Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
1997-12-29
2001-01-09
Alam, Hosain T. (Department: 2771)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C705S067000, C712S028000
Reexamination Certificate
active
06173282
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a method and apparatus for accessing and retrieving restricted data.
BACKGROUND TO THE INVENTION
In certain circumstances, a person may wish other parties to have access to personal information which he/she would normally wish to remain private. For example, a guest at a hotel may wish the hotel to have access to details such as name and address of next of kin, serious medical conditions, etc in the event of an accident occurring during their stay at the hotel. However, the person may not be comfortable with having hotel staff reading their personal information other than in an emergency situation. To overcome this problem, it is known to write personal information on a piece of paper which is then sealed inside an envelope. The guest then presents the sealed envelope and contents to the hotel reception upon arrival, instructing them that it contains information which may be necessary in an emergency. In the event of an emergency the hotel staff would then be able to open the envelope to find out the information contained in it. If no emergency situation arose during the guest's stay, the guest would retrieve the sealed envelope at the end of their stay, reassured in the knowledge that the contents of the envelope have not been disclosed if the envelope's seal is intact.
The owner of the envelope must rely upon their own assessment of whether the envelope has been opened or not. If another party was determined to discover the contents of the envelope, they might try to deceive the owner by resealing the envelope after opening it, or replacing an opened envelope with an identical new one.
The known paper sealed envelope is only available to the party which the owner has given it to. In some instances, it might not be possible to retrieve the envelope from the party to whom it was given, for example if an accident occurred, medical staff arriving at the scene may be unaware of the existence of the sealed envelope at the hotel. A possible solution to this problem would be for the person to carry the sealed envelope at all times. However, this would mean that sensitive information would be vulnerable if the envelope was lost or stolen. It would also be desirable for the information to be available for more than one party, for example a chain of hotels which the guest regularly stays in, or a hotel would also be able to give a copy of the sealed envelope to local hospitals in case of an emergency. However, the envelope owner would need to keep track of all the envelopes to ensure that none of the contents had been read.
People often carry information in electronic form, for example in devices such as personal organizers or a mobile phone's memory. Information stored in electronic form has advantages for the user, such as being able to search for certain information quickly. However, unless the information is protected by some means the information may be read by anybody who has access to the electronic device with or without the owner's consent. Additionally, the owner of the device may not be aware of unauthorized access since most electronic personal organizer devices do not keep a record of data accesses. In an attempt to prevent unauthorized access many electronic databases are protected by a password. The problem with using passwords is that they must be provided to everybody who might need to access the information stored in electronic form in an emergency.
SUMMARY OF THE INVENTION
One object of the present invention is to provide an electronic medium as an alternative to a conventional sealed envelope, for storing personal or restricted data.
Another object is to provide access to personal or restricted data with accountability of recording details of persons or systems to whom the data has been released.
According to a first aspect of the present invention there is provided apparatus for retrieving restricted data, comprising: a data storage system containing restricted data; and one or more data accessing systems for accessing data from said data storage system, wherein said data storage system irretrievably modifies said stored data as a result of said data being accessed by a said accessing system.
In a simple embodiment, the data storage system comprises a computer and the restricted data is stored as one or more files on a data storage system, such as a hard disk. A file may be defined as a logical collection of storage areas on a storage medium which an accessing device recognizes as a single entity. A secret codeword known only to an owner of the restricted data may be appended to each file. Before disclosing the restricted data to the accessing system, the storage system deletes or changes the secret codeword. This modifying of the codeword allows the owner to determine that the information has been accessed. The accessing system is preferably unaware of the modifying and is not aware of the original state of the codeword before it is modified so that the original secret codeword cannot be retrieved or replaced without knowledge of its original or previous state.
In a second simple embodiment, the restricted data may be stored in a One Time Programmable Read Only Memory (OTPROM). OTPROM devices are supplied by a manufacturer with all data storage units on the device capable of storing one bit, set to an initial state (binary 0 or binary 1). The storage devices are programmed by setting selected bits to the opposite state. Once changed from the initial state, properties of OTPROM devices mean that the state of the storage devices cannot be changed a second time. Preferably, one or more user-specified storage units on the OTPROM are left in their unset state and, once restricted data is accessed by an accessing system, the storage system programs the unset storage units to the opposite state. This setting of unset memory units allows the owner of the restricted information to determine that the information has been accessed. Since OTPROM device's memory units cannot be changed after being set a first time, the accessing system is not able to retrieve the original unset state of these memory units, and is not able to restore the original state.
Preferably an accessing system provides a password to said data storage system in order to retrieve said restricted data.
Preferably, the restricted data can be irretrievably modified in more than one way, wherein the way in which the restricted data is irretrievably modified is determined by the password supplied to the data storage system by the data accessing system.
Preferably restricted data is stored in groups which can be individually selected for access by the accessing system and wherein each group can be individually irretrievably modified.
Preferably, where restricted data is stored in groups, the password supplied by the accessing system further limits access to one or more groups of restricted data.
Preferably, the irretrievable modification of the restricted data enables the owner of the data to determine the time and date of the access. As an example, if the restricted data is stored on a computer disk and contains one or more secret codewords known only to the data owner, the secret codeword is replaced with a second codeword containing encrypted time and data information. Not only can the owner then determine that the information has been accessed by the fact that his secret codeword has been changed, but also the owner can decrypt the new codeword to determine the data and time of access.
Preferably, said data storage system comprises one or more smart cards, each having a memory. Preferably each smart card also comprises a processor. Preferably, said data storage system contains a registration record comprising a list of said accessing system authorized to access said restricted data. Preferably, said restricted data is stored in groups, and a said accessing system provides a group specific password to said data storage system in order to retrieve data from a specific said group. Preferably, said accessing systems comprise a card
Dean Robert John
Kanabar Yashvant
McCaughan Daniel Vincent
Unitt Brian Michael
Alam Hosain T.
Alam Shahid
Lee Mann Smith McWilliams Sweeney & Ohlson
Nortel Networks Limited
LandOfFree
Electronic sealed envelope does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic sealed envelope, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic sealed envelope will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2444172