS MANAGMENET USING ATTRIBUTE-BASED ENCRYPTION - A data provider ( | 10-11-2012 |
20130073860 | ATTRIBUTE-BASED DIGITAL SIGNATURE SYSTEM - An attribute-based digital signature system comprises a signature generation unit ( | 03-21-2013 |
20130104244 | INTEROPERABILITY BETWEEN A PLURALITY OF DATA PROTECTION SYSTEMS - A system is disclosed for providing interoperability between a plurality of data protection systems. The system includes an ontology ( | 04-25-2013 |
20130159730 | ATTRIBUTE-BASED DIGITAL SIGNATURES - An attribute-based digital signature system is disclosed. A first signature generating unit ( | 06-20-2013 |
20130312060 | Creating an Access Control Policy Based on Consumer Privacy Preferences - A system for generating an access control policy comprises a user interface ( | 11-21-2013 |
20140380311 | VIRTUAL MACHINE DEVICE HAVING KEY DRIVEN OBFUSCATION AND METHOD - A virtual machine device | 12-25-2014 |