US2021224624A1PendingUtilityA1

Distribution of cryptographic keys for controlling access to encrypted data in machine-readable identifiers

69
Assignee: WONDERHEALTH LLCPriority: Mar 3, 2015Filed: Apr 2, 2021Published: Jul 22, 2021
Est. expiryMar 3, 2035(~8.6 yrs left)· nominal 20-yr term from priority
G06F 2221/2149G06K 19/06037G06K 7/10722H04L 9/14H04W 12/77G16H 10/65H04L 9/0894H04L 9/30G06F 2221/2151G06K 19/06028G06F 21/36H04L 9/088H04L 9/0816G06F 21/6245G16H 10/60G06K 7/1443G06F 21/6209H04L 9/0819
69
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Disclosed are various embodiments for facilitating the transfer of cryptographic keys various devices. A computing device can receive from a reader device a first device identifier associated with a client device and a second device identifier associated with the reader device. The computing device can determine whether the reader device is authorized to access data associated with the client device based at least in part on the first device identifier and the second device identifier. A cryptographic key corresponding to the data associated with the client device can be provided to the reader device.

Claims

exact text as granted — not AI-modified
Therefore, the following is claimed: 
     
         1 . A system, comprising:
 a computing device comprising at least one hardware processor;   an application executable in the computing device comprising program instruction that, when executed by the at least one hardware processor, cause the computing device to at least:
 receive a first device identifier from a reader device, the first device identifier being associated with a client device; 
 receive a second device identifier from the reader device, the second device identifier being associated with the reader device; 
 determine whether the reader device is authorized by an originating user to access data in a machine-readable identifier generated by the client device based at least in part on the first device identifier, the second device identifier, and a device profile associated with the reader device; and 
 in response to determining that the reader device is authorized, provide a cryptographic key to the reader device, the cryptographic key capable of decrypting an encrypted form of the data in the machine-readable identifier. 
   
     
     
         2 . The system of  claim 1 , wherein the program instructions, when executed by the at least one hardware processor, further cause the computing device to at least receive the cryptographic key from the client device. 
     
     
         3 . The system of  claim 1 , wherein the program instructions, when executed by the at least one hardware processor, further cause the computing device to at least:
 receive a selection of an entity from the client device, the entity being associated with the device profile;   obtain the cryptographic key, the cryptographic key corresponding to the device profile; and   transmit the cryptographic key to the client device.   
     
     
         4 . The system of  claim 3 , wherein the entity comprises a medical provider. 
     
     
         5 . The system of  claim 3 , wherein the program instructions that cause the computing device to obtain the cryptographic key corresponding to the device profile, when executed by the at least one hardware processor, further cause the computing device to at least generate the cryptographic key. 
     
     
         6 . The system of  claim 5 , wherein the cryptographic key is unique to a relationship between a user associated with the client device and the entity. 
     
     
         7 . The system of  claim 3 , wherein the cryptographic key is a predefined cryptographic key, and the program instructions that cause the computing device to obtain the cryptographic key corresponding to the device profile, when executed by the at least one hardware processor, further cause the computing device to at least retrieve the predefined cryptographic key from a data store. 
     
     
         8 . The system of  claim 1 , wherein the reader device is a first reader device associated with a first level of access, the cryptographic key is a first cryptographic key, and the program instructions, when executed by the at least one hardware processor, further cause the computing device to at least send a second cryptographic key to a second reader device associated with a second level of access. 
     
     
         9 . A computer-implemented method, comprising:
 receiving a first device identifier from a reader device, the first device identifier being associated with a client device;   receiving a second device identifier from the reader device, the second device identifier being associated with the reader device;   determining whether the reader device is authorized by an originating user to access data in a machine-readable identifier generated by the client device based at least in part on the first device identifier, the second device identifier, and a device profile associated with the reader device; and   in response to determining that the reader device is authorized, providing a cryptographic key to the reader device, the cryptographic key capable of decrypting an encrypted form of the data in the machine-readable identifier.   
     
     
         10 . The computer-implemented method of  claim 9 , further comprising receiving the cryptographic key from the client device. 
     
     
         11 . The computer-implemented method of  claim 9 , further comprising:
 receiving a selection of an entity from the client device, the entity being associated with a device profile;   generating the cryptographic key, the cryptographic key corresponding to the device profile; and   transmitting the cryptographic key to the client device.   
     
     
         12 . The computer-implemented method of  claim 11 , wherein the entity comprises a medical provider. 
     
     
         13 . The computer-implemented method of  claim 11 , wherein the cryptographic key is unique to a relationship between a user associated with the client device and the entity. 
     
     
         14 . The computer-implemented method of  claim 9 , wherein the reader device is a first reader device associated with a first level of access, and the cryptographic key is a first cryptographic key, the method further comprising sending a second cryptographic key to a second reader device associated with a second level of access. 
     
     
         15 . A non-transitory, computer-readable medium comprising program instructions that, when executed by a processor of a computing device, cause the computing device to at least:
 receive a first device identifier from a reader device, the first device identifier being associated with a client device;   receive a second device identifier from the reader device, the second device identifier being associated with the reader device;   determine whether the reader device is authorized by an originating user to access data in a machine-readable identifier generated by the client device based at least in part on the first device identifier, the second device identifier, and a device profile associated with the reader device; and   in response to determining that the reader device is authorized, provide a cryptographic key to the reader device, the cryptographic key corresponding to the data associated with the client device.   
     
     
         16 . The non-transitory, computer-readable medium of  claim 15 , wherein the program instructions, when executed by the processor, further cause the computing device to at least receive the cryptographic key from the client device. 
     
     
         17 . The non-transitory, computer-readable medium of  claim 15 , wherein the program instructions, when executed by the processor, further cause the computing device to at least:
 receive a selection of an entity from the client device, the entity being associated with a device profile;   retrieve the cryptographic key from a data store, the cryptographic key being a predefined cryptographic key corresponding to the device profile; and   transmit the cryptographic key to the client device.   
     
     
         18 . The non-transitory, computer-readable medium of  claim 17 , wherein the entity comprises a medical provider. 
     
     
         19 . The non-transitory, computer-readable medium of  claim 17 , wherein the cryptographic key is unique to a relationship between a user associated with the client device and the entity. 
     
     
         20 . The non-transitory, computer-readable medium of  claim 15 , wherein the reader device is a first reader device associated with a first level of access, the cryptographic key is a first cryptographic key, and the program instructions, when executed by the processor, further cause the computing device to at least send a second cryptographic key to a second reader device associated with a second level of access.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.