NZ620648B2 - An electronic data sharing device and method of use - Google Patents
An electronic data sharing device and method of use Download PDFInfo
- Publication number
- NZ620648B2 NZ620648B2 NZ620648A NZ62064812A NZ620648B2 NZ 620648 B2 NZ620648 B2 NZ 620648B2 NZ 620648 A NZ620648 A NZ 620648A NZ 62064812 A NZ62064812 A NZ 62064812A NZ 620648 B2 NZ620648 B2 NZ 620648B2
- Authority
- NZ
- New Zealand
- Prior art keywords
- data sharing
- electronic data
- key
- sharing device
- tags
- Prior art date
Links
- 230000000875 corresponding Effects 0.000 claims abstract description 8
- 230000015654 memory Effects 0.000 claims description 30
- 230000000694 effects Effects 0.000 claims description 15
- 238000004891 communication Methods 0.000 claims description 12
- 230000003068 static Effects 0.000 claims description 6
- 229940035295 Ting Drugs 0.000 claims description 3
- 230000000977 initiatory Effects 0.000 description 10
- 150000002500 ions Chemical class 0.000 description 8
- 238000000034 method Methods 0.000 description 6
- 239000000203 mixture Substances 0.000 description 6
- 230000000007 visual effect Effects 0.000 description 6
- 230000004913 activation Effects 0.000 description 5
- 230000006399 behavior Effects 0.000 description 4
- 230000003287 optical Effects 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000002633 protecting Effects 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 230000001360 synchronised Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000001010 compromised Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000002360 preparation method Methods 0.000 description 2
- 238000010079 rubber tapping Methods 0.000 description 2
- 230000007958 sleep Effects 0.000 description 2
- 230000001960 triggered Effects 0.000 description 2
- 206010012586 Device interaction Diseases 0.000 description 1
- 230000005355 Hall effect Effects 0.000 description 1
- 101700050571 SUOX Proteins 0.000 description 1
- 230000001133 acceleration Effects 0.000 description 1
- 230000002730 additional Effects 0.000 description 1
- 230000003542 behavioural Effects 0.000 description 1
- 230000000903 blocking Effects 0.000 description 1
- 150000001768 cations Chemical class 0.000 description 1
- 230000001413 cellular Effects 0.000 description 1
- 239000003086 colorant Substances 0.000 description 1
- 238000004040 coloring Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001808 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002708 enhancing Effects 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 230000036039 immunity Effects 0.000 description 1
- 230000001976 improved Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000000670 limiting Effects 0.000 description 1
- WHXSMMKQMYFTQS-UHFFFAOYSA-N lithium Chemical compound [Li] WHXSMMKQMYFTQS-UHFFFAOYSA-N 0.000 description 1
- 229910052744 lithium Inorganic materials 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 230000001737 promoting Effects 0.000 description 1
- 230000001681 protective Effects 0.000 description 1
- 230000000717 retained Effects 0.000 description 1
- 230000001953 sensory Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 230000001702 transmitter Effects 0.000 description 1
- 230000003945 visual behavior Effects 0.000 description 1
- 230000002618 waking Effects 0.000 description 1
- 238000005303 weighing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
Abstract
Disclosed an electronic data sharing device configured to exchange a first tag with a corresponding tag from a further electronic data sharing device. The first and second tags provide information that enables respective users of the electronic data sharing devices to share information via a server (1) enabled internet-connected software system associated with the electronic data sharing devices. The electronic data sharing device is either configured with a pre-shared key or is able to encrypt a session key and the pre-shared key or session key are used to generate tags to ensure that. The electronic data sharing device and tags can only be made use of by the server (1). (1) enabled internet-connected software system associated with the electronic data sharing devices. The electronic data sharing device is either configured with a pre-shared key or is able to encrypt a session key and the pre-shared key or session key are used to generate tags to ensure that. The electronic data sharing device and tags can only be made use of by the server (1).
Description
AN ELECTRONIC DATA SHARING DEVICE AND METHOD OF USE
FIELD OF THE ION
The present invention relates to an electronic data sharing device and method of
use. In particular, the present invention relates to an electronic data sharing
device and method that enables tags to be exchanged with other electronic data
sharing devices.
BACKGROUND
al electronic devices exist that are designed primarily for the purpose of
g a user's own contact details and exchanging these contact details with
other users of r devices. The process is likened to exchanging business
cards.
Typically these devices are battery-powered, very compact and hand-held. They
usually have a very minimal user interface consisting of just a button, an LED and
a USB port for connecting the device to a personal computer.
To exchange contact details, two device users, each with one of these devices,
each bring their own device into proximity or alignment with the other device.
Then upon pressing their tive buttons on their device, each user's contact
information is copied to the other device.
The information exchanged is usually not viewed on the device itself, but the
device is later plugged into a USB port of a personal computer, and the
ation viewed on this personal computer.
Usually this service is provided via a dedicated web server, created for the users
of a particular manufacturer's device. When the device is plugged into a personal
computer, the information from each device is moved to the web , where it
is stored and presented back to the user, through a web page on the personal
computer.
Additionally, some of these web servers may collect and share onal contact
information such as phone s or links to a user's social networking profile.
The devices generally exchange telephone s, email addresses, personal
information for online social-networking websites, or other forms of contact
ation, or at least provide the means to obtain this information indirectly.
However, a problem exists in that known s have l security flaws and
usage limitations caused by the mechanisms by which they exchange data, the
nature of the data exchanged, and the methods of uploading data.
For example, these known devices typically exchange data between a sending
device and a receiving device and later transmit both the data received as well as
the data sent to a server, via the user's computer. By not providing a lity to
prevent third parties from accessing this shared data, for e by capturing
the data surreptitiously during the data exchange, or through malware on the
user's computer, it becomes quite clear that the proposed relationship between
the two parties is potentially accessible and compromised.
Further, it is typically a requirement that these types of devices require users of
the devices to enter their contact details on the device prior to use, or that some
further configuration of the device is necessary. This may be problematic if the
user's contact details have changed between the data entry steps and the
exchange of contact information resulting in incorrect contact details being
exchanged, or simply be inconvenient in the social context in which the device is
used.
Also, the exchange of t details between these types of devices is typically
transferred to the servers in an unencrypted format enabling third parties to gain
access to the data without permission. This also means that, if the information is
sent to or diverted to an incorrect server, the data may be compromised. Other
vulnerabilities to malicious usage may include the manufacture and sale of
compatible devices by unauthorised third parties, computer-based malware able
to delete or alter e contacts or introduce new non-genuine ts, and
web server vulnerabilities to buted-denial-of-service and other attacks
through being flooded with inauthentic data.
Further, users of these types of devices are not able to determine, t
ention by the user, if a person they are conversing with, mingling with or
who is in the same general vicinity as themselves has a compatible device for
sharing contact information. Further, there are security and privacy ations,
and power-consumption constraints, to enabling automatic detection.
Typically, devices that are designed for the purpose of storing the user's own
t details and exchanging these details with other users of similar devices
lack any facility to detect nearby devices.
Existing devices typically either use electromagnetic coupling employing
induction coils and e the user of one device to hold it in close proximity and
alignment to another user's device, or they use infra-red or l beams and
require the user of one device to rately aim that device at r device,
whilst the second user aims their device at the first user's device. No other
communication can occur between these devices.
This inability to detect nearby devices and alert the users that there may be a
person nearby with a similar device is seen as a limitation to usefulness of the
device due to the user's lack of awareness that another user, with which they
might want to exchange contact details, also has such a device in their
possession.
Further, users are limited in gaining access to any data exchanged until such
time as they have access to a suitable internet-connected er. This
inability to synchronise data held within the device without such access is seen
as a limitation to the user being able to make immediate use of any data
exchanged.
Further, users are limited in that identical personal data is shared in every data
exchange, without an option to ively share certain information with some
users and not with others. This inability for the user to select which information is
shared with which party is seen as a limitation of current s.
Further, users are limited in that personal information must be recorded prior to
use of the device. This inability to provide flexibility regarding the registration of
personal ation is seen as a limitation regarding the organisation of events
where the device will be used.
Further, devices are limited to responding to user-initiated behaviour only.
An object of the present invention is to: (a) provide a device or method of using
such a device that provides a technical on to protecting the data against
ous third parties, along with improved data-privacy functionality; (b)
overcome, or at least alleviate, some or all of the afore-mentioned problems; or (c)
at least provide the public with a useful choice.
Advantages of the invention will be brought out in the following portions of the
specification, n the detailed description is for the purpose of fully disclosing
the preferred embodiment of the invention without placing limitations thereon.
The background discussion (including any potential prior art) is not to be taken as
an admission of the common general dge.
SUMMARY OF THE INVENTION
It is acknowledged that the terms "comprise", "comprises" and "comprising" may,
under varying jurisdictions, be attributed with either an exclusive or an inclusive
meaning. For the purpose of this specification, and unless otherwise noted,
these terms are intended to have an inclusive meaning - i.e. they will be taken to
mean an inclusion of the listed components that the use directly references, but
optionally also the ion of other non-specified components or elements.
According to one aspect, the present invention provides a first electronic data
sharing device comprising: a memory storing (i) a pre-shared key and a unique
device identification, or (ii) a session key and tion key; a processor
configured to generate tags from (i) the pre-shared key or (ii) an encrypted
session key obtained by encrypting the session key with the encryption key to
cause the first electronic data sharing device to exchange a first tag so-generated
with a corresponding second tag from a second electronic data sharing ,
wherein the first and second tags provide information that enables respective
users of the electronic data sharing devices to share information via a server
enabled internet-connected software system associated with the electronic data
g devices, wherein (i) the pre-shared key is shared with the server and
associated with the unique device identification or (ii) the server is able to decrypt
the encrypted session key such that the first electronic data sharing device and
tags can only be made use of by the server, and wherein the processor is r
configured to cause the first electronic data sharing device to transfer to the
server (i) the unique device identification or (ii) the ted session key.
Also disclosed herein is an onic data g device configured to exchange
a first tag with a corresponding tag from a r electronic data sharing device,
wherein the first and second tags provide information that s respective
users of the onic data sharing devices to share information via a server
enabled internet-connected software system associated with the electronic data
sharing devices, wherein the electronic data sharing device is either configured
with a pre-shared key or is able to encrypt a session key, wherein the pre-shared
key or session key are used to generate tags to ensure that: the onic data
sharing device and tags can only be made use of by the server.
According to a further aspect, the present invention provides a method of sharing
data using electronic data sharing devices, each device comprising a processor
and a memory storing (i) a pre-shared key and a unique device identification, or
(ii) a session key and encryption key, the method comprising the steps of: the
sor of a first electronic data sharing device ting tags from (i) the
ared key or (ii) an encrypted session key obtained by encrypting the
session key with the encryption key, and the processor causing the first
electronic data sharing device to exchange a first tag erated with a
corresponding second tag from a second onic data sharing device, wherein
the first and second tags provide information that enables respective users of the
electronic data sharing devices to share information via a server enabled
internet-connected software system ated with the electronic data sharing
devices, wherein (i) the pre-shared key is shared with the server and associated
with the unique device identification or (ii) the server is able to decrypt the
encrypted session key such that the first electronic data sharing device and tags
can only be made use of by the , the method further comprising the
sor g the first electronic data sharing device to transfer to the server
(i) the unique device identification or (ii) the encrypted session key.
Also disclosed herein is a method of sharing data using an electronic data
sharing device, the method comprising the steps of exchanging a first tag with a
corresponding tag from a further electronic data sharing device, wherein the first
and second tags provide information that enables respective users of the
electronic data sharing devices to share information via a server enabled
et-connected software system associated with the electronic data sharing
devices, using a ared key or encrypting a session key, wherein the preshared
key or session key are used to generate tags, to ensure that the
electronic data sharing device and tags can only be made use of by the server.
BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the present invention will now be bed, by way of example
only, with reference to the accompanying drawings, in which:
Figure 1 shows a schematic representation of various components according to
an embodiment of the present invention;
Figure 2A shows a layout of components in a device according to an
embodiment of the present invention;
Figure 2B shows a schematic representation of components in a device
according to an embodiment of the present invention;
Figure 3 shows a representation of device interaction ing to an
embodiment of the present invention;
Figure 4 shows a flash memory according to an embodiment of the present
invention;
Figure 5 shows an AES encryption process ing to an embodiment of the
present invention;
Figure 6 shows a data sharing process according to an embodiment of the
present invention;
Figure 7 shows data stored at a server according to an embodiment of the
present ion;
DETAILED DESCRIPTION OF THE ION
It will be tood that the system herein described includes one or more
elements that are arranged to perform the various functions and methods. The
following n of the description is aimed at providing the reader with an
example of a conceptual view of how various modules and/or engines that make
up the elements of the system may be interconnected to enable the functions to
be implemented. Further, the following n of the ption explains in
system related detail how the steps of the herein described method may be
performed. The conceptual diagrams are provided to indicate to the reader how
the various data elements are processed at different stages by the various
different s and/or engines.
It will be understood that the arrangement and construction of the modules or
engines may be adapted accordingly depending on system and user
requirements so that various functions may be performed by different modules or
engines to those described herein, and that certain modules or engines may be
combined into single modules or engines.
It will be understood that the s and/or engines described may be
implemented and provided with instructions using any suitable form of technology.
For example, the modules or engines may be implemented or created using any
suitable software code written in any suitable language, where the code is then
compiled to produce an executable program that may be run on any suitable
computing system. Alternatively, or in ction with the executable program,
the modules or engines may be implemented using any suitable mixture of
hardware, firmware and software. For example, ns of the modules may be
ented using an application specific integrated circuit , a system-on-
a-chip (SoC), field programmable gate arrays (FPGA) or any other suitable
adaptable or programmable processing device.
First Embodiment
According to this first embodiment an electronic data sharing device is described.
Users of the device are able to share user related information with other users
who have a similar device.
The user related information may be contact information, such as name, s,
e-mail, telephone, web address, social network account address etc. Further,
the user related ation may be other user related information such as age,
sex, nationality, preferences, likes, dislikes, marital , job status, job on,
company s, ment history etc.
The electronic data sharing device according to this embodiment is a personal
portable device that each user carries around on their person.
As an alternative, the electronic data sharing device may be a device not
associated with any particular user. For example, the device may be accessible
to the public providing a public service (i.e. not being used as a al ),
to enable users having a personal portable device to share user related
information with the ally accessible device. For example, the publically
accessible device may be associated with a particular company, business,
organisation or other entity, and may be used by that entity to share entity related
information with the users, while in return receiving the user's related ation.
The device may be a static non-moving device, or alternatively may be a mobile
device that moves around by any suitable means. For example, these nonpersonal
devices may be attached to vehicles, mobile ys or person(s)
acting as a mobile display.
As another alternative this non-personal device may be designed to enable a
user to express a preference, either anonymously or by including the identity of
the user. For example, a user may use a personal device to communicate with a
sign, poster or other display to indicate “like”, “dislike”, “yes” or “no”, by
communicating with one or more non-personal devices embedded in or nt
to the display.
Figure 1 shows a system diagram of how the electronic data sharing devices
ersonal and personal portable devices) may be used in conjunction with a
server.
The server 1 includes a processor 11 and a memory in the form of a hard drive
12. The hard drive 12 ns software 121 by which the processor generates
either a pre-shared key, or a public/private key pair ing to well known
methods, for example RSA.
Where a public/private key pair is used, the private part of the key always
s on the server. The public part of the key is included in the portable
and/or static electronic data sharing devices.
Where a ared key is used, a key is generated for each device, along with
an associated public unique identification. The server memory may also contain
business d data 124 associated with the entities involved with particular
electronic data sharing devices.
Each portable electronic data sharing device 2 has a USB type-A male connector
21, a momentary action push-switch, button or touch sensor 22, up to 8 LED's of
any type 23, a microcontroller 24, an accelerometer 26, a battery 27 and an
inverted “F” antenna 28.
Each non-personal electronic data g device 3 is essentially the same as
the portable device 2 but does not require the use of a switch or touch-sensor.
Component parts of the non-personal device 3 are designated with reference
numerals similar to those of the portable device 2 but with the prefix digit 3.
It is assumed that, if other synchronisation mechanisms are not available as
described in alternative embodiments, a l purpose computer such as that
indicated at 4 is available to each user.
The microcontroller in the electronic data g device and processor in the
server are ed to perform the steps of a program stored as program
instructions within a memory device. The program ctions enable the
various methods of performing the invention as described herein to be performed.
The program instructions may be developed or implemented using any suitable
software programming language and toolkit, such as, for example, a C-based
ge and compiler.
A er readable medium may be used for tangibly storing the program
instructions. The computer readable medium may be, for example, solid state
memory, magnetic tape, a compact disc (CD-ROM or CD-R/W), memory card,
flash memory, optical disc, magnetic disc or any other le er
readable medium.
The personal portable device version consists of a package that is imately
32 mm by 11 mm by 4 mm in size and weighing approximately 20 grams. At one
end it has a male type-A USB connector. The package resembles, in weight and
dimensions, a USB flash drive. It will be understood that, as an ative, the
device may take on other dimensions, sizes and/or weight. r, the USB
connection may be replaced or omitted or used in conjunction with an alternative
computing interface, whether wired or wireless.
An outer casing may be slipped over the package for protective and styling
purposes, and to conceal the USB connector. The casing may be made, for
example, from a fabric or plastic material to show an entity's logo ated with
the sponsorship of the devices.
Also visible to the user may be a single button or touch-sensor and up to 8 LED's.
The button or touch-sensor according to this embodiment may be used by the
user to indicate that they wish to share user related information with a further
device (whether non-personal device or a personal le device). The LED's
according to this embodiment are in several different colours to indicate the
status of the device. It will be understood that the device may have any number
of LEDs or no LEDs at all, and that any LEDs may have any desired colouring.
Referring to Figure 2A, the electronic data sharing device includes a printed
circuit board 401, a 3V lithium -cell battery 402, a user-operated
momentary action push-switch or touch-sensor 403, 8 LED's 404, an integrated
radio (e.g. 2.4 GHz and with worldwide ance to all nt legislation
regarding radio emissions) and micro-controller ent (including flash
memory, AES encryption hardware, and USB interface) 405, a crystal oscillator
406, an inverted-F type antenna 407, an accelerometer 409, a type A male USB
connector 410, and firmware in the flash memory of the micro-controller.
Figure 2B shows an alternative schematic view where details of the le
electronic data sharing device in schematic form. ing to Fig 2B, the
microcontroller 24, which in this example is a Nordic nRF24LU1+ processor
orates a radio transceiver 241, encryption re 242, a counter 243
and a flash memory 244. The flash memory may include at various times one or
more of device id, device key and an encrypted device key. It will be understood
that the device key and pre-shared key are any suitable form of onic key.
According to a basic ion of the device as depicted in Figure 3, two people
each with their own device (Device A and Device B) first press the button or
touch-sensor on their respective devices to indicate their ion to exchange
data. This initiates the data exchange request sequence by first waking the
electronic data sharing device up (if not already awake) and generating the
required electronic tags (if not already generated) using electronic keys ready for
exchange.
According to this embodiment, users move their respective devices into t
with each other and data is exchanged between the devices. The successful
outcome of this is that both devices record the data exchange event, as will be
explained in more detail below.
All devices (whether non-personal devices or personal portable devices) contain
similar electronic components, with no requirement for devices to be
differentiated into masters and slaves, as the firmware uses a suitable algorithm
to ensure that any device can communicate with any other.
The non-personal device n of the electronic data sharing device is intended
for unattended use. It is possible for the user of a personal portable (or handheld)
device to approach the non-personal device to enable data to be exchanged with
it. The non-personal device may include mains power or battery power. Further,
it may have a connection to a personal computer, tablet device or other
computing device. The PC, tablet device or other computing device may have a
connection to the internet, or it may not. Custom software may be placed on the
personal computer, tablet device or other computing device to enhance the user's
experience of interacting with the non-personal device, to synchronise data with a
server, or for any other le purposes.
For example, the non-personal device may be placed at shop premises, next to
stands at trade shows or any other prominent position where a user may wish to
interact with an entity.
According to one use, the electronic device, whether in the form of a personal
portable device or non-personal , may be ed by an g entity to
various organisations in order to encourage data sharing. For reasons of price or
convenience, many users will accept a data sharing device that is linked with a
business, marketing company or similar organisation, seeking business,
marketing or similar information.
Each device may have an association with a business, marketing company or
similar organisation, or other sations of their choosing, either ently
ed in the device, embedded but removable, or added during the course
of use of the , or later by the use of associated software systems.
Additionally, the design of the device and associated software systems may allow
the business, marketing company or similar organisation to access the necessary
information to contact some or all of the users of similar devices that the user has
connected to, with the device, in real-life.
It will be tood that this information may then be used to construct statistical
information, individual or group profiles, time-lines, maps, social graphs, other
graphs, or other visual or similar information or other views of such information
useful for ss, marketing or r purposes that may be of value to them.
Operation of the proposed device is linked with a business model that wholly or
partly ises the cost of the device to the end user. It is proposed that the
device be used in marketing campaigns, brand and product promotions and
similar activities by sses. Typically it would be provided free of charge to
each visitor to an event such as a concert, nightclub, bar, reception, exhibition,
sporting event, conference or other place where visitors congregate and mix
socially.
According to this model, if a sufficient number of devices are provided free of
charge, the necessary critical mass of users will be achieved to ensure rapid
take-up and usage. Where this is coupled with rship of an event, little or
no reluctance is expected on the part of users to accept the business datacollection
role of the device.
Other distribution models include subsidised retail sales, as a promotional item
given to customers, suppliers or business contacts in relation to other cial
activity, or including the device in with other product sales.
Basic operation
The following description describes how the electronic data g device
operates.
The electronic data sharing device is configured to enable users to share user
related information by exchanging one or more references to that information.
Each reference will be in the form of a tag that is used to fy a device-todevice
data-exchange with one or more functionally similar s. This
ge of tags provides a record that each user wishes to exchange their user
related information. The actual exchange of user related information is
performed at a later time by another means, as will be explained in more detail
below.
The tag may be a tag consisting of numbers, letters, symbols or any combination
thereof that is able to be reproduced by an electronic device.
Tags will be generated on the device by a tag generation module (which may
form part of the processor, for example) and be iently-large to be
considered unique or at least near-unique.
The tags may be: cryptographic hashes; block ciphers; random numbers, alphanumerics
or symbols; cryptographically-secure pseudo-random numbers, alphanumerics
or symbols; pseudo-random numbers, alpha-numerics or symbols; or
other s, alpha-numerics or symbols with similar mathematical properties.
Methods of generating these tags include either or both hardware or software
systems e of performing these mathematical operations.
If a sufficiently large range of numerical values are used for these tags, it will be
understood that is becomes extremely unlikely that any two or more tags would
match unintentionally, thus providing a substantially unique tag for each device.
The device generates the tag locally on the device in preparation for the initiation
of a data exchange routine, and so the near-unique tag enables such devices to
be used with no pre-registration by the user. Further, there is no requirement for
the device to contain any other information apart from the unique tag.
In normal use, these tags are shared or exchanged between two or more users
of such devices ng to exchange user related information. The tags are
exchanged by a communication module ured within the device to ssly
exchange the generated tags between two devices using 2.4 GHz.
Each device generates its own tag and exchanges it with a tag that has been
generated by another device. Each device then stores all the received tags in
memory located on the device.
The tags are then transferred to the server by any suitable electronic
communication means. There may be several different ways of ing this for
the user depending on the availability of equipment, as explained in more detail
below.
For e, the electronic data sharing devices may be connected to a
computer server at a later time via any suitable electronic communication method.
For example, the user may t the electronic data sharing device to an
internet-connected personal computing device (such as a laptop, notebook, tablet
or PC) and use that computing device to upload the data on the electronic data
g device initially to the ing device, which then transfers it to the
server via the Internet. The data may then be accessed using an Internet based
service.
Located on the server is re or data to enable a user ration sequence
to initiate, or for an existing user registration to be re-used. Each user enters their
user related ation onto that server, where it will be stored, along with tags
uploaded from the onic data sharing device to the server. Alternatively user
interaction with the data synchronised on the server may happen via a
smartphone ation, for example.
The server is configured to match up the tags presented to it for the purposes of
exchanging the user related information using any suitable ng algorithm.
Where the server ines that a match is found, as explained in more detail
below, user related information for each user who agreed to exchange tags may
be presented to the other user with whom they exchanged the tag with. It will be
understood that a user of the device may share one or more tags with other
users.
Therefore, tags may be exchanged to enable users to subsequently access user
related information without requiring, before use of the device, any user related
uration or data entry associated with the device or service.
Security
The following description describes how the electronic data sharing device may
operate in a mode able to provide a comprehensive solution to possible security
vulnerabilities.
The secure mode may be permanently enabled. Alternatively, the secure mode
may be enabled in response to a potential threat. When the secure mode is
generally enabled, some or all of the specific features may be disabled. For
example, for engineering development purposes, or in order to investigate
operational problems, it may be considered useful to temporarily disable
encryption. Alternatively, for export to certain legal jurisdictions it may be
necessary to permanently disable tion.
When considering a subsidised electronic data sharing device, certain extra
ards may be required to protect this subsidy. For example, these
ards may include that a) only authorised devices will be accepted by the
authorised server, b) authorised devices will not work with another server, c)
authorised devices cannot be used for an unauthorised purpose, d) data in the
ised devices cannot be used for an unauthorised purpose, and e) it is not
possible to te data that would appear genuine to the authorised server.
All five of these requirements can be met by the use of encryption. The herein
described system ensures that each device uses a unique or near-unique
encryption and that this encryption is known only to the server and the device.
ing to this embodiment, the security model used is either a pre-shared key,
or a public-private key-pair, which is used to encrypt a symmetrical device key
(session key). However, it will be understood that other suitable alternative
encryption techniques may be used.
The security model protects the device issuing entity's (e.g. a sponsor)
ment in the device. Additionally, it is important that a device cannot be used
with a server other than the one specified by the g entity, and that user
references originating from data-exchanges are useless unless passed to the
intended server.
The pre-shared key or public-private key pairs are generated on a remote server.
According to a first example, the pre-shared key is unique to each device and
known to both device and server, The ared key is associated with a unique
device identification and this identification is used by the device to identify itself to
the server.
According to a second example, the private key is retained at the server, and the
public key is included with the firmware of every device. The public key is
subsequently used to encrypt the device key on the device in order to transfer the
device key from the device to the server.
According to the second example, an RSA public-private key-pair is generated,
with the e key being stored on the server and never leaving the server. This
is only done once, and many devices may share the same public key. It will be
understood that there may be further provisions in the system for finer granularity
of the public key encryption scheme.
Along with the firmware, either the pre-shared key or 2048 bit RSA public key is
stored in the device's flash memory during manufacture, as shown in Figure 4.
That is, the flash memory es business d data associated with the
entity issuing the devices, a public key (RSA), the device key (used as a session
key), a public-key encrypted copy of the device key and a number of tags
depending on how many tag exchanges have occurred. Alternatively a preshared
key and a unique device identification are stored instead of the public key,
device key (encrypted and unencrypted).
All data transfers are from device to device, or device to server. The system does
not allow data transfers from the server to any device and so there is no
requirement for the device to hold a private key corresponding to a public key on
the server.
The device may also contain a 128 bit AES hardware encryption block. This
block is configured in firmware to function as a cryptographically-secure pseudorandom
number generator G) (see Figure 5), by operating it in counter
mode (CTR). Alternatively this may be implemented in software and an
alternative algorithm used such as XTEA.
At first boot, the counter is initialised, and the device key, used as an XTEA or
128 bit AES encryption key, if not ed by the server, is prepared. The
lifetime of the device key may be the lifetime of the device. This lifetime may be
precisely controlled from within the firmware. Therefore the device on start-up
generates the device key if necessary, but never allows this key to become
exposed outside the .
The device key may be generated using any suitable source of entropy that is
available to the device. For e, the device key may be ted using
one or more parameter including date, time, time period, location, sensory input,
electrical noise, analogue source or any other suitable source of entropy or
combination thereof. For e, the device key may be generated from
parameters generated by an internal source, or by an external source, such as a
server.
Alternatively, each device may have a device key loaded into the memory of the
device at manufacture.
If necessary, in the device's re, the RSA public-key tion algorithm
prepares an encrypted copy of the device key.
ing to one embodiment, the device is configured to use the device key in
the cryptographically-secure pseudo-random numbers generator (CSPRNG) in
order to generate the tag. Each device has its own generated tag which is then
exchanged. Each 128 bit tag is generated by the CSPRNG.
That is, a first device generates its tag and sends this generated tag to a recipient
device. Likewise, the recipient device generates its tag and sends this to the first
device.
After each tag is generated and sent, the counter in the CSPRNG is incremented,
but the generated tag is discarded. The received tag is committed to flash
memory (see Figure 6). Usage continues in this fashion for as long as the user
desires, or until the flash memory is full (e.g. 1024 tags), or until limits set in the
re are reached.
According to this embodiment, neither device records the tag that it generates.
That is, locally generated tags are not stored. Only tags that are received from
other devices are stored.
It will be understood that, as an alternative, each device may store its own
generated tags. For example, this may be required legally in certain jurisdictions,
or alternatively the stored tags may provide an er with tools to enable the
debugging of the device.
The users of the device may then repeat this s to enable the device to
perform le user-initiated data-exchanges.
After the electronic data sharing device has been used to exchange one or more
tags, it may be ted to the server via an internet connected computing
device. The electronic data sharing device transfers the unique device
identification or -key-encrypted version of the device key to the server by
uploading it, via the ing device, along with all the received tags.
The server uses either the received unique device identification to find its copy of
the ared key, or the private key to decrypt the received public-keyencrypted
version of the device key. It also inspects the transmitted tag tally or
number of tags received by the device and ines the total number of user-
initiated data-exchanges.
The server then regenerates the total number of tags sent by the device by
running an cal CSPRNG with a key identical to the one used on the .
As the server has the same algorithm and same key, the tags that were
generated by the device are regenerated at the server, without requiring each
device to send both sent and generated tags to the server. The server now has
a complete set of tags both received and sent by this device (see Figure 7).
The regenerated tags are entered into a database and associated with this
device (and its ated user) as the sender. Alternatively, where these tags
pre-exist in the database, the ation with the device and/or user is added.
The received tags are also entered into the database and associated with this
device (and its associated user) as the receiver. Alternatively, where these tags
pre-exist in the database, the association with the device and/or user is added.
The entries associated with this device as sender are then scanned by the server
to determine matching associations with a receiver. Where matches occur, both
users of the tive devices are notified by the server in order for them to view
their respective user related information.
The very large numerical range of tags ensures that attempts at third party tag
generation are extremely unlikely to be successful.
An additional consequence of the proposed security model is the absolute
privacy of users, and examination of the data in these devices will be of no value.
It will be understood that certain restrictions of the device may be incorporated
into the firmware. For example, these ctions may e limiting the number
of data-exchanges, a time limit after which data-exchanges are ed, and a
time limit after which the device is wholly disabled.
The time of each data-exchange may also be recorded in the flash memory, in
terms of elapsed time since boot. The device also incorporates flash memory
space allocated to the sponsor of the device. The purpose of this memory space
is not fixed, and may be used for multiple purposes according to the sponsor's
need.
All such extra data may be ted with the device key before the data is
uploaded from the device to the server.
The device has 2 basic modes of operation, a first when it is physically connected
to a computer by the device's USB port and powered through that port, and a
second when it is ected and powered by the device's own internal battery.
When connected to a computer, the device ons as a mass e device
and radio communications are usually disabled. The connected mode is similar in
implementation to that widely used in USB flash drives, making the data storage
area of the flash memory accessible to the host computer. The device restricts
the ability of the host computer to write to or erase the flash memory.
Devices may initially be supplied with the battery disabled by a pull-out tab
blocking one of the battery ts. After this tab has been removed the
initialisation code in the firmware is run. Part of this initialisation may prepare and
store the device key as described above. This will bring the device to a state
where it is ready to operate and, in the absence of any triggering events, it will
then enter a power saving state.
A data exchange initiation device is used to detect the initiation of a data
exchange request. According to this embodiment, the data exchange initiation
device includes a button or touch sensor, as well as an accelerometer. Through
a combination of activation of these components, the electronic data sharing
device is activated, a tag may be generated (if not already generated) upon a tag
generation module receiving instructions from the data exchange initiation device,
and a signal may be sent to a communications device to transfer the tag to
another functionally similar ,
It will be understood that the generation of the tag may be d out at any point
prior to the exchange of tags, but preferably before the user activates the
rometer. It is advantageous to have a tag ready for exchange prior to the
accelerometer being activated to assist in the efficient exchange of tags within a
defined time period.
Upon the ge of tags, the tag just used is marked as used in the memory
and a new tag is generated in readiness for a r exchange.
According to a particular e, upon the electronic data g device first
being booted up (e.g. by activation of the button or touch sensor), a tag is
generated and stored in the device's memory in preparation for the initiation of a
data exchange routine. If no routine is instigated by the user, the electronic data
sharing device returns to a sleep mode.
To wake the electronic data sharing device from the sleep mode, the user may
press the button (or touch sensor). For example, if the user decides to share
their user information with another user of a functionally similar device.
ore, the device will wake from its power saving state for a defined time
. If during this time period the accelerometer is ted by for ce
tapping one device against another, the firmware within the electronic data
sharing device will detect this event (via a signal generated by the accelerometer)
and respond by ng the device's communication module (including a
transmitter and receiver) to transmit the generated tag and, according to some
embodiments, receive a ponding tag from the functionally similar device.
The device randomly s to transmit or waits to receive a communications
packet. Repeated attempts at communication are made at fixed als, each
with a random assignment to transmit or receive mode. Therefore, the device
repeatedly operates in either transmit or receive mode within a defined period of
time in order to attempt communication with a similar device. This action may be
indicated to the user by the activation of an LED. Further, the electronic data
sharing device may include visual and/or audio and/or tactile feedback devices
configured to provide an indication of a successful or failed exchange of tags, the
number of tags exchanged or to indicate that an exchange of tags has previously
been performed between the two devices.
A successful data exchange results in the data payload created by the
transmitting device being copied into the ing device, and an
acknowledgement returned, completing the transaction. The data payload as
explained above contains a t cryptographically-secure pseudo-random
number, one exchanged in each ion. Both devices commit the received
data d to their respective flash memories.
Data ge may include extra transactions to provide immunity from
interference, frequency agility, synchronisation, differentiation between other
nearby devices, and to overcome collisions when two devices switch to transmit
simultaneously.
The device will continue to accumulate these tags, one for each time the device
successfully completes a data-exchange with another device, each being a
record of an event where two or more users have completed the necessary
s to record their desire to exchange user related information via the
ated software systems.
When the device is connected to a computer, via the device's USB connector, the
stored tags are passed from the device to a remote server, and the computer's
web browser is also directed to the server. The user is able to create an account,
or re-use an existing account on the server, which is then accessible by way of a
web browser. The tags are stored on the server, along with the user's personal
details, or may be cached for ate or later association with a user.
The server will also search for s between the tags ed by the user,
and any other tags on the server. Where matches are found, the identity of the
other matching party may be displayed in the web browser. If both parties to a
match give, or have given, authorisation such personal details as they authorise
are shared with the other party, either through a web browser or directly to a
mobile phone via a messaging service or smartphone application. That is, the
user is able to select options about which parts of their user related information
are shared with which parties. Further, each user is able to select an option to
share all information without further user intervention. Further, each user is able
to privately ider what information is shared at some time after use of the
device by not enabling automatic sharing of data, and then selecting which data
is to be shared after the tags have been exchanged.
The exchange of unique (or near unique) tags enables a user of the electronic
data sharing device to share user related data with a further user of a functionally
similar electronic data sharing device without requiring the user or the further
user to a) configure either the electronic data sharing device or further electronic
data g device, b) input data into either the electronic data sharing device or
the further onic data sharing device or c) provide data to either the
electronic data sharing device or the further electronic data sharing device prior
to activation of the data exchange tion device or the further electronic data
sharing device.
Second Embodiment
ing to this second embodiment, an alternative system of transferring data
from an electronic data sharing device to a server is provided.
As an alternative to transferring data from an electronic data sharing device via
an internet-connected personal computing device, a wireless synchronisation
device may be used. The wireless synchronisation device may transfer the tags
to the server automatically when the wireless synchronisation device and
electronic data sharing device are able to communicate with each other. This
enables data to be transferred to the server without requiring any additional
action on the part of the electronic data sharing device users.
Electronic data sharing devices are used in the same way as described above to
initiate an exchange of tags. For example, by tapping one device against r
an exchange of tags by radio is triggered.
After an electronic data sharing device has received a new tag, it then has
unsynchronised data in its flash .
As a consequence of having this unsynchronised data, the electronic data
sharing device switches to a communications receive mode, and starts listening
for transmissions from an instant-sync point. The electronic data sharing device
does this for a d time on and on a low duty cycle for powerconservation
reasons.
The t-sync point transmits a designated special-purpose tag indicating that
the t-sync point wishes to receive hronised tags from any electronic
data sharing device ready to transmit them.
An electronic data g device receiving this special purpose tag responds
with an indication that it has unsynchronised data, and the instant-sync point then
initiates the transfer of this data from the electronic data sharing device to the
t-sync point.
As data is transferred to the instant-sync point from the electronic data sharing
device, the instant-sync point also transfers this data to a connected PC by a
serial communication means over USB. The ted PC on completion of the
transfer of all data to be synchronised, then uploads this data to the server.
After data has been transferred, the instant-sync point sends a special-purpose
tag to the electronic data sharing device indicating that the data has been
sfully onised with the server. The electronic data sharing device
then marks its data as onised, turns off its receiver, and moves to a power
conserving state.
The data on the server may then be matched as described in the first
embodiment to enable users to share user related information. The server may
automatically send the user related information to a user's al computing
device or mobile telephone to enable them to immediately access the user
related information and obtain contact details etc of the person they have just
exchanged tags with.
This therefore provides a capability to allow users to immediately access
exchanged contact information through other devices, such as their tablets and
mobile telephones for example.
Where a user lacks immediate access to a PC, they often still have access to
their mobile phone. If the registration procedure of users includes their mobile
phone number, then contact information collected may immediately be pushed to
almost any suitable device, for example in the vCard format. This approach
ore avoids common difficulties of compatibility associated with the wide
variety of phone manufacturers and models.
Further, in certain circumstances it will be understood that organisers of an event
where the electronic data sharing devices are being used may provide a wireless
synchronisation point in a specific area to enable users to tically transfer
their collected tags. For example, one or more wireless synchronisation points
may be ed at an exit point to ensure that all tags are erred
automatically as users leave the area.
Third ment
According to this third embodiment, a further alternative system of transferring
data from an electronic data sharing device to a server is provided.
According to the first embodiment above, electronic data sharing devices are
able to communicate with their peers in order to exchange tags. The electronic
data sharing devices then record these tags to flash memory. The tags are then
uploaded from flash memory via a USB ace to a server.
In order to make this uploading to the server more frequent and easier for the
user, a special-purpose int may be provided to enable the user to send
their ted tags without requiring the need to connect their electronic data
sharing device to a personal computing device.
This tap point always initiates a data exchange with the electronic data sharing
using a designated special-purpose tag indicating that the exchange will be a
download of stored tags from the onic data sharing device, rather than the
normal exchange of tags.
The tap point incorporates standard device electronics as described above in the
first embodiment, but with the outer appearance of a public terminal. That is, the
tap point will be clearly marked in an area to enable users to identify the tap point
The tap point contains a version of the device firmware that supports serial over
USB communication protocols so that the received stream of tags transferred
from the onic data sharing device is immediately transmitted over a wired
interface to a connected PC. The PC then transmits the received tags to the
server, in the same manner as if the electronic data sharing device providing the
download had been directly connected to the PC.
As described above in the second embodiment, this therefore provides a
capability to allow users to immediately access exchanged contact information
through other devices, such as their tablets and mobile telephones for example.
Further Embodiments
It will be understood that the embodiments of the t ion described
herein are by way of example only, and that various changes and cations
may be made without ing from the scope of invention.
It will be understood that, where the users of the herein described electronic data
sharing device are also users of smart phones, specially written hone
applications or programs may enable users to configure their own personal
account details, ate computing devices with this account and view the
personal contacts that they have made using the electronic data sharing device.
Unlike PC's where a USB port is ubiquitous, some phone models have USB and
some do not. Of those that do, some are USB master and slave, and some are
slave only.
r, all the herein described operations may be performed through a
specially written application or program t a requirement for a USB
connection, provided that data from the electronic data sharing device has been
synchronised by a route not requiring a USB connection to the electronic data
sharing device.
Association of electronic data sharing devices with a particular personal account
can be done through any of manually entering a code printed on the electronic
data sharing device, reading an optical barcode with a phone's in camera, or
where available the device's communications protocol can be switched from the
propriety protocol used to exchange tags to a Bluetooth protocol (e.g. Bluetooth
LE) in order for the onic data sharing device to communicate ssly
directly to the phone.
Further, it will be understood that the electronic data sharing device may
incorporate functionality to provide visual effects, for example with application to
large assembled groups of device users.
The onic data sharing device may possess a short-range radio, with a
range of approximately 10 m, such that several other users are ely likely to
be within range of any particular electronic data g device in the possession
of a member of an audience at a social event.
This capability, combined with the automated process of communication already
bed, provides a suitable environment for devices to act autonomously yet
provide visual effects that appear to require overall external control.
An thm is stored within the memory of the electronic data sharing device to
configure the onic data sharing device to operate in a specific way and
provide visual effects.
For example, the algorithms may be based on simple behavioural rules as
follows to switch the LEDs on or off the electronic data sharing devices. One
such example is:
i) Any illuminated device with fewer than two illuminated neighbours turns off.
ii) Any illuminated device with 2 or 3 illuminated neighbours continues in that
state.
iii) Any illuminated device with more than 3 illuminated neighbours turns off.
iv) Any non-illuminated cell with exactly 3 illuminated neighbours s an
nated device.
The electronic data sharing devices may modify their behaviour in r time
steps (for example, in one second intervals) such that evolving patterns are
observed by an observer.
It will be tood that sounds may also be generated using any suitable audio
device on the onic data sharing device.
It will be understood that this is one specific example of an autonomous-device
rule-based behaviour, and that many variations are possible by changing one or
more of the steps above, or by including or removing steps.
Other cellular behaviours suited to the herein described electronic data sharing
device may be enabled through the use of fractal mathematics such as
Mandlebrot sets and Julia sets to e visually pleasing effects in large
assembled groups of individuals in possession of these electronic data sharing
devices.
Further, a small number of onic data sharing devices may be under the
active control of event organisers to initiate the above described visual behaviour.
These “seed” devices may be under the personal control of individual event staff,
or automatically triggered through audio or stage-lighting control systems, for
example. Therefore, the electronic data sharing devices may respond
automatically and as a group simultaneously to a timed event, an external radio
stimulus or other trigger, to provide visual and/or audible effects for entertainment
purposes.
Further, It will be tood that the electronic data sharing device may include
video, audio, ambient light, temperature, air pressure, acceleration, global
positioning, base-station triangulation and similar sensors.
Further, it will be tood that the electronic data g device may further
include video, audio, haptic and similar transducers.
Further, it will be understood that alternative embodiments of the device enable
the devices to share tags and/or data by use of physical electrical contacts, such
that the electronic data sharing devices must physically come into contact with
each other to ge a tag.
Further, it will be understood that the data exchange initiation device suitable to
detect the initiation of a data exchange request may be a button, touch sensitive
pad, optical sensor, near field sensor, Hall Effect device, accelerometer, vibration
sensor or other proximity sensor or a combination of these.
Further, it will be tood that any other le wireless communication
protocol other than 2.4 GHz radio may be used to transmit tags, such as
Bluetooth, Infra Red etc. Further, it will be understood that any suitable optical
transmission protocol may be used.
Further, it will be understood that the tag tion module may include one or
more of an incremental counter, random number generator; pseudo-random
number generator, graphic hash generator, block cipher unit, or
graphically-secure pseudo-random number generator to generate the tags.
Further, it will be understood that the user related configuration or data entry may
include one or more of: the entry of any user related data on the device; user
configuration of the device; user registration of the device; user registration of the
service.
Further, it will be understood that the electronic data sharing device may have
one or more user input s, and the data exchange initiation device may be
activated by an input signal received from the one or more input devices. For
e, the one or more input devices may be one or more of a user operated
button, switch or touch sensor. Further, the tag generation module may be
configured to associate the generated unique tags with a predetermined property
based on the activation of the one or more user input devices. For example, the
predetermined property may be one or more of: a level of importance, a level of
significance, a level of security, a level of friendship, a hierarchical level of
business association.
Various embodiments described herein therefore provide a data onisation
method using an electronic data sharing device, where some or all of the stored
tags are transmitted in response to either a user initiated interaction with a fixed
or mobile terminal, or some or all stored tags are transmitted in response to being
polled by a fixed or mobile system providing synchronisation t a
requirement for user initiation.
Claims (27)
1. A first electronic data sharing device comprising: a memory storing (i) a pre-shared key and a unique device identification, or (ii) a session key and tion key; 5 a processor configured to te tags from (i) the pre-shared key or (ii) an encrypted session key obtained by encrypting the session key with the encryption key to cause the first electronic data sharing device to ge a first tag sogenerated with a corresponding tag from a second electronic data sharing device, wherein the first and second tags provide information that enables respective 10 users of the electronic data sharing devices to share information via a server enabled internet-connected software system associated with the electronic data sharing devices, wherein (i) the pre-shared key is shared with the server and associated with the unique device fication or (ii) the server is able to decrypt the encrypted 15 session key such that the first electronic data sharing device and tags can only be made use of by the server, and wherein the processor is further configured to cause the first electronic data sharing device to transfer to the server (i) the unique device identification or (ii) the encrypted session key.
2. The first electronic data sharing device of claim 1, wherein the first electronic data sharing device is a personal portable electronic device.
3. The first electronic data sharing device of claim 1, n the first electronic data g device is a static or mobile electronic device offering a 25 public service or used for a purpose other than as a al .
4. The first onic data sharing device of claim 1, wherein the second electronic data sharing device is a personal portable electronic .
5. The first electronic data sharing device of claim 1, wherein the second electronic data sharing device is a static or mobile electronic device offering a 30 public service or used for a purpose other than as a personal device.
6. The first electronic data sharing device of claim 1 further configured to te the tags using a cryptographically-secure pseudo-random number generator (CSPRNG).
7. The first electronic data sharing device of claim 6, wherein the CSPRNG is implemented in a hardware or software XTEA encryption module, or AES encryption module that is configured in counter mode.
8. The first electronic data sharing device of claim 6, wherein the key to the 5 CSPRNG is encrypted.
9. The first electronic data sharing device of claim 8, n the key to the CSPRNG is encrypted using any form of public key tion, including RSA public key encryption.
10. The first electronic data sharing device of claim 1, wherein the first 10 electronic data sharing device is configured to hold a public key that corresponds with a private key held by the software system.
11. The first electronic data sharing device of claim 1 further ured to exchange the tags using radio ication.
12. The first electronic data sharing device of claim 1, wherein the tags are 15 used to uct statistical information based upon user activity, construct individual or group profiles based upon user activity, construct social-graphs based upon user activity, construct other graphs based upon user ty, construct time-lines based upon user activity or uct maps based upon user activity. 20
13. The first electronic data g device of claim 1, wherein the software system includes one or more of personal computers, connections to the internet and remotely located computer servers.
14. A method of sharing data using electronic data sharing devices, each device comprising a processor and a memory storing (i) a pre-shared key and a 25 unique device identification, or (ii) a session key and encryption key, the method comprising the steps of: the processor of a first electronic data sharing device ting tags from (i) the pre-shared key or (ii) an encrypted session key obtained by encrypting the session key with the encryption key, and the processor g the first 30 electronic data sharing device to exchange a first tag so-generated with a corresponding second tag from a second electronic data sharing device, wherein the first and second tags provide information that enables respective users of the electronic data sharing s to share information via a server d internet-connected software system associated with the electronic data sharing devices, wherein (i) the pre-shared key is shared with the server and associated with the 5 unique device identification or (ii) the server is able to decrypt the encrypted session key such that the first electronic data sharing device and tags can only be made use of by the server, the method further comprising the processor g the first electronic data sharing device to transfer to the server (i) the unique device identification or (ii) 10 the encrypted session key.
15. The method of claim 14, wherein the first electronic data sharing device is a personal le electronic device.
16. The method of claim 14, wherein the first onic data sharing device is a static or mobile electronic device offering a public e or used for a purpose 15 other than as a personal device.
17. The method of claim 14, wherein the second electronic data sharing device is a personal portable electronic device.
18. The method of claim 14, wherein the second electronic data sharing device is a static or mobile electronic device offering a public service or used for 20 a purpose other than as a personal device.
19. The method of claim 14 further comprising the step of generating the tags using a cryptographically-secure pseudo-random number tor (CSPRNG).
20. The method of claim 19, wherein the CSPRNG is implemented in a hardware or re XTEA encryption module, or AES encryption module that is 25 configured in counter mode.
21. The method of claim 19 further comprising the step of ting the key to the CSPRNG.
22. The method of claim 21 further comprising the step of encrypting the key to the CSPRNG using any form of public key encryption, including RSA public 30 key encryption.
23. The method of claim 14, wherein the first electronic data sharing device is configured to hold a public key that corresponds with a private key held by the software system.
24. The method of claim 14 further comprising the step of exchanging the tags using radio communication. 5
25. The method of claim 14, wherein the tags are used to uct statistical information based upon user activity, construct individual or group profiles based upon user activity, construct social-graphs based upon user activity, construct other graphs based upon user activity, construct time-lines based upon user activity or construct maps based upon user activity. 10
26. A first electronic data sharing device substantially as herein described with reference to any one or more ments shown in the accompanying drawings.
27. A method of sharing data using onic data sharing devices as claimed in claim 14 and substantially as herein described with to any one or more 15 embodiments shown in the accompanying drawings. WO 07682 :3 a: am: sum: 3 ANN: ._.m_Zm_m_._.Z_ :N: we 55 0 mm>mmm memmmooma mime zoEEmzmw 9% 92: 93mg mm<>>EOm mo_>m_a mo_>m_a mmmzasm 4<mmzmw mmOamaa mmFaazoo Aqv rmmDmVE CNV $3 S 63 68 Cmv $8 mo_>m
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201161506108P | 2011-07-10 | 2011-07-10 | |
US61/506,108 | 2011-07-10 | ||
PCT/EP2012/063384 WO2013007682A1 (en) | 2011-07-10 | 2012-07-09 | An electronic data sharing device and method of use |
Publications (2)
Publication Number | Publication Date |
---|---|
NZ620648A NZ620648A (en) | 2016-02-26 |
NZ620648B2 true NZ620648B2 (en) | 2016-05-27 |
Family
ID=
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2012282582B2 (en) | An electronic data sharing device and method of use | |
AU2012282577B2 (en) | An electronic data sharing device and method of use | |
US20140222504A1 (en) | Electronic data sharing device and method of use | |
CN109472166B (en) | Electronic signature method, device, equipment and medium | |
US9338584B2 (en) | Electronic data sharing device and method of use | |
CN108762387B (en) | Promote the access to the information specific to position using wireless device | |
CN108370314A (en) | Use the secure storage of data and the device of retrieval | |
CN107852416A (en) | The life cycle of monitoring computer network connection | |
CN111475841A (en) | Access control method, related device, equipment, system and storage medium | |
CN105830475A (en) | Gesture-based information exchange between devices in proximity | |
CN104137090B (en) | Data assembling, transmission and storage | |
CN105143996A (en) | Facilitating transactions with a user account using a wireless device | |
US20090141896A1 (en) | Processing module operating methods, processing modules, and communications systems | |
US20180212773A1 (en) | Close proximity inner circle discovery | |
US10075435B1 (en) | Device deregistration using forward-chaining encryption | |
CN103916471A (en) | Information display method and device | |
NZ620648B2 (en) | An electronic data sharing device and method of use | |
CN105873019B (en) | Mobile terminal and SIM card information transmission method | |
JP2008090424A (en) | Management system, management method, electronic appliance and program | |
NZ620650B2 (en) | An electronic data sharing device and method of use | |
Goldberg et al. | Low-cost mitigation against cold boot attacks for an authentication token | |
Malkani | A proof-of-proximity framework for device pairing in ubiquitous computing environments. | |
CN113723126A (en) | Data acquisition method and device, electronic equipment and storage medium | |
JP2022513636A (en) | System for transmitting personal data | |
CN110958113A (en) | Digital credential revocation |