Abstract: The present disclosure relates to a computer system for querying a database residing on a server computer of the computer system, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, wherein a referential connection exists assigning each encrypted data item in the relation to a respective data record of the data records, wherein the encrypted data items are annotated with data elements of a linear order in the database, the linear order corresponding the order in which the encrypted data items are stored in the relation with respect to the partial ordered set, the computer system further comprising a client computer, the client computer being configured for sending to the server computer a request for data

Abstract: The present disclosure relates to a computer system for querying a database residing on a server computer of the computer system, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, wherein a referential connection exists assigning each encrypted data item in the relation to a respective data record of the data records, wherein the encrypted data items are annotated with data elements of a linear order in the database, the linear order corresponding the order in which the encrypted data items are stored in the relation with respect to the partial ordered set, the computer system further comprising a client computer, the client computer being configured for sending to the server computer a request for data

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server-being coupled to the client computer via the network, wherein the database comprises a set of first relations, wherein each first relation in the set of the first relations comprises first data items, wherein for each first relation the first data items are encrypted with a respective first cryptographic key in the first relation, wherein the first data items form a partially ordered set in each first relation, in each first relation the partial order being formed with respect to the first data items of said first relation in non-encrypted form.

Abstract: The invention relates to a computer implemented method for analyzing data of a first user, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key and a private key, the data being stored pseudonymously in a database with the data being assigned to an identifier, wherein the identifier comprises the public key, the method comprising: receiving a set of rules, the set of rules describing data processing steps, receiving the identifier, retrieving the data assigned to the identifier from the database, analyzing the retrieved data by applying the set of rules, providing a result of the analysis.

Abstract: An apparatus for encrypting data is provided. The apparatus is capable of symmetrically encrypting data and then encrypting the symmetrically encrypted data with the aid of a bit string. The bit string has a maximum entropy. Encryption of the symmetrically encrypted data is designed such that a section of the bit string is used for encryption and successive encryption operations are carried out with carrying sections of the bit string while the bit string remains unchanged.

Abstract: The invention relates to a computer system comprising a client computer (10) and a database (30) stored on a server (22), the server (22) being coupled to the client computer (10) via a network (48; 114), wherein the database (30) comprises a first relation (36) and a second relation (32; 34), wherein the first relation (36) comprises first data items, wherein the first data items are encrypted with a first cryptographic key (18; 108) in the first relation (36), wherein the second relation (32; 34) comprises equivalence classes, wherein the equivalence classes are encrypted with a second cryptographic key (18; 108) in the second relation (32; 34), wherein each equivalence class is a functional value of one of the first data items, the functional value being obtainable by applying an equivalence relation to the one of the first data items, wherein the second relation (32; 34) comprises for each equivalence class a referential connection assigning the equivalence class to the first data item stored encrypted in

Abstract: The invention relates to a method for creating a second asymmetric cryptographic pair of keys, wherein a first private key (G0) together with a first public key (O0) forms a first asymmetric cryptographic pair of keys (K0). Embodiments of the method may comprise the following steps: receiving a user identifier; calculating a second private key (G1), wherein a random value (z) and the user identifier are considered in the calculation; calculating a second public key (O1) from the second private key using an asymmetric cryptographic key creation method, wherein the second private key and the second public key form the second asymmetric cryptographic pair of keys (K1, 206); creating a first cipher (C_G0—O1) by encrypting the first private key (G0) with the second public key (O1); and storing the first cipher (C_G0—O1).

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying an infix search expression, said expression comprising a first wildcard term on the left side of a search criterion and a second wildcard term o

Abstract: The invention relates to a method for decoding a medicinal data object (132) by means of a data processing system (100). The medicinal data object is encoded by means of a data object key, a signature is allocated to said data object key and the data object key is encoded by means of a first health insurance card key (138). Said medicinal data object is allocated to the first health insurance card key (138) and said method comprises the following steps: a secure communication channel is established with the mobile telecommunication device (116), the telecommunication device (116) is designed to be used as an electronic health insurance card, the first health insurance card key (138) is allocated to the mobile telecommunication device (116), the data object key coded by the health insurance card key (138) is sent to the telecommunication device (116), the decoded data object key is captured by the telecommunication device (116), and the medicinal data object (132) is decoded by the coded data object key.

Abstract: A system is disclosed comprising multiple sets of client computers each client computer having installed thereon an application program The application program comprising client computer specific log-in information, a database system coupled to the set of client computers via a network. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases each one of which is assigned to one set of the sets of client computers. Each database further storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.

Abstract: A system is disclosed comprising multiple sets of client computers each client computer having installed thereon an application program The application program comprising client computer specific log-in information, a database system coupled to the set of client computers via a network. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases each one of which is assigned to one set of the sets of client computers. Each database further storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.

Abstract: The invention relates to a method for creating a set of asymmetrical cryptographic key pairs, wherein the set of key pairs has a first key pair (K1) and a second key pair (K2), wherein the first key pair is formed by a first private (G1) and a first public key (O1) and the second key pair is formed by a second private (G2) and a second public key (O2), wherein a first cipher (C_G2_O1) is allocated to the first and second key pair, wherein the first cipher is formed by an encryption of the second private key (G2) with the first public key (O1), having the following steps: adding a third asymmetrical cryptographic key pair (K3) to the set of key pairs, wherein the third key pair is formed by a third private (G3) and a third public key (O3); creating a second cipher (C_G3_O1) by encrypting the third private key (G3) with the first public key (O1); storing the second cipher (212; 186), wherein the set of key pairs has a directed graph structure.

Abstract: A database system comprising: a memory containing multiple data records, wherein each of the data records has a data record asymmetric key pair for cryptographic encryption and decryption, wherein each data record asymmetric key pair comprises a data record public key and a data record private key, wherein the data contained in each of the multiple data records is encrypted by the data record public key, wherein the data record private key of each data record asymmetric key pair is encrypted with the public key of another asymmetric key pair; a set of user accounts, wherein each of the user accounts has a user asymmetric key pair for encryption and decryption, wherein each user asymmetric key pair has a user public key and a user private key; wherein data is added to a data record by encrypting it with the data record public key; wherein access to the data record is granted to a user account by encrypting the data record private key with the public key of an asymmetric cryptographic key pair whose encrypted p

Abstract: The invention relates to a data structure comprising a plurality of biomedical parameters for providing a plurality of biomedical parameter values as input to a medical decision support system.

Abstract: A system is disclosed comprising multiple sets of client computers each client computer having installed thereon an application program The application program comprising client computer specific log-in information, a database system coupled to the set of client computers via a network. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases each one of which is assigned to one set of the sets of client computers. Each database further storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.

Abstract: A system is disclosed comprising multiple sets of client computers each client computer having installed thereon an application program. The application program comprising client computer specific log-in information, a database system coupled to the set of client computers via a network. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases each one of which is assigned to one set of the sets of client computers. Each database further storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.

Abstract: An apparatus for encrypting data is provided. The apparatus is capable of symmetrically encrypting data and then encrypting the symmetrically encrypted data with the aid of a bit string. The bit string has a maximum entropy. Encryption of the symmetrically encrypted data is designed such that a section of the bit string is used for encryption and successive encryption operations are carried out with carrying sections of the bit string while the bit string remains unchanged.

Abstract: The invention relates to a computer implemented method for analyzing data of a first user, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key and a private key, the data being stored pseudonymously in a database with the data being assigned to an identifier, wherein the identifier comprises the public key, the method comprising: receiving a set of rules, the set of rules describing data processing steps, receiving the identifier, retrieving the data assigned to the identifier from the database, analyzing the retrieved data by applying the set of rules, providing a result of the analysis.

Abstract: The invention relates to a computer implemented method for performing cloud computing on data of a first user employing cloud components, the cloud components comprising a first database and a data processing component, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key and a private key, the data being stored pseudonymously non-encrypted in the first database with the data being assigned to an identifier, wherein the identifier comprises the public key, the method comprising retrieving the data from the first database by the data processing component, wherein retrieving the data from the first database comprises receiving the identifier and retrieving the data assigned to the identifier from the first database, wherein the method further comprises processing the retrieved data by the data processing component and providing a result of the analysis.

Abstract: A computer system comprising multiple sets of client computers coupled to a database system via a network. Each client computer having installed thereon an application program that comprises client computer specific log-in information. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases. Each one of the relational databases being assigned to one set of the sets of client computers. Each one of the relational databases storing encrypted data items. Each data item being encrypted with one of the user or user-group specific cryptographic keys. A key identifier of the cryptographic key with which one of the data items is encrypted being stored in the relational database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.