Who is the assignee on this patent?

Li Jun, Swaminathan Ram, Singhal Sharad, and 1 more

What technology area does this patent fall under?

Primary CPC classification G06Q10/10. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Jul 17 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Validating a metadata tree using a metadata integrity validator

US10025903B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10025903-B2
Application number	US-201214421734-A
Country	US
Kind code	B2
Filing date	Sep 12, 2012
Priority date	Aug 15, 2012
Publication date	Jul 17, 2018
Grant date	Jul 17, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A method performed by a processing system includes reconstructing a metadata tree of a patient from a metadata tree journal, the metadata tree including a plurality of references to a corresponding plurality of encrypted electronic health records of the patient in an encrypted data store, and validating the metadata tree by comparing first integrity information of the metadata tree to second integrity information corresponding to the metadata tree journal provided by a metadata integrity validator.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer implemented method performed by a processing system implemented by at least one hardware processor, the method comprising: storing in a metadata integrity validator, first integrity information for a metadata tree of a patient, the first integrity information including a summary tree that identifies a state of the metadata tree, the summary tree based on an in-order traversal of a corresponding subtree of the metadata tree, the first integrity information including a hash of the subtree based on a hash function cumulatively applied to nodes of the subtree from a root node to a last node along the in-order traversal; generating, by the at least one hardware processor, a first reconstructed metadata tree of the patient from a metadata tree journal using the first integrity information to ensure a consistent version is reconstructed from the metadata tree journal, the first reconstructed metadata tree including a plurality of references to a corresponding plurality of encrypted electronic health records of the patient in an encrypted data store; receiving from the metadata integrity validator, the first integrity information corresponding to the metadata tree journal; validating the first reconstructed metadata tree by comparing second integrity information of the first reconstructed metadata tree to the first integrity information; and responsive to successfully validating the first reconstructed metadata tree, permitting read and write access to the encrypted data store, comprising: determining a node in the first reconstructed metadata tree that corresponds to an encrypted electronic health record in the encrypted data store; accessing the encrypted electronic health record from the encrypted data store using a reference from the node; and decrypting the encrypted electronic health record using a record key. 2. The method of claim 1 further comprising: accessing the metadata tree journal from a metadata store. 3. The method of claim 1 further comprising: generating the second integrity information corresponding to the first reconstructed metadata tree subsequent to reconstructing the first reconstructed metadata tree. 4. The method of claim 1 further comprising: generating the second integrity information as a second hash of the first reconstructed metadata tree; and wherein the first integrity information is a first hash of the metadata tree corresponding to the metadata tree journal. 5. The method of claim 1 further comprising: generating the first reconstructed metadata tree using the summary tree received from the metadata integrity validator. 6. The method of claim 1 further comprising: in response to a determination that the first reconstructed metadata tree is not valid, accessing the metadata tree journal from the metadata store; accessing third integrity information corresponding to the metadata tree journal from the metadata integrity validator; generating a second reconstructed metadata tree of the patient from the metadata tree journal; and validating the second reconstructed metadata tree by comparing fourth integrity information of the second reconstructed metadata tree to the third integrity information. 7. The method of claim 1 wherein a first one of the plurality of encrypted electronic health records is generated by a first provider, wherein a second one of the plurality of encrypted electronic health records is generated by a second provider, and wherein the second provider is not affiliated with the first provider. 8. A processing system comprising: a hardware processor; and a memory storing instructions that, when executed by the hardware processor, causes the hardware processor to: store in a metadata integrity validator, first integrity information for a metadata tree of a patient, the first integrity information including a summary tree that identifies a state of the metadata tree, the summary tree based on an in-order traversal of a corresponding subtree of the metadata tree, the first integrity information including a hash of the subtree based on a hash function cumulatively applied to nodes of the subtree from a root node to a last node along the in-order traversal; generate a first reconstructed metadata tree from a metadata tree journal provided by a metadata store, wherein the first integrity information is used to generate the first reconstructed metadata tree to ensure a consistent version is reconstructed from the metadata tree journal; receive the first integrity information from the metadata integrity validator, the first integrity information corresponding to the metadata tree journal; validate the first reconstructed metadata tree of the patient using the first integrity information received from the metadata integrity validator; and responsive to successful validation of the first reconstructed metadata, permit read and read access to an encrypted data store, including: determining a node in the first reconstructed metadata tree that corresponds to an encrypted electronic health record in the encrypted data store; accessing the encrypted electronic health record from the encrypted data store using a reference from the node; and decrypting the encrypted electronic health record using a record key. 9. The processing system of claim 8 wherein the instructions, when executed by the hardware processor, cause the hardware processor to: access the metadata tree journal from the metadata store; generate second integrity information from the first reconstructed metadata tree; and validate the first reconstructed metadata tree by comparing the first integrity information to the second integrity information. 10. The processing system of claim 8 wherein the instructions, when executed by the hardware processor, cause the hardware processor to: generate a second hash of the first reconstructed metadata tree; and validate the first reconstructed metadata tree using the second hash and a first hash of the metadata tree provided by the metadata integrity validator. 11. The processing system of claim 8 wherein the instructions, when executed by the hardware processor, cause the hardware processor to: generate the first reconstructed metadata tree using the summary tree received from the metadata integrity validator. 12. An article comprising at least one non-transitory machine-readable storage medium storing instructions that, when executed by a processing system, cause the processing system to: store in a metadata integrity validator, first integrity information for a metadata tree of a patient, the first integrity information including a summary tree that identifies a state of the metadata tree, the summary tree based on an in-order traversal of a corresponding subtree of the metadata tree, the first integrity information including a hash of the subtree based on a hash function cumulatively applied to nodes of the subtree from a root node to a last node along the in-order traversal; generate a first reconstructed metadata tree from a metadata tree journal provided by a metadata store, wherein the first integrity information is used to generate the first reconstructed metadata tree to ensure a consistent version is reconstructed from the metadata tree journal; receive the first integrity information from the metadata integrity validator, the first integrity information corresponding to the metadata tree journal; validate the first reconstructed metadata tree of the patient using the first integrity information received from the metadata integrity validator; responsive to successful validation of the first reconstructed metadata, permit read and read access to

Assignees

Inventors

Classifications

G06Q2220/10
Usage protection of distributed data files · CPC title
G06Q10/10Primary
Office automation; Time management · CPC title
H04L63/064
Hierarchical key distribution, e.g. by multi-tier trusted parties · CPC title
G16H10/40
for data related to laboratory analysis, e.g. patient specimen analysis · CPC title
G16H10/60Primary
for patient-specific data, e.g. for electronic patient records · CPC title

Patent family

Related publications grouped by family.

View patent family 50101380

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10025903B2 cover?: A method performed by a processing system includes reconstructing a metadata tree of a patient from a metadata tree journal, the metadata tree including a plurality of references to a corresponding plurality of encrypted electronic health records of the patient in an encrypted data store, and validating the metadata tree by comparing first integrity information of the metadata tree to second in…
Who is the assignee on this patent?: Li Jun, Swaminathan Ram, Singhal Sharad, and 1 more
What technology area does this patent fall under?: Primary CPC classification G06Q10/10. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Jul 17 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).