Inventions

Crypto-based ACL for patient treatment and follow-up care

Patent number: 10892047

Abstract: Systems and methods of a cipher-based system for tracking a patient within a clinical pharmacy workflow, the system includes providing a meshed network having smart devices that communicate patient data with aggregators. The smart devices and aggregators located within the space form a meshed network, the aggregators communicate data to a computer in communication with a cloud-based network. A smart device with a mobile application wirelessly communicates with an internet system in communication with the cloud-based network. Receiving by the computer, information about the user smart device entering the meshed network by wireless tags positioned within the space.

Type: Grant
Filed: October 24, 2017
Date of Patent: January 12, 2021
Inventor: Sze Yuen Wong

Systems and methods for trading of text based data representation

Patent number: 9436849

Abstract: A method for sharing encrypted data and encryption keys through a system comprised of the following data types, but not limited to a; 1) Record and its encryption key, 2) RecordSet and its encryption key, and 3) Entity and its encryption key. A Record is encrypted using an encryption key, furthermore, the Record encryption key is encrypted using a RecordSet encryption key, and finally, both the encrypted Record and its encrypted encryption key are wrapped as a single unit, to avoid key the expensive operations of key lookup and general key operation overhead. Access control to the RecordSet encryption keys are provided by a combination of data types, but not limited to a; 1) Entity and its encryption key, 2) Ciphers, and 3) Trusted Entity Lists. For each Entity which is authorized access to access a RecordSet, an encrypted Cipher, made of both the Entity encryption key and RecordSet encryption key, is added to a Trusted Entity List.

Type: Grant
Filed: November 21, 2014
Date of Patent: September 6, 2016
Inventors: Sze Yuen Wong, Wai Pong Leung

Methods and apparatus for sharing encrypted data

Patent number: 9413734

Abstract: The present invention is directed to methods and systems in which data are stored as encrypted records on a computer usable medium, and search requests are processed based on user identities to retrieve the data without decrypting all the stored records. Individual decryption keys are associated with identities of respective owners, without being revealed to the owners and are kept internal inside a computer. Finally, all keys are overwritten from the computer usable medium upon completion of each search request to take access away from a superuser or any unauthorized access to the system.

Type: Grant
Filed: February 9, 2015
Date of Patent: August 9, 2016
Inventor: Sze Yuen Wong

Systems and methods for data gathering without internet

Patent number: 9380034

Abstract: Systems and methods are provided in which external key devices are used for sealing and unsealing data-gathering devices without Internet, wherein the data-gathering devices invalidate the external key devices upon completing data collection in order to seal removable storage. Further, a sealed removable storage is transported to same location of a key server, where the key server uses a multi-factor sealing routine to unlock the sealed removable storage. The routine seals and unseals uses multiple factors including a location of the key server, hardware attributes of the removable storage, hardware attributes of the external key devices, and a private key of the key server. The data-gathering device may be used to support workers collecting data in disconnected parts in the world that are without Internet. The workers may collect data by using mobile devices to transfer data to a shared data-gathering device.

Type: Grant
Filed: November 5, 2015
Date of Patent: June 28, 2016
Inventors: Sze Yuen Wong, Amol Kedar

System and method for protecting a plug server using encryption techniques without internet connectivity

Patent number: 9239802

Abstract: Various systems, computer program products, and methods for securing a plug server and its data are described. According to the invention, the plug server will be protected via encryption when disconnected from the internet via a block level encryption device. The invention is particularly useful in environments where no internet connectivity exists, and teams must collaborate and collect data in remote regions of the world in a secure responsible manner.

Type: Grant
Filed: September 12, 2014
Date of Patent: January 19, 2016
Inventors: Sze Yuen Wong, Amol Kedar

CryptoJSON Indexed Search Systems and Methods

Publication number: 20200210595

Abstract: An indexing value may be determined, transparently with respect to a data user, based on a desired plaintext item of data and a transformation expression. The indexing value may be used to access an entry in an indexing structure to obtain a corresponding CryptoJSON record which includes a non-deterministically encrypted ciphertext item. In another embodiment, an indexing structure for a CryptoJSON recordset may be accessed. Positions of items of the indexing structure may be based on corresponding plaintext items. References related to the corresponding plaintext items in the indexing structure may be encrypted and other information in the indexing structure may be unencrypted. A portion of the indexing structure may be loaded into a memory and at least one of the encrypted references related to one of the plaintext items may be decrypted. The decrypted reference may be used to access a corresponding non-deterministically encrypted data item from the CryptoJSON recordset.

Type: Application
Filed: December 30, 2018
Publication date: July 2, 2020
Inventor: Sze Yuen Wong

Pseudonymous crypto-based systems and methods for patient data

Publication number: 20200135306

Abstract: Systems and methods of a cipher-based system for tracking a patient within a clinical pharmacy workflow, the system includes providing a meshed network having patient devices that communicate patient data with aggregators. The patient devices and aggregators located within the space form a meshed network, the aggregators communicate data to a computer in communication with a cloud-based network. A patient device with a mobile application wirelessly communicates with an internet system in communication with the cloud-based network. Receiving by the computer, information about the user patient device entering the meshed network by wireless tags positioned within the space.

Type: Application
Filed: October 31, 2018
Publication date: April 30, 2020
Inventor: Sze Yuen Wong

Crypto-based access control system and methods for unified shopping experience

Publication number: 20190095974

Abstract: Systems and methods of a cipher-based intelligent locator system for locating a user within a space, the system includes providing a tag cloud having tags that communicate tag data with aggregators. The tag cloud and aggregators located within the space form a meshed network, the aggregators communicate data to a computer in communication with a cloud-based network. A user smart device with a mobile application wirelessly communicates with an internet system in communication with the cloud-based network. Receiving by the computer, information about the user smart device entering the meshed network by wireless tags positioned within the space.

Type: Application
Filed: September 25, 2017
Publication date: March 28, 2019
Inventor: Sze Yuen Wong

Systems and methods for aggregating encrypted data

Publication number: 20170134159

Abstract: The present invention is directed to methods and systems in which TNO ciphertexts are grouped into targeted selections for distributed aggregation. A user selects certain initial data records for Stage-1 processing, which performs mapping operations and partitioning with the data records. An owner key is obtained from the data owner for encrypting and decrypting of the TNO ciphertexts. Consents are obtained from the data subjects for encrypting and decrypting of partition keys and indexes. Stage-2 processing are distributed among multiple processing units based on the indexes, where associated TNO ciphertexts are decrypted and processed to obtain aggregate data.

Type: Application
Filed: November 5, 2015
Publication date: May 11, 2017
Inventor: Sze Yuen Wong

Methods And Apparatus For Sharing Encrypted Data

Publication number: 20160350544

Abstract: A method for sharing encrypted data and encryption keys through a system comprised of the following data types, but not limited to a; 1) Record and its encryption key, 2) RecordSet and its encryption key, and 3) Entity and its encryption key. A Record is encrypted using an encryption key, furthermore, the Record encryption key is encrypted using a RecordSet encryption key, and finally, both the encrypted Record and its encrypted encryption key are wrapped as a single unit, to avoid key the expensive operations of key lookup and general key operation overhead. Access control to the RecordSet encryption keys are provided by a combination of data types, but not limited to a; 1) Entity and its encryption key, 2) Ciphers, and 3) Trusted Entity Lists. For each Entity which is authorized access to access a RecordSet, an encrypted Cipher, made of both the Entity encryption key and RecordSet encryption key, is added to a Trusted Entity List.

Type: Application
Filed: October 22, 2014
Publication date: December 1, 2016
Inventor: Sze Yuen Wong

Methods And Apparatus For Sharing Encrypted Data

Publication number: 20160234180

Abstract: The present invention is directed to methods and systems in which data are stored as encrypted records on a computer usable medium, and search requests are processed based on user identities to retrieve the data without decrypting all the stored records. Individual decryption keys are associated with identities of respective owners, without being revealed to the owners and are kept internal inside a computer. Finally, all keys are overwritten from the computer usable medium upon completion of each search request to take access away from a superuser or any unauthorized access to the system.

Type: Application
Filed: February 9, 2015
Publication date: August 11, 2016
Inventor: Sze Yuen Wong

Systems and Methods for Trading of Text based Data Representation

Publication number: 20160148021

Abstract: A method for sharing encrypted data and encryption keys through a system comprised of the following data types, but not limited to a; 1) Record and its encryption key, 2) RecordSet and its encryption key, and 3) Entity and its encryption key. A Record is encrypted using an encryption key, furthermore, the Record encryption key is encrypted using a RecordSet encryption key, and finally, both the encrypted Record and its encrypted encryption key are wrapped as a single unit, to avoid key the expensive operations of key lookup and general key operation overhead. Access control to the RecordSet encryption keys are provided by a combination of data types, but not limited to a; 1) Entity and its encryption key, 2) Ciphers, and 3) Trusted Entity Lists. For each Entity which is authorized access to access a RecordSet, an encrypted Cipher, made of both the Entity encryption key and RecordSet encryption key, is added to a Trusted Entity List.

Type: Application
Filed: November 21, 2014
Publication date: May 26, 2016
Inventors: Sze Yuen Wong, Wai Pong Leung

System and Method for Communicating Enterprise Information Between a Mobile Device and a Backend Platform

Publication number: 20110264638

Abstract: Various systems and methods for communicating enterprise information between an enterprise backend server and a mobile device are provided. For example, a middleware server may generate a formbuilder interface that allows a user to input form design information used to display a custom dynamic form. The form design information may include a plurality of form elements and an executable script that in part controls a behavior of the custom dynamic form. The custom dynamic form may be configured to prompt input of and receive the enterprise information. A value of a first one of the plurality of form elements may cause an action to be taken by the custom dynamic form, wherein the executable instruction when executed causes the action to be taken. The middleware server may communicate to the mobile device the plurality of form elements and the executable instruction. An operator of the mobile device may provide enterprise information using the custom dynamic form.

Type: Application
Filed: April 23, 2010
Publication date: October 27, 2011
Inventor: Sze Yuen Wong