[go: up one dir, main page]

HK1179702A - A secured personal data handling and management system - Google Patents

A secured personal data handling and management system Download PDF

Info

Publication number
HK1179702A
HK1179702A HK13106579.1A HK13106579A HK1179702A HK 1179702 A HK1179702 A HK 1179702A HK 13106579 A HK13106579 A HK 13106579A HK 1179702 A HK1179702 A HK 1179702A
Authority
HK
Hong Kong
Prior art keywords
user
data
personal
module
communication
Prior art date
Application number
HK13106579.1A
Other languages
Chinese (zh)
Inventor
G.菲施
A.科曼
Original Assignee
奥斯-纽赫瑞森个人计算机解决方案公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 奥斯-纽赫瑞森个人计算机解决方案公司 filed Critical 奥斯-纽赫瑞森个人计算机解决方案公司
Publication of HK1179702A publication Critical patent/HK1179702A/en

Links

Abstract

A system, method and personal apparatus for managing highly secured personal data is provided. The system and the personal apparatus are complementary, both providing highly secured personal data, mass, safe and secured data access, storage and management solutions. The apparatus may be used independently of the system by securely connecting the apparatus to service providers. The apparatus, which is uniquely identified with a unique user, includes a sensor module comprising a plurality of biometric sensors for reading a plurality of personal biological identification parameters of the user and an authentication unit for positive authentication of the user's personal biological identification parameters stored in the authentication unit. The method supports the safe and secured operation of the apparatus by its owner, in order to get access to the system and to exchange highly secured personal data with external pre- registered service providers and with other registered system users.

Description

Secure personal data processing and management system
Background
The present invention relates generally to the need for modern computer age users to have easy, low-cost and immediate access to their personal information in many aspects of their daily lives, including but not limited to their financial, economic, work-related sensitive data files, their medical update records, other and important personal files and their many registered and favorite website access data. The invention also relates to a secure personal data exchange, storage and processing procedure, which is implemented by a combined computer, internet and telephony based system.
More particularly, the present invention relates to a combined computer, internet and telephony dedicated system that supports multiple users to access, store and manage their personal data in a reliable and secure manner, by using a personal data authenticator as an intelligent advanced token to gain reliable and highly secure access to the system, and storing much of their updated personal data on a portable token.
The manner, communication channels, and required data storage capacity and data throughput capability of modern computer systems and the communication needs of their users are rapidly expanding among the required computational performance requirements, data storage capabilities, and required related technology capabilities. Modern computer systems are required in many instances to support the communication needs between users and various computer support services to process and exchange very large files between service and information providers and customers. Such large file processing systems are in many cases required to securely manage text, numbers, images, audio, graphics and many other personal data files of highly sensitive information of their users and customers related to personal data of system users or customers. Organizations such as hospitals, government and municipal institutions, banks, insurance companies and other financial institutions typically require such systems, which are changing rapidly to achieve higher data throughput and storage capacity while maintaining complete security and confidentiality of the user's and customer's personal information.
At the same time, today, more and more users are willing to use new technical solutions and methods to store their own personal data and easily access it while storing it in small portable devices, through which the user can download, retrieve and manage most, if not all, of the personal data and daily operational needs. The user may also need to use his personal ID (identification number) data to create personal files and other private files and access other large data files through a special highly secure dedicated computerized system. By using such a private security portfolio system, the user will be able to communicate and exchange sensitive and private personal data and information with other authorized specific users and suppliers of large personal data files. These files may serve the increasing need for secure personal data exchange, sharing and transfer by external service providers, including hospitals, banks, insurance companies, government agencies and institutions, etc., that use and generate highly secure personal data files.
In order to access secure data files, it is generally necessary in most computerized systems to identify the user as a legitimate registered user by the computerized system before the user accesses the secure data files. Thus, the user of each such system is required to first provide the computerized system with some data string of secret information specific to the user, to identify the user as a legitimate user by the computerized system, and then to allow the user to log into the system. The process of identifying and authorizing the user by the computerized system is called authentication. Two-factor authentication is an improved security process in which a user provides two types or ways of personal identification, one of which is typically a physical token such as a card and other substances that typically store things such as security codes and the like. In this case, sometimes, the two factors involved talk about or mention something the user has and what the user knows-a password. A common example of two-factor authentication is a bank card: the card itself is a physical item and the Personal Identification Number (PIN) is known data that matches the bank card as a second factor.
Currently, commercially available hardware token generators are available for authentication of enterprise systems. However, only one token can be generated by a hardware token generator, which a user or holder of the hardware token generator can use to manually provide the token to an authentication. For example, two-factor authentication may require that the second factor be a physical token, i.e. something the user has, which may generate (i.e. display) the second factor token (e.g. a string of numbers) that the holder of the "physical token" may log in at the terminal providing access to the searched service. However, a disadvantage of hardware token generators is that a lost or stolen hardware token generator can be used to breach security or fraud. Another disadvantage is that the user is required to manage additional physical tokens for authentication. Another disadvantage is that multiple hardware token generators are required for multiple authentications of different systems. Also, the hardware token generator cannot adequately prevent hackers and criminals from phishing, because two-factor authentication using the currently available hardware token generator as a second factor is still vulnerable to man-in-the-middle attacks.
Several prior art references relating to some of these capabilities are described in the following disclosure.
U.S. patent application No. 20090204433, filed 8/13/2009, describes a method for writing medical prescriptions, storing and accessing patient medical records, using a USB dongle device with improved portability and security of patient data. The portable USB dongle device, including patient records and software, can be easily removed and shipped to other local terminals. The related patent describes a method for controlling access to medical records, comprising: A) providing a portable memory device that can store control software and the medical record; B) providing a display device operatively connected to a microprocessor that will display the medical record and selectively control the display of the medical record; and C) biometric authentication using a fingerprint.
The medical card of Wallletex microelectronics, Inc. (http:// www.walletex.com), located at 6300 of 33178 Miami N.W.97, Florida, USA, has a credit card size and USB flash memory shape and is used for the user's medical record. The medical card has a large double-sided area that can be printed with the user's name, picture, doctor's name and phone number, allergy and medication information, and other life saving matters for the emergency responders. It enhances the security solution strong AES (advanced encryption standard) encryption, password protection, memory partitioning (read-only part, secure part and public part), large memory capacity (up to 8 GB), and may also contain data and application software.
An optional function is biometric identification, magnetic stripe.
U.S. patent application No. 2008/0041940a1, filed on 4.6.2007, includes some elements that are integrated into the Walletex medical card device product. The present patent application includes only two claims for a system related to the medical card product portion of the prior art, the first system claim: a system for capturing and storing personal data, patient medical records, and medical insurance and payment information, comprising: a) providing a credit card sized USB flash drive or similar device to store said patient medical record in combination with a smart card or similar device to store said payment information, including medical insurance and payment information, such that said USB flash drive and smart card combination device is easily fitted with its wallet or worn on a necklace; b) providing a USB receptacle and means for emergency medical personnel, hospital staff and other health and medical personnel to view and alter the patient medical record; and c) providing a smart card and means for health and medical personnel to process said medical insurance and payment information, wherein said system will allow individuals to store said patient medical records and said medical insurance and payment information in a small credit card sized unit. The second claim is: the credit card sized USB flash drive or other device of claim 1 which provides a mechanism to encrypt patient data so that it can only be viewed by the owner when entering a passphrase, pin code or similar phrase via a keyboard. Once the card is developed to take this functionality into account, biometric information can be obtained.
It is known from the relevant prior art that patients and medical teams need to use medical data at any time when needed, but the us patent application No. 2008/0041940a1 and Walletex products do not need to cover several very important medical markets including the need for operational and safety features and capabilities when taken together to make a fully acceptable working solution. First, due to the sensitivity of medical records, their access should be highly secure and simple passwords or even biometric access permissions, as described at the end of the second claim of the above-cited us patent application, but without any supporting statements in the cited patent body, thus not being sufficient to ensure that a third party with negative intent is prevented from accessing the secure medical data of the user/patient. In addition, the card of the present invention does not allow any handset to be connected and accessed, particularly smart handsets, the number and types of which are growing rapidly, and in this regard such access capabilities are really needed in modern living environments, since wherever the user is located, these handsets need to be supported to maintain the user's ability to communicate continuous voice and data with various service providers and with medical support and assistance services. What is also missing in the Walletex apparatus and in the prior art of U.S. patent application No. 2008/0041940a1 is, in essence: the measurement and sensing capabilities required to authenticate a live person to the device user when the user is actually holding the device in his hand, thereby avoiding the possibility of using the user's access data, even a silicon copy of his fingerprint, to impersonate his presence and access to the user's secure personal information, which is true not only for medical personal records but also in more critical relevant cases such as access to financial records, private data records and categorized organizational records, if the user belongs to an organization and has special personal access permissions to highly secure information that needs to be carried around.
At the same time, it is strongly recommended that when access to sensitive medical records or other personal data files is allowed, the device has the functionality to automatically initiate an emergency call through the user's connected cell phone or through the user connected to a host computer to gain secure access to a remote computer center that may require emergency medical care or emergency evacuation of the user to a nearby hospital, when and if the measurements of the device holder's vital signs are not normal. The prior art has been directed to this requirement for personal emergency devices, but the related utility devices have not been successfully introduced into the market.
At the same time, there is also a need to create access levels that allow access to sensitive medical data stored on such devices, since the fine level of patient medical data and the data required by the medical rescue team differ from, and are much lower in content and detail than, the more detailed and professional medical data that a patient needs to access when arriving at a hospital emergency room for professional diagnosis and treatment.
Accordingly, there is a need for improved and enhanced access control capabilities, first of all to securely and efficiently authenticate said specific user before allowing said user to access sensitive personal data files, and then to securely and securely communicate and exchange said user's personal security data with other specific authenticated and pre-approved users, particularly with a multitude of registered and pre-approved service and private data providers, after authenticating said user with very high security and reliability.
Modern cell phones, known as smartphones, are often used as personal data storage and access devices and for applications such as holding the user's phone book and personal data records, etc., but a problem with this solution is that the model of modern cell phones changes frequently and these cell phones have many technical failures, often resulting in loss and damage of critical data of the user during repeated, maintenance and management procedures on the device, and during constant changes and upgrades of the cell phones and personal computers to newer models by the user. Therefore, a better solution is to separate the storage and management functions of the user's sensitive and private data from the communication and display functions of the handset. In particular, the importance of separating the storage function from the communication function of private and personal data can be confirmed, detected and clarified in the course of transferring all user's private sensitive activities and data that needs to be hidden and protected from one device to another. In this respect, it is desirable to have the user's private and data to be protected held in a separate device with a high degree of operability and reliability, which will enable the device to be continuously adaptable and act as a user's portable private data storage device through all changes, upgrades and maintenance cycles that the user makes to their cell phone and/or personal computer. The user's personal portable data storage device can be connected to and immediately communicate and interact automatically with the user's new or upgraded mobile phone, while at the same time it is desirable to enable the personal device to also connect and interact with the user's personal telephone and, if desired, the computer terminal with which it is operating.
If a user wishes to use the same device to store his own large personal database with a high level of sensitivity combined with financial and/or medical records containing text, images, audio, graphics and numbers, there is a particular need for the ability to combine to cover most, if not all, of the specific user, continually update personal data, financial, medical and other modern life management information and at the same time ensure that the stringent requirements for maintaining secure data are met.
With regard to these maintenance requirements of very high security and privacy and the user's sensitivity to the rapidly expanding technological means and the operational trends of exchanging financial-related data and conducting financial transactions over modern computerized communication lines and networks such as the internet and intranet, there is a need to improve the ways and methods of interaction over those networks that users currently use, since at present interaction is mainly done by simply providing and exchanging the user's name and password information, and as the only security protection way to make the user access financial institutions and banks, and then the user can be made to perform the required activities with high sensitivity and top-level security, such as performing actual financial and stock transactions. Therefore, there is a strong suggestion and need to provide new technologies that are more advanced and practical and based on the above approaches and solutions, provide and support enhanced and improved authentication, communication and data access, and execution of remote transactions, provide better exchange of personal financial data, provide enhanced security for sensitive and private information exchange, and provide more secure and reliable sensitive data storage and processing schemes. Currently, due to the lack of such improved security management solutions for financial transactions, there is a great opportunity in the market today for hackers and criminals to gain access to sensitive financial data and related financial resources of users and organizations, thereby giving hackers and criminals an opportunity to commit crimes involving a large number of false statement based transactions that actually use other users money. These criminal activities currently cause millions of dollars of direct loss each year to the compromised users and organizations and insurance companies that secure them through their banks and credit card companies.
In addition, there is a recognized need for a highly beneficial combination computer, internet and telephone communications system that supports multiple authenticated, sensitive and very private personal data access and storage of user personal, financial and medical data, and supports the daily needs of a plurality of said system pre-registered users, such that wherever a user walks, the user can access the system from this dedicated system by using the handheld device to implement and use the dedicated handheld device for secure communications and operations, and to securely communicate and operate its daily highly secure data transaction needs with a plurality of authorized, approved and protected service providers by using the system and adding data as a critical new element of highly desirable security support, wherein the handheld device has security and encryption as a combined multi-level personal data authenticator and personal and organizational sensitive and very private data Mass storage, and the mass storage is immediately accessible to a user holding the private device.
There is also a need for a highly secure computerized communication system. This system will only be open to pre-registered and enhanced security check approved customers, and system-registered customers can only access the system using the system advanced and pre-registered authentication management token concept, which is expected to significantly reduce cases of criminal activity for electronically performing financial transactions, better monitoring and detection of any such suspicious transactions, and quickly and easily track attempted hacking into the security system. System users can only interact with the security system by using their tokens, which will enable each system user to first verify their login in an optimal manner to fully authenticate and highly secure their interaction with the system, then track their transactions conducted and monitor the final execution of the transactions before the user finally approves and confirms the transaction.
Therefore, there is a strong suggestion and need for an operational and reliable solution that will support the need for secure communication and data management by multiple registered users through a dedicated system whose users will need to use private personal tokens recommended to them, and which can be used as a user's combined personal data authenticator as well as a secure mass storage and portable data storage and processing device for an individual or organization, and for secure and reliable access to the security system and an external database containing sensitive private information of system users.
Summary of The Invention
The embodiments and their related aspects described and illustrated below in conjunction with the systems, apparatus and methods are exemplary and illustrative and are not intended to limit the scope thereof. In various embodiments, one or more of the above-described limitations and the growing needs of emerging modern users have been addressed, reduced or eliminated, while other embodiments are illustrative of other advantages or improvements.
At the heart of the present invention is a new generation of advanced and highly reliable physically secure login and secure access support tokens, which are shaped in the size of a small palm, and which are handheld devices and are used to service and support the user's needs for secure access to modern computerized systems. The device of the present invention has integrated highly secure personal data communication and management capabilities, which incorporates a built-in multi-level user biometric parameter measurement and authentication module. At the same time, the device of the present invention fully supports the need for the user to achieve the capability of bi-directional communication of secure data and solid-state memory modules with very large data storage capacity, which form an integral part of and reside within the device of the present invention.
In accordance with the present invention, there is also provided a highly secure personal data storage and processing combination-integrated computer, internet and telephony components. The device of the present invention is dedicated to support the highly secure personal data processing needs of the system and its user, with at least two integrated built-in biosensors providing multiple security level settings, based on the processing of the user's set of biometric parameter measurements to measure the user's personally unique biometric parameters and further providing a highly reliable and secure authentication capability. The combined system allows multiple users to access very sensitive personal data files, local storage and remote data providers, as well as a highly secure personal data exchange and secure personal data storage. A registered user of the system may communicate and operate through the system dedicated to a plurality of specifically authorized service providers by using a dedicated hand-held personal data authenticator device with a built-in high security and encryption mass storage to enable the user's personal data storage capability to upload/download updated personal data of the device memory to/from an authorized service provider pre-registered in the system of the present invention. The device includes a large storage capacity solid state data storage module for storing personal data of users and enabling a single unique user to use the updated personal data. The device of the present invention can provide services to any user's private and personal levels, or secure data processing to service the employees and management layers of various organizations to securely manage all of the cross-organization's unique data, while each such employee uses the handheld device of the present invention as a highly secure key to access company's unique information. With respect to the use of the inventive system, each user of the inventive system will use the inventive device to provide it with the right to safely and reliably access the highly secured proprietary system of the inventive combination.
In accordance with the present invention, this highly secure communication system closed to the public provides a unique security and personal data management solution, i.e., the communication system is open only to pre-registered and enhanced security check approved customers or users. The system-registered client can only access the system of the invention using its advanced and pre-registered authentication management token, i.e. the device of the invention. This new concept is expected to significantly reduce cases of criminal activity that infiltrate financial computerized systems and use electronic means to conduct illegal financial transactions. Furthermore, it will better monitor and detect any such suspicious transactions and quickly locate and capture people intruding into the financial system with criminal intent. In addition, it can more easily track hacker attempts to log into the security system and disrupt its proper and proper function. System users can only interact with the security system by using their personal devices, which will enable each system user to first verify their login in an optimal manner to fully authenticate and highly secure their interaction with the system, then track their transactions made and monitor the final outcome of the transaction before the user finally approves and confirms the transaction. This means that only authenticated users may access the user's personal files and accounts and conduct any transactions using or through the user's personal files and accounts.
In another exemplary embodiment of the invention, a method of operating the system of the invention is provided, comprising the steps of: A) the system user firstly measures a series of groups of biological personal parameters and processes the measured values, and then uses the measured results for user authentication; then B) having the authenticated user manage their personal data while making the user fully accessible to their personal data and user personal data updated and stored in their personal device. The system of the present invention enables a user to establish secure and connected to a plurality of other such highly secure system users to perform the above-described processes for secure and encrypted data communications and exchanges with a plurality of dedicated, approved and highly secure service providers. Each inventive system user needs to use his personal and highly secure inventive device, with the need to use a dedicated personal or organizational data storage module with an integrated, highly secure and encrypted mass personal or organizational data storage module and all integrated, dedicated hand-held personal data authenticator within the inventive hand-held dedicated device, so that the user has secure and reliable access to the combined dedicated security system for processing and managing the secure personal data of multiple users.
The present invention will create a new reliable and secure communication and secure personal data exchange and update method for private users and organization personnel that is essential and lacking in the prior art for the handling, exchange and storage of highly private and secure data packets that support large volumes of individuals and/or organizations. The system and its method of operation also enable users to actively manage secure and reliable access rights to their highly sensitive personal databases of large storage data capacity, as well as to each registered data and files stored and continuously updated by service providers, while also using user private and secure memory partitions in the memory of the inventive system structured as a database of large data storage capacity. The user may wish to obtain new data from system memory and download it to the device of the present invention as his personal data storage device and decide which part to send to another system user or a particular approved and highly secure service provider.
According to another embodiment of the invention, a device is provided that integrates at least two special biosensors and physical parameter measuring means, that supports exclusively and exclusively personal biological and physical parameter measurements and authentications of the owner and user of the device, and that continuously performs a positive authentication procedure of multi-level biological personal parameters of a legal physical measured parameter predefined by the device. The device is always encrypted, allowing only personal data storage, access and data exchange of one specific user, a personal data storage of large storage capacity for its private users, and enabling the individual owner of the device to communicate and operate with a plurality of specially approved service providers through dedicated systems using a dedicated handheld personal biometric data authenticator and a built-in and integrated memory for secure and encrypted large volumes of personal or organizational highly sensitive and private data, each of the users of the dedicated systems using their own highly private device to enable secure and reliable access to the combined and highly reliable and secure system.
According to another embodiment of the invention, a device is provided which detects a potential emergency situation for a user when abnormal measurements of vital signs of the device holder are analyzed, so that the device can automatically initiate an emergency call to gain security access to a remote computer center by means of a cell phone to which the user is connected or by means of a message sent over the internet when the user connects his device to a host computer, and the remote computer center will request emergency medical care or emergency evacuation of the user to a nearby hospital. By means of the integrated electronics and communications of the device, the device can connect and communicate with the dedicated central secure personal data storage and management computer system of the present invention, either through a modern cell phone or any type of host computer, which will call the emergency department of a nearby hospital based on the location of the patient, which can be calculated by the user's location identification and information available from the inherent device location identification capabilities of any modern cell phone.
To better appreciate the benefits of users using the apparatus and system of the present invention, it is recognized that users often lose their own and important data files stored therein due to mechanical or electrical failure of the electromagnetic drive hard disk, or that failure or corruption of sensitive data files results from failure of the user's personal computer or smartphone. In many cases, another cause of high privacy and loss of important data is the problem of software failures running on the user's personal computer and smart phone, which is often caused by virus and advertising software infections in the user's computer or phone. The above problems can be eliminated or at least substantially reduced if the user uses the apparatus of the present invention having a solid-state memory with an ultra-large data storage capacity as a backup memory for his/her support of daily needs. The device of the invention thus fully supports the modern user's need for highly reliable and secure data solid-state memory and prevents virus intrusion by means of embedded, relevant and advanced anti-virus anti-advertising software, and the DB (database) of the software is automatically updated each time the user connects his device to the system or to the network via his personal computer. Another typical reason for the frequent loss of sensitive and important data files is the habit of modern users to frequently change or upgrade their host computers, as well as frequent changes in the model of the user's handset. Whenever this happens, the user loses sensitive data, such as a phone book stored in the changed device. This occurs primarily because the user or the associated cell phone service provider or cell phone provider has not taken full consideration and has not made a professional and comprehensive backup of the stored data prior to changing the computer or cell phone. Most users encounter situations where the contents of their electronic phonebook are compromised, if not completely eliminated, when the user upgrades the handset. The saving of all user's sensitive data, such as his medical records, financial records, credit card access data, phone book, etc., in the user's inventive device will prevent the loss of his sensitive personal data files by modern users in the case of the above frequent system failures and resulting data loss, wherein the inventive system will always create a memory of backup files in his personal device for each file stored by the user.
Thus, the device of the present invention can integrate all of the user's data storage needs into one small portable device, and the device can store sensitive data in a secure access and encrypted format structure.
In recent years, there has been an increasing trend to concentrate all modern users' communication needs in their smart phones, if data is put in a separate device with the mobile functionality and capabilities of the inventive device, the storage capacity and security of the data accumulated by the users in their daily lives can be better managed and protected.
Therefore, modern users can obtain the best solution to meet their daily needs by only carrying their smart phones and the device of the present invention with them every day. Even in the event that the device of the present invention is lost or stolen, the data in the device and the user's access to other service providers, such as the user's financial institution, etc., will be protected and no one other than the user owning this particular device will have access to its sensitive data.
The device can also be used to process fully secure financial transactions, since a high security and reliability of the overall data processing is obtained with the device, while all records of the transaction phases and partners are stored in the device memory according to the invention and in the system server memory according to the invention.
In a preferred embodiment of the device of the invention, the device is used for managing data and document files stored in the device that are personal secure, and the device comprises: A) a sensor module comprising a plurality of biometric sensors for reading a plurality of personal biometric parameters of a user holding the device, the device being uniquely identified by the user; B) a processing module in communication with the sensor module for processing the personal biometric parameters and for processing and managing personal and secure data and document files associated with the user; C) an authentication unit in communication with the processing module configured to receive and authenticate the identity of the user by comparing the personal biometric parameters of the user read by the sensor module and processed by the processing module with a pre-recorded set of personal biometric parameters stored in the authentication unit; D) the encryption module is communicated with the processing module and is used for encrypting, compressing, decompressing, encrypting and decrypting the data file of the user; E) a memory module in communication with the processing module and the encryption module for storage of the user's data and document files; and F) communication and data connection means, in communication with said processing module, for connecting said apparatus connection with an external device; wherein the stored personal data and document files of the user associated with the unique user are accessible only after positive authentication of the personal biometric parameters of the user by the authentication unit.
In another embodiment of the inventive apparatus, the plurality of biometric sensors integrated by at least one of said apparatuses is a vital signs detector, wherein said vital signs detector is configured to measure and record vital signs parameters of at least one of said users.
Further, in another embodiment of the device of the present invention, the vital sign parameter of at least one of said users is measured by any one of a set of vital sign indicators, and the set of vital sign indicators comprises a body pulse rate measurement indicator, a body oxygen saturation indicator, a body heat measurement indicator, a galvanic skin activity indicator, a body respiration indicator and a body or emotional pressure indicator.
In another embodiment of the apparatus of the present invention, when any one of the set of vital signs indicators detects a critical level, the apparatus is configured to initiate an emergency call to any one of a set of registered emergency centres and to send any one of a set of data files containing information relating to the user to the registered emergency centres, the set of data files comprising an identification data file of the user, a personal medical data file of the user, a set of measured values of vital signs parameters of the user and a location of the user.
In another embodiment of the device of the present invention, the device has an integrated emergency button in communication with the processing module and the communication and data connection means module of the device; when the emergency button is activated, communication is initiated between the device and any one of a set of registered emergency centres, an emergency call from the device sends any one of a set of data files containing information relating to a unique user of the device of the invention, and the set of data files includes identification data of the user, a personal medical data file of the user and the location of the user.
Further, in another embodiment of the invention, the device further comprises an integrated software module that can automatically detect the operating system of a computer or cell phone connected to the device through any one of a set of communication devices connected to the device, wherein the computer or cell phone has a keyboard and display unit associated therewith such that the user can interact with the memory module and the processing module of the device through the keyboard and display unit, and the computer or cell phone is configured to utilize and interact with the memory module, the processing module and the sensor module of the device.
In another embodiment of the present invention, there is provided a method for managing personal and security data and document files of a plurality of unique users, any of the unique users having a personal identification unit uniquely associated with the user to store personal data and document files of each user, and each of the personal identification units comprising: a sensor module comprising a plurality of biometric sensors; a processing module in communication with the sensor module; an authentication unit in communication with the processing module; an encryption module in communication with the processing module; a memory module in communication with the processing module and the encryption module; and a communication and data connection means in communication with the processing module. The method comprises the following steps: a.) the sensor module reads a plurality of personal biometric parameters of a user holding the device; b.) the authentication unit comparing the user's personal biometric parameters to a pre-recorded set of personal biometric parameters stored at the authentication unit; and c) if the authentication unit positively identifies the user, allowing the user to access the user's personal data and document files stored in the memory module and allowing the user to communicate with other communication means through the device.
In another embodiment of the present invention, a system for managing personal security data and document files of a plurality of unique users is provided and includes: A) a system manager for managing and updating personal data of a plurality of unique users of the system and communicating with each of the unique users; B) a memory subsystem connected to said system manager for storing updated personal data for each of said unique users; C) a plurality of personal identification units, each of said personal identification units associated with a unique user, each unique user registered with said system manager, and a personal ID data file for each unique user stored in said memory subsystem; D) a plurality of host computers and handsets in communication with said system manager, such that said system manager establishes direct connections with said plurality of unique users through their respective personal identification units; and E) a plurality of registered emergency centers and a plurality of registered service providers in communication with said system manager, said plurality of service providers including banks, credit card companies, insurance companies, clinics, hospitals and medical insurance companies, governments, municipalities and utility entities and selected web sites that said plurality of users frequently visit; wherein said system manager is operable to access and communicate with personal data and document files stored in said personal identification element associated with each said unique user and personal data and document files stored by said group of service providers only after positive authentication of said unique user's personal biometric parameters by said authentication element.
In another embodiment of the present invention, there is provided a system for managing personal security data and document files of a plurality of unique users, and the system further comprises: a computerized call center configured to receive telephone calls or emergency voice and data messages from any of the plurality of registered emergency centers and a plurality of registered service providers and to communicate with any of the plurality of handsets and host computers; wherein the call center is configured to communicate the location coordinates of the user with an emergency team, while the call center is configured to communicate with any of the plurality of registered emergency treatment centers and a plurality of registered service providers to receive updated medical data of the user and to transmit the data to the personal identification unit of the user.
Brief Description of Drawings
The invention will be illustrated below with reference to the accompanying drawings, in which:
FIG. 1 is a schematic diagram of one embodiment of the present invention in relation to a highly secure personal data specific communication and management system according to the present invention;
FIG. 2 is a block diagram of one embodiment of the present invention relating to one possible conceptual modular structure of the apparatus of the present invention and its internal sub-module layout and function;
FIG. 3 is a schematic view of an embodiment of the apparatus of the present invention relating to the appearance and function of conceptual external devices of an embodiment of the apparatus of the present invention;
FIG. 4 is a schematic diagram of one embodiment of the present invention relating to one possible flow chart of the process of use of the device of the present invention, and the process interface is connected to a cell phone or a host personal computer to enable various operations between the cell phone and the device while using the display and keyboard hardware and functions of the cell phone or the host personal computer;
FIG. 5 is a schematic representation of one embodiment of the present invention in relation to one possible flow chart of the use of the apparatus of the present invention for interaction with the system server of the present invention, beginning with the authentication of the user and ending with the stage where the user is granted access to the data of the system server and further interaction with the system;
FIG. 6 is a schematic representation of one embodiment of the present invention in relation to one possible flow chart of the mode of use of the system of the present invention, wherein a user employs the apparatus of the present invention to interact with the server of the system, beginning with the stage where the user is granted access to the system server data and further interacts with the system of the present invention to perform various types of secure financial transactions;
FIG. 7 is a schematic representation of one embodiment of the present invention in relation to another possible flow chart for use with the system of the present invention, wherein a user employs the apparatus of the present invention to interact with the server of the system of the present invention, beginning with the user gaining access to the system server data and further interacting with the system to perform highly secure import and export storage and processing of personal medical files;
FIG. 8 is a schematic representation of one embodiment of the present invention in relation to another possible flow chart for use with the system of the present invention in which a user employs the apparatus of the present invention to interact with the server of the system of the present invention, beginning with the user gaining access to the system server data and further interacting with the system of the present invention as needed to perform the uploading and downloading of any user's personal data files; and
fig. 9 is a schematic diagram of an embodiment of the present invention in relation to a dedicated device for charging and data backup operation of the inventive device, showing one possible conceptual modular structural block diagram and internal sub-module layout and function of the inventive device's functional capabilities.
The present invention will be described in further detail below with reference to the detailed description of embodiments and the accompanying drawings.
Detailed Description
It would therefore be highly advantageous to have a highly confidential combined personal data and information management and storage solution at the user's personal portable device level as well as at the multi-user system level, which would enable the user to have improved and highly secure personal or organizational data access, storage and management, both local and remote, and serve the everyday needs of accessing secure and highly confidential data for private users as well as employees within large organizations.
In the following description, various aspects of the present invention will be described in detail. It should be understood that the specific details set forth herein are for the purpose of providing a thorough understanding of the present invention. It will be apparent to those skilled in the art that the present invention is capable of many other embodiments and that many more details can be devised without departing from the basic scope thereof. Accordingly, the scope of the invention is not limited by the drawings and the description, and is only determined by the broadest interpretation of the claims.
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention.
Unless specifically stated otherwise as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "storing," "computing," "communicating," "authenticating," or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, electronic, quantities within the computing system's registers and/or memories into other data similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices.
The invention can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements. In a preferred system embodiment, the invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, and the like.
Embodiments of the present disclosure may include apparatuses for performing the operations herein. The apparatus may be specially constructed for the required purposes, or it may comprise general purpose computer control means selectively activated or reconfigured by a computer program stored in the computer.
In addition, the invention can also take the following forms: a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any other instruction execution system. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
The data processing, management and storage systems of the present invention, and the devices of the present invention are also suitable for storing and/or executing program code, and may include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed when actually executing program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code is retrieved from bulk storage during execution. Input/output or I/O (input/output) devices (including but not limited to keyboards, displays, pointers, etc.) can be coupled to the system either directly or through intervening I/O controllers.
The present invention relates to a system, apparatus and method that combines and supports highly secure data encryption, storage, transfer, management and processing of personal sensitive data, and is implemented by the computer, internet and telephone communications based proprietary system of the present invention. To support the system and its registration and pre-approval of the user's secure access needs, the present invention provides a device with an integrated built-in multi-level biosensor for collecting and measuring devices with user personal parameter measurement data. The inventive device is used for highly reliable, secure and approved authentication of the device owner. The present invention combines a proprietary system that enables a plurality of similar such pre-approved users to access very sensitive personal data, exchange personal private data, and store personal private data, and to communicate and operate with a plurality of specifically authorized and pre-approved service providers through the proprietary system. The system registered users use their dedicated handheld devices or appliances as highly reliable and secure access keys, and the dedicated devices may serve as personal data entry authenticators for each system registered user. The device has a built-in, highly secure and encrypted mass storage and solid state data storage module located within the personal or organised hand-held compact dedicated device. Each pre-approved user of the system of the present invention needs to use his specific personal and private inventive device to enable said user to safely and reliably access the combined and highly secure proprietary system of the present invention.
The principles, construction modules, and arrangements of functional modules, as well as the functional operations of the systems and apparatus of the present invention, may be better understood with reference to the drawings and the accompanying description.
Referring now to the drawings, FIG. 1 is a diagram of a proprietary system 300 in which pre-authorized users may gain access to the system through a system server based on any one of multiple user I/O terminals 362, or through a host personal computer 360, or through a digital landline telephone 365, or a cell phone unit 355, according to one embodiment of the present invention. Secure access to the system is only possible after the user has passed a series of at least three biometric parameter measurement and verification processes performed by the user device 350.
305 is a typical fixed telephone communication network infrastructure to which a user having the apparatus 350 of the present invention can connect to a digital smart phone terminal 365, wherein the digital smart phone terminal 365, which is land-line based, is connected to the system manager 335 through the switch 320, the fixed telephone network 305 and the general communication multiplexer submodule 330. The user may connect his device 350 to a smart phone 355, which in turn is connected to the cellular infrastructure network 310 through a switch 325, and the cellular infrastructure network 310 is connected to the system server 335 through a general communication multiplexer sub-module 330. Another system user may access the system 300 by using his personal device 350 connected to a computer terminal 360, said computer terminal 360 being connected to an internet communication system server 345 via an internet network 370. 340 is a mass storage subsystem of the system 300 of the present invention for storing and managing the entire terabyte order of the typical memory capacity of the system 300 and containing personal data of all system 300 users in a highly secure, protected and encrypted format.
The overall system 300 is controlled and managed by a computerized server and manager subsystem 335, which can securely send, receive, process and store ID (identification number) data and secure large storage capacity personal private data for all the set of system users to be stored 340 in the storage subsystem. The system interfaces its behavior through the internet infrastructure 370 using the system web server 345. The multiplexer submodule 330 enables the central system server 335 to communicate and transfer data from the land line and cell phone networks 305 and 310 through the switches 320 and 325, and to multiplex the data to the system servers through the multiplexer submodule 330. The system server 375 is another server subsystem of the system 300 multi-user data management center that manages the secure connections and communications of the system through a secure firewall gateway protection switch 380 and communicates the system securely with a plurality of pre-approved government agencies, municipalities and other selected secure service and product procurement suppliers, as well as with external personal storage databases with which the system requires secure communication and exchange of data associated with a plurality of registered users, through the internet or a plurality of dedicated point-to-point data communication lines and channels 386.
The server 375 is also responsible for managing communications between registered banks, insurance institutions and other financial institutions with the large accumulation and constant updating of highly secure personal data associated with each system user through a secure firewall gateway protection switch 382, the firewall gateway protection switch 382 manages the secure connections and communications of the system through the internet or through a plurality of dedicated point-to-point data communication lines and channels 388, and the system 300 requires communication with registered users of each system 300 and the downloading and uploading of data associated with the users.
The server 375 is also responsible for managing communications between registered hospitals, healthcare insurance companies, clinics, medical laboratories and medical imaging centers that generate, accumulate and continually update highly secure personal medical data associated with each system user in large quantities through a secure firewall gateway protection switch 384 that manages the secure connections and communications of the system through the internet or through a plurality of dedicated point-to-point data communication lines and channels 390, and the system 300 requires communications with registered users of each system 300 and downloads and uploads user-related data.
The system 300 has an emergency management integration that allows registered users of the system to immediately connect to the system in the event of an emergency. When the device 350 is connected to the cell phone 355 or host computer 360, an integral dedicated emergency button on the user device 350 can be pressed to initiate the connection. In this case, a connection sequence is created between the user device 350 and the system server 335', and the system server 335 then identifies this connection as an emergency message and transmits it directly to the emergency server 345. The first aid message includes a data packet of medical and user ID details that are continuously updated stored in the device 350.
The user emergency messages will be forwarded from the emergency server 345 to the system's ad hoc control and emergency management center 348, which will be manually managed on a regular basis to handle and manage the user's emergency in the best way. The hub 348 would then select and call the most relevant and geographically closest medical rescue team to the user, and the final destination hospital or medical center, through the first aid management network 392 and provide the emergency rescue team and hospital with the user's name and ID data, their current geographic location, and all personal and medical data files stored in the system memory associated with the user. The hospital will receive a complete set of health and medical related data files stored in system memory for a particular user, while the rescue team will only have access to the first aid data package stored on user device 350. When emergency center 348 is not a person, emergency center 348 may also operate automatically without manual intervention by dialing a national medical emergency services telephone number and broadcasting to it in a synthesized voice the contents of the emergency message created and generated by subscriber personal device 350, etc., and simultaneously transmitting the same to the department of the national emergency center website dedicated to receiving the emergency message. When a user is connected to the system through his/her mobile phone, the apparatus of the present invention can detect whether the connected mobile phone has a built-in GPS (global positioning system) unit. Since most smart phones commonly have a GPS, the device controller can read the current location of the user from the phone and, in case of emergency, can also send the current location data of the user to the emergency management center 348 of the system to inform the rescue authorities of the information.
Fig. 2 shows a block diagram layout of the inventive device and of one possible block diagram layout of the user operations of the device in relation to the communication and storage of secure data using the device in a preferred embodiment of the inventive device.
The apparatus 100 includes at least 5 different main and basic sub-modules and may also include any combination of 5 additional optional sub-modules, each providing relevant parts and special functional features, as well as special functions and capabilities of the apparatus of the present invention. The device 100 is preferably of a compact size and as light weight as possible, is ergonomically designed, any potential user can easily hold and operate the device 100 in one palm, and the device 100 can be easily attached to a USB or host computer like data communication interface or cell phone. To support the need for reliable operation of the device 100 in at least several years of everyday use, it can be designed to have the same high shock resistance and vibration resistance as modern cell phones, while also being waterproof, high temperature and industrial technology level and resistant. For a particular user in heavy duty applications, the device can be designed to be built-in, waterproof, able to withstand large amplitudes and ranges of vibration and shock, and suitable for a wide range of operating and storage conditions.
Module 110 is the connection support for the host terminal, handset and other accessories of the device. The module 110 may include any combination of a standard USB type and/or non-standard data connector 112 extending out of the device housing, a wireless bluetooth communication interface 118, an RF (radio frequency) medium connected to a short-range communication interface 117, and another in-house IR (infrared) communication interface 114 for data communication and interfacing with the outside, which supports fast, low-cost contactless communication, and physical connection with any computer terminal, cell phone device, ATM (automatic teller machine), vending machine, and the like. Such a connector may be a USB data connector 112 integrated in most standard PCs (personal computers), laptops and mini-USB, or a compatible mini-USB data connector 116 found in all modern smartphone models. The apparatus of the preferred embodiment shown has a bluetooth wireless communication interface circuit 118 in the terminal connection unit 110 so that it can easily and quickly communicate data and contactless short range connections with most commercially available cell phones, as well as some models of notebook computers with built-in wireless bluetooth data communication capabilities, and can communicate contactless data with all modern PC and notebook class host computers through available bluetooth USB plug-ins, token/dongle class devices.
Module 120 is a module containing a set of biometric sensors dedicated to authentication by the device, wherein in the preferred embodiment of the figure, the device includes two biometric sensors having different imaging-based optical characteristics. Sensor 124 is an imaging camera-based sensor that can image a user-specific facial pattern or the user's iris of an eye and generate a set of parameters specific to the user's facial pattern or its iris structure and pattern and based on processing and compression of the specific user's facial or iris pattern and color. The imaging sensor 124 may be a conventional two-dimensional black and white solid-state miniature camera, or similar color camera, or a three-dimensional imaging camera integrated based on two stereoscopic images or three-dimensional imaging components, or laser holographic imaging of the user's three-dimensional facial pattern. Pressing the camera on/off button activates the camera sensor 124; in the event that the user needs to pass the authentication process, button 196 is pressed. The camera will work until a high quality image is acquired with the facial features of the user, processing the parameters of the user specific facial structure. After the facial image of the user is acquired, the camera is powered off to conserve the battery power of the device. The user can turn the camera off at any time by pressing the button 196 again if desired without turning the camera off.
The imaging sensor 126 is one or more fingerprint sensors for imaging and analysis of one or both user fingerprints. The sensor 128 is a biological vital sign detection and measurement dedicated electro-optical sensor that is implemented by projecting diode laser illumination onto internal blood vessels of the palm of the user holding the device and detecting, processing and measuring reflected back optical signals originating from these blood vessels, which can measure the heart beat pulse rate of the user while holding the device in the palm, and can also measure the oxygen (O2) content (%) of the user's blood at that time. Both sensors are based on a single electro-optical unit that projects a laser or LED (light emitting diode) light on the palm of the user's hand, and then screens and analyzes the modulation of the retroreflected light to calculate and monitor the oxygen content in the user's red blood cells and pulsatile fluctuations in the blood vessels due to the user's heart rate. If the user is under stress, as in the case of forced use of the device by another person, his blood pulse rate will be out of the normal range and the device will not stop the process of positive authentication until his heart rate is again normal for a predefined period of time. The sensor 128 is an adaptive sensor that measures the user's heart rate and intelligently moving averages the resulting changes in heart beat pulse rate in a timely manner each time the user uses it, and takes the average as an adaptive threshold that is specifically adapted to the typical or normal heart rate of the individual user of the device. The oxygen content portion of the sensor will measure the health of the user and will stop the authentication process if there is any sudden change in the measured oxygen content, and will also stop the authentication process if the measured oxygen content is not within 90-100% of the normal range of oxygen content.
Another possible embodiment of the inventive apparatus may include optional vital parameter measurements indicated by one or more sensors that may be substituted or added on top of the sensor 128 to detect signs of normal or abnormal mood of the user, and which are referred to as impact sensors. They are used to detect information about the user's emotional, cognitive and physiological arousal. These sensors are coupled with algorithms specifically designed and used to distinguish and classify patterns associated with the emotional state of the user. A set of devices may include sensors to detect physiological signals such as electrodermal activity and respiration.
The electrodermal activity may be measured by a skin voltage sensor, such as a sensor developed by infusion systems, inc, quebec, canada, that acquires skin surface voltage-a biological wave.
Another similar sensor is the Skin Conductance (SC) sensor flexible/professional sensor SA9309M sold by WorldWorks infinity, usa, california 95404. The ability of such sensors to measure the electrical conductivity of the skin applies a small voltage imperceptible to the user through two electrodes, typically connected to two fingers of one hand, creating an electrical circuit in which the user becomes a variable resistance. The real-time change in conductivity, calculated as the inverse of the resistance (an optional measure of galvanic skin response), will reflect the change in activity of the user's sympathetic nervous system. The conductance of the skin may also increase or decrease proportionally, as the user may be more or less stressed. Skin conductance, galvanic skin response (EDR) and galvanic skin response (EDR) are different terms for similar physiological measurements. The standard conductance measurement unit is called siemens. Skin conductance was measured using microsiemens. Some biofeedback systems display skin conductance in femme.
Module 130 is a hardware and software combination module that includes a sub-module 140 of the device that digitizes and processes the outputs of a set of sensor modules 120 for final user authentication, and then combines the measurements of the multiple sensor detection outputs into a final "pass/fail" user authentication result. A positive authentication result can be obtained only if a positive result is obtained from all of the at least three biometric parameter measurement sensors 124, 126, and 128. The module also includes a sub-module 150 for storing a set of data files that are defined by the user as private but not secure, so that the data files can be stored in the original digital format without encryption. These data files may store the full name of the device owner, the identification or national security number, the passport number, the driver's license number, the date and country of birth, the address, and any similar information present in the user's various cards and photographs. For example, in the event of an accident, such a photograph and other information, such as height and eye color, etc., will be sent to the rescue team as highly reliable patient identification information. It may also include primary medical data private to the device owner that may be needed in an emergency to make a preliminary visit. For example, the data may include medical data such as the user's blood type, sensitivity to medication, chronic disease, last standard blood test results, and recent medical data of the user of the owner of the device 100. It may also include the name and contact details of the selected relative/contact that the rescue/medical team would call in an emergency situation, and the contact details of his personal doctor in case the user has a chronic illness, such as that of the heart or stomach.
The medical emergency team may have a special token that can be connected to the USB plug 112 in the device and when needed, the emergency button 192 can be pressed and then the emergency data stored by the device 100 stored in the sub-module 150 along with the user's picture will be automatically downloaded to the emergency team's special token to verify that the user's device belongs to this particular user. The emergency button 192 may be pressed by the device 100 user himself if the user feels uncomfortable or is in an accident. The controller module 160 of the device 100 may then authenticate the user each time the user holds the device 100 and presses the panic button 192. At this stage, the user name, its ID data, and the user emergency medical data stored in memory module 150 are sent to the server of the system of the present invention and from there to emergency control room unit 348.
From the emergency control room unit 348, the emergency call will be forwarded to the various medical units over the network of dedicated communication lines and the internet network infrastructure. Emergency care services using the emergency control room of the system and associated users may enable users or control room managers to provide reliable and faster services to assist emergency rescue teams and to provide first aid and other types of assistance from a plurality of medical assistance units.
When the device 100 needs to communicate with the outside through the cell phone 355 or the host computer terminal 360, a command is first sent to connect the user's device to the internet. The device 100 then sends to the website of the selected service provider the data required to connect the user to the particular website, including the user name and password registered by the user at this particular website, and the account or membership number required by the financial institution. In some cases, when connecting to a service provider's website, the service provider's website administrator may require the device to provide another data file that can identify the specific device of the legitimate registered user by transferring a file containing the unique embedded ID number of the specific device and its user ID data. If desired and required, the additional data file may also include the user's identification number, and/or national security number, and/or passport or driver's license number, so that a receiving entity, such as a medical institution or bank, may compare this data with the parameter data stored in the memory before it initiates a secure personal data exchange with the device and user.
The module 160 is a central controller and data processing unit of the device 100. Unit 160 is an advanced new generation low power CPU (Central processing Unit) processor such as an ARM (advanced reduced instruction set machine). ARM is a 32-bit Reduced Instruction Set Computer (RISC) having an Instruction Set Architecture (ISA) provided by the technical company, cambridge, england, at the headquarters for ARM control. The relative simplicity of the ARM processor makes it suitable for low power applications and a preferred CPU solution for mobile and portable electronic devices.
The module 160 will control the operation of all device sub-modules but will also perform encryption and decryption data processing work through the sub-module 172, the work being performed by the memory sub-module 172 and being based on the storage and retrieval of highly secure user personal data files stored in the secure mass memory sub-module 174. Module 160 will also perform the required data processing by sub-module 140 and based on the output of the device integrating at least 3 biosensors. The module 140 will store for reference the original initial registration step of the registered user and the output of the biosensor measurements, and the module 140 will also process a formatted reference file of authentication parameter output data obtained from the sensor reference output. Module 160 will create, via authentication sub-module 140, an authentication procedure and associated decisions required to allow only the legitimate owner and user of the particular device to operate device 100. Module 160 also contains sub-module 168 which serves as an interface circuit for emergency button 192 which triggers processing of the stored data of module 150 and creation and transmission of user private and dedicated medical emergency data packets when emergency services and rescue teams and system emergency centers 348 are required.
The module 160 also includes an embedded SW (software) sub-module 162 that has the functionality to support the device 100 to automatically adapt to establish two-way communications with all commonly used Operating System (OS) software packages resident on an external host computer or handset to which the user device 100 is connected. It is highly desirable that the automatic adaptation by the device controller unit 160 be made to quickly adapt to the external CPU OS so that it can cooperate with the host or handset in a simple device data update and management process, or in most cases, communicate with other users or systems through the secure communication and personal data storage and management system 300 of the present invention; in most cases, communication with the outside world is required. Such OS auto-id, interface and communication SW packages resident in sub-module 162 may automatically identify, adapt and interface with any host computer running microsoft Windows, or Mac OS, or Unix OS resident therein, or with the OS of the handset, having Symbian, or Android, embedded Linux, Palm, or blackberry OS, advanced handsets using these common software are known as smartphones, or with the data connection sub-module 110. RIM
Operating systems provide a large number of services for applications. Applications may access these services through Application Programming Interfaces (APIs) or system calls. By invoking these interfaces, applications can request desired services from operational requirements, pass parameters, and receive results of operations. In the case of a host computer being a large system, such as a typical terminal 360 for a group of multi-array terminals including a Free Unix variant of http:// en. wikipedia. org/wiki/Free software, such as the Unix-like systems of GNU/Linux and BSD, the user interface on the host side will always be executed by software running outside the host operating system. In some other OS-like operating systems, the window manager may be part of the operating system itself.
Servers typically run Unix or some Unix-like operating systems, while the embedded system market is dominated by several operating systems, currently 90% of the client PC market uses the microsoft Windows family of operating systems, while other clients' OS include Mac OS or google Chrome OS or other host-like resident OS.
Although device controller unit 160 may automatically detect and adapt to communicate and interact with all commonly used operating systems that manage a host or handset connected to device 100, unit 160 may interface with an external host computer or handset to which the device is connected, and may be connected in a manner that does not take into account the type of host computer or handset to which device 100 is connected. All display screens displayed on the host computer display or the cell phone display and the operating function selection menus supported by device 100 may look the same and have the same function.
The device 100 of the present invention maintains in its controller operating memory a private data packet 164 that is capable of identifying (via the SW module 162) the host computer or cell phone operating system to which the device 100 is connected. The SW package 164 will automatically switch all interactive screens and menus prepared and stored by the device 100 to accommodate the detected operating system of the host computer or cell phone, and the dedicated SW package 164 will automatically calibrate in the device 100 to accommodate the SW module that the host or cell phone interfaces with, so that when the user views the host computer or cell phone screen, the screens and menus displayed on the host and cell phone screens will always be the same regardless of the type and model of the particular host or cell phone to which the user is connected.
The mass storage secure data module 170 includes an encryption SW and hardware submodule 172 for encrypting and compressing the user's highly sensitive private and personal medical and financial data files and performing inverse decompression and decryption operations on the secure personal data stored by the submodule when required.
To ensure that the encryption process is highly immunogenic to potential hackers attempting to crack the encrypted code and read the highly secure data of the user of the device 100, the encryption keys required to encrypt and decrypt the secure data in the sub-module 174 will be stored in separate special memory partitions in other memory modules 150 having secure memory storage structures, and in a manner that will make it difficult for hackers to locate and use the encryption keys in an attempt to crack the encrypted code on the data stored in the secure data memory sub-module 174. Sub-module 150 is part of a mass memory and authentication module 130.
The device user sub-module 174 is a very large data storage medium based on solid state memory chips, preferably but not limited to flash memory type. An alternative solution for the sub-module 174 is a new generation of swappable multi-user memory device, namely nano-RAM. nano-RAM is a computer memory technology specific to the company nantro. It is a non-volatile random access memory based on the mechanical position of carbon nanotubes deposited on a chip-like substrate. Theoretically, small size nanotubes can enable ultra-high density memory. Nantro may also be abbreviated as NRAM.
The typical memory space required for the sub-module 174 will be in the range of 16-256 gigabytes of data storage capacity and is preferably configured with advanced memory components, such as NRAMs, to have data storage capacities of up to several hundred gigabytes and scalable to millions of gigabytes of compressed data storage capacity as required by a particular user, while still maintaining its very compact and miniature physical volume so as to be usable in compact handheld devices, such as the device 100.
Sub-module 190 is an RFID (radio frequency identification) receiver and transmitter unit that enables remote identification of the device and its user by other systems having an integrated RFID unit. The sub-module 190 may support the use of the device 100 as an electronic contactless key to allow reliable, secure and easy access through secure access and doors, and in other cases secure and remote unlocking and locking of keyless RF (radio frequency) operated door locks and automobiles in private homes and offices by pressing the RFID button 197 using the device 100.
Sub-module 198 is an RF transceiver unit that can receive encoded RF commands originating from a dedicated charger and data backup unit 1000 (shown in fig. 9) of a remote device. The unit 1000 is typically located in close proximity to the device 100. Once the sub-module 198 is triggered by a coded RF signal from the charger and data backup unit 1000, the electronic sound buzzer circuit 166 located in the controller module 160 is operated to quickly and easily discover and locate the device 100 by the individual user of the device.
Units 115 and 113 may constitute a combined power supply and multi-voltage electronic power supply sub-module of device 100. The unit 115 may be a lithium, NiCd or other dry rechargeable battery that is located in a battery housing and can be opened to charge the battery when needed. The connector integrated in the module 110 can be plugged into the dedicated device 1000 for charging and memory backup, thereby charging the battery 115 and connecting the unit 115 to the terminal 110. The power supply unit 113 may supply all voltages required by the electronic module 160 and the memory modules 130 and 170; it can also provide the voltages required by the sensor unit 120, the RF transceiver and the RF ID units 198 and 190. The main switch button 199 of the apparatus controls the operation of the switching state of the power supply unit 113, and implements the switching operation of the entire apparatus 100 therethrough.
In another preferred embodiment, the device 100 may include an optional additional GPS (Global positioning System) module 180 connected to the controller module 160 through a data bus sub-module 182, wherein when the user presses the emergency button 192 in an emergency or when the device integrated biosensor module 120 detects an emergency based on the device user's medical abnormal condition, such as the user's pulse rate and blood oxygen saturation are well outside the normal range, and when the user holds the device in the palm of the hand and the device 100 is connected and communicates with the system 300 through the user's cell phone or any computer host connected to the Internet, the GPS optional module 180 will cause the device 100 to accurately measure and calculate the instantaneous precise geographic location of the device and its user. In this case, the urgent update packet stored in the dedicated processing and storage submodule 150 managed by the manager module 160 will be transmitted to the system server 345. Data of the emergency will be forwarded from the system server 345 to the system specific control and emergency management center 348 to handle the notification of the user's emergency, and then the emergency management center 348 will select and invoke the most relevant and geographically closest medical rescue team to the user through the emergency management network 392 and provide it with the user's name and ID data, its current geographic location and all personal and medical data files stored in the system memory associated with the user.
If the system 300 does not respond, the device controller 160 will auto-dial through the connected handset, connect the national medical emergency call center number, and the synthesized voice generated by the special synthesized voice circuit of the controller 160 indicates the geographic location of the particular user and the stored medical data packet for the emergency. Alternatively or simultaneously, when the device 100 can be connected to the internet by a user via a host computer or smartphone, the device will connect to a website of national emergency medical services via the host or smartphone and send an emergency notification and a data file including the user name and ID data and all personal and medical data files for the user stored in the unencrypted and accessible memory sub-module 150 of the user device 100 to the website.
It should be noted that in order to locate the device and its user, in the user's emergency medical situation, when the user connects his device 100 to the cell phone 355, the user's location may be automatically calculated and transmitted to the user's device 100 by the cell phone service provider. Currently, most mobile phone service providers offer such mobile phone location services. Such connections have been explained above in the relevant portions describing the structure and method of operation of system 300. Thus, the GPS sub-module 180 of the device 100 may be selected when more accurate user geolocation data is desired, and the GPS sub-module 180 may also be integrated into the device 100 for users who wish to provide more accurate location indications for rescue teams and medical teams in emergency situations.
Device 100 may include two additional optional modules in its modular structure, as well as GPS optional module 180. An additional optional module 185 may be a display and touch screen optional module 185 that allows the user to communicate with the remote system 300 directly using the device 100 and access and communicate with external service providers through menus and data entry to the internet without having an external cell phone or connecting to a host computer. The touch screen module 185 will communicate with the device controller module 160 through the bus 182 and the interface sub-module 169. The third optional module 195 is a cellular modem that functions as a device data communication module, which when connected to the device computer controller module 160 via the data bus 182 and the interface sub-module 169 will support the full operation and execution of all the device 100 functions without the need to connect to an external host computer or to connect the device to a cell phone. The integration of optional modules 195 and 185 may result in disadvantages such as requiring a larger device size, which results in more power consumption and reduced battery charge life, higher price and operating costs due to the handset capabilities and the need to register with the handset company, and more importantly, very limited user interaction due to the small size of the device display and visual keypad.
Another preferred embodiment of the device of the present invention is related to the physical structure, design and appearance of the device and illustrates a preferred solution for integration of multiple sensors and associated I/O (input/output) interfaces in the design and structure of a particular embodiment of the device 100, as shown in fig. 3A and 3B.
Fig. 3A shows a front view 200 of the device showing a front side view of a preferred embodiment, and a device view 200A shows a back side view of the same preferred embodiment of device 100.
As shown in the front view 200, the element 210 on the device 100 is an extended magnetic card thin element that allows the device 100 to interface with a magnetic card reader/writer that people can find at any store, or gas station, or ATM (automated teller machine). The magnetic card member 210 is designed to be normally concealed within the housing of the device 100 and can be extended out of the housing by a user to interface and interact conveniently with any magnetic card reader, and then exchange data and perform transactions through an ATM machine or a magnetic card reader at the point of purchase. The user may fully pull and extend magnetic card member 210 to extend it out of the device 100 housing, but with the proviso that member 210 is enabled by device control 160 (as shown in fig. 2) and the internal electronic safety operating locking pin of device 100 located in the device 100 housing is released. Controller 160 can release the security pin (as shown in fig. 2) only if the original owner of device 100 actually holds the device in hand and the device controller 160 identifies and positively authenticates the user as measured by the current holder of the device by comparing the values of the biometric parameters measured by the device holder with the relevant biometric parameters of the legitimate user and owner of device 100 stored in device authentication memory submodule 140 (as shown in fig. 2).
Each of the two elements 260 and 265 is a dual selectable user personal biometric ID sensor unit that includes a set of sensors including, but not limited to, an imaging sensor, a fingerprint scanning and analysis sensor, a user iris reading sensor, and a three-dimensional holographic or laser scanning imaging sensor. In the preferred embodiment shown in the front view 200 of the device 100, the aperture 260 belongs to a camera for taking high quality still images of the user's face and processing the images into a set of parameters with high reliability that will uniquely characterize the user by a set of personal ID feature parameters related to the distance between the user's facial structure and its major facial organs. Element 262 activates a button for the activation of sensor 260, and when sensor 260 has completed a capture of the user's facial image and achieved satisfactory results, sensor 260 will automatically shut down to conserve battery power consumption of device 100.
The aperture 265 in the embodiment shown in the front view 200 of the device belongs to an electro-optical sensor for acquiring high quality images of the iris of the user's eye and its specific pattern and color and processing them into a set of parameters with high reliability that characterize the user with respect to the structure and color of the iris of the user's eye.
The front view 200 shows the device 100 with the element 220 being an extendable or fixed USB connector or any similar industry-level available data access connector, which element 220 can be used when the user wants to connect the device 100 to his host computer or to any multi-user computerized server based system, using a computer terminal with the capability of data interfacing with any type of data connector integrated into the computer terminal. Element 295 of the device front view 200 is a fixed or extendable mini USB data transfer connector or the equivalent of any other industrial data mini-connector, integrated into all modern cell phones, which can be used when the device 100 user wants to connect the device 100 to the outside through his cell phone.
Element 262 is a switch button of the camera 260 unit. Element 280 in the preferred embodiment of the present device 100 is a third biosensor unit, and if the user is accustomed to using the right hand and naturally holds the device 100 with the left palm, element 280 will perform fingerprint scanning and analysis of the user's thumb.
Element 270 in the preferred embodiment of the present device 100 is the fourth biosensor unit, and if the user is accustomed to using the left hand and naturally holds the device 100 with the palm of the right hand, element 270 will perform a second fingerprint scan and analysis of the user's middle finger in the user's left hand.
Element 254 is an optional backlit LCD (liquid crystal display) and touch screen unit, and element 254 can be integrated into device 100 for the absence of a smartphone and the inability to easily access a host computer that needs to interact with the device 100 controller and review menu screens and communicate with the system 300 providing services. Due to such user requirements, an optional configuration of the device 100 may support and be equipped with an optional cellular modem 195 (shown in FIG. 2) that enables the device 100 to function as a simple cell phone, and when dialing out, touch screen functionality forming part of the display unit option 254 of the device 100 (exterior view 200) will enable interaction with the device.
Element 290 in the front view 200 of the preferred embodiment of the present device 100 is a universal switch button of the device 100 with an integrated red LED (light emitting diode) to indicate the on state.
Element 240 is an integrated RF sub-module communication and RFID activation switch button of device 100 for remote operation and securing operations such as contactless access to secure web sites, communication with advanced contactless ATM machines, smart card readers and RFID operated door locks, vehicle doors and/or ignition switches, etc.
An emergency button 215, which the user may press in case of an emergency, and the device 100 may connect and communicate with the system 300 if the user connects his device 100 to his cell phone or if the user connects the device 100 to any host computer connected to the internet.
The rear view 200A of the device 100 is a rear side view of the same preferred embodiment of the device shown in the front view 200.
Element 250 in view 200A is a sensing aperture of a vital signs detection biosensor that is sensed by a human operator, who is both living and healthy, and indicates real-time operation of the inventive apparatus 100. This sensing function is implemented by a dedicated sensor or a set of joint sensors, which may be selected from a list of possible vital sign indicating biosensors or one or more biosensors from a set of sensors comprising at least a body temperature measurement sensor, a body pulse rate measurement sensor, a body oxygen saturation sensor, a galvanic skin activity sensor and a respiration sensor. The preferred embodiment shown in view 200A of device 100 may have a dedicated integrated vital sign measurement sensor module below the hole 250, combined and integrated from two vital sign indicating two-channel electro-optical sensors, and may take measurements of the pulse arm rate of the body on one channel while taking measurements of the blood oxygen saturation on the other channel, and the module is provided by SPO medical instruments ltd, of samacan-sabatan, israel (www.SPOmedical.com).
Element 297 of view 200A is an externally open lead cover of the rechargeable battery housing of device 100. The rechargeable battery in the case can be replaced or inspected by removing the lead cover 297.
While the device has been described with respect to a limited number of embodiments, it will be appreciated that many variations, modifications and other applications of the device are possible.
One possible flow chart, generally designated 400, of the steps and associated process sequence required to use the apparatus of the present invention when interfacing with a host personal computer or cell phone to activate various operations between the cell phone/host computer and the apparatus, and using the display and keyboard operating functions of the cell phone or the display and keyboard of the host PC to interact with the apparatus of the present invention is shown in fig. 4.
In stage 401, the device 100 is connected to a cell phone mini-USB or compatible connector, or the device 100 is conventionally USB connected to a personal computer, and the user then turns on the device 100.
Stage 402: it is checked whether the user is holding the device 100 correctly with the palm of the hand for a reliable and accurate sensing by a set of sensors integrated with the device.
In phase 403 the user starts to perform an authentication procedure of the user of the device 100 by a parameter detection procedure required for biometric identification of the user holding the device, said operation being based on the measurement and processing of at least three biometric parameters (as described in the preferred embodiments below). It will be appreciated by those skilled in the art that in another embodiment, fewer biometric parameters, such as at least two parameters, may be processed. In performing the biometric detection process: the first detection parameter is the output of the vital sign indicator sensor, showing that its pulse rate is normal, or blood oxygen saturation is normal, or both are normal or body temperature is normal, wherein the normal range of predefined inactive state of pulse rate is 50-80PPM, the normal range of blood oxygen saturation is 90-100%, and the normal range of body temperature is 36-41 degrees celsius. The second detected parameter is the first parameter to measure and evaluate two biometric measurement parameters of the user, such as one or two finger fingerprints, and/or a set of measurement parameters of the facial pattern of the user holding the device, and/or the iris pattern of the user measured and analyzed. The third detected parameter is a second parameter that measures and evaluates two biometric measurement parameters of the user, such as one or two finger fingerprints, and/or a set of measurement parameters of a facial pattern of the user holding the device, and/or a detected iris pattern of the user's eye.
In stage 404, when at least three currently measured parameters are compared and analyzed using the internal controller and data processing unit 160 of the device 100, the parameters are authenticated. Comparing the current at least three measured parameters with at least three identical parameters previously measured, analyzed and stored by the owner of the same device stored in memory unit 140, if authenticated, an affirmative response is created by device 100 and proceeds to stage 406.
If the verification process fails, the device 100 controller unit 160 moves the device 100 to stage 405, where the device will shut itself down and prevent further use or operation of the device for a predetermined time.
In stage 406, the device unit 160 sends a request to identify the operating system running on the handset or host unit to the handset or host connected through the interfacing unit 110.
In stage 407, if unit 160 gets a positive response identifying a known operating system present in the device memory bank, it initiates a dedicated communication interface connection SW (software) package associated with the stored operating system and proceeds to stage 408.
Otherwise, it will exit to stage 405, where the device 100 controller unit 160 will turn itself off and prevent further use or operation of the device for a predetermined time.
In stage 408, the device launches a main menu screen, which is displayed on the cell phone or host PC screen to let the user select among four options:
410-retrieve stored data from memory of device, proceed to stage 411;
420-save the file in the host or handset memory to the device memory 150 or 190, proceed to stage 421;
445-search the Internet for websites of the selected medical, financial or other institutions, proceeding to stage 430; and
d: 450-proceed to stage 451 through menu selection, which displays a dialog box to the user for selection, retrieval or updating of data and information from and to data stored by the apparatus 100, created for convenient user organization, including various types of user-friendly personal stored data including user frequently accessed websites 452 and official certificate cards 454 and personal forms databases of all user groups of registered member data of point-of-sale service providers 456.
Stage 452 provides the user with the user's ID number, username and password for all of his favorite web sites that require registration and personal information management, as well as the user's personal phonebook and important notes.
Another option 456 may also be selected in this menu. The option may be executed if the user purchases an item at a store using the apparatus; the user presents the stored facial photographs to the merchant within his device so that the merchant can compare the photographs seen with the user's face as it is viewed in real time before approving and concluding the transaction with the user. Option 454 refers to all official cards (certificates) that one needs, such as passports, drivers licenses, and the like.
The process can be terminated by selecting and moving to a final stage 999.
In phase 411, the user will see a new screen with options on the display of the handset or PC host for his choice: A) medical data please select 412; B) financial data request selection 415; and C) other personal data request selection 416.
In stage 412, the device initiates a menu displayed on the handset or host screen, wherein the user can select from:
A) injured/body parts to be examined; B) the ID code of the requesting physician; C) HMO required (medical insurance company) and D) hospital required, and then move on to stage 413.
In stage 413 the device initiates a search in its internal memory for retrieving and displaying relevant data in its memory units 150 and 170.
In stage 414, the device supports operating available applications to enable the user to store medical/financial/other data for different periods/dates and different data sources.
In stage 418, the sequence of operations will return the device to stage 408 so that the user can select a new option.
In stage 415, the user can select and input from the composite screen of the relevant rank using typical keywords, or retrieve the stored data in the user's personal DB (database) through 5 or more keyword search options: A) a bank; B) insurance company/financial institute; C) a date; D) credit/debit transactions; E) the payout/income account type of the transaction, then the execution sequence will move back to stage 413 for retrieval in the database.
In stage 416, the user obtains a menu screen to select the subject of the retrieved stored data from the subject used by the search key.
In stage 417, the user selects the associated key to perform a data retrieval associated with the subject matter he selected in stage 416, and then proceeds to stage 413.
In stage 421, new data logically presented on the main menu of the save stage 408 and screens presented on the display of the host or handset, requesting keywords for data storage-keywords with main subject and date of the file, the user can select up to 5 additional data storage keys from an off-the-shelf list that is different for each subject described in stages 411 and 415.
In stage 422, the device controller adds a number to the record number of the last processed user's personal database, and that number is the record number of the newly saved data in the device memory.
In stage 423, the controller creates an encryption code for each newly processed record and saves it to the secure mass storage module 170 of the device 100.
In stage 424, device 100 controller 160 moves the user screen back to the menu selection screen of stage 408.
In stage 445, the user selects a menu option to access the Internet.
In stage 430, the user can see a list of preferred favorite web sites on the host or cell phone screen that are present in the personal security data of the device's individual user. In stage 431, if the user clicks on any of the options, the controller moves to stage 432, or if the user clicks on a new website address in the open data entry field, the controller 160 moves to stage 435.
In stage 432, the controller 160 detects the URL (internet address) of the preferred favorite web site selected by the user, and then the controller inputs the user ID data input location of the selected page with the stored user name and password predefined for the particular web site obtained from the memory 150, so that the user can easily and automatically access any selected favorite web site as a registered and access authorized member.
At stage 433, the host or handset automatically moves to display a website login screen of the first registered user at the selected website address, display a home page of registered members of the selected website and further interact with the selected website and associated personal data he wishes to find, such as personal medical test results, prescriptions, bank statements, etc.
In stage 434, a screen may appear to ask the user to save personal data obtained from the website he visits, the optional behavior of returning to stage 421 to clarify how the day's data was saved and under which search keys they were located, or the user may return to stage 408 to select another device operation from the main menu.
In stage 435, the user obtains a screen of the internet so that he can input his favorite address and desired information. In stage 436, the controller generates two option selection screens, one being the result of retrieving personal data for storage in the memory of the device 100, and will then proceed to stage 434, the other suggesting the user to purchase a service or product, and proceed to stage 437.
In stage 437, the user will be asked whether the slave device is to use the details of the credit card.
In stage 438, the requesting user will define the credit card to be performed by the user and the type of purchase transaction selected, and after the user's preferred credit card is selected for this transaction, the controller will obtain a file containing the user's credit card number, user name, credit card expiration date and other code related to the card secret from the secure memory 170 of the device and transmit the data to the vendor (stage 439).
In stage 440, the transaction is approved.
In stage 441 a screen appears asking the user if the details of the transaction are to be saved and then proceeding to stage 421, if not, the user may move to stage 408 and select another action option from the main menu screen.
In stage 999, the user will be caused to stop the device from operating with the host and disconnect all communication between the device 100 and the host computer or cell phone.
A possible flow chart of process steps associated with using the apparatus of the present invention, generally designated 500, when a user establishes a connection with the system of the present invention and accesses the system server using the apparatus of the present invention to be authenticated is shown in fig. 5. The process 500 described in the flowchart begins with the authentication phase of the user and ends with gaining access to the system server data and further interaction of the user with the system to complete the search and update tasks for specific data, as shown in fig. 5.
Stage 501, connect the user's device 100 to his handset mini-USB or compatible connector, or connect the device's conventional USB connector to a USB slot of a personal computer, or establish a bluetooth wireless data connection between the device and the user's handset when the user turns on the device 100.
In stage 502, the user holds the device 100 in his palm, presses his fingers against the fingerprint sensors 270 and 280 shown in fig. 3A, looking in the direction of the device's camera aperture 260 and/or focusing his line of sight at the center of the iris image sensor aperture 265. Meanwhile, on the other side of the device, the user attaches his palm to the biosensor hole 250, sensing the user's heart rate and blood oxygen saturation, and then presses the switch button 290 to start the authentication process.
In stage 503, the apparatus performs biometric sensing and sequentially detects three biometric parameters of the holding user. The first parameter is the output of a vital signs indicator sensor (128) showing that its pulse rate is normal, or blood oxygen saturation is normal, or body temperature is normal, wherein the normal range of predefined inactive states of pulse rate is 50-80PPM, the normal range of blood oxygen saturation is 90-100%, and the normal range of body temperature is 36-41 degrees celsius. The other two measured and evaluated parameters are one or two finger fingerprints of the user, and/or a set of measured parameters captured and processed to hold the user's facial pattern, and/or a captured image of the user's eye iris and the resulting iris structure and pattern analyzed.
Stage 504 is the junction of the option evaluation and decision stage. If the set of biometric parameters measured and processed by the user corresponds to the set of biometric parameters stored in unit 140 at the time of the first registration of the original user of the device, then the process continues with stage 506, otherwise the process is terminated in stage 505.
In stage 505, the user receives a text message on the screen of the connected handset or host computer indicating that the authentication process failed, and the device will then automate the process, requiring the user to restart the device and repeat the same process to that stage.
In stage 506 the device controller checks the result of the current measured life indication sensor output by the user and if the measured parameter differs more than 15% from the moving average result of the previous life indication detection proceeds to stage 524 and if the difference is less than 15% continues to stage 507.
In stage 507, the user obtains a menu screen on the host or cell phone display that can choose to connect with the system of the present invention for further interaction (stage 508), or simply remain interacting with their host computer or smart host and continue to operate, as described in stage 408 of process 400.
If the user is a new user and this is the first time he interacts with the system of the present invention in stage 508, he must go through a detection and authentication procedure to verify that he is the legitimate owner of the particular device with the device registration product embedded serial number, continuing to stage 522, which may require the user to personally visit the service site of the system of the present invention and personally identify himself and his personal device in front of the system's staff, which may be done in stage 509. If the user is not logging into the system for the first time, proceed to stage 530.
In stage 509 the user can identify himself by presenting his identification card and at least one additional ID document, such as a passport or a driver's license, in front of the staff of the system, who will then read the embedded serial number of the device by connecting the device to the system computer terminal, which will then be automatically entered into a temporary document in the memory of the system, and who will manually enter a set of ID data of the user, including his identification number, nationality, full name, date of birth and address of residence, into the same temporary document.
In phase 510, the inventive system registers the user as a new client and opens new basic data files in system memory that are specific to the client, and allocates a predefined private and private memory space for the non-secure portion of system memory for the user's data files. The system manager registering each user to save their personal ID data file in a memory subsystem connected to the system further comprising an additional step wherein the system manager generates N pairs of two different randomly selected alphanumeric strings for each user; and each of the strings is a combination of n alphanumeric characters in the length direction.
The system manager saves the N pairs of strings in the memory subsystem of the system and sends the N pairs of N strings to be stored in the user's personal data. In stage 511, the device, still connected to the system computer terminal, generates a random alphanumeric data string with L characters, and which will serve as the unique user secret access code for the secure private memory partition in system memory.
In stage 512, the processed L-string is entered into the system of the present invention, and the system computer checks to see if the L-string was previously processed by another registered user device and entered into system memory. If the system computer finds another registered user's identical memory ID data string in its record, then returning to stage 511, the device will generate a new randomly selected L-alphanumeric character string. If the system does not find the same memory ID data string in its record for other registered users, then the string is selected as the new secret access code for the new registered user.
In stage 513 the system computer creates a secure private memory space in the mass memory of the system for the newly registered user, defines and assigns said space to said user, and can access said space only when using a specific user secret access code with an L-character data string stored in the user's own device.
In stage 514, the user and system personnel receive a written message from the system computer, writing: the new user registration has been successfully completed and from now on the user can interact with the system of the invention from any remote location to work, as long as the user uses his registered personal device for identification and authentication. When the user and his device are connected to any cell phone or host computer, then the operation can proceed (as described in stage 515).
In stage 530, upon normal initiation of communication between the system manager and each user, the system manager may further communicate with the user by first comparing the user's ID data file and the unique embedded token serial number stored on the user's personal device with the corresponding user and device identification data stored in the system memory module. If the two sets of identification data match, the system manager transmits a first string of the stored N strings of encoded alphanumeric data to the user device, the user device responds with a second matching string of encoded alphanumeric data originating from the same stored pair uniquely associated with the user device, and the system manager compares the second string of encoded alphanumeric data it receives with a second string of encoded alphanumeric data pre-stored in the system memory. The system manager then compares the received different additional strings of encoded alphanumeric data pre-stored in the memory of the user device associated with the unique user with the additional strings of encoded alphanumeric data pre-stored in the memory of the subsystem for M of N consecutive times.
In stage 531, if all M strings of encoded alphanumeric data match, the system manager authenticates the user and allows access to the system and proceeds to stage 515. Otherwise, the system will fall back to stage 505 to end the session.
In stage 515, the user is already a registered user of the system and may connect to the system after the short identification and authentication procedure described below. At this stage, the user selects from the main menu displayed on his host screen; he can choose to work and interact with the system or choose among a number of interaction options. If the user were to choose to work with a non-secure portion of the system's stored data, then the menu option to move it to stage 520 is selected. If the user wants to select a secure and protected portion of the system's stored data to work, then the menu option to move it to stage 516 is selected. If the user wants to work and interact with his financial and insurance matters through the system, the user may choose to move it to the menu option of stage 518, where the user can achieve his goal through the system and gain reliable and secure access to all relevant banking services, insurance companies, investment companies, pension funds, etc., and all relevant data can be easily accessed and managed by the system through a dedicated menu screen. If the user were to choose to work and interact with their medical matters through the system and access all of their medical services, hospitals, and clinic data through the system, the user may choose the menu option to move them to stage 720, where all of the data is managed by the system through a specialized menu. If the user wishes to end the interaction with the system, the user may select the option 999 to close communication with the system.
In stage 516, the user device sends a system-secure access code, i.e., the memory ID data string created in stage 512, through the connected host or handset.
In stage 517, if the string is identified as a legitimate string associated with the user, the process continues to stage 801, otherwise, the user is moved to stage 515 where the main menu with several options is displayed again.
In stage 518, the system always checks in the background whether the user has pressed the panic button, or whether the physiological sensors have detected an abnormality in the user's physical condition in stage 524, and whether the system raises an alarm indicating that the user is in an abnormal health state. If an emergency situation is indicated, the system proceeds to stage 525, otherwise, stage 650 will continue to process financial-oriented behavior. The system checks constantly for a user connected to the financial portion of its service, whether the user has pressed the emergency button of the device, or whether the physiological sensor has detected an abnormality in the physical condition of the user in stage 524, and whether the system raises an alarm indicating that the user is in an abnormal health state, and if so, the system proceeds to stage 525 and stops communication between the user and the system supporting the financial service portion.
In stage 520, the system requires the user (after the interaction stage with the non-secure data and user device is required) to transfer the user's ID data and the device's embedded serial number from the device's memory into the system.
In stage 521 the system checks if the numbers and data stored in its memory match those obtained by the connected user device, and if so proceeds to stage 545 for further interaction with the system and external service provider, and if not proceeds to stage 522 for a second authentication.
In stage 522, the user performs a second human operator based authentication procedure at the system client security center to check whether the device belongs to the user holding it, which is required whenever the system fails to authenticate the user during the checking stage of user access (as described in stages 516 and 517 and/or 520 and 521). Personnel at the system security center need to check whether the picture of the face of a legitimate device user stored in the device memory matches the face of the user coming to the office; the system staff also needs to ask the user to go through the authentication process with the device in front of him. If the result of the second human supervised authentication procedure is negative, a security investigation of the user is started.
Stage 525 is associated with an emergency situation received by the system specific control and emergency management center 348. The team at center 348 will automatically receive all of the user ID data stored on the user device, including its identification number, medical insurance number, and the name of the registered medical insurance company, sent from the user device over the communication line. In addition, the team at center 348 receives data for the user's emergency contacts stored in device memory.
In stage 526, the team of the emergency center may contact the person through his cell phone and simultaneously contact his emergency contacts to obtain the person's specific location as soon as possible.
In stage 527, if the emergency center calls the user, and the user answers the call and requests a medical or other type of emergency, then stage 528 is advanced. Otherwise, the user may access the most recent medical records stored in system memory during the course of stage 720, and then download the records to their device via a host computer or cell phone before seeking medical assistance themselves.
In stage 528, the team at the emergency center calls the nearest rescue team to the user and provides the rescue team with a brief introduction to the user's exact location and user medical emergency record stored in the user's personal device via the cell phone. At the same time, the team of the emergency center will update all the medical records of the user stored in the system memory and formulate a complete medical record report for the user, which will be sent electronically or by fax to the emergency room team of the selected hospital, and the hospital will prepare the rescue team to send the user to the hospital for further treatment.
In stage 545, the user is connected to a menu that supports all users' needs to transact and interact with non-secure personal data, as well as connect with government and municipal institutions, higher institutions, customer clubs, etc. for interaction.
In stage 650, the user is connected to a menu that supports all users' transactions and interactions with secure personal data related to the needs of the user to interact with banks, other financial institutions, insurance companies.
In stage 720, the user is connected to a menu that supports all users' transactions and interactions with secure personal data related to the needs of the user to interact with the hospital.
In phase 801, a user will see a menu on their host display that is relevant to the storage and retrieval of secure personal data to and from their personal device.
In stage 999, the user's interaction with the system is ended, or the user may choose to return to the system's main menu, as depicted in stage 515.
Another possible flow chart of process steps associated with using the apparatus of the present invention and effecting interaction between a user and the system of the present invention, after a positive authentication of the user and the user being granted access to the system of the present invention and establishing a connection with the system of the present invention, is shown generally at 600 in fig. 6. The process 600 depicted in the flow chart begins when a user is granted secure access to various banks, credit card companies and financial institutions through the system for completing certain relevant data retrieval, record updating and conducting financial transactions, and when the user has reached the first stage in the user access creation process of the system of the present invention and begins the process 600, as shown in fig. 6.
In a first stage 650 of process 600, the user receives a menu screen to select a credit card company, moves to stage 664, selects a bank, moves to stage 651, or selects an insurance company, and moves to stage 671. If the user does not wish to continue with these several paths, then the option may return to stage 515 of FIG. 5.
In stage 651, the user selects a bank option and gets a menu of system registered banks so that they can select the bank that is of interest or owns the account.
In stage 652, the system of the present invention connects with the bank selected by the user and the particular branch with which it is cooperating via a highly secure communication line.
In stage 653, the user device will send the user's account and the user's ID data (e.g., username and password) to the selected bank and branch in the format required by the particular bank selected.
In stage 654 the bank computer will allocate the data details in memory that the particular user registered the bank for permitted access and the account status and compare them to the user-related details obtained from the memory of the user device, and if the details match and the requested bank account is found in the bank record, proceed to stage 655; otherwise, the user returns to stage 650.
At stage 655, the user receives a menu through which the user can retrieve relevant details from their account or perform a financial transaction. If the user wants to use their account for a financial transaction, then stage 656 is advanced. If the user wants to retrieve details of past transactions, then stage 660 is selected and moved to.
In stage 656, the user may choose to proceed with stage 658 to recharge the e-wallet portion of their device secure memory sub-module with money, or stage 657 to transfer funds to a third party account.
In stage 657, the host screen through which the user can establish a secure interface with the bank's computer via the system of the present invention requires the user to fill in the third party's name, account number, and details of his bank and branch at the blank fields of the screen.
At stage 658, the host screen may ask the user to enter the transfer amount in the blank fields of the screen.
In stage 659, if the bank approves the transaction, then stage 662 is performed; otherwise, it returns to stage 655.
In stage 660, the screen on the host display may require the user to enter parameters of the billing particulars he wants to retrieve, such as the time range of the transaction date or the transaction number.
In stage 661, the bank retrieves the requested financial data and sends it to the system of the present invention through a dedicated communication channel, and the relevant user financial data is then transferred to and displayed on the screen of the user's host computer by the system.
At stage 662, the user receives a screen at his host asking him to select how he wants to store the requested financial data. He may choose to store in the memory of his device or in the personal data memory part of the system library or both.
In stage 663, the process returns to stage 801 shown in FIG. 8.
In stage 664, the user may receive a menu screen to select from his or her list of credit card companies to offer or return to stage 650.
In stage 665, the system of the present invention connects to the selected credit card company.
In stage 666, the user device sends through the system additional credit card data having a secure format and agreed to be used as a credit card company for the particular credit card company, the user's credit card number, and associated user name.
In stage 667, the credit card company may approve the card and the process continues to stage 668 otherwise the process returns to stage 664.
In stage 668, a screen on the host display may ask the user to fill in details of the entity that will obtain the funds and the amount of the selected entity to debit.
In stage 669, the user enters details of the entity to be credited for payment, and if the user knows only some of the details that are required and the user has previously transacted with the entity, his device automatically provides the user with a suggestion that the full set of details of the entity be included. The selected detailed information is then sent to the credit card company through the system. If the transaction is approved, the process continues to 670, otherwise, it returns to the beginning of the transaction with the credit card company at stage 664.
In stage 670, the credit card company approves the transaction and proceeds to stage 671, otherwise, if the transaction is rejected, then a return is made to stage 664.
In stage 671, the credit card company performs the requested transaction and sends a specification of the transaction to the user device via the system of the present invention.
In stage 672, the user gets a screen asking him whether another transaction is to be made via the credit card company. If so, return to stage 664; if not, the process returns to stage 662 to maintain the transaction in the selected memory.
In stage 673, the user receives a menu screen from which the user may select from a list of insurance companies that the user has provided, which are approved by the system supervisor and registered with the system server, or returns to stage 650.
In stage 674, the system server contacts and directly accesses the insurance company server selected by the user.
In stage 676, the user device sends the user ID data and its user name and password registered with the particular selected insurance company to the insurance company server through the system.
In stage 677, the insurance company server approves the user as a registered client and opens the user's direct access to his insurance company account. If the ID and access data sent by the user is not approved, the user returns to stage 673 to make an access attempt by another insurance company.
In stage 678, the insurance company obtains specific instructions from the user, such as downloading a specific insurance policy to its device, or updating data in another policy, and the insurance company server will then approve the user's request. At the end of the user interaction process, the user's access to the insurance company is closed and the user is returned to stage 673.
After a positive authentication of the user and the user is granted access to the system and a connection is established with the system, there is another possible flow diagram of the process steps associated with using the device and effecting interaction between the user and the system. The process depicted by the flow chart begins with a user gaining secure access to various hospitals, clinics, health care organizations and other medical entities and service providers through the system to perform searches for specific relevant data, record updates and update the user's medical records, as shown in FIG. 5, where the process begins at stage 720 in which the user has reached the system user access creation process 700 of the present invention, as shown in FIG. 7.
In process 700, at stage 720, the user has received full access to the system of the present invention (as shown in FIG. 5), and the user has selected the relevant options on their interactive screen to access the memory of the system for processing their medical records and access to various system-registered hospital service providers through the system.
In stage 720, the user receives a menu screen asking him to select a medical insurance company (HMO), and proceeds to stage 721; or selecting a hospital, then proceed to stage 740; or ends the process and returns to stage 515. In stage 721, the system creates secure access to a healthcare insurance company server based on medical record related data stored in a memory of a user device, wherein the user is a member of the healthcare insurance company.
In stage 722, the device sends the user's member user member and the medical insurance member's ID number to the medical insurance server, and if requested, the user's access code to the medical insurance website.
In stage 723 the medical insurance company server checks if the user's medical document ID data matches the ID and user data received from the user device by the system of the present invention, and if so proceeds to stage 724, otherwise returns to stage 720.
In stage 724, the system asks the user to select among several options on a menu screen on the display of their host or cell phone. In option 725, the user may choose to select a doctor/clinic appointment. Option 730 is selected indicating that the user is requesting all his past medical examination results, otherwise the user will return directly to stage 720, and the process will stop if the user does not select the further action item.
In stage 725, the user may obtain a screen from the medical insurance via the system asking the user to select the type and name of the doctor he wants to meet.
In stage 726, the user may obtain a screen indicating the date and time of the hospitality opening of the selected doctor.
In stage 727, the user selects the best date and time he reserved with the selected physician.
In stage 728, the user will be notified on their host screen of the final confirmation from the health care insurance computer, including the time and date of the appointment that the user has finally approved, and then proceed to stage 729.
In stage 729, the user receives a menu on the screen display of his host computer asking if he wants to make another appointment. He may then move to 725 or to 730 to view his past medical examination results or return to main menu 720 or save in stage 801.
In stage 730, the user receives a menu screen from the medical insurance server on his host screen display to select the medical examination result he wants to view.
In phase 731, the user selects the requested test result, and the user device forwards the user's most recent test result (if any) in its device memory for this particular test to the host screen.
In stage 732 the medical insurance company server searches its stored records to see if more updated test data is found relevant to the user, then sends the found file to the user's host computer, so that the user can choose to display the results on the screen or to save the results in their device memory for long term storage.
In stage 733, the user has selected to process the retrieved medical test results, and the system returns to stage 729, which is connectable to the save stage 801 of FIG. 8.
In stage 740, the user receives a menu screen on their host display to select a hospital from a list or return to stage 720. The user may then select his preferred hospital from the list and proceed to stage 741.
In stage 741, the system server contacts the selected hospital through a secure communication channel with each hospital in the displayed list and creates an open communication link with the hospital server.
In stage 742, the user personal device sends a user ID data file including the full name, identification number and detailed information.
In stage 743, the server of the selected hospital will examine its records to determine if the particular user is an inpatient or is being treated by a hospital clinic; if so, stage 744 is performed, and if not, stage 740 is returned to.
In stage 744, the user receives a menu screen asking him to select whether a hospital-issued medical report or medical test result is required, and then makes his own selection.
In stage 745, the hospital server searches for the selected data file, and proceeds to 746 if the requested data file is found, and returns to stage 740 if not found.
In stage 746, the user will receive information from the hospital on their host screen.
In stage 747, the user receives a menu screen asking him to select where to store the retrieved hospital data, whether in system memory, in memory of the user's personal device, or in both memories, wherein the user's personal medical data files are stored in system memory, and the process proceeds to stage 801.
After saving and storing the new medical file in one or both of the memories selected in stage 801, the process returns to stage 720 where the user obtains a new menu screen to initiate another medical data processing procedure with the system of the present invention and an external medical service provider or to stage 515 shown in FIG. 5.
After a positive authentication of the user and the user is granted access to the inventive system and a public connection link is established with the inventive system, there is yet another possible flow diagram of the process steps associated with using the inventive apparatus and effecting interaction between the user and the inventive system. The flow diagram depicts a specific process associated with a user's need to store and retrieve data in a system memory library, the associated process being illustrated in FIG. 8, which encompasses a process 800 for storing and retrieving data in a system memory according to the present invention.
In step 801, a menu on the user's host screen asks the user to select to retrieve data from system memory, then proceed to stage 805, or to select to save data in system memory, then proceed to stage 820, or to end the process, then proceed to stage 999.
In step 805, if the requested data originates from an unsecure data storage partition of the system mass storage library, then the process proceeds to 810; or if the user needs to retrieve secure data from the secure data portion in system memory, the process proceeds to 816.
In stage 810, the user personal device transmits a user ID data file.
In stage 812, the system server approves the user's ID and obtains its selected data retrieval key from the user, thereby causing the system server to look up its requested data from the system mass storage library.
In stage 814, the system server approves the user-selected search keyword and finds the requested data file based on the given keyword, and returns to stage 805.
In stage 816, the user has selected the option to retrieve the secure data file in stage 805, and the user device then sends the secure access code for the L alphanumeric characters stored in the device memory, and the secure string generated at the system server by the first user registration stage action and stored in both the device memory and a sector of the system memory for storing specific user data, to the system server for secure identification.
In stage 817, the system server asks the user to enter a DB (database) access key associated with the requested secure data file and proceeds to stage 818.
In stage 818, the system server retrieves the user requested secure data file based on the user selected search key and then requests the user to return to 801 via the host if it is to return to 801. If the user wishes to store more data or initiate a retrieval procedure, returning to 805, the user may also proceed to 999 to end the process.
In stage 820, the user is asked to save the data it retrieved or new in the system non-secure data storage sector-stage 821-via the menu screen in the host-or if the user wishes to store new data in the system secure data storage sector, proceed to stage 826 or return to stage 801 to restart the entire process 800.
In stage 821, the user personal device transmits the user identification number.
In stage 822, the system server requests the user selected database save and search key for the new specific data file the user wishes to store in the system database personal file sector when the system server is connected to the user through a host or handset connected to the user.
In stage 824, the personal device encrypts the specific file in the process and sends it to the user's personal file sector in the system database for retrieval by the user, and then returns to stage 801.
In stage 826, the personal device sends an identification string to the system server that hides a secure access code having L alphanumeric characters agreed upon by the user system.
In stage 828, the system server asks the user to define and send the user selected database save and search keys for the new specific data file that the user wishes to store in the inaccessible personal file sector in the system database.
In stage 829, the personal device encrypts the user's file and then sends it to the system service for storage in the secure and encrypted data file memory sector of the system. The user may then choose whether to repeat the data processing process and proceed to stage 801 or to end the process and end stage 999.
In stage 999, the process is ended and the user is disconnected from the system server and the personal device that is automatically turned off.
Reference is now made to fig. 9, which is a dedicated device 1000 according to the present invention, which is one possible embodiment of the charging and user personal data backup device of the present invention. Fig. 9 illustrates one possible conceptual modular structure of the charging and data backup apparatus of the present invention and the related apparatus internal sub-module layout and functionality.
Block 1010 in fig. 9 is a main power plug-in charging module of the apparatus 1000 comprising a charging plug 1012 of the apparatus 1000 for connecting a main power, an AC-DC (alternating current-direct current) converter unit 1014 and a power supply unit 1016. The unit 1014 is used to convert the mains AC voltage to a DC voltage, from which a power supply 1016 is generated, all of which are used to drive the different electronic components of the electronic sub-modules 1020 of the apparatus 1000.
The sub-module 1040 includes a battery charger and rechargeable battery to provide power back-up and safe operation of the device 1000 in the event of an insufficient supply of mains power supply. The sub-module 1020 is the device's primary electronic module that includes a microprocessor and associated electronic sub-module 1024 and a mass storage and solid state flash memory based sub-module 1028 that has similar storage capacity when compared to the memory units 150 and 170 that incorporate data storage capacity in the device 100. The electronic unit 1020 can automatically check the need for updating of the memory submodule 1028 by simply connecting the device 100 via its interfacing data plug 110 to the connection plug unit 1030 of the device 1000. The processor submodule 1024 may check the last update date of the device 100 and its associated secure and non-secure memory data content and status and check if it is more recent than the data stored in the device memory 1028, then it will create a mirror image of the contents of the memory submodules 150 and 170 of the device 100 in the memory unit 1028. When the memory contents of the device 100 are erased or corrupted for some reason, the submodule 1024 will detect this and update the memory submodules 150 and 170 of the device 100 with the latest version of the data stored in the memory module 1028 of the device 1000.
Sub-module 1050 is an electronic buzzer activation module that can be operated by pressing a button, the sub-module 1050 being located within the device 1000 housing, and an RF transmitter also being integrated into the sub-module 1050. When a user desires to locate the precise location of a user device in a home or office environment, the user may press the module 1050 buzzer button, the integrated RF transmitter sub-module 1050 will then transmit a coded signal to the buzzer receiver sub-module 198 embedded within the housing of the device 100, and the detected coded signal will then activate an electronic sound buzzer that emits a sound that is easily detected. The sound buzzer is integrated in a sub-module 166 of the device 100 which allows the user to easily locate the position of the device 100 in a room or open space by the sound it generates.

Claims (37)

1. An apparatus for managing personal and secure data and document files stored in the apparatus, comprising:
(a) a sensor module comprising a plurality of biometric sensors for reading a plurality of personal biometric parameters of a user holding the device, the device being uniquely identified by the user;
(b) a processing module in communication with said sensor module for processing said personal biometric parameters and for processing and managing said personal and security data and document files associated with said user;
(c) an authentication unit in communication with the processing module configured to receive and authenticate the identity of the user by comparing the personal biometric parameters of the user read by the sensor module and processed by the processing module with a pre-recorded set of personal biometric parameters stored in the authentication unit;
(d) the encryption module is communicated with the processing module and is used for encrypting, compressing, decompressing, encrypting and decrypting the data file of the user;
(e) a memory module in communication with the processing module and the encryption module for storage of the user's data and document files;
(f) communication and data connection means, in communication with the processing module, for connecting the apparatus with an external device,
wherein the stored personal data and document files of the user associated with the unique user are accessible only after positive authentication of the personal biometric parameters of the user by the authentication unit.
2. The device of claim 1, wherein the plurality of biometric sensors continuously read a plurality of personal biometric parameters associated with the user holding the device, and if any of the plurality of personal biometric parameters changes, access to the stored personal data file is denied and operation of the device is completely shut down.
3. The apparatus according to claim 1, wherein at least one of the plurality of biometric sensors is a vital signs detector configured to measure and record at least one of vital signs parameters of the user.
4. The apparatus according to claim 3, wherein the at least one of the user's vital sign parameters is measured by any one of a set of vital sign indicators including a body pulse rate measurement indicator, a body oxygen saturation indicator, a body heat measurement indicator, a galvanic skin activity indicator, a body respiration indicator, and a body or emotional pressure indicator.
5. The apparatus of claim 3, wherein when any of the set of vital signs indicators detects a critical level, the apparatus is configured to initiate an emergency call to any of a set of registered emergency treatment centers and to transmit any of a set of data files containing information related to the user to the registered emergency treatment centers, the set of data files including the identification data file of the user, a personal medical data file of the user, the measured set of vital sign parameters of the user, and a location of the user.
6. The apparatus of claim 1, further comprising:
an emergency button in communication with the processing module and the communication and data connection means module;
wherein, when the emergency button is activated, communication is initiated between the device and any one of a set of registered emergency centers, the emergency call sending any one of a set of data files containing information relating to the unique user of the device, the set of data files including the identification data of the user, the personal medical data file of the user, and the location of the user.
7. The apparatus of claim 1, wherein the apparatus is configured to communicate with any one of a group of service providers including banks, credit card companies, clinics, hospitals and medical insurance companies, municipalities and utility entities and websites that are frequently visited by the user, thereby allowing the user to access and manage the user's personal data and document files that are processed, stored and provided to the user's apparatus by the group of service providers.
8. The apparatus of claim 1, wherein the external device comprises any one of a group comprising a remote server, a local server, a host computer, a voice or data communication means, and a cell phone.
9. The apparatus of claim 5, wherein the emergency call is initiated by the apparatus connection and communication means directly via the internet, by any host computer via the internet, via voice and data communication means, and via any cellular network, via any one of a set of communication means including a secure server.
10. The apparatus of claim 6, wherein the emergency call is initiated by the apparatus connection and communication means directly via the internet, by any host computer via the internet, via voice and data communication means and the cellular network via any one of a set of communication means including a security server.
11. The apparatus of claim 1, wherein the communication and data connection means comprises at least one of a group of connection and communication devices including any data interface connector attached to a host computer, a mini-USB or compatible industrial data interface connector attached to a cell phone, a near field wireless communication interface, a magnetic reader interface and a smart card reader based on a contactless communication interface using inductive or radio frequency communication.
12. The apparatus of claim 1, wherein the memory module comprises a removable and upgradeable micro-PCB board with flash and/or nano-type solid state read-write memory components with a storage capacity of at least 10GB accessible storage capacity.
13. The apparatus of claim 1, further comprising:
a magnetic stripe element that is activatable only upon positive authentication of the user's personal biometric parameter,
wherein the magnetic stripe element is configured to be concealed within the device and configured to extend out of the device upon activation for swiping and reading by any one of a group of devices including a credit card reader, an ATM and a point of sale magnetic stripe reading device.
14. The apparatus of claim 1, further comprising an update module, in communication with the processing module, configured to securely update the user's data and document files.
15. The apparatus of claim 1, further comprising an integrated digital data encoder/decoder and radio frequency transceiver module in communication with the processing module, the integrated digital data encoder/decoder and radio frequency transceiver module configured to communicate with any one of a group of external devices, the group of external devices including a radio frequency operated credit card reader, an ATM machine, and an electronic lock or gate/door opener that is remotely operated using RFID (radio frequency identification) based technology.
16. The apparatus of claim 15, further comprising a supplemental base station device in communication with the radio frequency transceiver, the base station device configured to electrically charge the apparatus and automatically perform a backup of internal secure and non-secure stored data of the apparatus simultaneously.
17. The device of claim 11, further comprising an integrated software module that automatically detects an operating system of the computer or cell phone connected to the device connected through the set of communication means, the computer or cell phone having a keyboard and display unit associated therewith, allowing the user to interact with the memory module and the processing module of the device via the keyboard and display unit, whereby the computer or cell phone is configured to utilize and interact with the memory module, the processing module and the sensor module of the device.
18. The apparatus of claim 1, further comprising a power charging and data backup device in communication with a processing module of the apparatus, the device comprising:
i. a charging and power sub-module including a charging plug for connection to a main power supply, an AC-DC (alternating current-direct current) converter, a power supply unit, and a rechargeable backup battery;
an electronic sub-module comprising a microprocessor and a mass memory unit;
an activation sub-module comprising an electronic buzzer activator, a button connected to the buzzer activator, and a radio frequency transmitter connected to the electronic buzzer activator, wherein, upon activation of the buzzer button, the radio frequency transmitter is configured to transmit an encoded signal to the device to enable the user to determine the location of the device; and is
Wherein the charging and power sub-module, the electronics sub-module, and the activation sub-module are in communication with each other; and is
The memory module of the apparatus communicates with the mass memory unit of the device to compare and synchronize versions of data stored in the memory module of the apparatus with versions of data stored in mass memory units of the device.
19. The device of claim 1, further comprising an integrated GPS (global positioning system) module in communication with the processing module to pinpoint the geographic location of the device.
20. The apparatus of claim 1, further comprising at least one module selected from the group consisting of a cellular modem module in communication with the processing module; and a flat panel display and touch screen module in communication with the processing module.
21. A method for managing personal and security data and document files for a plurality of unique users, each of said plurality of unique users having a personal identification unit uniquely associated with said one user for storing personal data and document files for each user, each of said personal identification units comprising:
a sensor module comprising a plurality of biometric sensors;
a processing module in communication with the sensor module;
an authentication unit in communication with the processing module;
an encryption module in communication with the processing module;
a memory module in communication with the processing module and the encryption module; and
a communication and data connection means in communication with the processing module;
the method comprises the following steps:
a. the sensor module reading a plurality of personal biometric parameters of the user holding the device;
b. the authentication unit comparing the personal biometric parameters of the user with a pre-recorded set of personal biometric parameters stored in the authentication unit; and
c. if the authentication unit positively identifies the user, the user is allowed to access the user's personal data and document files stored in the memory module and to communicate with other communication means through the device.
22. The method of claim 21, further comprising the steps of:
the biometric sensor connectively reads a plurality of personal biometric parameters of the user holding the device; and is
Denying access to the stored personal data file and completely shutting down operation of the device if any of the plurality of personal biometric parameters changes.
23. The method according to claim 21, wherein at least one of the plurality of biometric sensors is a vital signs detector configured to measure and record at least one of a set of vital signs indicators including a body pulse rate measurement indicator, a body oxygen saturation indicator, a body heat measurement indicator, a galvanic skin activity indicator, a body respiration indicator, and a body or emotional stress indicator, the method further comprising the steps of:
initiating an emergency call to any one of a group of registered emergency centers when any one of the vital signs indicators detects a critical level; and is
Wherein the emergency call transmits any one of a set of data file information relating to the user, the set of data file information including an identification of the user, a personal medical data file of the user, a set of measurements of vital sign parameters of the user, and a location of the user.
24. The method of claim 21, wherein the device further comprises an emergency button in communication with the processing module and the communication and data connection means module, the method further comprising the steps of:
initiating communication between the device and any one of a set of registered emergency centers when the emergency button is activated; and is
The emergency call transmits any one of a set of data file information associated with the user, the set of data file information including an identification of the user, the personal medical data file of the user, and a location of the user.
25. The method of claim 21, further comprising the steps of:
communicating via any one of a set of communication means with any one of a set of service providers including banks, credit card companies, clinics, hospitals and medical insurance companies, municipal and utility entities and websites that are frequently visited by the user, thereby allowing the user to access and manage the user's personal data and document files stored by the set of service providers.
26. The method of claim 21, wherein the device further comprises a magnetic strip element, the method further comprising the steps of:
upon positive authentication of the user's personal biometric parameters, the magnetic stripe is activated, allowing the magnetic stripe to be read by any one of a group of devices including credit card readers, ATMs, and point-of-sale magnetic stripe reading devices.
27. The method of claim 21, wherein the apparatus further comprises a power charging and data backup device, the device comprising a charging and power sub-module, an electronics sub-module, and a mass storage solid state memory unit, the method further comprising the steps of:
comparing the storage contents of the device memory module with the storage contents of the device mass storage solid-state memory cells; and is
Updating the device memory with a previous version of the data stored in the memory sub-module if the memory module of the device lacks data; and is
Updating the solid state memory cells of the device with a last version of the data stored in the device memory sub-module if the solid state memory cells of the device lack data.
28. The method of claim 21, wherein each of the plurality of unique users is in communication with a system manager that manages a remote centralized data communication storage and management system for the plurality of unique users, the method further comprising the steps of
a. The system manager registering each unique user and storing the personal ID (identification number) data file for each unique user in a memory subsystem connected to the centralized system; and is
b. The registration further comprises the step wherein the system manager generates N pairs of two different randomly selected character strings for each system user, each of the strings being a combination of N alphanumeric characters in length; and is
c. The system manager storing the N pairs in the system memory subsystem and sending the N string pairs to be stored in the unique user personal identification unit memory module; and is
d. The personal identification unit generates a secret access code of L alphanumeric characters to be further stored in a particular partition in the system memory, the particular partition containing a list of the secret access codes for the plurality of unique users, without assigning any identification or link between the relevant users to their registered secret access codes.
29. A method as claimed in claim 28, wherein upon registration and normal initiation of communication between the system manager and each unique user, the system manager also communicates with the unique user and first compares the unique user's ID data file and the unique embedded feature serial number of the personal identification unit stored in the unique user's personal identification unit with the corresponding user's ID and personal identification data stored in the memory subsystem; and is
If the two identifying data sets match;
i. the system manager sends a first string of the stored N encoded alphanumeric data strings to the personal identification unit of the user; and is
The user personal identification unit responds with a second matching string from the same pair of encoded alphanumeric data stored uniquely associated with the user personal identification unit; and is
The system manager comparing the received second string of encoded alphanumeric data to a second string of encoded alphanumeric data pre-stored in the memory subsystem; and is
The system manager successively compares the received other different string of encoded alphanumeric data pre-stored in the memory of the personal identification unit associated with the unique user with the other string of encoded alphanumeric data pre-stored in the memory of the subsystem for M of N times; and is
v. if all M strings of encoded alphanumeric data match, the system manager declares authentication of the unique user and allows the unique user to access the system.
30. The method of claim 29, wherein after the user gains access to the system, the user selects to collaborate with a non-secure portion of the memory of the system or gain access to the user secure personal data stored in the system memory by sending the secret access code from the personal identification unit that allows each such user to individually access their private secure memory partition in the system memory.
31. The method of claim 28, further comprising the steps of:
after the authentication step, the system manager connects the individual identification unit of the unique user with any one of a group of emergency treatment centers or service providers registered using the system manager as required by the user individual identification unit; and is
Transmitting updated medical data of the user to the emergency center when a medical emergency call is initiated through the personal identification unit.
32. A system for managing personal and secure data and document files for a plurality of unique users, the system comprising:
a. a system manager for managing and updating personal data of a plurality of unique users of the system and for communicating with each of the plurality of unique users;
b. a memory subsystem coupled to the system manager to store updated personal data for each of the plurality of unique users;
c. a plurality of personal identification units, each of said personal identification units associated with a unique user, each unique user registered with said system manager, and said personal ID data file for each unique user stored in said memory subsystem; and is
d. A plurality of host computers and handsets in communication with said system manager such that said system manager is in direct connection with said plurality of unique users through their respective personal identification units; and is
e. A plurality of registered emergency centers and a plurality of registered service providers in communication with said system manager, said plurality of service providers including banks, credit card companies, insurance companies, clinics, hospitals and medical insurance companies, governments, municipalities and utility entities and selected web sites that said plurality of users frequently visit; and is
Wherein said system manager is enabled to access and communicate with personal data and document files stored in said personal identification element associated with each of said unique users and to access said personal data and document files stored by said set of service providers only after positive authentication of said unique user's personal biometric parameters by said authentication element.
33. The system of claim 32, wherein each of the plurality of personal identification units comprises:
i. a sensor module comprising a plurality of biometric sensors for reading a plurality of personal biometric parameters of a user holding a personal identification unit uniquely identified by the user;
a processing module in communication with said sensor module for processing said personal biometric parameters and for processing and managing said personal and security data and document files associated with said user;
an authentication unit, in communication with the processing module, configured to receive and authenticate the identity of the user by comparing the personal biometric parameters of the user read by the sensor module and processed by the processing module with a pre-recorded set of personal biometric parameters stored in the authentication unit;
an encryption module, in communication with the processing module, for encrypting and compressing and/or decompressing encryption and decryption of the user's data files;
v. a memory module in communication with the processing module and the encryption module for storage of the user's data and document files; and
communication and data connection means, in communication with said processing module, for connecting said personal identification unit with said system manager and a plurality of service providers.
34. The system of claim 33, wherein the system manager is configured to:
communicate with the personal identification unit to compare the user's ID data file stored in the unique user's personal identification unit with corresponding identification data stored in the memory subsystem, and
if the two identification data sets match, the system manager is configured to initiate a higher level of security identification before full communication and data update functionality is enabled between the system manager and the user personal identification unit; and is
Wherein the higher level of security identification comprises the steps of: the system manager sending a first string of encoded alphanumeric data uniquely associated with the user personal identification unit to the user personal identification unit, the personal identification unit responding with a second string of encoded alphanumeric data uniquely associated with the user personal identification unit, and the system manager verifying the received second string of encoded alphanumeric data using the second string of encoded alphanumeric data pre-stored in the memory subsystem; and is
The system manager compares the received other different strings of encoded alphanumeric data pre-stored in the memory of the personal identification unit associated with the unique user with other strings of encoded alphanumeric data generated by the counter pre-stored in the memory of the subsystem for N consecutive full matches.
35. The apparatus of claim 33, wherein said plurality of biometric sensors connectively read a plurality of personal biometric parameters associated with said user holding their unique personal identification unit and deny access to said stored personal data file and completely shut down said identification unit if any of said plurality of personal biometric parameters changes.
36. The apparatus of claim 33, wherein each personal identification unit further comprises an emergency button in communication with the processing module and the communication and data connection means module;
wherein at least one of the plurality of biometric sensors is a vital signs detector configured to measure and record at least one of vital signs parameters of the user; and is
Wherein the at least one of the user's vital sign parameters is measured by any one of a set of vital sign indicators including a body pulse rate measurement indicator, a body oxygen saturation indicator, a body heat measurement indicator, a electrodermal activity indicator, a body respiration indicator, and a body or emotional pressure indicator; and is
Wherein the personal identification unit is configured to initiate an emergency call to any of the plurality of registered emergency centers when the emergency button is activated or when any of the set of vital signs indicators detects a critical level; and is
Wherein the personal identification unit is configured to transmit any one of a set of data files containing information relating to the user, the set of data files comprising identification data of the user, a personal medical data file of the user, a set of measurements of vital sign parameters of the user, and a location of the user.
37. The apparatus of claim 36, wherein the system further comprises:
a computerized call center configured to receive telephone calls or emergency voice and data messages from any of the plurality of registered emergency centers and a plurality of registered service providers and to communicate with any of the plurality of cell phones and host computers; and is
Wherein the call center is configured to communicate the location coordinates of the user to an emergency team and, at the same time, the call center is configured to communicate with any of the plurality of registered emergency treatment centers and service providers to receive updated medical data of the user and to transmit the data to the personal identification unit of the user.
HK13106579.1A 2010-03-12 2011-03-10 A secured personal data handling and management system HK1179702A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US61/313,145 2010-03-12

Publications (1)

Publication Number Publication Date
HK1179702A true HK1179702A (en) 2013-10-04

Family

ID=

Similar Documents

Publication Publication Date Title
CN102812471B (en) The personal data of safety process and management system
US12273339B1 (en) Proximity-based system for automatic application or data access and item tracking
US20230134823A1 (en) Proximity-Based System for Object Tracking
US20220335435A1 (en) Single Step Transaction Authentication Using Proximity and Biometric Input
US12056558B2 (en) Proximity-based system for object tracking and automatic application initialization
US20210210178A1 (en) Proximity-Based Healthcare Management System with Automatic Access to Private Information
US11521720B2 (en) User medical record transport using mobile identification credential
US20180268415A1 (en) Biometric information personal identity authenticating system and method using financial card information stored in mobile communication terminal
US20180011973A1 (en) An integrated mobile personal electronic device and a system to securely store, measure and manage users health data
Nigam et al. [Retracted] Biometric Authentication for Intelligent and Privacy‐Preserving Healthcare Systems
HK1179702A (en) A secured personal data handling and management system
Alshammari et al. Biometric Devices in Health Management: Pharmacists' Contribution to Data Interpretation and Patient Guidance