IT202100021920A1 - Management method for storing and sharing personal information - Google Patents

Description

Management method for storing and sharing personal information

Description

The present invention relates to a management method implemented via computer, generally known as computer implemented method (CI method), for storing and sharing personal information, i.e. a set of protected personal data that a user implements by adding , modification or deletion of data, data categories, data lists, etc. Street.

Each user of computer systems on the network uses more? Apps, games, websites, social platforms, and needs to store a large amount? information that results cos? scattered over hundreds of different databases associated with these systems, without the user having any control over them.

In this regard, a set of protected personal data is defined as a collection, referring to a user, of personal information, some of which can be made anonymous by removing any link with the identity of the user. dell?user, and others instead define the?identity? of the user. The former are defined as freely accessible information, provided that they have been released by the user, and can be used, as a whole, in particular for statistical purposes. The latter are defined as private information, why? allow to go back to?identity? and/or to a physical or digital address of the user.

Most software intended for private users, including apps and social platforms, collect and process personal information that a user, more or unknowingly, shares in the servers to which these software belong.

The operators of these software often exploit and process the personal information of users, generally on the basis of a generic consent of users through acceptance of the terms and conditions of use, mainly for their own commercial interests, such as the identification of products, services or content to offer to its users, or even by sharing this information with other business partners, although these shares must be specifically authorized.

Does the current situation leave users with tenuous control over portability? of your personal information stored in these systems. Often, users need to recreate their personal information across different platform and App operators to use functionalities. not available on one platform, but available on another platform.

Furthermore, the way these systems store and access a user's personal information generally provides little or no transparency into how the data is kept, and what is the point? leads to a number of drawbacks, including the fact that users may not be willing to share data with networked computer systems, or the impossibility? to have a traceability? changes made, both by the user and by the system, to personal information.

In this context, users feel a strong need to be able to have access to a technology directed towards a system for maintaining the user's personal information that is reliable, transparent and traceable, and that provides the user with control over changes and sharing of your personal information.

Are there known examples of systems aimed at protecting the identity? and a user's confidential information, such as in US Patent Nos. 10,572,684 B2, 10,621,376 B2, 9,635,000 B1 and US Patent Application No. 2019/020,5563 A1.

The processes and IT structures described for? seem in general oriented almost exclusively to the protection of personal information, possibly combined with a rigorous control of the identity? of users, and not to greater security in their sharing.

The technical problem that ? at the basis of the present invention ? to provide a management method, implemented via computer, for filing and sharing personal information which makes it possible to overcome the drawback mentioned with reference to the prior art, while at the same time satisfying the requirement outlined above.

This problem is solved by a management method as specified above, which is characterized in that it comprises the steps defined in the annexed claim 1.

In general, the invention described here? therefore aimed at creating an environment that favors the access of users to the pi? disparate applications and websites, such as banking, insurance and financial transaction software and websites, healthcare software, electronic messaging, business software, software and websites for the sale of objects and services, but also more complex applications. entertainment and leisure oriented, such as social networks, multi-user video games, role-playing games, dating sites, travel sites, and so on. away, where notoriously the distinction between these different types of application? more and more labile and nuanced.

The storage and sharing of personal information provides, in the management method that will be? described below, that a main manager provides, through any access point that can be, for example, a website and/or an app, an IT structure that includes at least one processor and at least one shared server, capable of connecting to a connection network, typically the Internet, for connection, through this connection network, with a plurality? of client devices that are associated with respective users who want to store and share their personal information at one or more Informatic Systems.

Here and in the following, computer systems mean software and websites of third parties, therefore represented by respective operators of decentralized computer systems.

These computer systems, in common practice, need their users to share personal information with them to ensure their correct functioning, but in this way they must be aggravated by the burden of managing this personal information, some extremely sensitive and private, other more of a playful nature, while still ensuring a certain level of protection for all.

An object of the present invention ? eliminate this burden, offering IT system managers the possibility? to exploit the information that users want to share with them, thanks to a decentralized archive system, with different levels of access based on the type of personal information archived.

Therefore, the management method according to the present invention comprises a registration phase, in which a user registers with the IT structure, and to do so? the user must use, and therefore generate if he does not have one, an asymmetric public/private cryptographic key, possibly coupled to a secure password, chosen by the user himself.

Is it meant that the private cryptographic key should? be kept by the user himself and never shared with anyone, his public key will be able? possibly instead be supplied to other IT structures.

In this phase, the user can? choose one or more identity alternatives, alter-ego or avatar, with which he will come? identified, if permitted by current rules, in the computer systems in which he will operate, such as multi-role video games.

At the same time, a crediting phase is envisaged, conceptually similar to the previous one, in which a computer system manager acquires a public cryptographic key and registers, with said computer structure, one or more computer systems designed to interact with the user.

In this case, the public cryptographic key can be acquired, possibly for a fee, by the IT structure.

This accreditation phase has the purpose of allowing reciprocal interaction between the IT structure and the IT systems belonging to their managers, for the exchange, under certain conditions, of the personal information provided by users through said IT systems, which in any case does not are kept by the IT system managers.

so that There? occurs, a phase of permission is envisaged, in which the IT structure receives from the user the request to use, for example, an IT system, being a user registered with the IT structure itself, and in this regard he provides, using the IT structure as a mediator , the personal information that is required by the computer system.

Otherwise, the same interaction between user and computer system produces personal information that is collected by said computer structure, such as scores, credits, preferences, acquired levels and so on. Street.

At this stage, this information is divided into two main categories: freely accessible information, which is not linked to identity? dell? user, and private information, which define the? identity? of the user and which must be treated with greater confidentiality.

Within each main category, information can be further categorized into lists, each provided with a marker.

Furthermore, still in this phase, the personal information provided by the user may be linked to one of his alter-egos or avatars.

The personal information provided by the user, each in the respective categories and lists, is recorded in at least one public register distributed according to blockchain technology, in a special loading phase of the management method described here. Furthermore, the authorizations that the user issues via cryptographic transaction will also be recorded on the same blockchain register, to allow third-party IT structures to access them, these authorizations can always be modified or revoked by the user himself, leaving him with complete control over his data.

Once uploaded, this personal information can be read, updated or deleted, and new ones can also be added.

In this regard, the management method includes a phase of access to private information, in which the IT system manager requests from the user, through the mediation of the IT structure, an authorization to access the information personal information that has been categorized as private information, and the user grants, if he wants, access authorization by using his private cryptographic key and/or his password to issue the authorization cryptographic transaction. Any information recorded on the blockchain will be? protected by strong encryption that allows reading only to the holders of the private access key, if shared, this information will then be encrypted using both the user's public key and the public key of the IT structure authorized by the user to read the data.

However, this private information cannot be modified by computer systems.

Furthermore, the management method comprises a step of accessing freely accessible information, in which said IT system manager requests said IT structure, using its cryptographic key, to access freely accessible information, and possibly add new ones, or to modify those present on the basis of the interaction between the user and the IT system. Any access transaction to such data will be? then registered in the blockchain to keep a record of access requests that the user can? always check anytime.

Finally, the management method comprises a possible modification phase, in which said IT structure receives from the user the request to use said one or more? computer systems as a user registered with said computer structure, adding, modifying or deleting, through said computer structure, personal information that is divided into freely accessible information and private information.

The management method outlined above and the computer system that implements it therefore provide a way to store a set of protected personal information in a secure cryptographic archive, taking advantage of the blockchain, to write the encrypted data and give them access to anyone who requests it as long as ? with the approval of the user mediated through a manager. There? allows users to have control over their data, with an approach that can? eventually be gamified through a rewards system.

In a preferred version of the management method according to the present invention, it also comprises a reward phase in which the user, on the occasion of a permission and/or modification phase, receives a reward of a digital nature, such as for example a token digital (token), expendable at the IT structure, or at the IT systems themselves, to acquire, services, priorities? or other benefits.

This invention will come described hereinafter according to a preferred embodiment thereof, provided by way of non-limiting example with reference to the attached drawings in which:

Figure 1 shows a first diagram illustrating a set of protected personal information referring to an anonymized user (actor) through an alter-ego or avatar, which defines an identity? user alternative;

Figure 2 shows a second schematic diagram illustrating the interaction between users and companies? managers of computer systems through a distributed database managed by a manager; And

Figure 3 shows a third schematic diagram illustrating the main phases of the management method according to the present invention.

The present description is to be considered as an exemplification of the invention and is not intended to limit the invention to the specific embodiments illustrated by the figures or description below.

This description generally refers to the management of information and personal data which may be of a private nature, as they relate to sensitive data relating to the person, his identity, his digital and physical contact details, his state of health, his situation financial and what? away, or can they instead have a public nature as data to be shared through third-party computer systems such as software, apps, websites, social platforms and so on? Street; such information can, for example, be stored in an encrypted and distributed storage technology (DLT), such as a blockchain, which can anonymize it.

The expressions "Distributed Ledger Technology", "DLT", ?distributed public ledger? are generally used to refer to an element of data storage comprising, for example, a set of replicated, shared and/or synchronized digital data that may be geographically distributed across multiple? sites, countries or institutions. In a DLT, there is typically no central administrator or centralized data store. Examples of the use of DLT include: blockchain, cryptocurrencies, smart contracts, and decentralized file storage over the network.

In general, blockchains ? a distributed database that maintains an ever-growing list of data records. Each data record ? protected against tampering and revisions. Blockchains are used with public transaction ledgers, where encryption is applied to the record, which allows transactions to be private by encrypting the transaction content, and so on. only users or entities? who have the transaction key can view it.

The terms "a", "a", and "the" are also intended to include the plural forms, unless the context clearly indicates a different intent.

The terms "comprises" and/or "comprising", and equivalents, when used in this description, specify the presence of stated phases, characteristics, steps, operations, elements and/or components, but do not preclude the presence or addition of one or more other phases, characteristics, integers, steps, operations, elements, components and/or groups thereof.

In the context of the present invention, the term "public ledger" specifically consists of a publicly accessible list of transactions for the distributed database or blockchain.

In the following description, the term "blockchain" generally means a distributed database that contains a ledger or list of records, called blocks, that are protected from tampering and revisions typically by a unique cryptographic hash code.

Blockchains constitute a ?ledger? (ledger) open and distributed, capable of recording sets of protected personal information, referable to a user, in an efficient, verifiable and permanent way. Consent to use this encryption methodology ensures that shared records are exact copies, and reduces the risk of fraudulent transactions, since the tampering may need to occur in many places at exactly the same time.

At its core, a blockchain computer system can also record the chronological order of the inputs, giving them a respective time stamp (timestamp), with all the nodes of the system that accept the validity? of the input using the chosen consent model. The result consists in an identification that is irreversible and accepted by all the partners of the information system.

A private cryptographic key ? an alphanumeric string encoded in different formats depending on the generation method used. In this context, it can be generated

by? user and whose public part can? to be

registered or freely used by an institution

certificate, or eventually to the same structure

computer science presiding over the management method here

described.

A public cryptographic key also consists

into a string of letters and numbers, usually from

26 to 34 characters, generated from the private key.

In asymmetric cryptographic systems, employed

in blockchains, each private key pair e

publish ? formed in such a way that there? that comes

encrypted with a, pu? only be decrypted with

the other one. The two keys are, a priori, perfectly

interchangeable, but generally one of the two

is defined as "public" and a "private", so that?

one of the two, precisely the public key, pu? to be

also exchanged over an insecure channel such as email,

key server, on a page and cos? off the important thing?

know that a public key ? by itself associated

to a private key, and pu? also be associated

to a user usually with the use of a certificate

digital.

The combination of public and private keys

it is used to carry out transactions

irreversible guaranteed by linked mathematical signatures

at each transaction.

The management method for archiving and

sharing personal information ? accomplished

in an IT platform which includes in

general a computer structure, indicated in his

complex with 100. Commented [1]: What does it mean indicated with 100??? An illustrative example of some of the physical components that can make up a computer platform comprising the computer structure 100 for managing personal information using a blockchain, identified as structure for short, configured to facilitate the transfer of data and personal information between one or more ? access points, i.e. between users 1 and their respective client devices 2 and at least one server 3 on a data network.

Each 2 client device can send data and receive data from the data network via a network connection with an access point. A data store accessible from server 2 can? contain one or more database. The data may include any personal information relevant to one or more users, including information describing one or more users, timestamps, public information, possibly from one or more? computer systems used by the user and referring to it, and a possible nonce, or a number, generally random or pseudo-random, which has a unique use.

The client devices 2 can be mobile devices, such as laptops, tablets, personal digital assistants, smartphones, and the like, that have a wireless network interface capable of sending data to one or more devices. server with access to one or more? stores data over a network such as a wireless local area network (WLAN). Additionally, client devices 2 may be stationary devices, such as desktops, workstations, and the like, that have a wired or wireless network interface capable of sending data to one or more devices. server with access to one or more? Stores data over a wireless or wired local area network.

The present invention can be implemented on at least one client 2 and/or server 3 device programmed to perform one or more? of the steps described here. In some embodiments, ? is it possible to use more of a client 2 and/or server 3 device, each programmed to perform one or more? steps of a method or process described herein.

Client device 2 can? be a digital device which, in terms of hardware architecture, generally includes a processor, input/output (I/O) interfaces, a radio, data storage, and memory.

Server 3 can? be a digital computer which, in terms of hardware architecture, generally includes a processor, input/output (I/O) interfaces, a network interface, data storage, and memory.

In general, the server processor or client device ? a hardware device to execute software instructions. The processor can? be any custom or commercially available processor, a unit? central processing unit (CPU), an auxiliary processor between several processors associated with the device, a semiconductor-based microprocessor (in the form of a microchip or set of chips), or generally any device for executing software instructions. When the server and the client device are running, the processor ? configured to run software stored in memory, to communicate data to and from memory, and to generally control server operations according to the software's instructions. I/O interfaces can be used to receive user input from and/or to provide system output to one or more devices or components.

User input can be provided via, for example, a keyboard, touch pad and/or mouse. The system output can be provided via a display device and printer (not shown). I/O interfaces may include, for example, a serial port, a parallel port, a Small Computer System Interface (SCSI), a serial ATA (SATA), a Fiber Channel, iSCSI, a PCI Express (PCI -x), an infrared (IR) interface, a radio frequency (RF) interface and/or a USB (Universal Serial Bus) interface and its evolutions, and in general any other interface for the transmission of digital data.

The network interface can be used to allow the server to communicate over a network, such as the Internet, a wide area network (WAN), a local area network (LAN), and the like, etc. The network interface can include, for example, an Ethernet card or adapter, or a wireless LAN card or adapter (for example, 802.11a/b/g/n). The network interface can include address, control, and/or data connections to enable proper communications over the network. ? You can use a data store to store data. The data store can include any volatile memory items (for example, random access memory (RAM, such as DRAM, SRAM, SDRAM, and the like)), nonvolatile memory items (for example, ROM, hard disk, tape, CDROM, and the like), and their combinations. Also, the data store can incorporate electronic, magnetic, optical and/or other storage media. In one example, the data store can be located within the server as, for example, an internal hard drive connected to the local interface in the server. Also, in another embodiment, the data store can be placed outside the server such as, for example, an external hard drive connected to the I/O interfaces. In a further embodiment, the data store can be connected to the server through a network, such as a network-attached file server.

Note that memory can have a distributed architecture, otherwise called cloud, in which various components are located remotely from each other, but can be reached from the processor. The software in memory can? include one or more software programs, each of which includes an ordered list of executable instructions for implementing logic functions. The in-memory software includes a suitable operating system (O/S) and one or more programs. The operating system essentially controls the execution of other computer programs, such as one or more programs, and provides scheduling, input-output control, file and data management, memory management and communication control, and related services. The one or more programs can be configured to implement the various processes, algorithms, methods, techniques, etc. described here.

The computer structure 100 comprises a connection to a blockchain network, having one or more nodes, which can be in communication with one or more? server 2 and/or client devices 3 of the structure 100. A node can? consist of a server, client device, or any other appropriate networked computing platform. The blockchain network can manage a distributed blockchain 101 database containing the data recorded by the system. This data can be maintained as a distributed public ledger, which can be designated as a lock, protected from tampering and auditing.

With reference to figures 2 and 3, the IT structure 100 ? responsible for the storage and sharing of a set of personal information 102 and, in this regard, it provides a generic user with any access point that can be for example a website and/or an app; a plurality? of client devices 2 are associated with respective users 1 who wish to store and share their personal information at one or more? IT systems, indicated as a whole with 103, which report to respective managers of IT systems 104 which interact with said main structure 100.

The user 1 therefore obtains on his client, for example his own smartphone, the app which constitutes said access point and, by connecting to the IT structure 100, generates his public cryptographic key 4 inside the app, for example by using the secp256k1 algorithm, and also chooses a password 5 to protect it.

The secp256k1 algorithm refers to the parameters of a particular elliptic curve used in public key cryptography, defined in the Standards for Efficient Cryptography (SEC), built in a special non-random way which allows a particularly efficient calculation.

The generation of public key 4 and password 5 carries out a user registration phase, which can also include a phase of generation of an?identity? alternative 6, defined as an alter-ego or avatar, which can? includes for example a nickname, a description, one or more? associated images.

With the login step, user 1 signs a blockchain contract to manage his set of protected personal information 102. If user 1 already owns a secp256k1 key, given that for example Bitcoin and Ethereum Wallet use the same algorithm, he can? import your key 4.

Subsequently, user 1 can? access a permission phase, in which the computer structure 100 receives from the user 1 the request to use, for example, a computer system 103, selected from those available, ie? among those who subscribe to this service.

In this way, the user can? provide the chosen computer system, using the computer structure as a mediator, the personal information that is requested. Also note that this option opens a two-way channel, why? also the computer system 103 will be able? generate personal information belonging to the set 102, which will in any case be managed and stored by the IT structure 100. This personal information could be, for example, scores, credits, preferences, acquired levels and so on. Street.

In this phase, this information 102 is divided into two main categories: freely accessible information 7, which is not bound to the identity? dell?user, and private information 8, which define the?identity? of the user and which must be treated with greater confidentiality.

Within each main category 7, 8, the information can be further categorized into lists 10, each provided with a marker 11.

Furthermore, still in this phase, the personal information 102 provided by the user can be linked to one of his alter-egos or avatars 6 (figure 1). The personal information 102 provided by the user 1, each in the respective categories 7, 8 and lists 10, are recorded in at least one distributed public register 101 according to an encryption 106 based on blockchain technology, in an upload phase of the management method described here (figure 3).

Once uploaded, this personal information can be read, updated or deleted, and new ones can also be added.

In the present method, a setting is provided for keeping the personal information only at the server 3 of the computer structure 100, which implies that it must be retrieved every time the computer system 103 is employed, but also that the personal information 102 is keep anything that might happen to the client device 2. At each access, pu? be required, for greater simplicity?, the password 5.

In this way, user 1 can? see your data and manage permissions to allow third parties to access your data and at what time. Will the app on your client device 2 download? all notifications of "authorization request" and allow? the user to approve, modify or deny them using their public key 4 as a feature? of signature.

The management method also provides for an accreditation step, conceptually similar to the previous one, in which a manager 104 of computer systems 103 acquires a private cryptographic key 9 intended to be coupled with said public key 4. Through this process, a computer system 103 is registered at said IT structure 100, and from that moment on? user 1 can? interact with it.

This accreditation phase has the purpose of allowing reciprocal interaction between the IT structure and the IT systems belonging to their managers, for the exchange, under certain conditions, of the personal information provided by users through said IT systems, which in any case does not are kept by the IT system managers.

In this regard, the manager 104 of each computer system 103 ? what? able to see 102 personal information available for each 1 user, but not ? allowed to know the values inside them, and pu? just send a request to access it with a transaction signed with your private key 9. The request is done through a blockchain encryption 106, so? to obtain a timestamp

User 1, to whom this request is forwarded, can? choose whether to give your consent to the IT service manager, indicating, if you deem it appropriate, also a time interval, with a start time and an end time, to execute the request: outside the time interval time allowed by? user 1, the computer system 103 will not be able to? download any personal information.

The computer structure 100, what ? mediator in the management of this request, can I? what? check the timestamp of the query with which the computer system 103 will interrogate? distributed public register 101, and release access permission if the marking falls within the time interval granted by user 1.

In this phase of access to private information, in which the IT system manager 104 therefore requests from the user 1, through the mediation of the IT structure 100, an authorization to access the personal information which has been categorized as private information 8, and the user grants, if he wants, the access authorization using his public cryptographic key 4 and/or his password 5 (figure 3).

However, this private information 8 cannot be modified by computer systems 103.

The management method comprises a possible modification step 107, in which said IT structure 100 receives from the user 1 the request to use said one or more? computer systems 103 for an operation of modification, addition, cancellation of any type of personal information, which is then again divided into freely accessible information 7 and private information 8.

All data is saved in a format suitable for data interchange between client/server applications, for example a json format, to avoid formatting.

Finally, the management method comprises a step for accessing freely accessible information, in which a manager 104 of computer systems 103 requests the computer structure 100, using its cryptographic key, to access freely accessible information, and possibly add new ones new ones, or to modify those present on the basis of the interaction between the user and the information system.

Every computer system 103 can? have a special permission, such as an update function of a user's card, which corresponds, again by way of example, to a character in a multi-role video game.

The user can thus allowing a manager 104 to update his card whenever he wishes, possibly in a predefined time interval.

In a preferred version of the management method, access to free access information 107 is? on the other hand free for all, as it concerns anonymised data.

In a preferred version of the management method, pu? a reward system based on virtual cryptographic tokens generated in the blockchain should be envisaged; they can be used to engage users or reward them with services from associated apps, could these tokens then be converted into features? and resources of third-party apps or even exchanged between all users.

Furthermore, even during a phase of permission and/or modification, user 1 can? receive a payment of a digital nature, such as a virtual cryptographic token (token), which can be spent at the IT structure, or at the IT systems themselves, to acquire, services, priorities? or other benefits.

Note that, in order to interact as user 1, no permissions are required, it is enough to generate one's own asymmetric public/private key 4 and call an enrollment function in the chosen access point. Instead, to interact as manager 104 of computer systems 103, ? necessary to pass an approval process to evaluate the data duplication and interactions of the personal information statistics that the manager requests from the 100 structure.

The 104 manager of each affiliated app can? use the statistics obtainable from the free access information 7 to create something unique in the app itself. For example, in a game can? provide a specific object or a specific weapon, or a location, based on statistics from the Protected Personal Data Set.

Furthermore, any app could use the freely accessible information 7 as a way to involve users in a gamification process.

Use cases

1. The financial use case

A finance management app offers the user a financial tool that helps them generate a retirement financial plan, while also allowing the user to calculate its feasibility. Does the app already use? a private blockchain to store user plans and all their revisions: the IT structure will be able to what? be used to save all plans in a private archive, cos? to allow the user to decide if and when to share this data with any financial institution. A company? A third-party provider (insurance, bank, or investment) may ask you to review your financial planning to generate a financial scoring system, so that a log-in request, such as an insurance claim, can be more accurate. easy, because the insurance company may request access to your data (name address etc.), private data (Document ID) and financial data. The user has complete control over what to share with the company, and when, and until when, thus being able to do not automatically share any updates about your financial situation. <Only free access information could also be shared anonymously with companies interested in market analysis or data collection, generating a reward system in which a user could be repaid in cash or virtual tokens, or in rewards for sharing this information, even with public institutions (see national statistical agencies or universities for research purposes), always maintaining complete control over what to share and when. Will the app change? also the statistics relating to protected personal information, for example for a user who changes his plan very often, attributing a risk profile more? tall or taller Bass.

2. The use case of the utility?

An Energy Management Firm Uses Blockchain And Cryptography To Build Community energy sources, virtual power plants and/or a new type of energy market where the user can better manage your service level, sell your own renewable energy, and be part of a community? energy for better energy management and better awareness on the use of green energy. The IT structure 100 can, in this case, memorize the aggregate measurement data, divided into periods, in order to be able to share them with the companies that require research on energy consumption in a specific area, country or type of user, share with TSO ( organization of transport services) to manage the energy network and find better balances, and the user can? be rewarded with his share.

The energy management company influences the statistics resulting from the free access information released by the users, i.e. based on the user's energy footprint, so to improve their performance in the management of energy resources.

3. The smart stadium use case

A company that deals with entertainment, for example sporting events, issues smart tickets, i.e. intelligent payment solutions for event venues, using blockchain technology to manage payments and digital assets but also generating a lot of data on the venue to which the user who registers through the IT structure 100 is accessing: when, how he pays, what he buys and how he behaves. This data can be stored as freely accessible information to be shared with companies. marketing companies that request them anonymously, generating values for the user and maintaining complete control over what is shared, when and for how long.

Also the incentive through a competitive environment? is a very important part for this type of company, and the profile of a role-playing game character could be exploited to create game systems that involve the user and push him to access a room to obtain greater rewards, or to be more ? characterized.

4. The health use case

The computer structure described above pu? be particularly useful in the management of health data, as these types of data are very sensitive and should, by law, be privately owned. of the user rather than of health institutions.

Especially in periods of health emergencies, but also in general, the problem of the strong dispersion of information, which occurs when a user changes hospital or doctor, is very heartfelt. Storing health data in the computer facility would allow the user to share their medical history with any doctor who may request it. The most Sometimes there are also unknown correlations which, for statistical reasons, are not disclosed because they are not disclosed. rarely related: have a single place where you can store all your medical data, the drugs used, specific analyzes and so on? away, would allow the user to share all their data with any doctor who may request it, maintaining complete control over what and when to share to whom, but it would also allow for much more results from statistical studies of a clinical nature conducted on personal information, if anonymised as freely accessible information.

5. The use case of video games

The gaming industry can very interestingly take advantage of the use of a computer structure as described above, allowing games to share digital assets and information to generate user-specific values that can be used within games. A video game can take advantage of the blockchain for the collection and marketability of digital assets, and has a strategic mechanism applied to the game itself, but also exploits the system in such a way that each player has their own personal information protected.

In conclusion, the management method described above allows users of apps, websites and any other application that interacts through the network to be the owners of their own data, and have total control over it. Furthermore, the possession of an? identity? alternative managed through a cryptographic algorithm allows them to store their information securely but also to share it with whoever they want, obtaining a reward in exchange in a logic of gamification of the management of their personal information.

Note how this logic can teach the user the value of privacy through a fee that corresponds to virtuous behavior in terms of personal data protection, and without incurring any expense.

In describing the present invention, techniques and steps have been described which entail specific advantages. Consequently, for the sake of clarity, we will avoid to repeat every possible combination of the single phases redundantly. However, the description and the claims should be read with the understanding that such combinations are wholly within the scope of the invention and the claims.

Also, new computer-implemented systems and methods for processing data, rights, and transactions inherent in digital content have been discussed in the present specification. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a complete understanding of the present invention. will result? evident, however, to the person skilled in the art that the present invention can be put into practice without these specific details.

At the above management method? a technician of the branch, in order to satisfy further and contingent needs, will be able to make numerous further modifications and variations, all however included in the scope of protection of the present invention, as defined by the attached claims.

Claims (6)

Management method for storing and sharing personal information CLAIMS 1. Management method for storing and sharing personal information (102) in an IT structure (100) which includes at least one processor and at least one shared server (3), a connection network to which said server (3) shared ? fit to connect with a plurality? of client devices (2) through said connection network, said client devices (2) being associated with respective users (1), which comprises: ? an (optional) registration phase, in which a user (1) registers with said IT structure (100) using a public cryptographic key (4), in the case of free registration (therefore without registration) any user can? register their information in the structure (100) without requesting specific access; ? an accreditation phase, in which a manager (104) of computer systems (103) acquires a private cryptographic key (9) and registers, at said computer structure (100), one or more? computer systems (103) able to interact with the user (1); ? an authorization phase, in which said IT structure (100) receives from the user (1) the request to use said one or more? computer systems (103) as a user registered with said computer structure (100), providing, through said computer structure (103), personal information (102) which is divided into freely accessible information (7), not linked to the identity of the user, and in private information (8), which define the identity? of the user; ? an upload phase, in which said personal information (102) is registered in at least one distributed public register (101) according to blockchain technology; ? a phase of access to private information, in which said IT system manager (104) requests from the user (1), through said IT structure (100), an authorization to access said private information (8), and the user (1) grants permission using its public cryptographic key (4); ? a step of accessing freely accessible information (7), in which said IT systems manager requests said IT structure (100), using its cryptographic key (9), to access the freely accessible information; And ? a possible modification phase, in which said IT structure (100) receives from the user (1) the request to use said one or more? computer systems (103) as a user registered with said computer structure (100), adding, modifying or deleting, through said computer structure (100), personal information (102) which is divided into freely accessible information (7) and private information (8). 2. Management method according to claim 1, which comprises a reward phase in which the user (1), on the occasion of a permission and/or modification phase, receives a reward of a digital nature. 3. Management method according to claim 1, wherein said IT structure (100) provides an access point to users (1), such as a website and/or an app, accessible from a client device (2). 4. Management method according to claim 1, wherein the public (4) and private (9) cryptographic keys are provided by the IT structure itself (100). 5. Management method according to claim 1, wherein, in the writing phase, the user (1) chooses one or more? identity alternatives (6), alter-ego or avatar, with which will? identified, if permitted by current rules, in the computer systems (103) in which he will operate. 6. IT structure (100) in which ? implemented the management method for storage and sharing of personal information of one of the previous claims, which is? connected to a blockchain network referencing a distributed public ledger.