U.S. patent application number 14/210730 was filed with the patent office on 2014-09-18 for system and method for providing secure data for display using augmented reality.
The applicant listed for this patent is Huntington Ingalls, Inc.. Invention is credited to Brian Bare, Jonathan Martin, Partick Ryan, Paul Sells.
Application Number | 20140282911 14/210730 |
Document ID | / |
Family ID | 51525483 |
Filed Date | 2014-09-18 |
United States Patent
Application |
20140282911 |
Kind Code |
A1 |
Bare; Brian ; et
al. |
September 18, 2014 |
System and Method for Providing Secure Data for Display Using
Augmented Reality
Abstract
A system for authorizing secure data transmission is provided.
The system comprises at least one wearable device comprising a
head-mounted display configured to receive and display data to a
user wearing the head-mounted display. At least one security
mechanism associated with each of the at least one wearable device
is configured to collect authorization data associated with the
user when the user is wearing the head-mounted display. A central
processor is in communication with the at least one wearable device
via a network. The central processor is configured to receive the
authorization data over the network, determine a level of
authorization for the user based at least in part on the
authorization data, and transmit to the user secure data
commensurate with the level of authorization for the user.
Inventors: |
Bare; Brian; (Chesapeake,
VA) ; Martin; Jonathan; (Virginia Beach, VA) ;
Sells; Paul; (Newport News, VA) ; Ryan; Partick;
(Carrollton, VA) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Huntington Ingalls, Inc. |
Newport News |
VA |
US |
|
|
Family ID: |
51525483 |
Appl. No.: |
14/210730 |
Filed: |
March 14, 2014 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61787780 |
Mar 15, 2013 |
|
|
|
61787966 |
Mar 15, 2013 |
|
|
|
61788104 |
Mar 15, 2013 |
|
|
|
Current U.S.
Class: |
726/4 |
Current CPC
Class: |
G06F 16/29 20190101;
H04W 4/02 20130101; H04L 67/38 20130101; H04W 12/06 20130101; G06F
16/2228 20190101; H04L 63/08 20130101; G02B 27/017 20130101; H04L
63/0861 20130101; H04W 64/003 20130101; H04W 12/00504 20190101;
H04W 4/33 20180201; G06T 19/006 20130101 |
Class at
Publication: |
726/4 |
International
Class: |
H04L 29/06 20060101
H04L029/06; G02B 27/01 20060101 G02B027/01; G06T 19/00 20060101
G06T019/00 |
Claims
1. A system for authorizing secure data transmission, the system
comprising: at least one wearable device comprising a head-mounted
display configured to receive and display data to a user wearing
the head-mounted display; at least one security mechanism
associated with each of the at least one wearable device and
configured to collect authorization data associated with the user
when the user is wearing the head-mounted display; and a central
processor in communication with the at least one wearable device
via a network, the central processor being configured to receive
the authorization data, determine a level of authorization for the
user based at least in part on the authorization data, and transmit
to the user secure data commensurate with the level of
authorization for the user.
2. The system of claim 1, wherein the central processor is
configured to determine the level of authorization for the user at
least in part by comparing the authorization data to data stored in
a database of authorized users.
3. The system of claim 1, wherein the head mounted display is one
of the set consisting of a helmet, glasses, goggles, contacts, and
a visor.
4. The system of claim 1, wherein the head-mounted display is
configured for receiving and displaying augmented reality images to
the user and wherein the secure data includes augmented reality
images.
5. The system of claim 1, wherein the at least one security
mechanism comprises at least one of the set consisting of an
accelerometer, a temperature sensor, a retinal scanner, a motion
sensor, a DNA scanner, a microphone, a moisture sensor, a scanner,
a barcode reader, and a camera.
6. The system of claim 1, wherein the authorization data comprises
at least one of the set consisting of a voice sample, a temperature
reading, a retinal scan, a DNA scan, an image, a moisture level, a
QR code, an RFID scan, a measured velocity, and a measured
acceleration.
7. The system of claim 1, wherein the central processor is further
configured to determine if the user is not an authorized user and
to transmit only non-secured data to the at least one wearable
device if the central processor determines that the user is not an
authorized user.
8. The system of claim 1, wherein the at least one security
mechanism is configured for direct communication with the central
processor.
9. The system of claim 8, wherein the at least one security
mechanism is configured to monitor a security parameter indicative
of the user continuing to wear the head-mounted display.
10. The system of claim 9, wherein the at least one security
mechanism is configured so that the at least one security mechanism
notifies the central processor of sudden changes in the monitored
security parameter.
11. The system of claim 10 wherein the central processor is
configured to stop transmission of secure data to the wearable
device associated with the user responsive to receiving a
notification of sudden changes in the monitored security parameter
from the at least one security mechanism.
12. A method of authorizing the transmission of secure data to a
wearable display device worn by a user and associated with at least
one security mechanism, the method comprising: receiving
authorization data from one of the set consisting of the wearable
display device and the at least one security mechanism; determining
an authorization level for the user based at least in part on the
authorization data; and transmitting secure data commensurate with
the level of authorization for the user to the wearable device.
13. The method of claim 12, wherein the action of determining an
authorization level for the user comprises comparing the
authorization data to data stored in a database of authorized
users.
14. The method of claim 13, wherein the action of determining an
authorization level for the user further comprises: determining a
security clearance level associated with the user based at least in
part on the authorization data; and altering the secure data based
on the security clearance level.
15. The method of claim 12, wherein the secure data includes
augmented reality images configured for display to the user by the
wearable display device.
16. The method of claim 12, wherein the authorization data
comprises at least one of a voice sample, a temperature reading, a
retinal scan, a DNA scan, an image, a moisture level, a QR code, an
RFID scan, a measured velocity, and a measured acceleration.
17. The method of claim 10, further comprising: determining if the
user is not an authorized user; and responsive to a determination
that the user is not an authorized user, transmitting only
non-secured data to the wearable display device.
18. The method of claim 10, wherein the at least one security
mechanism is configured to monitor a security parameter indicative
of the user continuing to wear the head-mounted display, the method
further comprising: receiving from one of the set consisting of the
wearable display device and the at least one security mechanism a
notification of a sudden change in the monitored security
parameter; and responsive to receiving a notification of a sudden
change in the monitored security parameter, stopping transmission
of secure data to the wearable display device.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims priority to U.S. Provisional
Application Nos. 61/787,780, 61/787,966, and 61/788,104, all filed
Mar. 15, 2013, the complete disclosures of which are incorporated
herein by reference in their entirety.
BACKGROUND OF THE INVENTION
[0002] Collaborative projects frequently require individuals with
differing levels of authorization to access sensitive data. In some
industries, unauthorized users must be prevented from accessing or
viewing sensitive data. This arrangement can be detrimental to
collaboration. One way that users may access sensitive data is
using a wearable device having a head-mounted display that is
configured to display the sensitive data in the user's field of
vision using Augmented Reality (AR). There is a need for wearable
devices to include one or more security features to authenticate
the wearer before displaying sensitive data.
SUMMARY OF THE INVENTION
[0003] An illustrative aspect of the invention provides a system
for authorizing secure data transmission. The system comprises at
least one wearable device comprising a head-mounted display
configured to receive and display data to a user wearing the
head-mounted display. The system further comprises at least one
security mechanism associated with each of the at least one
wearable device and configured to collect authorization data
associated with the user when the user is wearing the head-mounted
display. The system further comprises a central processor in
communication with the at least one wearable device via a network,
the central processor being configured to receive the authorization
data, determine a level of authorization for the user based at
least in part on the authorization data, and transmit to the user
secure data commensurate with the level of authorization for the
user.
[0004] Another illustrative aspect of the invention provides a
method of authorizing the transmission of secure data to a wearable
display device worn by a user and associated with at least one
security mechanism. The method comprises receiving authorization
data from one of the set consisting of the wearable display device
and the at least one security mechanism. The method further
comprises determining an authorization level for the user based at
least in part on the authorization data. The method further
comprises transmitting secure data commensurate with the level of
authorization for the user to the wearable device.
BRIEF DESCRIPTION OF THE DRAWINGS
[0005] The invention can be more fully understood by reading the
following detailed description together with the accompanying
drawings, in which like reference indicators are used to designate
like elements, and in which:
[0006] FIG. 1 is a schematic representation of a system according
to an embodiment of the invention;
[0007] FIG. 2 is a schematic representation of a system according
to an embodiment of the invention; and
[0008] FIG. 3 is a block diagram illustrating a method according to
an embodiment of the invention.
DETAILED DESCRIPTION OF THE INVENTION
[0009] While the invention will be described in connection with
particular embodiments, it will be understood that the invention is
not limited to these embodiments. On the contrary, it is
contemplated that various alternatives, modifications and
equivalents are included within the spirit and scope of the
invention as described.
[0010] The system described herein uses augmented reality (AR) to
display information to a user on a wearable display device. The
system uses one or more security features to authenticate the user
and display sensitive data while preventing unauthorized users from
gaining access to the data.
[0011] A wearable display device (herein after referred to as a
head-mounted display device (HMD)) is a display device that a
person wears on the head in order to have video information
directly displayed in front of their eyes. U.S. Pat. No. 8,212,859
to Tang et al. ("Tang"), the complete disclosure of which is
incorporated herein by reference, describes the construction and
function of illustrative HMDs in more detail. As described in Tang,
an HMD may have one or two small CRT, LCD, or OLED displays with
magnifying lenses and other associated optical elements. The
displays and optics are typically embedded in a helmet, glasses,
goggles, contacts, or a visor which a user can wear. As disclosed
in Tang, some HMDs can be used to view one or more see-through
images imposed upon a real-world view. This is often referred to as
augmented reality.
[0012] FIG. 1 depicts an exemplary embodiment of a system 100 for
displaying sensitive data to an authorized user of a wearable
display device 101, or HMD. The system includes a wearable display
device, or HMD 101, a secure data system 102 that includes one or
more secure data processors 103, at least one security feature 104,
and a network 108 that communicatively couples the wearable display
device 101 and secure data processor 103. It is noted that the
system in FIG. 1 illustrates only a single instance of each
component. It will be appreciated that multiple instances of these
components may be used. Moreover, the system may include other
devices not depicted in FIG. 1.
[0013] HMD 101 may be, for example and without limitation, glasses,
goggles, a visor, a helmet, or contact lenses. HMD 101 may include
a display, a frame, a camera, one or more wireless connections to a
data processor, one or more security features, a microphone, and a
small speaker. HMD 101 may include one or more processors embedded
in the frame. The one or more processors may be remote to the
wearable device and may communicate with the wearable device
wirelessly.
[0014] HMD 101 may transmit and receive data to and from secure
data system 102, which may comprise one or more secure data
processors 103. The one or more secure data processors may be one
or more network enabled computers or servers. As used herein, the
term network enabled computer and/or device may include, but is not
limited to: e.g., any computer device, or communications device
including, e.g., a server, a network appliance, a personal computer
(PC), a workstation, a mobile device, a phone, a smartphone, a
tablet computer, a laptop, a handheld PC, a personal digital
assistant (PDA), a thin client, a fat client, an Internet browser,
or other device.
[0015] As shown in FIG. 1, HMD 101 may communicate wirelessly with
secure data system 102 via network 108. Network 108 may be a
wireless network, a wired network or any combination of wireless
network and wired network. Network 108 may be a wireless LAN, a
Global System for Mobile Communication ("GSM"), a Personal
Communication Service ("PCS"), a Personal Area Network ("PAN"),
D-AMPS, Wi-Fi, Fixed Wireless Data, IEEE 802.11a, 802.11b,
802.15.1, 802.11n and 802.11g or any other wired or wireless
network for transmitting and/or receiving a data signal.
[0016] In some instances, HMD 101 may be configured to use AR
technology to display sensitive or proprietary information to the
wearer. The sensitive data may be wirelessly transmitted to HMD 101
from a remote location, such as the secure data system 102. HMD 101
may display the sensitive data to the user using AR technology. The
disclosure herein described systems and methods for authenticating
a user (wearer) of the display device so that only authorized users
can view the sensitive information on the display of HMD 101. The
systems and methods may be implemented in conjunction with one or
more security features 104. Security feature 104 may be physically
coupled to wearable device 101. Security feature 104 may be
integrated with wearable device 101. Security feature 104 may be
communicatively coupled to wearable device 101, network 108, and/or
secure data system 102 to prevent unauthorized users from gaining
access to the sensitive information via the HMD.
[0017] FIG. 2 depicts an exemplary embodiment of an HMD that has
been equipped with one or more security features 104 to prevent an
unauthorized user from viewing sensitive data using the HMD. Device
202 and device 204 may be the same device, equipped with one or
more security features. Unauthorized device 202 denotes the state
when an unauthorized user wears device 202. Authorized device 204
denotes the state when an authorized user wears device 204. As
shown, the unauthorized user wearing device 202 would only be able
to view data "12345" in his field of vision. By contrast, an
authorized user wearing device 204 would be able to see "12345
546546516" displayed in his field of vision.
[0018] The combination of HMD 101, security feature 104, and the
secure data system 102 (including secure data processor 103) may
use one or more forms of authentication to verify the user's
authenticity. In one embodiment, security feature 104 may comprise
a microphone connected to HMD 101. The user may speak a password
into the microphone. HMD 101 may transmit the spoken password to
the secure data system 102 (via network 108), which may use voice
recognition software to authenticate the user. Secure data system
102 may include a database of voice samples from authorized users.
Secure data processor 103 may compare the received voice sample
from HMD 101 and compare it to the one or more stored voice samples
to determine if the user of HMD 101 is an authorized user. If the
user is appropriately authenticated, the secure data processor 103
may transmit sensitive data to HMD 101 for display to the
authorized user, as shown on device 204 in FIG. 2. The amount or
nature of the sensitive data that is displayed to the user may vary
depending on the level of access associated with the user.
[0019] Once a user of an HMD has been authenticated, the user may
be able to view sensitive data on the display of the HMD for as
long as the user is wearing the HMD. If an unauthorized user
attempts to put an HMD that was previously being used by an
authorized user, a signal from security feature 104 of the HMD may
tell the secure data system 102 that the HMD is no longer being
worn by the authorized user. This signal may be a security break
signal that may cause the secure data system 102 to cease
transmitting sensitive data to HMD 101 and effectively return the
HMD to an unauthorized display state (as shown on device 202 in
FIG. 2).
[0020] Various security features 104 may be incorporated into the
HMD to authorize a user or detect changes in the user identity. For
example, in one exemplary embodiment, security feature 104 may
comprise an accelerometer that is configured to detect sudden
changes in the position of the HMD caused by a user "taking off" or
"putting on" the HMD. In response to detected changes, HMD 101
and/or security feature 104 may transmit one or more security break
signals to the secure data system 102. The secure data system may
require the HMD to be stationary at all times. In this scenario, in
response to any motion detected by the accelerometer, a security
break signal would be sent to the secure data system. In another
exemplary embodiment, the secure data system 102 may require the
HMD to be moving at a constant velocity. Any change in the HMD's
velocity may be detected by the accelerometer, and a security break
signal would be sent to the secure data system, causing the secure
data system to cease transmission of the sensitive data to the
HMD.
[0021] In another exemplary embodiment, security feature 104 may
comprise one or more heat or temperature sensors. These heat
sensors may be positioned to detect body heat emanating from the
user of the HMD when the HMD is being worn. Alternatively, security
feature 104 may comprise one or more moisture sensors. The heat
sensors/temperature sensors/moisture sensors may be configured to
send security break signals to the secure data system in response
to a detected change in temperature or moisture level, which may
correspond to the HMD being taken off or put on.
[0022] In another exemplary embodiment, security feature 104 may
comprise one or more scanning devices that are configured to
frequently scan the user's eye or eyes. Each authorized user may
have a unique biometric signature that may have been previously
stored with the secure data system 102. The scanning device may
periodically send a signal to the secure data system that includes
the most recent scan of the user's eye or eyes. Secure data system
102 may compare the scanned information to the stored biometric
signatures to verify the identity or authenticity of the user. If
the received scan is not authenticated, secure data system 102 may
immediately cease transmitting sensitive data to the HMD. Security
feature 104 may be configured to detect and/or monitor other
biometric signatures, such as a heartbeat or a live DNA scan.
[0023] In another exemplary embodiment, security feature 104 may
comprise one or more scanners that are configured to detect digital
signatures. An authorized user may have been equipped with one or
more security tags, such as a quick reference (QR) code, RFID tag,
proximity badge, or a chip embedded on the user. The one or more
security tags may be worn on the user's clothing, jewelry, or
physically embedded on their person. The security tags may
broadcast digital signals (such as an RFID signal), or the security
tags may be passive devices. Security feature 104 may be configured
to detect the signals from the security tags, or to scan the user
for the security tag. The HMD may transmit the detected signal or
signals to secure data system 102, which may compare them to known
identifiers associated with authorized users. If no match is found,
secure data system 102 may cease transmitting sensitive data to the
HMD. Additionally or alternatively, if the HMD does not detect a
digital signal or security feature, the HMD may transmit a security
break signal to secure data system 102, and the secure data system
may cease transmission of sensitive data to the HMD in response.
Security feature 104 and/or HMD 101 may be configured to physically
connect to one or more security tags that are worn by the user. The
aforementioned security features may be combined as necessary or
desirable.
[0024] FIG. 3 is a flowchart illustrating the functionality of a
method for providing a secure data display on a wearable device.
This exemplary method 300 may be provided by way of example, as
there are a variety of ways to carry out the method. The method 300
shown in FIG. 3 can be executed or otherwise performed by one or a
combination of various systems. The method 300 is described below
may be carried out by the systems and networks shown in FIGS. 1 and
2, by way of example, and various elements of the systems and
networks are referenced in explaining the example method of FIG. 3.
Each block shown in FIG. 3 represents one or more processes,
methods or subroutines carried out in exemplary method 300.
Referring to FIG. 3, exemplary method 300 may begin at block
302.
[0025] At block 302, the secure data system receives a first signal
from a wearable device. The first signal may be from a security
feature associated with the wearable device. The first signal may
be an authorization signal. At block 304, the secure data system
may analyze the first signal to determine whether the user of the
wearable device is an authorized user. The first signal may be a
voice sample. The secure data system may compare the voice sample
to one or more stored voice samples from authorized users in order
to determine whether the received voice sample is associated with
an authorized user. The first signal may be a retinal scan. The
secure data system may compare the retinal scan with one or more
stored retinal scans from authorized users. The first signal may be
a spoken password. The secure data system may compare the spoken
password with one or more stored passwords associated with
authorized users. The first signal may be a DNA scan. The secure
data system may compare the DNA scan with one or more stored DNA
samples associated with authorized users. If the secure data system
determines that the user associated with the wearable device is
authorized, method 300 may proceed to block 306. If the secure data
system determines that the user associated with the wearable device
is not an authorized user, method 300 may proceed to block 308.
[0026] At block 306, secure data system may transmit secured data
to the wearable device for display in the field of vision of the
user of the wearable device. Secure data system may also transmit
unsecured data. The amount and content of the secured data that is
transmitted to the wearable device may depend on a level of
security clearance associated with the authorized user. The
wearable device may be equipped with AR technology, allowing the
user to view the secured data in his field of vision. At block 308,
the secure data system may transmit unsecured data to the wearable
device. In other embodiments, the secure data system may not
transmit any data to the wearable device if the user was not
authorized in step 304.
[0027] At block 310, the secure data system may receive a second
signal from the wearable device. The second signal may be generated
by the one or more security features associated with the wearable
device. The second signal may be similar to the signal received in
step 302. The second signal may be generated by an accelerometer
associated with the wearable device. The second signal may indicate
that the wearable device has been suddenly moved. The second signal
may be generated by a temperature sensor associated with the
wearable device. The second signal may indicate a sudden change in
temperature. At block 312, secure data system may analyze the
second signal to determine whether the authorized user is still
wearing the wearable device. For example, if the second signal is
generated by an accelerometer, the secure data system may have
stored a maximum acceleration threshold and compare the second
signal to the stored threshold. If the second signal exceeds the
threshold, the secure data system may cease transmission of the
secured data. If the secure data system determines that the
authorized user is no longer wearing the wearable device, method
300 may proceed to block 308, where secure data system may cease
transmission of any data to the wearable device (or only transmit
unsecured data). If the secure data system determines that the
authorized user is still wearing the wearable device, method 300
may proceed to block 314, where secure data system may continue
transmitting secured data and unsecured data to the wearable
device.
[0028] It will be readily understood by those persons skilled in
the art that the present invention is susceptible to broad utility
and application. Many embodiments and adaptations of the present
invention other than those herein described, as well as many
variations, modifications and equivalent arrangements, will be
apparent from or reasonably suggested by the present invention and
foregoing description thereof, without departing from the substance
or scope of the invention.
* * * * *