| 摘要 |
A system utilising known storage spaces (S), for example servers or Compact Disks, is characterised by the fact that the personal data base (PDB) consists of the sum of the unitary personal databases (UPDB<SUB>1</SUB>, UPDB<SUB>2</SUB>, UPDB<SUB>3</SUB>, UPDB<SUB>x</SUB>), each of which comprises the owner (P<SUB>1</SUB>, P<SUB>2</SUB>, P<SUB>3</SUB>, P<SUB>x</SUB>) of unitary personal data base (UPDB<SUB>1</SUB>, UPDB<SUB>2</SUB>, UPDB<SUB>3</SUB>, UPDB<SUB>x</SUB>) and the storage space (S<SUB>1</SUB>, S<SUB>2</SUB>, S<SUB>3</SUB>, S<SUB>x</SUB>) of the owner (P<SUB>1</SUB>, P<SUB>2</SUB>, P<SUB>3</SUB>, P<SUB>x</SUB>) of the unitary personal data base (UPDB<SUB>1</SUB>, UPDB<SUB>2</SUB>, UPDB<SUB>3</SUB>, UPDB<SUB>x</SUB>), wherein each storage space contains individually encrypted data objects (O', O'', O''', O<SUP>y</SUP>), and the storage spaces (S<SUB>1</SUB>, S<SUB>2</SUB>, S<SUB>3</SUB>, S<SUB>x</SUB>) of various unitary personal database (UPDB<SUB>1</SUB>, UPDB<SUB>2</SUB>, UPDB<SUB>3</SUB>, UPDB<SUB>x</SUB>) may be situated in one place or they may be distributed. The method of managing access to the personal data bases is based on this, that the sole owner (P) and at the same time the ultimate controller of the unitary personal data base (UPDB), especially the individual entity whom the data concern and/or whose property they are, exercises the original right of access to the storage space (S) through the granting or withdrawal of access licences (L) to data objects (O) in the storage space (S). The licence (L) determines the scope and conditions of access to the data object (O) in the storage space (S), wherein each creation of a data object in the unitary personal data base (UPDB) is automatically accompanied by an access licence (L<SUB>O</SUB>) to that data object granted to thw owner (P) of the unitary personal data base (UPDB). Use of some data objects (O) in the storage space (S) may require the presence of more than one access licence (L). Data objects (O) in the storage space (S) are protected by symmetrical cryptography, and access to the data objects (O) in the storage space (S) is protected by asymmetrical cryptography. Access to the data takes place only at the point of use of the data (PUD) through the fetching of the data objects (O) from the storage space (S) in encrypted form and the consequent decryption of the data object (O). |
