Secure database system

Electrical computers and digital processing systems: support – System access control based on user identification by...

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C713S161000, C713S168000

Reexamination Certificate

active

06360324

ABSTRACT:

BACKGROUND TO THE INVENTION
This invention relates to secure databases.
Many countries have legislation for controlling the way in which personal data may be stored and used on computer systems. For example, the Dutch Personal Data Registration Act (“Wet Persoonsregistraties”) demands (among other things) that the database must be secured against hackers who have succeeded in getting unauthorised access to the database despite all security applied to it. However, it has been found that conventional database systems do not satisfy this requirement. For example, in conventional hospital information systems, if a hacker gains access to a medical history record, the hacker can obtain the patient's key from this record and use this key to access any other records containing information about the same patient, such as the patient's name and address.
The object of the present invention is to provide a way of overcoming this problem.
SUMMARY OF THE INVENTION
According to the invention a computer system comprises:
(a) a server having a database including at least one personal information table and at least one further table containing information relating to persons whose details are stored in the personal information table; and
(b) a plurality of clients, for accessing said database;
(c) said tables in said database having keys that are unrelated to each other, whereby it is impossible to determine solely from information in the server which record in said further table corresponds to which record in said personal information table; and
(d) each client including an encryption process for converting a personal identifier value, which identifies a record relating to a particular person in said personal information table, into a pseudo-identifier value, which identifies a record relating to the same person in said further table.
It can be seen that, even if a hacker obtains access to the database, the hacker will not be able to relate information in the different tables. In a hospital information system for example, if a hacker obtains access to a medical history record, the hacker cannot relate this record to a particular patient.


REFERENCES:
patent: 5163097 (1992-11-01), Pegg
patent: 5191611 (1993-03-01), Lang
patent: 5606610 (1997-02-01), Johansson
patent: 5924094 (1999-07-01), Sutter
patent: 5956400 (1999-09-01), Chaum et al.
patent: 5987440 (1999-11-01), Oneil et al.
patent: 6029160 (2000-02-01), Cabrera et al.
patent: WO 95/15628 (1995-06-01), None
Ahad, “HP OpenODB: An Object-Oriented Database Management System for Commercial Applications”, Hewlett-Packard Journal, vol. 44, No. 3, Jun. 1993, pp. 20-30.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Secure database system does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Secure database system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure database system will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-2876384

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.