System and Method for Providing Secure Data for Display Using Augmented Reality

A system for authorizing secure data transmission is provided. The system comprises at least one wearable device comprising a head-mounted display configured to receive and display data to a user wearing the head-mounted display. At least one security mechanism associated with each of the at least one wearable device is configured to collect authorization data associated with the user when the user is wearing the head-mounted display. A central processor is in communication with the at least one wearable device via a network. The central processor is configured to receive the authorization data over the network, determine a level of authorization for the user based at least in part on the authorization data, and transmit to the user secure data commensurate with the level of authorization for the user.

Skip to: Description  ·  Claims  · Patent History  ·  Patent History
Description
CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to U.S. Provisional Application Nos. 61/787,780, 61/787,966, and 61/788,104, all filed Mar. 15, 2013, the complete disclosures of which are incorporated herein by reference in their entirety.

BACKGROUND OF THE INVENTION

Collaborative projects frequently require individuals with differing levels of authorization to access sensitive data. In some industries, unauthorized users must be prevented from accessing or viewing sensitive data. This arrangement can be detrimental to collaboration. One way that users may access sensitive data is using a wearable device having a head-mounted display that is configured to display the sensitive data in the user's field of vision using Augmented Reality (AR). There is a need for wearable devices to include one or more security features to authenticate the wearer before displaying sensitive data.

SUMMARY OF THE INVENTION

An illustrative aspect of the invention provides a system for authorizing secure data transmission. The system comprises at least one wearable device comprising a head-mounted display configured to receive and display data to a user wearing the head-mounted display. The system further comprises at least one security mechanism associated with each of the at least one wearable device and configured to collect authorization data associated with the user when the user is wearing the head-mounted display. The system further comprises a central processor in communication with the at least one wearable device via a network, the central processor being configured to receive the authorization data, determine a level of authorization for the user based at least in part on the authorization data, and transmit to the user secure data commensurate with the level of authorization for the user.

Another illustrative aspect of the invention provides a method of authorizing the transmission of secure data to a wearable display device worn by a user and associated with at least one security mechanism. The method comprises receiving authorization data from one of the set consisting of the wearable display device and the at least one security mechanism. The method further comprises determining an authorization level for the user based at least in part on the authorization data. The method further comprises transmitting secure data commensurate with the level of authorization for the user to the wearable device.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention can be more fully understood by reading the following detailed description together with the accompanying drawings, in which like reference indicators are used to designate like elements, and in which:

FIG. 1 is a schematic representation of a system according to an embodiment of the invention;

FIG. 2 is a schematic representation of a system according to an embodiment of the invention; and

FIG. 3 is a block diagram illustrating a method according to an embodiment of the invention.

 DETAILED DESCRIPTION OF THE INVENTION

While the invention will be described in connection with particular embodiments, it will be understood that the invention is not limited to these embodiments. On the contrary, it is contemplated that various alternatives, modifications and equivalents are included within the spirit and scope of the invention as described.

The system described herein uses augmented reality (AR) to display information to a user on a wearable display device. The system uses one or more security features to authenticate the user and display sensitive data while preventing unauthorized users from gaining access to the data.

A wearable display device (herein after referred to as a head-mounted display device (HMD)) is a display device that a person wears on the head in order to have video information directly displayed in front of their eyes. U.S. Pat. No. 8,212,859 to Tang et al. (“Tang”), the complete disclosure of which is incorporated herein by reference, describes the construction and function of illustrative HMDs in more detail. As described in Tang, an HMD may have one or two small CRT, LCD, or OLED displays with magnifying lenses and other associated optical elements. The displays and optics are typically embedded in a helmet, glasses, goggles, contacts, or a visor which a user can wear. As disclosed in Tang, some HMDs can be used to view one or more see-through images imposed upon a real-world view. This is often referred to as augmented reality.

FIG. 1 depicts an exemplary embodiment of a system 100 for displaying sensitive data to an authorized user of a wearable display device 101, or HMD. The system includes a wearable display device, or HMD 101, a secure data system 102 that includes one or more secure data processors 103, at least one security feature 104, and a network 108 that communicatively couples the wearable display device 101 and secure data processor 103. It is noted that the system in FIG. 1 illustrates only a single instance of each component. It will be appreciated that multiple instances of these components may be used. Moreover, the system may include other devices not depicted in FIG. 1.

HMD 101 may be, for example and without limitation, glasses, goggles, a visor, a helmet, or contact lenses. HMD 101 may include a display, a frame, a camera, one or more wireless connections to a data processor, one or more security features, a microphone, and a small speaker. HMD 101 may include one or more processors embedded in the frame. The one or more processors may be remote to the wearable device and may communicate with the wearable device wirelessly.

HMD 101 may transmit and receive data to and from secure data system 102, which may comprise one or more secure data processors 103. The one or more secure data processors may be one or more network enabled computers or servers. As used herein, the term network enabled computer and/or device may include, but is not limited to: e.g., any computer device, or communications device including, e.g., a server, a network appliance, a personal computer (PC), a workstation, a mobile device, a phone, a smartphone, a tablet computer, a laptop, a handheld PC, a personal digital assistant (PDA), a thin client, a fat client, an Internet browser, or other device.

As shown in FIG. 1, HMD 101 may communicate wirelessly with secure data system 102 via network 108. Network 108 may be a wireless network, a wired network or any combination of wireless network and wired network. Network 108 may be a wireless LAN, a Global System for Mobile Communication (“GSM”), a Personal Communication Service (“PCS”), a Personal Area Network (“PAN”), D-AMPS, Wi-Fi, Fixed Wireless Data, IEEE 802.11a, 802.11b, 802.15.1, 802.11n and 802.11g or any other wired or wireless network for transmitting and/or receiving a data signal.

In some instances, HMD 101 may be configured to use AR technology to display sensitive or proprietary information to the wearer. The sensitive data may be wirelessly transmitted to HMD 101 from a remote location, such as the secure data system 102. HMD 101 may display the sensitive data to the user using AR technology. The disclosure herein described systems and methods for authenticating a user (wearer) of the display device so that only authorized users can view the sensitive information on the display of HMD 101. The systems and methods may be implemented in conjunction with one or more security features 104. Security feature 104 may be physically coupled to wearable device 101. Security feature 104 may be integrated with wearable device 101. Security feature 104 may be communicatively coupled to wearable device 101, network 108, and/or secure data system 102 to prevent unauthorized users from gaining access to the sensitive information via the HMD.

FIG. 2 depicts an exemplary embodiment of an HMD that has been equipped with one or more security features 104 to prevent an unauthorized user from viewing sensitive data using the HMD. Device 202 and device 204 may be the same device, equipped with one or more security features. Unauthorized device 202 denotes the state when an unauthorized user wears device 202. Authorized device 204 denotes the state when an authorized user wears device 204. As shown, the unauthorized user wearing device 202 would only be able to view data “12345” in his field of vision. By contrast, an authorized user wearing device 204 would be able to see “12345 546546516” displayed in his field of vision.

The combination of HMD 101, security feature 104, and the secure data system 102 (including secure data processor 103) may use one or more forms of authentication to verify the user's authenticity. In one embodiment, security feature 104 may comprise a microphone connected to HMD 101. The user may speak a password into the microphone. HMD 101 may transmit the spoken password to the secure data system 102 (via network 108), which may use voice recognition software to authenticate the user. Secure data system 102 may include a database of voice samples from authorized users. Secure data processor 103 may compare the received voice sample from HMD 101 and compare it to the one or more stored voice samples to determine if the user of HMD 101 is an authorized user. If the user is appropriately authenticated, the secure data processor 103 may transmit sensitive data to HMD 101 for display to the authorized user, as shown on device 204 in FIG. 2. The amount or nature of the sensitive data that is displayed to the user may vary depending on the level of access associated with the user.

Once a user of an HMD has been authenticated, the user may be able to view sensitive data on the display of the HMD for as long as the user is wearing the HMD. If an unauthorized user attempts to put an HMD that was previously being used by an authorized user, a signal from security feature 104 of the HMD may tell the secure data system 102 that the HMD is no longer being worn by the authorized user. This signal may be a security break signal that may cause the secure data system 102 to cease transmitting sensitive data to HMD 101 and effectively return the HMD to an unauthorized display state (as shown on device 202 in FIG. 2).

Various security features 104 may be incorporated into the HMD to authorize a user or detect changes in the user identity. For example, in one exemplary embodiment, security feature 104 may comprise an accelerometer that is configured to detect sudden changes in the position of the HMD caused by a user “taking off” or “putting on” the HMD. In response to detected changes, HMD 101 and/or security feature 104 may transmit one or more security break signals to the secure data system 102. The secure data system may require the HMD to be stationary at all times. In this scenario, in response to any motion detected by the accelerometer, a security break signal would be sent to the secure data system. In another exemplary embodiment, the secure data system 102 may require the HMD to be moving at a constant velocity. Any change in the HMD's velocity may be detected by the accelerometer, and a security break signal would be sent to the secure data system, causing the secure data system to cease transmission of the sensitive data to the HMD.

In another exemplary embodiment, security feature 104 may comprise one or more heat or temperature sensors. These heat sensors may be positioned to detect body heat emanating from the user of the HMD when the HMD is being worn. Alternatively, security feature 104 may comprise one or more moisture sensors. The heat sensors/temperature sensors/moisture sensors may be configured to send security break signals to the secure data system in response to a detected change in temperature or moisture level, which may correspond to the HMD being taken off or put on.

In another exemplary embodiment, security feature 104 may comprise one or more scanning devices that are configured to frequently scan the user's eye or eyes. Each authorized user may have a unique biometric signature that may have been previously stored with the secure data system 102. The scanning device may periodically send a signal to the secure data system that includes the most recent scan of the user's eye or eyes. Secure data system 102 may compare the scanned information to the stored biometric signatures to verify the identity or authenticity of the user. If the received scan is not authenticated, secure data system 102 may immediately cease transmitting sensitive data to the HMD. Security feature 104 may be configured to detect and/or monitor other biometric signatures, such as a heartbeat or a live DNA scan.

In another exemplary embodiment, security feature 104 may comprise one or more scanners that are configured to detect digital signatures. An authorized user may have been equipped with one or more security tags, such as a quick reference (QR) code, RFID tag, proximity badge, or a chip embedded on the user. The one or more security tags may be worn on the user's clothing, jewelry, or physically embedded on their person. The security tags may broadcast digital signals (such as an RFID signal), or the security tags may be passive devices. Security feature 104 may be configured to detect the signals from the security tags, or to scan the user for the security tag. The HMD may transmit the detected signal or signals to secure data system 102, which may compare them to known identifiers associated with authorized users. If no match is found, secure data system 102 may cease transmitting sensitive data to the HMD. Additionally or alternatively, if the HMD does not detect a digital signal or security feature, the HMD may transmit a security break signal to secure data system 102, and the secure data system may cease transmission of sensitive data to the HMD in response. Security feature 104 and/or HMD 101 may be configured to physically connect to one or more security tags that are worn by the user. The aforementioned security features may be combined as necessary or desirable.

FIG. 3 is a flowchart illustrating the functionality of a method for providing a secure data display on a wearable device. This exemplary method 300 may be provided by way of example, as there are a variety of ways to carry out the method. The method 300 shown in FIG. 3 can be executed or otherwise performed by one or a combination of various systems. The method 300 is described below may be carried out by the systems and networks shown in FIGS. 1 and 2, by way of example, and various elements of the systems and networks are referenced in explaining the example method of FIG. 3. Each block shown in FIG. 3 represents one or more processes, methods or subroutines carried out in exemplary method 300. Referring to FIG. 3, exemplary method 300 may begin at block 302.

At block 302, the secure data system receives a first signal from a wearable device. The first signal may be from a security feature associated with the wearable device. The first signal may be an authorization signal. At block 304, the secure data system may analyze the first signal to determine whether the user of the wearable device is an authorized user. The first signal may be a voice sample. The secure data system may compare the voice sample to one or more stored voice samples from authorized users in order to determine whether the received voice sample is associated with an authorized user. The first signal may be a retinal scan. The secure data system may compare the retinal scan with one or more stored retinal scans from authorized users. The first signal may be a spoken password. The secure data system may compare the spoken password with one or more stored passwords associated with authorized users. The first signal may be a DNA scan. The secure data system may compare the DNA scan with one or more stored DNA samples associated with authorized users. If the secure data system determines that the user associated with the wearable device is authorized, method 300 may proceed to block 306. If the secure data system determines that the user associated with the wearable device is not an authorized user, method 300 may proceed to block 308.

At block 306, secure data system may transmit secured data to the wearable device for display in the field of vision of the user of the wearable device. Secure data system may also transmit unsecured data. The amount and content of the secured data that is transmitted to the wearable device may depend on a level of security clearance associated with the authorized user. The wearable device may be equipped with AR technology, allowing the user to view the secured data in his field of vision. At block 308, the secure data system may transmit unsecured data to the wearable device. In other embodiments, the secure data system may not transmit any data to the wearable device if the user was not authorized in step 304.

At block 310, the secure data system may receive a second signal from the wearable device. The second signal may be generated by the one or more security features associated with the wearable device. The second signal may be similar to the signal received in step 302. The second signal may be generated by an accelerometer associated with the wearable device. The second signal may indicate that the wearable device has been suddenly moved. The second signal may be generated by a temperature sensor associated with the wearable device. The second signal may indicate a sudden change in temperature. At block 312, secure data system may analyze the second signal to determine whether the authorized user is still wearing the wearable device. For example, if the second signal is generated by an accelerometer, the secure data system may have stored a maximum acceleration threshold and compare the second signal to the stored threshold. If the second signal exceeds the threshold, the secure data system may cease transmission of the secured data. If the secure data system determines that the authorized user is no longer wearing the wearable device, method 300 may proceed to block 308, where secure data system may cease transmission of any data to the wearable device (or only transmit unsecured data). If the secure data system determines that the authorized user is still wearing the wearable device, method 300 may proceed to block 314, where secure data system may continue transmitting secured data and unsecured data to the wearable device.

It will be readily understood by those persons skilled in the art that the present invention is susceptible to broad utility and application. Many embodiments and adaptations of the present invention other than those herein described, as well as many variations, modifications and equivalent arrangements, will be apparent from or reasonably suggested by the present invention and foregoing description thereof, without departing from the substance or scope of the invention.

Claims

1. A system for authorizing secure data transmission, the system comprising:

at least one wearable device comprising a head-mounted display configured to receive and display data to a user wearing the head-mounted display;
at least one security mechanism associated with each of the at least one wearable device and configured to collect authorization data associated with the user when the user is wearing the head-mounted display; and
a central processor in communication with the at least one wearable device via a network, the central processor being configured to receive the authorization data, determine a level of authorization for the user based at least in part on the authorization data, and transmit to the user secure data commensurate with the level of authorization for the user.

2. The system of claim 1, wherein the central processor is configured to determine the level of authorization for the user at least in part by comparing the authorization data to data stored in a database of authorized users.

3. The system of claim 1, wherein the head mounted display is one of the set consisting of a helmet, glasses, goggles, contacts, and a visor.

4. The system of claim 1, wherein the head-mounted display is configured for receiving and displaying augmented reality images to the user and wherein the secure data includes augmented reality images.

5. The system of claim 1, wherein the at least one security mechanism comprises at least one of the set consisting of an accelerometer, a temperature sensor, a retinal scanner, a motion sensor, a DNA scanner, a microphone, a moisture sensor, a scanner, a barcode reader, and a camera.

6. The system of claim 1, wherein the authorization data comprises at least one of the set consisting of a voice sample, a temperature reading, a retinal scan, a DNA scan, an image, a moisture level, a QR code, an RFID scan, a measured velocity, and a measured acceleration.

7. The system of claim 1, wherein the central processor is further configured to determine if the user is not an authorized user and to transmit only non-secured data to the at least one wearable device if the central processor determines that the user is not an authorized user.

8. The system of claim 1, wherein the at least one security mechanism is configured for direct communication with the central processor.

9. The system of claim 8, wherein the at least one security mechanism is configured to monitor a security parameter indicative of the user continuing to wear the head-mounted display.

10. The system of claim 9, wherein the at least one security mechanism is configured so that the at least one security mechanism notifies the central processor of sudden changes in the monitored security parameter.

11. The system of claim 10 wherein the central processor is configured to stop transmission of secure data to the wearable device associated with the user responsive to receiving a notification of sudden changes in the monitored security parameter from the at least one security mechanism.

12. A method of authorizing the transmission of secure data to a wearable display device worn by a user and associated with at least one security mechanism, the method comprising:

receiving authorization data from one of the set consisting of the wearable display device and the at least one security mechanism;
determining an authorization level for the user based at least in part on the authorization data; and
transmitting secure data commensurate with the level of authorization for the user to the wearable device.

13. The method of claim 12, wherein the action of determining an authorization level for the user comprises comparing the authorization data to data stored in a database of authorized users.

14. The method of claim 13, wherein the action of determining an authorization level for the user further comprises:

determining a security clearance level associated with the user based at least in part on the authorization data; and
altering the secure data based on the security clearance level.

15. The method of claim 12, wherein the secure data includes augmented reality images configured for display to the user by the wearable display device.

16. The method of claim 12, wherein the authorization data comprises at least one of a voice sample, a temperature reading, a retinal scan, a DNA scan, an image, a moisture level, a QR code, an RFID scan, a measured velocity, and a measured acceleration.

17. The method of claim 10, further comprising:

determining if the user is not an authorized user; and
responsive to a determination that the user is not an authorized user, transmitting only non-secured data to the wearable display device.

18. The method of claim 10, wherein the at least one security mechanism is configured to monitor a security parameter indicative of the user continuing to wear the head-mounted display, the method further comprising:

receiving from one of the set consisting of the wearable display device and the at least one security mechanism a notification of a sudden change in the monitored security parameter; and
responsive to receiving a notification of a sudden change in the monitored security parameter, stopping transmission of secure data to the wearable display device.
Patent History
Publication number: 20140282911
Type: Application
Filed: Mar 14, 2014
Publication Date: Sep 18, 2014
Inventors: Brian Bare (Chesapeake, VA), Jonathan Martin (Virginia Beach, VA), Paul Sells (Newport News, VA), Partick Ryan (Carrollton, VA)
Application Number: 14/210,730
Classifications
Current U.S. Class: Authorization (726/4)
International Classification: H04L 29/06 (20060101); G02B 27/01 (20060101); G06T 19/00 (20060101);