WO2019161453A1 - Système informatique et procédé informatisé de détermination de la satisfaction d'une obligation imposée à un utilisateur - Google Patents

Système informatique et procédé informatisé de détermination de la satisfaction d'une obligation imposée à un utilisateur Download PDF

Info

Publication number
WO2019161453A1
WO2019161453A1 PCT/AU2019/050150 AU2019050150W WO2019161453A1 WO 2019161453 A1 WO2019161453 A1 WO 2019161453A1 AU 2019050150 W AU2019050150 W AU 2019050150W WO 2019161453 A1 WO2019161453 A1 WO 2019161453A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
obligation
hash value
fulfilment
data record
Prior art date
Application number
PCT/AU2019/050150
Other languages
English (en)
Inventor
Luke Anderson
Original Assignee
ScalaMed Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2018900562A external-priority patent/AU2018900562A0/en
Application filed by ScalaMed Pty Ltd filed Critical ScalaMed Pty Ltd
Publication of WO2019161453A1 publication Critical patent/WO2019161453A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/22Social work or social welfare, e.g. community support activities or counselling services
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H20/00ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/18Legal services
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H20/00ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance
    • G16H20/10ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance relating to drugs or medications, e.g. for ensuring correct administration to patients

Definitions

  • the present invention generally relates to activity tracking and in particular to a computer system and a computer implemented method for determining fulfilment of an obligation to a user.
  • Any obligation that is meant to be fulfilled to a user may be tracked through issuance of an obligation document to the user.
  • an obligation document In industrial parlance, such an obligation document is known as a job ticket and the user is a customer and the obligation may be resolution of some grievance or initiation of a new service.
  • such an obligation document In medical parlance, such an obligation document may be called a prescription for medication and the user is generally a patient.
  • such an obligation document may be a food coupon and the obligation in that scenario is provision of a meal to a customer or an employee etc.
  • the obligation document acts as a reference to track the status of fulfilment of the obligation.
  • a computer-implemented method for use in determining fulfilment of an obligation to a user comprises obtaining from a data interface a first set of data in relation to the obligation, performing a first hash operation on the first set of data to determine a first hash value, performing a second hash operation on the first hash value to determine a second hash value, generating a first data record including the second hash value and a fulfilment indication value, the fulfilment indication value indicating if the obligation is fulfilled and storing the first data record including the second hash value and the fulfilment indication value in a ledger for use in determining fulfilment of the obligation to the user.
  • the invention applies the first hash operation to the first set of data, which may be for example a prescription issued from a doctor to a patient, to determine the first hash value, and subsequently applies the second hash operation to the first hash value to determine the second hash value.
  • the second hash value is to be used as an reference to locate the first data record including the fulfilment indication value in the ledger in order to determine if the obligation is fulfilled or not.
  • the use of the first hash operation and the second hash operation enables fast generation of the second hash value and makes it extremely hard if not impossible to recover the first set of data from the second hash value due to mathematical properties of the hash operation.
  • the computer-implemented method may further comprise generating an encryption key, encrypting the first set of data using the encryption key to determine a first encrypted set of data, generating a second data record that associates the encryption key with the first encrypted set of data and sending via the data interface the second data record to a storage device associated with the user to store the second data record to determine the obligation to the user.
  • the step of generating the second data record may further comprise performing a third hash operation on the first encrypted set of data to determine a third hash value and storing the third hash value in association with the encryption key in the second data record.
  • the step of obtaining the first set of data may further comprise receiving from the data interface a second set of data representing the obligation, the second set of data being provided by an issuer, determining a first private key of a first pair of keys associated with the issuer, the first pair of keys including a first public key and the first private key, receiving from the data interface a second public key of a second pair of keys associated with the user, the second pair of keys including the second public key and a second private key, applying a cryptographic process to the second set of data and the second public key to generate a digital signature based on the first private key associated with the issuer and generating the first set of data including the second set of data, the second public key and the digital signature.
  • the computer-implemented method may further comprise encrypting the first set of data using the second public key associated with the user to determine a second encrypted set of data.
  • the computer-implemented method may further comprise receiving a sequence number associated with the user, generating a third data record that associates the sequence number with the second encrypted set of data, and storing the third data record in the ledger.
  • the step of generating the third data record may further comprise performing a fourth hash operation on the second encrypted set of data to determine a fourth hash value and storing the sequence number in association with the fourth hash value in the third data record.
  • the method may further comprise generating a fourth data record including the second hash value and the third hash value and storing the fourth data record in the ledger.
  • the computer-implemented method may further comprise generating a fifth data record including the first encrypted set of data, the third hash value, the second encrypted set of data and the fourth hash value and storing the fifth data record in a database.
  • the computer-implemented method may further comprise storing the second data record in the ledger.
  • the ledger may be a blockchain.
  • a computer-implemented method for determining fulfilment of an obligation to a user comprising obtaining from a data interface a first set of data in relation to the obligation, performing a first hash operation on the first set of data to determine a first hash value, performing a second hash operation on the first hash value to determine a second hash value, identifying from a ledger a first data record including the second hash value and a fulfilment indication value, determining the fulfilment indication value from the first data record and determining if the obligation is fulfilled based on the fulfilment indication value and the first hash value.
  • the step of determining if the obligation is fulfilled may further comprise, if the fulfilment indication value is equal to the first hash value, generating a first indication indicating the obligation is fulfilled and if the fulfilment indication value is not equal to the first hash value, generating a second indication to fulfil the obligation, receiving from the data interface a third indication indicating that the obligation is fulfilled and in response to receipt of the third indication, replacing the fulfilment indication value in the first data record with the first hash value to indicate that the obligation is fulfilled.
  • the step of obtaining the first set of data in relation to the obligation may further comprise receiving a second data record that associates an encryption key with a first encrypted set of data, the first encrypted set of data being generated by encrypting the first set of data using the encryption key and decrypting the first encrypted set of data using the encryption key to determine the first set of data.
  • the second data record may include the encryption key and a third hash value that is generated by performing a third hash operation on the first encrypted set of data, and decrypting the first encrypted set of data may further comprise identifying from a database a fifth data record that associates the third hash value with the first encrypted set of data and determining the first encrypted set of data from the fifth data record.
  • the first set of data may include a second set of data representing the obligation, the second set of data being provided by an issuer, a second public key associated with the user and a digital signature.
  • the computer-implemented method may further comprise determining a digital challenge, sending the digital challenge to a computing device associated with the user for the computing device to generate a response based on the digital challenge and a second private key associated with the user, receiving the response from the computing device associated with the user, extracting from the first set of data the second public key associated with the user and verifying, based on the digital challenge and the second public key associated with the user, that the response is generated using the second private key associated with the user.
  • the computer-implemented method may further comprise receiving from the data interface a first public key associated with the issuer, extracting from the first set of data the digital signature, extracting from the first set of data the second set of data representing the obligation, verifying, based on the second set of data and the first public key associated with the issuer, that the digital signature is generated by applying a cryptographic process to the second set of data and the second public key associated with the user based on a first private key associated with the issuer.
  • a computer system for use in determining fulfilment of an obligation to a user, the computer system comprising, a memory unit configured to store machine -readable instructions and a processor operably connected with the memory unit, the processor obtaining the machine-readable instructions from the memory unit, and being configured by the machine- readable instructions to obtain from a data interface a first set of data in relation to the obligation, perform a first hash operation on the first set of data to determine a first hash value, perform a second hash operation on the first hash value to determine a second hash value, generate a first data record including the second hash value and a fulfilment indication value, the fulfilment indication value indicating if the obligation is fulfilled and store the first data record including the second hash value and the fulfilment indication value in a ledger for use in determining fulfilment of the obligation to the user.
  • the processor may be further configured to generate an encryption key, encrypt the first set of data using the encryption key to determine a first encrypted set of data, generate a second data record that associates the encryption key with the first encrypted set of data and send via the data interface the second data record to a storage device associated with the user to store the second data record to determine the obligation to the user.
  • the processor may be further configured to perform a third hash operation on the first encrypted set of data to determine a third hash value and store the third hash value in association with the encryption key in the second data record.
  • a computer system for determining fulfilment of an obligation to a user, the computer system comprising a memory unit configured to store machine -readable instructions and a processor operably connected with the memory unit, the processor obtaining the machine-readable instructions from the memory unit, and being configured by the machine- readable instructions to obtain from a data interface a first set of data in relation to the obligation, perform a first hash operation on the first set of data to determine a first hash value, perform a second hash operation on the first hash value to determine a second hash value, identify from a ledger a first data record including the second hash value and a fulfilment indication value, determine the fulfilment indication value from the first data record and determine if the obligation is fulfilled based on the fulfilment indication value and the first hash value.
  • the processor may be further configured to, if the fulfilment indication value is equal to the first hash value, generate a first indication indicating the obligation is fulfilled and if the fulfilment indication value is not equal to the first hash value, generate a second indication to fulfil the obligation, receive from the data interface a third indication indicating that the obligation is fulfilled and in response to receipt of the third indication, replace the fulfilment indication value in the first data record with the first hash value to indicate that the obligation is fulfilled.
  • the processor may be further configured to receive a second data record that associates an encryption key with a first encrypted set of data, the first encrypted set of data being generated by encrypting the first set of data using the encryption key and decrypt the first encrypted set of data using the encryption key to determine the first set of data.
  • the second data record may include the encryption key and a third hash value that is generated by performing a third hash operation on the first encrypted set of data, and for decrypting the first encrypted set of data, the processor may be further configured to identify from a database a fifth data record that associates the third hash value with the first encrypted set of data and determine the first encrypted set of data from the fifth data record.
  • Figure 1 is an exemplary system in which the various embodiments may be implemented in accordance with the present invention.
  • Figure 2 illustrates computer-implemented method for use in determining fulfilment of an obligation to a user in accordance with an embodiment of the present invention
  • Figure 3 illustrates an example prescription in accordance with an embodiment of the present invention
  • Figure 4 illustrates an example fulfilment receipt in accordance with an embodiment of the present invention
  • Figure 5 illustrates a computer-implemented method for determining fulfilment of an obligation to a user in accordance with an embodiment of the present invention
  • Figure 6 illustrates an example system for determining fulfilment of an obligation to a user in accordance with the present invention
  • Figure 7 illustrates an example of a signed prescription in accordance with an embodiment of the present invention
  • Figure 8 illustrates an exemplary first encrypted set of data in accordance with an embodiment of the present invention
  • Figure 9 illustrates an exemplary third hash value in accordance with an embodiment of the present invention.
  • Figure 10 illustrates an exemplary prescription note in accordance with an embodiment of the present invention
  • Figure 11 illustrates a second encrypted set of data in accordance with an embodiment of the present invention
  • Figure 12 illustrates an exemplary digital challenge in accordance with an embodiment of the present invention
  • Figure 13 illustrates an exemplary response to the digital challenge in accordance with an embodiment of the present invention.
  • Figure 1 illustrates an exemplary system 100 in which the various embodiments described herein may be implemented.
  • Figure 1 illustrates a client device 102 associated with a user.
  • the client device 102 may be selected from a group comprising mobile handheld devices (such as mobile phones, PDA and tablet PCs etc.), desktop PCs and notebooks etc.
  • the client device 102 is connected with a network 106.
  • the network 106 may be one of but not limited to a Local Area Network (LAN) or a Wide Area Network (WAN).
  • the network 106 may be implemented using a number of protocols, such as but not limited to, TCP/IP, 3GPP, 3GPP2, LTE, IEEE 802.x etc.
  • an issuer device 104 associated with an issuer of the obligation document.
  • the issuer may be for example a doctor and the obligation document in that case may be a prescription. In another scenario, the issuer may be a traffic policeman and the obligation document may be a parking ticket.
  • the issuer device 104 may be a portable computing device, a desktop computer or a server stack.
  • the issuer device 104 includes a memory unit 1042 configured to store machine readable instructions. The machine- readable instructions may be loaded into the memory unit 1042 from a non-transitory machine- readable medium, such as but not limited to CD-ROMs, DVD-ROMs and Flash Drives.
  • the machine-readable instructions may be loaded in a form of a computer software program into the memory unit 1042.
  • the memory unit 1042 in that manner may be selected from a group comprising EPROM, EEPROM and Flash memory.
  • the issuer device 104 includes a processor 1044 operably connected with the memory unit 1042.
  • the processor 1044 is one of, but not limited to, a general-purpose processor, an application specific integrated circuit (ASIC) and a field- programmable gate array (FPGA).
  • the issuer device 104 includes a data interface 1046 operably connected with the processor 1044 for transmission of data between the issuer device 104 and any other external device connected with the issuer device 104, through a wired or wireless connection.
  • the data interface 1046 may include several ports such as a Universal Serial Bus (USB) port, an Ethernet port, a wireless communication interface, e- SATA and SCSI etc.
  • USB Universal Serial Bus
  • a provider device 110 associated with a provider that fulfils the obligation to the user.
  • the provider in reference to the above example is a pharmacist and the obligation is provision of medication to the user as per the obligation document being the prescription.
  • the issuer is a traffic policeman
  • the provider may be a transport authority and the obligation is issuance of a receipt that the parking ticket has been paid for.
  • the provider device 110 may be a portable computing device, a desktop computer or a server stack.
  • the provider device 110 includes a memory unit 1102 configured to store machine readable instructions.
  • the machine -readable instructions may be loaded into the memory unit 1102 from a non-transitory machine -readable medium, such as but not limited to CD-ROMs, DVD-ROMs and Flash Drives. Alternately, the machine- readable instructions may be loaded in a form of a computer software program into the memory unit 1102.
  • the memory unit 1102 in that manner may be selected from a group comprising EPROM, EEPROM and Flash memory.
  • the provider device 110 includes a processor 1104 operably connected with the memory unit 1102.
  • the processor 1104 is one of, but not limited to, a general-purpose processor, an application specific integrated circuit (ASIC) and a field- programmable gate array (FPGA).
  • the provider device 110 also includes a data interface 1 106 operably connected with the processor 1104 for transmission of data between the provider device 110 and any other external device connected with the provider device 110, through a wired or wireless connection.
  • the data interface 1106 may include several ports such as a Universal Serial Bus (USB) port, an Ethernet port, a wireless communication interface, e-SATA and SCSI etc.
  • USB Universal Serial Bus
  • Ethernet port a wireless communication interface
  • e-SATA wireless communication interface
  • SCSI Serial Bus
  • the database 108 may be maintained on a cloud-based storage or a local storage.
  • the database 108 includes an array of databases.
  • the database 108 may also be a distributed database, distributed along several nodes providing peer to peer functionalities. In any manner, the database 108 is envisaged to be capable of providing the data to any of the computing devices connected with the network 106 when data is queried appropriately using applicable security and other data transfer protocols.
  • a ledger 112 is also connected to the network 106.
  • the ledger 112 can be a distributed ledger.
  • the term“distributed ledger” here refers to a database of transactions maintained in form of identical copies along a plurality of computing devices (or nodes) connected through a network. Whenever a new transaction is added, a record of the transaction is copied into all the copies of the database across all of the connected nodes subject to a rule-based consensus (the rule may be for example that a simple majority should verify the transaction). In this manner, even if one of the copies of the database is corrupted or tampered with, other copies on other nodes would serve to negate the effects of corruption or tampering.
  • the ledger 112 includes a collection of several nodes storing identical copies of the database discussed above.
  • the ledger 112 may be coded as a Blockchain, such as the Blockchain used in Ethereum platform.
  • Figure 2 illustrates computer-implemented method 200 for use in determining fulfilment of an obligation to a user in accordance with an embodiment of the present invention.
  • the computer implemented method 200 depicts a scenario where a fulfilment receipt is issued by the issuer for an obligation.
  • the processor 1044 obtains from the data interface 1046 a first set of data in relation to the obligation.
  • the first set of data can be the obligation document, for example, a prescription issued from a doctor to a patient.
  • An example prescription 300 is shown in Figure 3.
  • the example prescription 300 shown in Figure 3 includes for example, the name of the medication, dosage instruction, the patient’s contact information, the doctor’s contact information, etc.
  • the example prescription 300 is for description purposes only and may include other information in other embodiments.
  • the first set of data is stored in the client device 102 associated with the user.
  • the obligation document is stored in a USB drive or a mobile phone of the user.
  • the processor 1044 performs a first hash operation on the first set of data to determine a first hash value. Further, at step 230, the processor 1044 performs a second hash operation on the first hash value to determine a second hash value.
  • the hash operation that can be used in the present invention includes, but not limited to, CRC-16, CRC-32, MD2, MD4, MD5, SHA-256, etc.
  • the processor 1044 generates a first data record, as referred to as fulfilment receipt below.
  • the first data record includes the second hash value and a fulfilment indication value.
  • the fulfilment indication value indicates if the obligation is fulfilled or not.
  • the first data record is used by the provider (particularly, the provider device 110) to determine fulfilment of the obligation.
  • the processor 1044 stores the first data record including the second hash value and the fulfilment indication value in the ledger 112 for use in determining fulfilment of the obligation to the user.
  • the fulfilment indication value can be NULL or a value that is not equal to the first hash value when the fulfilment receipt is created as described above.
  • the first data record or the fulfilment receipt can be identified in the ledger 112 by querying the ledger 112 with the second hash value as an identifier.
  • An example 400 of the first data record, i.e., fulfilment receipt, is shown in Figure 4.
  • the first data record 400 includes a“Second Hash Value” field and a“Fulfilment Indication Value” field.
  • the second hash value determined as above is stored in the“Second Hash Value” field, and the“Fulfilment Indication Value” field is initialised to be NULL, which means the obligation (i.e., the prescription 300 in this example) identified by the second hash value is not fulfilled.
  • Figure 5 illustrates a computer-implemented method 500 for determining fulfilment of an obligation to a user in accordance with an embodiment of the present invention.
  • the user presents the first set of data to the provider, particularly, the provider device 110.
  • the patient sends the first set of data stored in the USB drive or mobile phone of the patient to the provider device 110 operated by a pharmacist.
  • the processor 1104 of the provider device 110 obtains from the data interface 1106 the first set of data in relation to the obligation. It should be noted that the first set of data used in method 500 is the first set of data used in method 200.
  • the processor 1104 performs the first hash operation used in method 200 on the first set of data to determine the first hash value. Further at step 530, the processor 1104 performs the second hash operation used in method 200 on the first hash value to determine the second hash value. At step 540, the processor 1104 identifies the first data record 400 from the ledger 112 using the second hash value as an identifier. As described above, the first data record 400 includes the second hash value and the fulfilment indication value. At step 550, the processor 1104 determines the fulfilment indication value from the first data record 400 identified, which is NULL in this example.
  • the processor 1104 determines if the obligation is fulfilled based on the fulfilment indication value and the first hash value. For example, if the fulfilment indication value is NULL or more generally is not equal to the first hash value, it is determined that the obligation is not fulfilled. On the other hand, if the fulfilment indication value is equal to the first hash value, it is determined that the obligation is fulfilment. If the obligation is not fulfilled, the provider will then fulfil the obligation, for example, release the medication to the patient as per the prescription 300 and replace the fulfilment indication value in the“Fulfilment Indication Value” field of the first data record 400 with the first hash value to indicate that the obligation has been fulfilled. This way, if the user presents the first set of data to the provider again, the provider will know that the obligation has been fulfilled and will not fulfil the obligation again.
  • the use of the first hash operation and the second hash operation enables the fast generation of the second hash value and makes it extremely hard if not impossible to recover the first set of data (for example, the prescription in this example) from the second hash value due to mathematical properties of the hash operation.
  • the first set of data is the prescription 300 in plain text and is stored in the client device 102 (for example, a USB drive or a mobile phone) of the user, this is not secure, and the privacy of the user is not protected properly if a third party manages to access the client device 102 of the user.
  • Figure 6 illustrates an example system 600 for determining fulfilment of an obligation to a user in accordance with the present invention.
  • the system 600 is described with reference to a scenario where the obligation to the user is provision of medication as per a prescription, the system 600 can also be applied to other scenarios without departing from the scope of the present invention.
  • the patient visits the doctor for medical services.
  • the doctor diagnoses the patients and generates the prescription 300 in a digital format at his or her device, i.e., the issuer device 104 shown in Figure 1.
  • the digital prescription 300 can be implemented by a computer programming language, for example, JSON object.
  • the prescription 300 is a set of data representing the obligation.
  • the processor 1044 of the issuer device 104 performs additional steps described below to generate the first set of data with a digital signature in relation to the provision of medication.
  • the processor 1044 receives from the data interface 1046 the prescription 300 (also referred to as a second set of data).
  • the processor 1044 further receives from the data interface 1046 a public key associated with the patient.
  • the public key associated with the patient is one of a pair of keys associated with the patient.
  • the pair of keys include the public key and a private key.
  • the processor 1044 searches a public database for the public key of the patient or receives the public key from the user’s device.
  • the pair of keys used in the present invention are known in the art to be asymmetric cryptographic keys and are determined using a number of algorithms, such as (Rivest-Shamir- Adleman) RSA Algorithm, Diffie Hellman Algorithm, and Elliptic Curve Cryptography (ECC) algorithms.
  • Rivest-Shamir- Adleman RSA Algorithm
  • Diffie Hellman Algorithm RSA Algorithm
  • ECC Elliptic Curve Cryptography
  • the public key of the patient can also be included in the prescription 300 when the prescription 300 is created by the issuer device 104. Therefore, upon receipt of the prescription 300 at the processor 1044, the processor 1044 receives the public key of the patient at the same time.
  • the processor 1044 may receive the public key of the patient via the data interface 1046 from other sources without departing from the scope of the invention.
  • the processor 1044 also determines a private key associated with the doctor (i.e., the issuer).
  • the private key associated with the doctor is one of a pair of keys associated with the doctor.
  • the pair of keys include the private key and a public key.
  • the processor 1044 retrieves the private key associated with the doctor from a secure storage device that only the doctor is able to authorise the processor 1044 to access.
  • the processor 1044 applies a cryptographic process to the prescription 300 and the public key of the patient to generate a digital signature based on the private key associated with the doctor.
  • the cryptographic process used in the present invention is for example Digital Signature Algorithm (DSA), Elliptic Curve Digital Signature Algorithm (ECDSA) and RSA.
  • the processor 1044 then generates, at step 602, the first set of data in relation to the obligation, the first set of data including the prescription 300, the public key of the patient and the digital signature.
  • the first set of data is also referred to as signed prescription.
  • the signed prescription 700 is shown in Figure 7. As shown in Figure 7, the signed prescription 700 includes a“Signature” segment representing the digital signature, a“Raw” segment including the original prescription 300 and the public key of the patient.
  • the processor 1044 performs the first hash operation on the signed description 700 at step 608 to determine the first hash value, i.e., the Pre-digest in Figure 6.
  • the processor 1044 also performs at step 610 the second hash operation on the Pre-digest to determine the second hash value, i.e., Post-digest in Figure 6.
  • the processor 1044 further generates the first data record 400 (i.e., the fulfilment receipt) including the second hash value and the fulfilment indication value.
  • the processor 1044 stores the first data record 400 (i.e., fulfilment receipt) including the second hash value and the fulfilment indication value in the ledger 112 for use in determining fulfilment of the obligation to the user.
  • an encryption key i.e., One-Time-Password (OTP)
  • OTP One-Time-Password
  • the processor 1044 encrypts the signed prescription 700 (i.e., the first set of data) using the encryption key (i.e., OTP).
  • a first encrypted set of data i.e., “Blob” in Figure 6 is determined.
  • the encryption algorithm used here is for example AES256- GCM.
  • Figure 8 illustrates an exemplary first encrypted set of data (i.e., Blob) 800 in accordance with an embodiment of the present invention.
  • the processor 1044 generates a second data record that associates the encryption key with the first encrypted set of data.
  • the second data record is also referred to as prescription note.
  • the processor 1044 sends via the data interface 1046 the prescription note to the client device 102 associated with the patient to store the prescription note.
  • the client device 102 can be for example a USB drive or a mobile phone of the patient.
  • Blob 800 is a very long alphanumeric string, it will use the limited storage space of the client device 102 if stored on the client device 102, which may be the mobile phone of the patient with a limited memory space. Therefore, at step 614, the processor 1044 performs a third hash option on the first encrypted set of data 800, i.e., Blob, to determine a third hash value as a reference to Blob, i.e. Blob-ref in Figure 6.
  • Figure 9 illustrates an example of the third hash value 900. As shown in Figure 9, the third hash value 900 (i.e., Blob-ref) is much shorter than the first encrypted set of data 800.
  • the processor 1044 stores the encryption key (i.e, OTP) and the third hash value 900 (i.e., Blob-ref) instead of Blob 800 in the prescription note (i.e., the second data record) to associate the encryption key with the third hash value 800 (i.e., Blob-ref).
  • Figure 10 illustrates an exemplary prescription note 1000 in accordance with an embodiment of the present invention.
  • the prescription note 1000 includes an“OTP” segment containing the encryption key and a“Blob-ref’ segment containing the third hash value 800 (i.e., Blob-ref), and only needs a relatively small memory space to be stored.
  • the patient presents the prescription note 1000 to the pharmacist to fulfil the prescription.
  • the client device 102 used by the patient determines a sequence number for the prescription 300 based on the private key of the patient. For example, the client device 102 obtains the private key of the patient with authorisation from the patient and performs a hash operation on the private key of the patient to determine a hash value as the sequence number of the prescription. The client device 102 also sends the sequence number to the issuer device 104, and the issuer device 104 receives the sequence number from the client device 102. When a subsequent prescription is created, the client device 102 performs a hash operation on the sequence number to determine a further sequence number for the subsequent prescription. This way, the client device 102 is able to determine a series of sequence numbers for prescriptions created for the patient, and all the sequence numbers based on the private key of the patient.
  • the processor 1044 encrypts the signed prescription 700, i.e., the first set of data, using the public key of the patient.
  • the algorithm used for encryption may be for example Elliptic Curve Integrated Encryption Scheme (ECIES).
  • ECIES Elliptic Curve Integrated Encryption Scheme
  • the result of the encryption is a second encrypted set of data, also referred to as Myblob in Figure 6.
  • Figure 11 illustrates the second encrypted set of data 1100, i.e., Myblob, in accordance with an embodiment of the present invention.
  • the processor 1044 generates a third data record and stores the sequence number and the second encrypted set of data 1100 in the third data record.
  • the third data record is also referred to as my issuance receipt in Figure 6.
  • the processor 1044 further stores the third data record in the ledger 112.
  • the Myblob is also a very long alphanumeric string, this means storing the third data record in the ledger 112 will use a relatively large memory space especially when there are millions of third data records to be stored in the ledger 112. Therefore, at step 606, the processor 1044 performs a fourth hash operation on the second encrypted set of data 1100, i.e., Myblob, to determine a fourth hash value, i.e., Myblog-ref in Figure 6, as a reference to the second encrypted set of data 1100. Myblog-ref is much shorter than Myblof as a result of the hash operation.
  • the processor 1044 stores the sequence number and the fourth hash value (i.e., Myblob-ref) in the third data record in order for them to be associated with each other.
  • the third data record i.e., my issuance receipt
  • the third data record is for the patient to identify in the ledger 112 the prescription(s) issued to the patient.
  • the processor 1044 generates a fourth data record, and stores the second hash value (i.e., Post-digest in Figure 6) and the third hash value 900 (i.e., Blob-ref) in the fourth data record in order for them to be associated with each other.
  • the processor 1044 further stores the fourth data record in the ledger 112.
  • the fourth data record is also referred to as issuance receipt.
  • the fourth data record (i.e., issuance receipt) is for the doctor to identify in the ledger 112 the prescription(s) issued from the doctor.
  • the processor 1044 generates a fifth data record and stores the first encrypted set of data 800 (i.e., Blob), the third hash value 900 (i.e., Blob-ref), the second encrypted set of data 1100 (i.e., MyBlob) and the fourth hash value (i.e., Myblob-ref) in the fifth data record.
  • the processor 1044 further stores the fifth data record in a database 108. Therefore, the third hash value 900 (i.e., Blob-ref) or the fourth hash value (i.e., Myblob-ref) acts as an index to locate the fifth data record in the database 108 in determining if the obligation is fulfilled or not.
  • the patient presents the prescription note 1000 to the pharmacist, particularly, the provider device 110.
  • the patient sends the prescription note 1000 from the client device 102 to the provider device 110 via an email, SMS message, etc.
  • the provider device 110 more specifically, the processor 1104, receives the prescription note 1000 from the client device 102.
  • the prescription note 1000 (i.e. the second data record) includes the encryption key (i.e., OTP) and the first set encrypted set of data 800 (i.e., Blob), which is generated by encrypting the first set of data 700 (i.e., the signed prescription) using the encryption key.
  • the processor 1104 directly extracts from the prescription note 1000 the first encrypted set of data 800 (i.e., Blob) and the encryption key.
  • the processor 1104 further decrypts at step 630 the first encrypted set of data 800 (i.e., Blob) using the encryption key to determine the first set of data 700 (i.e., the signed prescription).
  • the prescription note 1000 (i.e . the second data record) includes the encryption key (i.e., OTP) and the third hash value 900 (i.e., Blob-ref), as shown in Figure 10.
  • the third hash value 900 i.e., Blob-ref
  • the processor 1104 extracts from the prescription note 1000 the third hash value 900 (i.e., Blob-ref) and the encryption key (i.e., OTP).
  • the processor 1104 searches the database 108 by the third hash value 900 (i.e., Blob-ref) to identify from the database 108 a target data record that associates the third hash value 900 (i.e., Blob-ref) and the first encrypted set of data 800 (i.e., Blob).
  • the target data record is the fifth data record described above with reference to step 620.
  • the processor 1104 determines the first encrypted set of data 800 (i.e., Blob) from the target data record, and decrypts at step 630 the first encrypted set of data 800 (i.e., Blob) using the encryption key (i.e., OTP) to determine the first set of data 700 (i.e., the signed prescription). As a result, the processor 1104 obtains via the data interface 1106 the first set of data 700.
  • the first set of data 700 includes the second set of data 300 representing the prescription as shown in Figure 3, the digital signature associated with the doctor and the public key associated with the patient.
  • the processor 1104 performs at step 634 the first hash operation on the first set of data 700 to determine the first hash value (i.e., Pre digest).
  • the processor 1104 further performs the second hash operation (not shown in Figure 6) on the first hash value (i.e., Pre-digest) to determine the second hash value (i.e., Post-digest).
  • the processor 1104 identifies from the ledger 112 the first data record 400 (i.e., fulfilment receipt) including the second hash value and a fulfilment indication value.
  • the processor 1104 determines the fulfilment indication value from the first data record 400 and determines if the obligation is fulfilled based on the fulfilment indication value and the first hash value (i.e., Pre digest).
  • the processor 1104 determines that the fulfilment indication value is equal to the first hash value (i.e., Pre-digest)
  • the processor 1104 determines that the fulfilment indication value is equal to the first hash value (i.e., Pre-digest)
  • the processor 1104 generates a first indication indicating the obligation is fulfilled.
  • the first indication can be for example a first message to the pharmacist that is operating the provide device 110 prompting that the prescription has been fulfilled previously. As a result of the message, the pharmacist will not release the medication to the patient.
  • the fulfilment indication value is not equal to the first hash value, for example, the fulfilment indication value is NULL
  • the processor 1104 generates a second indication to fulfil the obligation.
  • the second indication can be for example a second message to the pharmacist prompting that the prescription has not been fulfilled and needs to be fulfilled.
  • the prescription is also displayed on a display of the provider device 110.
  • the pharmacist releases the medication to the patient as per the prescription displayed.
  • the pharmacist inputs a third indication to the provide device 110 via the data interface 1106 (for example, a keyboard, a computer mouse, a touch screen, a voice input unit, etc.) of the provider device 110.
  • the third indication indicates that the prescription has been fulfilled.
  • the processors 1104 receives from the data interface 1106 the third indication.
  • the processor 1104 replaces the fulfilment indication value (initially, NULL) in the first data record 400 (i.e., fulfilment receipt) with the first hash value (i.e., Pre-digest) to indicate that the obligation is fulfilled.
  • the fulfilment indication value initially, NULL
  • the first hash value i.e., Pre-digest
  • the prescription note only includes the encrypted prescription as shown in Figure 8 or its hash value as shown in Figure 9 instead of the original prescription 300, even if the prescription note is accessed by an unauthorised third party, the third party is not able to know what the original prescription 300 is. This effectively protects privacy of the patient.
  • the following steps are also performed by the provider device 110 to verity that the prescription is prescribed to the patient by the doctor before releasing the medication to the patient.
  • the processor 1104 of the provider device 110 determines a digital challenge, i.e., challenge nonce in Figure 6.
  • Figure 12 illustrates an exemplary digital challenge 1200 in accordance with an embodiment of the present invention.
  • the digital challenge 1200 includes a“Signature” segment to contain a digital signature, and a“Nonce” segment to contain a random alphanumeric string.
  • the processor 1104 sends the digital challenge 1200 to the client device 102 associated with the patient for the client device 102 to generate a response based on the private key associated with the patient and the digital challenge 1200.
  • the digital signature contained in the“Signature” segment of the digital challenge 1200 is a digital signature of the random alphanumeric string, which is generated by the pharmacist, particularly, the provider device 110.
  • the digital challenge 1200 may only include the“Nonce” segment containing the random alphanumeric string without the “Signature” segment.
  • the client device 102 flips the last 4 digits of the alphanumeric string in the“Nonce” segment to determine a new alphanumeric string. Further, the client device 102 generates a digital signature of the new alphanumeric string with the private key of the patient using a digital signature algorithm, e.g., Elliptic Curve Digital Signature Algorithm (ECDSA). This way, the client device 102 generates a response including the new alphanumeric string and the digital signature of the new alphanumeric string.
  • a digital signature algorithm e.g., Elliptic Curve Digital Signature Algorithm (ECDSA).
  • Figure 13 illustrates an exemplary response 1300 to the digital challenge 1200 in accordance with an embodiment of the present invention.
  • the response 1300 includes a“Nonce” segment to contain the new alphanumeric string and a“Signature” segment to contain the digital signature of the new alphanumeric string.
  • the client device 102 sends the response 1300 to the provider device 110 and the processor 1104 of the provider device 110 receives the response 1300 from the client device 102 [97]
  • the processor 1 104 also extracts the public key of the patient from the first set of data 700 (i.e., the signed prescription) obtained at step 630.
  • the processor 1104 verifies, based on the digital challenge 1200 and the public key associated with the patient, that the response 1300 is generated using the private key associated with the patient. Specifically, the processor 1104 flips the last four digits of the alphanumeric string in the response 1300 and determines if the resulting alphanumeric string is the same as the original alphanumeric string in the digital challenge 1200.
  • the processor 1104 uses the public key of the patient to determine if the digital signature of the alphanumeric string in the“Nonce” segment of the response 1300 is generated by the private key of the patient. For example, the processor 1104 applies a digital signature algorithm, e.g., Elliptic Curve Digital Signature Algorithm (ECDSA) to verify that the digital signature of the alphanumeric string in the“Nonce” segment of the response 1300 is generated by using a key corresponding to the public key of the patient, namely, the private key of the patient, which only the patient has access to.
  • EDSA Elliptic Curve Digital Signature Algorithm
  • the processor 1104 If both conditions are met, i.e., the resulting alphanumeric string is the same as original string in the digital challenge 1200 and the digital signature of the alphanumeric string in the“Nonce” segment of the response 1300 is generated by the private key of the patient, it is determined that that the prescription is prescribed to the patient. As a result, the processor 1104 generates at step 625 a message (i.e., Patent identity receipt in Figure 6) to indicate that the identity of the patient is verified.
  • a message i.e., Patent identity receipt in Figure 6
  • the processor 1104 receives from the data interface 1106 the public key associated with the doctor (i.e., the issuer). For example, the processor 1104 searches a public key database for the pubic key of the doctor by the doctor’s contact information contained in the first set of data 700 (i.e., the signed prescription) obtained at step 630. The processor 1104 extracts from the first set of data 700 (i.e., the signed prescription) the digital signature contained in the“Signature” segment of the first set of data 700 (i.e., the signed prescription). The processor 1104 also extracts from the first set of data 700 (i.e., the signed prescription) the second set of data 300 (i.e., the prescription) representing the obligation and the public key associated with the patient.
  • the processor 1104 searches a public key database for the pubic key of the doctor by the doctor’s contact information contained in the first set of data 700 (i.e., the signed prescription) obtained at step 630.
  • the processor 1104 extracts from the first set of data 700 (i.e.
  • the processor 1104 verifies, based on the second set of data 300 (i.e., the prescription) and the public key associated with the doctor, that the digital signature is generated by applying the cryptographic process to the second set of data 300 (i.e., the prescription) and the public key associated with the patient based on the private key associated with the doctor.
  • the processor 1104 applies Digital Signature Algorithm (DSA) or Elliptic Curve Digital Signature Algorithm (ECDSA) or RSA to verify that the digital signature in the signed prescription 700 is generated by using a key corresponding to the public key of the doctor, namely, the private key of the doctor, which only the doctor has access to. This means that the prescription 300 is prescribed by the doctor.
  • DSA Digital Signature Algorithm
  • EDSA Elliptic Curve Digital Signature Algorithm
  • RSA RSA
  • the system 100 or 600 may be implemented using smart contract capabilities in a Blockchain-based platform, for example, Ethereum.
  • the fulfilment receipt 400 i.e., the first data record
  • the fulfilment receipt 400 are represented by three state variables in a smart contract, as depicted in Table 1.
  • the fulfilment receipt 400 can be identified on the Blockchain using the second hash value, i.e., the Post-digest.
  • the three state variables here are “ issued r “ location” and ‘ fulfilment indication value”. Combinations of the values of the state variables represent different state of the prescription.
  • “ Location” represents the location of the first set encrypted set of data 800, i.e., Blob, in the database 108. Therefore,“ Location” is the third hash value 900 (i.e., Blob-ref) of Blob 800.
  • full indication value represents whether the obligation has been fulfilled or not.
  • the value of the“ issue ’ is“false”
  • the value of the “ location” is NULL
  • the value of the“ulfilment indication value” is NULL.
  • the doctor generates a prescription (and thus the prescription note).
  • the processor 1044 of the issuer device 104 changes the value of“ issued” from“false” to“true” and the value of location from NULL to blob-ref (or the third hash value) 900.
  • the first set encrypted set of data 800 i.e., Blob
  • the provider device 110 or the processor 1104 identifies the fulfilment receipt 400 on the Blockchain using the second hash value, i.e., Post-digest.
  • the processor 1104 checks for the values of the three state variables. In that manner, the prescription 300 would be fulfilled only when the value of“issued” is true, the value of“ location” is blob-ref and the value of‘ fulfilment indication value” is NULL. If the value of‘ fulfilment indication value” is not NULL, particularly, if it is equal to the first hash value (i.e., Pre-digest) it means that the prescription 300 (or the obligation) has been fulfilled previously. In this case, the pharmacist will not provide the medication to the patient again.
  • the first hash value i.e., Pre-digest
  • the processor 1104 also changes the value of “fulfilment indication value” from NULL to the first hash value, i.e., Pre-digest, to indicate that the prescription 300 has been fulfilled.
  • Suitable computer readable media may include volatile (e.g. RAM) and/or non-volatile (e.g. ROM, disk) memory, carrier waves and transmission media.
  • Exemplary carrier waves may take the form of electrical, electromagnetic or optical signals conveying digital data steams along a local network or a publically accessible network such as the Internet.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Tourism & Hospitality (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Strategic Management (AREA)
  • Primary Health Care (AREA)
  • Human Resources & Organizations (AREA)
  • Economics (AREA)
  • Bioethics (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Data Mining & Analysis (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Epidemiology (AREA)
  • Public Health (AREA)
  • Child & Adolescent Psychology (AREA)
  • Mathematical Physics (AREA)
  • Development Economics (AREA)
  • Educational Administration (AREA)
  • Power Engineering (AREA)
  • Game Theory and Decision Science (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Chemical & Material Sciences (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Medicinal Chemistry (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé informatisé destiné à être utilisé pour déterminer la satisfaction d'une obligation imposée à un utilisateur. Le procédé comprend les étapes consistant à : obtenir un premier ensemble de données relatives à l'obligation provenant d'une interface de données (210) ; effectuer une première opération de hachage sur le premier ensemble de données de façon à déterminer une première valeur de hachage (220) ; effectuer une seconde opération de hachage sur la première valeur de hachage de façon à déterminer une seconde valeur de hachage (230) ; générer un premier enregistrement de données contenant la seconde valeur de hachage et une valeur d'indication de satisfaction, la valeur d'indication de satisfaction indiquant si l'obligation est satisfaite (240) ; et stocker le premier enregistrement de données contenant la seconde valeur de hachage et la valeur d'indication de satisfaction dans un registre destiné à être utilisé pour déterminer la satisfaction de l'obligation imposée à l'utilisateur (250).
PCT/AU2019/050150 2018-02-22 2019-02-22 Système informatique et procédé informatisé de détermination de la satisfaction d'une obligation imposée à un utilisateur WO2019161453A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2018900562 2018-02-22
AU2018900562A AU2018900562A0 (en) 2018-02-22 A computer system and a computer implemented method for determining fulfilment of an obligation to a user

Publications (1)

Publication Number Publication Date
WO2019161453A1 true WO2019161453A1 (fr) 2019-08-29

Family

ID=67686613

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2019/050150 WO2019161453A1 (fr) 2018-02-22 2019-02-22 Système informatique et procédé informatisé de détermination de la satisfaction d'une obligation imposée à un utilisateur

Country Status (1)

Country Link
WO (1) WO2019161453A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794558A (zh) * 2021-09-16 2021-12-14 烽火通信科技股份有限公司 一种XMSS算法中的L-tree计算方法、装置及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170180128A1 (en) * 2015-12-22 2017-06-22 Gemalto Inc. Method for managing a trusted identity
WO2017127564A1 (fr) * 2016-01-19 2017-07-27 Priv8Pay, Inc. Authentification de nœud de réseau
US20170300627A1 (en) * 2016-04-13 2017-10-19 Accenture Global Solutions Limited Distributed healthcare records management
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN107579979A (zh) * 2017-09-07 2018-01-12 成都理工大学 基于区块链技术的电子病历的共享查询方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170180128A1 (en) * 2015-12-22 2017-06-22 Gemalto Inc. Method for managing a trusted identity
WO2017127564A1 (fr) * 2016-01-19 2017-07-27 Priv8Pay, Inc. Authentification de nœud de réseau
US20170300627A1 (en) * 2016-04-13 2017-10-19 Accenture Global Solutions Limited Distributed healthcare records management
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN107579979A (zh) * 2017-09-07 2018-01-12 成都理工大学 基于区块链技术的电子病历的共享查询方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794558A (zh) * 2021-09-16 2021-12-14 烽火通信科技股份有限公司 一种XMSS算法中的L-tree计算方法、装置及系统
CN113794558B (zh) * 2021-09-16 2024-02-27 烽火通信科技股份有限公司 一种XMSS算法中的L-tree计算方法、装置及系统

Similar Documents

Publication Publication Date Title
EP3779830B1 (fr) Procédé de transaction à base de chaîne de blocs, dispositif et appareil de paiement
US11775479B2 (en) System and method for efficient and secure private similarity detection for large private document repositories
Li et al. Blockchain-based data preservation system for medical data
CN111566649B (zh) 使用公有侧链验证存储在联盟区块链中的数据的完整性
US11481518B2 (en) Blockchain-based method for registration and verification of a file
KR101974075B1 (ko) 분산 해시 테이블과 피어투피어 분산 원장을 사용하여 디지털 자산의 소유권을 검증하기 위한 방법 및 시스템
US8898086B2 (en) Systems and methods for transmitting financial account information
US10410018B2 (en) Cryptographic assurances of data integrity for data crossing trust boundaries
US10469477B2 (en) Key export techniques
EP2465246B1 (fr) Protection en couche et validation de données d'identité communiquées en ligne par des clients intermédiaires multiples
EP3673640B1 (fr) Traitement d'éléments de données stockés dans des réseaux de chaînes de blocs
EP3308280A2 (fr) Élaboration de requêtes cryptographiques relatives à des données mémorisées à l'aide d'un système d'ancrage
US20090158037A1 (en) System and method for protecting an electronic file
US11195177B1 (en) Distributed ledger systems for tracking recurring transaction authorizations
EP3711256B1 (fr) Génération de clé cryptographique pour magasins de données partagés logiquement
US11870897B1 (en) Post quantum unique key per token system
El Bouchti et al. Encryption as a service for data healthcare cloud security
US11251950B2 (en) Securely performing cryptographic operations
EP3531365B1 (fr) Système informatique, appareil de connexion et procédé de traitement à l'aide de transaction
WO2016209326A1 (fr) Cryptage de base de données pour fournir une protection d'écriture
KR20220144810A (ko) 비밀 분할 및 메타데이터 저장
CN113688399A (zh) 固件数字签名保护方法、装置、计算机设备及存储介质
Habib et al. A Blockchain-based Technique to Prevent Grade Tampering: A University Perspective
WO2019114084A1 (fr) Procédé de chiffrement/déchiffrement d'un nombre à plusieurs chiffres, et serveur de chiffrement/déchiffrement
WO2019161453A1 (fr) Système informatique et procédé informatisé de détermination de la satisfaction d'une obligation imposée à un utilisateur

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19757497

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19757497

Country of ref document: EP

Kind code of ref document: A1