Patent Application
20220398302
Embodiments of the present invention relates generally to data security. More particularly, embodiments of the invention relate to providing mechanisms to view secure data using wearable lenses (e.g., glasses, spectacles, contact lenses, etc.).
Augmented Reality (AR) and Virtual Reality (VR) based glasses have existed in the commercial arena for some time now. In these systems a user can adorn the wearable lens device and view AR/VR or mixed reality artifacts.
However, such systems do not provide any data security and therefore potential misuse by authorized access of one's data is plausible. Therefore, what is needed are techniques, methods, systems, and apparatuses that can provide secure access to the data when viewed with wearable lens devices.
A Wearable Lens Device (WLD) comprising at least one optical lens, a processing system, and a display system, coupled to the processing system is disclosed. In one embodiment, the processing system of the WLD can be configured to present at least one of an augmented reality or virtual reality artifact on the at least one optical lens. The optical lens can be made of a transparent substance that is used to form an image of a real-world object by focusing rays of light from the object. The display system can include a micro-display panel and a waveguide comprising at least one grating layer. In one embodiment, the waveguide is formed by embedding the at least one grating layer between layers of the optical lens. The WLD can also include a biometric scanner. The biometric scanner can be configured to authenticate or identify the user. The biometric scanner can be a retinal scanner, iris scanner, eye vein verification system, an ocular-based biometric scanner, or a fingerprint scanner. In one embodiment, the biometric scanner can measure and/or records the distance between a user's eye and the WLD. Thereafter, secure data becomes available through the WLD upon successful authentication or identification of the user. In one embodiment, the display system allows overlaying of virtual objects onto the real world through the optical lens.
In one embodiment, the WLD can also include a Geo-Positioning System (GPS) transmitter, wherein the GPS transmitter is configured to periodically transmit the GPS coordinates of the WLD. The WLD can be configured to be operable only when the GPS coordinates of the WLD are within a predetermined geographical area. In this embodiment, the WLD is non-operative when the GPS coordinates of the WLD are not within a predetermined geographical area. Further, the WLD can be configured to become non-operable after a predetermined time period of not being within the predetermined geographical area.
In one embodiment, a system comprises a WLD and an authorization system, preferably wirelessly, coupled to the WLD. The authorization system can be configured to receive an at least one of an authentication or identification of a user and transmit secure data to the WLD. In one embodiment, the authorization server can be configured to receive Geo-Positioning System (GPS) coordinates of the WLD and the secure data is transmitted to the WLD only when the GPS coordinates are within a predetermined geographical area. In one embodiment, the secure data is not transmitted when the GPS coordinates are not within a predetermined geographical area. In yet another embodiment, the secure data is not transmitted after a predetermined time period of determining that the GPS coordinates are not within the predetermined geographical area.
The present invention is illustrated by way of example and not limitation in the figures of the accompanying drawings in which like references indicate similar elements.
Various embodiments and aspects of the inventions will be described with reference to details discussed below, and the accompanying drawings will illustrate the various embodiments. The following description and drawings are illustrative of the invention and are not to be construed as limiting the invention. Numerous specific details are described to provide a thorough understanding of various embodiments of the present invention. However, in certain instances, well-known or conventional details are not described in order to provide a concise discussion of embodiments of the present inventions.
Reference in the specification to “one embodiment” or “an embodiment” or “another embodiment” means that a particular feature, structure, or characteristic described in conjunction with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase “in one embodiment” in various places in the specification do not necessarily all refer to the same embodiment. The processes depicted in the figures that follow are performed by processing logic that comprises hardware (e.g., circuitry, dedicated logic, etc.), software, or a combination of both. Although the processes are described below in terms of some sequential operations, it should be appreciated that some of the operations described can be performed in a different order. Moreover, some operations can be performed in parallel rather than sequentially.
A Wearable Lens Device (WLD), as described herein, includes AR, VR, and/or mixed reality technology enhanced user wearable glasses, spectacles, contact lenses, night vision goggles, or any other wearable lens which permits a user to see or view AR,VR, and/or mixed reality artifacts, which are optionally superimposed on the user's real world viewable perception (i.e., the real world viewed through the wearable glasses, spectacles, contact lenses, etc.). The WLD also refers to device(s) and/or apparatus(es) that permit the user to view real world imagery that is enhanced using augmented and/or virtual reality technology using wearable glasses, spectacles, contact lenses, or any other wearable lens. In one or more implementations the WLD can also include Global Positioning System (GPS) based transmitter and/or receiver which can assist to determine the location of the WLD. In one or more implementation, the WLD can also include or be coupled to a biometric scanning device (e.g., retinal scanner, iris scanner/recognition systems, eye vein verification, other ocular-based biometric scanner, fingerprint scanner, etc.) to authenticate/identify the user adorning the WLD. The WLD is also interchangeably referred to as Smart Glasses herein.
In one embodiment, WLD 100 processes the data received from biometric scanner 102 and/or GPS 202 transmits it to authentication system 204 for verification. Authorization system 204 can, in one or more embodiments, perform any of the functions as further described in
Secure data 206 can be stored in a database or memory store associated with authorization system 206. After secure data 206 is received, the information is transmitted to display system 207 from where it can be viewed/augmented on optional lens 104. In one embodiment, display system is embedded and/or included within WLD 100. In another embodiment, WLD 100 is coupled to display system 207.
At 313, once authorization system 204 receives the user registration data (as illustrated in
In one embodiment, the WLD configuration, as illustrated at 414-418, can be configured and customized for each user. In other words, multiple users can be assigned to the same WLD, and depending on the user, the access parameters/configuration, illustrated at 414-418, can be adjusted accordingly. Thus, authorization system 204 will permit WLD 100 to access a different set of secure data 206, with different configuration parameters depending on the user wearing the device.
If however, access is granted, at 508, the user gains access to a system menu from where access to secure data 206 can be requested. At 512, the user requests access to secure data 206 (set A). If the user is permitted to access secure data 206, at 516, the data is transmitted to WLD 100. Optionally, if however, the user's is not authorized to request secure data 206 (Set A) at 514, an alert can be transmitted to the administrator about the attempted unauthorized access of secure data 206. At 518, the system records and maintains a log of the files accessed or requested by the user.
System 1900 can have a distributed architecture having a plurality of nodes coupled through a network, or all of its components may be integrated into a single unit. Computing system 1900 can represent any of the data processing systems described above performing any of the processes or methods described above. In one embodiment, computer system 1900 can be implemented as integrated circuits (ICs), discrete electronic devices, modules adapted to a circuit board such as a motherboard, an add-in card of the computer system, and/or as components that can be incorporated within a chassis/case of any computing device. System 1900 is intended to show a high level view of many components of any data processing unit or computer system. However, it is to be understood that additional or fewer components may be present in certain implementations and furthermore, different arrangement of the components shown may occur in other implementations. System 1900 can represent a desktop, a laptop, a tablet, a server, a mobile phone, a programmable logic controller, a personal digital assistant (PDA), a personal communicator, a network router or hub, a wireless access point (AP) or repeater, a set-top box, or a combination thereof.
In one embodiment, system 1900 includes processor 1901, memory 1903, and devices 1905-1908 via a bus or an interconnect 1922. Processor 1901 can represent a single processor or multiple processors with a single processor core or multiple processor cores included therein. Processor 1901 can represent one or more general-purpose processors such as a microprocessor, a central processing unit (CPU), Micro Controller Unit (MCU), etc. Processor 1901 can be a complex instruction set computing (CISC) microprocessor, reduced instruction set computing (RISC) microprocessor, very long instruction word (VLIW) microprocessor, or processor implementing other instruction sets, or processors implementing a combination of instruction sets. Processor 1901 may also be one or more special-purpose processors such as an application specific integrated circuit (ASIC), a cellular or baseband processor, a field programmable gate array (FPGA), a digital signal processor (DSP), a network processor, a graphics processor, a network processor, a communications processor, a cryptographic processor, a co-processor, an embedded processor, or any other type of logic capable of processing instructions. Processor 1901, can also be a low power multi-core processor socket such as an ultra low voltage processor, may act as a main processing unit and central hub for communication with the various components of the system. Such processor can be implemented as a system on chip (SoC).
Processor 1901 is configured to execute instructions for performing the operations and methods discussed herein. System 1900 further includes a graphics interface that communicates with graphics subsystem 1904, which may include a display controller and/or a display device. Processor 1901 can communicate with memory 1903, which in an embodiment can be implemented via multiple memory devices to provide for a given amount of system memory. In various implementations the individual memory devices can be of different package types such as single die package (SDP), dual die package (DDP) or quad die package (QDP). These devices can in some embodiments be directly soldered onto a motherboard to provide a lower profile solution, while in other embodiments the devices can be configured as one or more memory modules that in turn can couple to the motherboard by a given connector. Memory 1903 can be a machine readable non-transitory storage medium such as one or more volatile storage (or memory) devices such as random access memory (RAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), static RAM (SRAM), or other types of storage devices such as hard drives and flash memory. Memory 1903 may store information including sequences of executable program instructions that are executed by processor 1901, or any other device. System 1900 can further include IO devices such as devices 1905-1908, including wireless transceiver(s) 1905, input device(s) 1906, audio IO device(s) 1907, and other IO devices 1908.
Wireless transceiver 1905 can be a WiFi transceiver, an infrared transceiver, a Bluetooth transceiver, a WiMax transceiver, a wireless cellular telephony transceiver, a satellite transceiver (e.g., a global positioning system (GPS) transceiver), or other radio frequency (RF) transceivers, network interfaces (e.g., Ethernet interfaces) or a combination thereof. Input device(s) 1906 can include a mouse, a touch pad, a touch sensitive screen (which may be integrated with display device 1904), a pointer device such as a stylus, and/or a keyboard (e.g., physical keyboard or a virtual keyboard displayed as part of a touch sensitive screen). Other optional devices 1908 can include a storage device (e.g., a hard drive, a flash memory device), universal serial bus (USB) port(s), parallel port(s), serial port(s), a printer, a network interface, a bus bridge (e.g., a PCI-PCI bridge), sensor(s) (e.g., a motion sensor such as an accelerometer, gyroscope, a magnetometer, a light sensor, compass, a proximity sensor, etc.), or a combination thereof. Optional devices 1908 can further include an imaging processing subsystem (e.g., a camera), which may include an optical sensor, such as a charged coupled device (CCD) or a complementary metal-oxide semiconductor (CMOS) optical sensor, utilized to facilitate camera functions, such as recording photographs and video clips. Certain sensors can be coupled to interconnect 1922 via a sensor hub (not shown), while other devices such as a keyboard or thermal sensor may be controlled by an embedded controller (not shown), dependent upon the specific configuration or design of system 1900.
To provide for persistent storage of information such as data, applications, one or more operating systems and so forth, in one embodiment, a mass storage (not shown) may also couple to processor 1901. In various embodiments, to enable a thinner and lighter system design as well as to improve system responsiveness, this mass storage may be implemented via a solid state device (SSD). However in other embodiments, the mass storage may primarily be implemented using a hard disk drive (HDD) with a smaller amount of SSD storage to act as a SSD cache to enable non-volatile storage of context state and other such information during power down events so that a fast power up can occur on RE-initiation of system activities. Also a flash device may be coupled to processor 1901, e.g., via a serial peripheral interface (SPI). This flash device may provide for non-volatile storage of system software, including a basic input/output software (BIOS) as well as other firmware of the system.
Note that while system 1900 is illustrated with various components of a data processing system, it is not intended to represent any particular architecture or manner of interconnecting the components; as such details are not germane to embodiments of the present invention. It will also be appreciated that network computers, handheld computers, mobile phones, and other data processing systems which have fewer components or perhaps more components may also be used with embodiments of the invention.
Although the present invention has been described with reference to specific exemplary embodiments, it will be evident that various modifications and changes may be made to these embodiments without departing from the broader spirit and scope of the invention as set forth in the claims. Accordingly, the specification and drawings are to be regarded in an illustrative rather than a restrictive sense.
