Electronic Health Data Access Control
US-2021336956-A1 · Oct 28, 2021 · US
Private resource discovery and subgroup formation on a blockchain
US11315110B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11315110-B2 |
| Application number | US-201715855155-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 27, 2017 |
| Priority date | Dec 27, 2017 |
| Publication date | Apr 26, 2022 |
| Grant date | Apr 26, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An example operation may include one or more of identifying a registered interest associated with a requestor on a blockchain, accessing a smart contract stored on the blockchain, determining a match between the registered interest and blockchain transaction information, determining the requestor associated with the registered interest has access permissions to access the blockchain transaction information based on access control rules, and creating a temporary bilateral smart contract including the requestor, and an owner of the blockchain transaction information, and the temporary bilateral smart contract provides permission for the requester to access the blockchain transaction information.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: receiving a request from a requestor for data of a resource stored on a blockchain; determining, via a system smart contract running on a blockchain network of the blockchain, a blockchain peer, from among a plurality of blockchain peers of the blockchain network, which comprises encrypted data corresponding to the data of the resource requested by the requestor based on a resource identifier included in the request; determining, via the system smart contract, that the requestor has permission to access the encrypted data based on access control rules that are embedded within logic of the system smart contract; dynamically creating, via the system smart contract, a temporary ad hoc smart contract for the requestor and the determined blockchain peer only from among the plurality of blockchain peers which provides temporary access to a decryption key of the blockchain peer to the requestor to enable the requestor to decrypt the encrypted data from the blockchain peer; installing the temporary ad hoc smart contract on the blockchain peer; and terminating the temporary ad hoc smart contract in response to the requestor receiving the decryption key. 2. The method of claim 1 , further comprising: forwarding the decryption key to the requestor, responsive to determining the requestor has access permissions to access the encrypted data. 3. The method of claim 1 , further comprising storing the decryption key off the blockchain. 4. The method of claim 1 , wherein the access control rules are based on anonymous transaction certificates which manage access to resources stored on the blockchain. 5. The method of claim 1 , wherein the encrypted data is encrypted before being stored on the blockchain based on a policy stored in the smart contract. 6. The method of claim 1 , further comprising: registering the request from the requestor on the blockchain. 7. The method of claim 1 , further comprising: updating the access control rules embedded in the logic of the system smart contract to add an access control rule to allow the requestor to access the encrypted data. 8. An apparatus, comprising: a processor configured to: receive a request from a requestor for data of a resource stored on a blockchain; determine, via a system smart contract running on a blockchain network of the blockchain, a blockchain peer, from among a plurality of blockchain peers of the blockchain network, which comprises encrypted data corresponding to the data of the resource requested by the requestor based on a resource identifier included in the request; determine, via the system smart contract, that the requestor has permission to access the encrypted data based on access control rules that are embedded within logic of the system smart contract; dynamically create, via the system smart contract, a temporary ad hoc smart contract for the requestor and the determined blockchain peer only from among the plurality of blockchain peers which provides temporary access to a decryption key of the blockchain peer to the requestor to enable the requestor to decrypt the encrypted data from the blockchain peer; install the temporary ad hoc smart contract on the blockchain peer; and terminate the temporary ad hoc smart contract in response to the requestor receiving the decryption key. 9. The apparatus of claim 8 , wherein the processor is further configured to forward the decryption key to the requestor, responsive to a determination that the requestor has access permissions to access the encrypted data. 10. The apparatus of claim 8 , wherein the processor is further configured to store decryption key off the blockchain. 11. The apparatus of claim 8 , wherein the access control rules are based on anonymous transaction certificates which manage access to resources stored on the blockchain. 12. The apparatus of claim 8 , wherein the encrypted data is encrypted before being stored on the blockchain based on a policy stored in the smart contract. 13. The apparatus of claim 8 , wherein the processor is further configured to register request on the blockchain. 14. A non-transitory computer readable storage medium storing instructions that when executed causes a processor to perform a method comprising: receiving a request from a requestor for data of a resource stored on a blockchain; determining, via a system smart contract running on a blockchain network of the blockchain, a blockchain peer, from among a plurality of blockchain peers of the blockchain network, which comprises encrypted data corresponding to the data of the resource requested by the requestor based on a resource identifier included in the request; determining, via the system smart contract, that the requestor has permission to access the encrypted data based on access control rules that are embedded within logic of the system smart contract; dynamically creating, via the system smart contract, a temporary ad hoc smart contract for the requestor and the determined blockchain peer only from among the plurality of blockchain peers which provides temporary access to a decryption key of the blockchain peer to the requestor to enable the requestor to decrypt the encrypted data from the blockchain peer; installing the temporary ad hoc smart contract on the blockchain peer; and terminating the temporary ad hoc smart contract in response to the requestor receiving the decryption key. 15. The non-transitory computer readable storage medium of claim 14 , wherein the method further comprises forwarding the decryption key to the requestor, responsive to determining the requestor has access permissions to access the obfuscated blockchain transaction information. 16. The non-transitory computer readable storage medium of claim 14 , further comprising storing the decryption key off the blockchain. 17. The non-transitory computer readable storage medium of claim 14 , wherein the access control rules are based on anonymous transaction certificates which manage access to resources stored on the blockchain. 18. The non-transitory computer readable storage medium of claim 14 , wherein the encrypted data is encrypted before being stored on the blockchain based on a policy stored in the smart contract. 19. The non-transitory computer readable storage medium of claim 14 , wherein the method further comprise terminating the temporary ad hoc smart contract after the requestor accesses the encrypted data on the blockchain.
Assignees
Inventors
Classifications
- H04L9/50Primary
using hash chains, e.g. blockchains or hash trees · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
involving time stamps, e.g. generation of time stamps · CPC title
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11315110B2 cover?
- An example operation may include one or more of identifying a registered interest associated with a requestor on a blockchain, accessing a smart contract stored on the blockchain, determining a match between the registered interest and blockchain transaction information, determining the requestor associated with the registered interest has access permissions to access the blockchain transaction…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L9/50. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 26 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).