Partitioned information storage systems with controlled retrieval
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
H04L-009/30
G06F-017/30
출원번호
US-0684263
(1996-07-19)
발명자
/ 주소
Chaum David
Ferguson Niels T.,NLX
Schoenmakers Berry,NLX
Voskuil Erik W.,NLX
출원인 / 주소
DigiCash Incorporated
대리인 / 주소
Nixon & Vanderhye P.C.
인용정보
피인용 횟수 :
124인용 특허 :
6
초록▼
An information storage system includes one or more information update terminals, a mapper, one or more partial-databases, and one or more query terminals, exchanging messages over a set of communication channels. An identifier-mapping mechanism provides (to an update terminal) a method for delegatin
An information storage system includes one or more information update terminals, a mapper, one or more partial-databases, and one or more query terminals, exchanging messages over a set of communication channels. An identifier-mapping mechanism provides (to an update terminal) a method for delegating control over retrieval of the data stored at the partial-databases to one or more mappers, typically operated by one or more trusted third parties. Update terminals supply information, that is stored in fragmented form by the partial-databases. Data-fragment identifiers and pseudonyms are introduced, preventing unauthorized de-fragmentation of information--thus providing compliance to privacy legislation--while at the same time allowing query terminals to retrieve (part of) the stored data or learn properties of the stored data. The mapper is necessarily involved in both operations, allowing data access policies to be enforced and potential abuse of stored information to be reduced. Introduction of multiple mappers acts to distribute information retrieval control among multiple trusted third parties. Introducing so-called `groupers` increases the efficiency of data retrieval for a common set of queries and further reduces potential abuse of information.
대표청구항▼
[ What is claimed is:] [38.] A method for introducing a pseudonym for an entity, involving a local terminal, a grouper, a first mapper and a matcher; updating a dossier on an entity using a pseudonym, involving a local terminal, a second mapper and a database; and, querying a dossier on an entity us
[ What is claimed is:] [38.] A method for introducing a pseudonym for an entity, involving a local terminal, a grouper, a first mapper and a matcher; updating a dossier on an entity using a pseudonym, involving a local terminal, a second mapper and a database; and, querying a dossier on an entity using a pseudonym, involving a local terminal, a grouper, the said second mapper and the said database;the introducing of the said pseudonym for the said entity comprising steps of:a local terminal obtaining a first piece of data containing information identifying the said entity and being interpretable by the said local terminal and by the said matcher;the said local terminal selecting a first pseudonym for the said entity, the said first pseudonym being previously unused and unique, the said first pseudonym and the said first piece of data being substantially uncorrelated, and the correspondence between the said first pseudonym and the said first piece of data being only known to the said local terminal;the said local terminal retaining the said first pseudonym and the said first piece of data and their correspondence;the said local terminal preparing a first message containing the said first pseudonym and a second piece of data, the said second piece of data being constructed by applying a first transformation method to the said first piece of data so that the said first piece of data and the said second piece of data are substantially uncorrelated, an inverse transformation method of the said first transformation method being only known to the said matcher;the said local terminal sending the said first message to the said first mapper;the said first mapper responding to the said first message by preparing a second message containing the said second piece of data and a second pseudonym, the said second pseudonym being constructed by applying a second transformation method to the said first pseudonym so that the said first pseudonym and the said second pseudonym are substantially uncorrelated, the said second transformation method being reproducible and only known to the said first mapper and the correspondence between the said first pseudonym and the said second pseudonym being only known to the said first mapper;the said first mapper sending the said second message to the said matcher;the said matcher responding to the said second message by constructing a third piece of data by applying a third transformation method to the said second piece of data, the said third transformation method reversing the said first transformation method and being only known to the said matcher;the said matcher retaining the identifying information of the said entity from the said third piece of data, retaining the said second pseudonym and retaining their correspondence;the said matcher searching, in all previously retained identifying information, for identifying information that matches the said received identifying information, the matching of identifying information being concluding that identifying information is related to the same entity;the said matcher preparing a third message containing a fourth piece of data containing all retained pseudonyms corresponding to retained identifying information matching the said received identifying information;the said matcher sending the said third message to the said first mapper;the said first mapper responding to the said third message by preparing a fourth message containing a fifth piece of data containing the same number of pseudonyms as the said fourth piece of data, each of the said pseudonyms of the said fifth piece of data being constructed by applying a fourth transformation method to a different pseudonym of the said fourth piece of data, the said fourth transformation method reversing the said second transformation method and being only known to the said first mapper;the said first mapper sending the said fourth message to the said grouper; andthe said grouper responding to the said fourth message by retaining the correspondence between all pseudonyms of the said fifth piece of data; andthe updating of a dossier on an entity comprising steps of:a local terminal obtaining information, interpretable by the said local terminal, identifying the said entity, and retrieving a third pseudonym corresponding to the said identifying information;the said local terminal preparing a fifth message containing the said third pseudonym and a sixth piece of data, the said sixth piece of data holding dossier update information, interpretable by the said database;the said local terminal sending the said fifth message to the said second mapper;the said second mapper responding to the said fifth message by preparing a sixth message containing the said sixth piece of data and a fourth pseudonym, the said fourth pseudonym being constructed by applying a fifth transformation method to the said third pseudonym so that the said third pseudonym and the said fourth pseudonym are substantially uncorrelated, the said fifth transformation method being reproducible and only known to the said second mapper and the correspondence between the said third pseudonym and the said fourth pseudonym being only known to the said second mapper;the said second mapper sending the said sixth message to the said database; andthe said database responding to the said sixth message by using the update information from the said sixth piece of data to update the retained dossier information corresponding to the said fourth pseudonym, and retaining the result of the said update; andthe querying of a dossier on an entity comprising steps of:a local terminal obtaining information, interpretable by the said local terminal, identifying the said entity, and retrieving a fifth pseudonym corresponding to the said identifying information;the said local terminal preparing a seventh message containing the said fifth pseudonym and a query, the said query being a query over dossier information on the said entity retained at the said database and the said query being interpretable by the said database;the said local terminal sending the said seventh message to the said grouper;the said grouper responding to the said seventh message by preparing an eighth message containing the said query and an seventh piece of data, the said seventh piece of data containing a set holding all pseudonyms retained by the said grouper and corresponding to the said fifth pseudonym;the said grouper sending the said eighth message to the said second mapper;the said second mapper responding to the said eighth message by preparing a ninth message containing the said query and a eighth piece of data, the said eighth piece of data containing the same number of pseudonyms as the said seventh piece of data, each of the said pseudonyms of the said eighth piece of data being constructed by applying the said fifth transformation method to a different pseudonym of the said seventh piece of data;the said second mapper sending the said ninth message to the said database;the said database responding to the said ninth message by preparing a tenth message containing a ninth piece of data, the said ninth piece of data holding an answer to the said query, the said answer being interpretable by the said local terminal and being the result of solving the query over all retained dossier information related to the pseudonyms of the said eighth piece of data;the said database sending the said tenth message to the said local terminal; andthe said local terminal responding to the said tenth message by accepting it and processing the answer.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (6)
Low Steven H. (Bridgewater NJ) Maxemchuk Nicholas F. (Mountainside NJ) Paul Sanjoy (Atlantic Highlands NJ), Anonymous credit card transactions.
Lang Gerald S. (812 Downs Dr. Silver Spring MD 20904), Method and apparatus for protecting material on storage media and for transferring material on storage media to various.
Chitkara, Rajnish K.; Banks, Barbara J.; Patel, Anita R., Database system providing SQL extensions for automated encryption and decryption of column data.
Germscheid, Paul S.; Gretter, Eugene J.; Kress, Daryl J.; Guhl, Timothy J.; Behr, Gail L., Method and apparatus for a web application server to automatically solicit a new password when an existing password has expired.
Nathan Rosenberg ; Frederick Ryan, Jr., Method and apparatus for providing authorization to make multiple copies of copyright protected products purchased in an online commercial transaction.
McVeigh, Ryan Sean; Roth, Steven Leslie; Patadia, Jalpesh; Saarva, Tanya; Zhou, Xiaojiang; Posner, Brad, Method and system for interacting with a virtual content repository.
Cumberbatch, Bradlee; Igoe, Patrick T.; Eldering, Charles A., Providing notifications to an individual in a multi-dimensional personal information network.
Cumberbatch, Bradlee; Igoe, Patrick T.; Eldering, Charles A., Providing notifications to an individual in a multi-dimensional personal information network.
Cumberbatch, Bradlee; Igoe, Patrick T.; Eldering, Charles A., Providing notifications to an individual in a multi-dimensional personal information network.
Ober, N. Stephen; Grubmuller, John; Farrell, Maureen; Wentworth, Charles; Gilbert, Thomas; Barrett, Kevin; Davis, Steven; Nordman, Erik; Grenier, Randell, System and method for analyzing de-identified health care data.
Jolley,Chris; Giridhar,Sathyanarayana; Griffin,Philip B.; Howes,Jason; O'Neil,Edward K.; Patadia,Jalpesh, System and method for application flow integration in a portal framework.
McCauley,Rodney; Owen,James; Bales,Christopher E., System and method for content lifecycles in a virtual content repository that integrates a plurality of content repositories.
McCauley,Rodney; Owen,James; Patadia,Jalpesh; Posner,Brad; Toussaint,Alexander, System and method for controlling access to anode in a virtual content repository that integrates a plurality of content repositories.
Smithline,Neil; Giridhar,Sathyanarayana, System and method for determining the functionality of a software application based on nodes within the software application and transitions between the nodes.
McVeigh,Ryan Sean; Roth,Steven Leslie; Patadia,Jalpesh; Saarva,Tanya; Zhou,Xiaojiang; Posner,Brad, System and method for lightweight loading for managing content.
McVeigh, Ryan Sean; Roth, Steven Leslie; Patadia, Jalpesh; Saarva, Tanya; Zhou, Xiaojiang; Posner, Brad, System and method for providing SPI extensions for content management system.
McCauley,Rodney; Owen,James; Patadia,Jalpesh; Posner,Brad; Toussaint,Alexander, System and method for providing lifecycles for custom content in a virtual content repository.
McVeigh, Ryan Sean; Roth, Steven L.; Patadia, Jalpesh; Saarva, Tanya; Zhou, Xiaojiang; Posner, Brad, System and method for providing nested types for content management.
McCauley, Rodney; Owen, James; Bales, Christopher E., System and method for schema lifecycles in a virtual content repository that integrates a plurality of content repositories.
Bales, Christopher E.; Mueller, Jeffrey; Owen, James; Patadia, Jalpesh; Olson, Nathan; Devgan, Manish; Noonan, Timothy, Systems and methods for personalizing a portal.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.