Abstract: A system and method for providing, managing, and accessing a multi-user secure portable database using secure memory cards is provided. The database has a secure portion for storing security keys and a non-secure portion for encrypted data files. Access to the encrypted data files is controlled by assigning access rights through an access control matrix to each encrypted data file according to a hierarchical structure of users. A user requesting access is identified in the hierarchy, associated with a key for allowing the requested access, and the requested access allowed to a file in accordance with the rights allocated through the access control matrix. A patient can selectively grant access to encrypted medical records on his card to a physician. Authentication of the owner/patient is preferably required. Other records required by emergency medical personnel are readable from the same card without requiring permission from the patient.
Type:
Grant
Filed:
July 1, 2005
Date of Patent:
February 9, 2010
Assignee:
PrivaMed, Inc.
Inventors:
Mansour Aaron Karimzadeh, Mark Douglas Schaeffer, F. Avraham Dilmanian, Farshad Namdar