TW588531B - Smart card enabled mobile personal computing environment system - Google Patents

Abstract

A smart card enabled mobile personal computing environment system stores a user's personalized, fully functional, computing environment in a smart card. A user information database is provided that is resident on a server and contains the user records of a plurality of users containing personal computing environment data with the amount of data in the user record generally larger than the storage capacity of a smart card. The user to specifies the information required to configure the client to the user's preferred personal computing environment. If the correct personal computing environment data is not resident in the smart card, the client queries the server for the information needed and updates the smart card with the new data. The user also manages his personal computing environment data stored on the smart card and the user information database. The server gives the client access to the user's records through a secure Web site. The user accesses his data, adds, modifies, and/or deletes information and transfers data to his smart card via the secure Web site. If the client has a slow or temporary connection with the server, the client is able to accommodate the user's data management needs by downloading the user's records stored on the server's user information database. The user can then manage his data without a connection to the server. Any changes to the user's records are later sent to the server to update the user information database.

Description

五、發明說明（1 ) 本發明係有關於在電腦環境中之移動式計算。更特別 的是有關於在智慧切儲存、f理與擷取移動式電腦使用 者之個人個人計算環境。 目别的計算環境一般要求使用者攜帶膝上型或筆記型 攜帶式電腦以在移動位置時維持完整功能之真實個人計算 環境。雖然膝上型與筆記型電腦的實體較小，但比較上還 疋笨重的動式電腦的使用者持續i也尋找較小且較輕的 裝置來提供及維持其個人計算環境。 最近旱文顯著的市場普遍性之較小且較輕的裝置例子 為個人數位助理（pDA)。然而，雖然PDA比膝上型與筆記 型電腦較小且較輕並提供個人計算環境，但其未提供桌上 型、膝上型或筆記型攜帶式電腦之個人化完整功能。 例如，當PDA由電腦使用者具有完整功能計算環境中 被去掉時，該PDA必須用資料之更新影像被載入用於如地 =薄、日曆、電子郵件等之此環境的永久部分。類似地， 虽PDA回到完整功能之計算環境時，自從離開完整功能之 計算環境已被改變之PDA中的資料必須由pDA被傳送與 (或）等時化回到使用者之正常電腦，反之亦然。 能存取網際網路之桌上型電腦在全世界工業化國家中 為到處存在的。電腦使用者在旅行時經常可取得此種電腦 並使用電腦存取網際網路與全世界溝通。此電腦可在充分 貝料與適當地組配下以完整功能的個人計算環境提供給移 動式的電腦使用者。然而在遠端或短暫位置（如機場資訊亭 或過夜住宿）建立移動式電腦使用者之完整功能的個人計 五、發明說明（2) 算環境需要巨大數量之高度詳細資訊的無錯誤登錄以組配 此區域性電腦。 所以組配一區域性電腦提供移動式電腦使用者完整功 能的個人計算環境所需之資訊數量比起所獲得之利益不成 比例地大。後果為目别未存在任何便利的硬體與軟體允許 移動式電腦使用者在世界各地帶著其個人完整功能的個人 計算環境在不同電腦間移動。 目刖，智慧卡主要被用以促進財務交易。然而，由於 智慧卡包括至少有限數量之非依電性可讀取及可寫出之記 憶體且亦可包括-可程式的處理器，其除了財務交易外先 天上擁有其他用途之能力。儲存資料至智慧卡内、存取此 二貝料、與啟動智慧卡之處理器以執行電腦程式都要求該智 慧卡與某種型式的閱讀機/終端機被相互連接。此智慧卡特 徵限制其在移動式計算用途擴大的潛力，原因在於目前不 存在支援智慧卡在非財務交易用途之基礎設施。 提供智慧卡致動之個人計算環境系統允許使用者儲 存、運送智慧卡中之個人計算環境及使用該智慧卡組配電 月61之计算環i兄為有益的。提供智慧卡致動之個人計算環境 系統來創立基礎設施用於管理智慧卡上之使用者個人計算 環境資料是進一步有益的。 本發明提供一種智慧卡致動之移動式個人計算環境系 統。該系統允許使用者經由智慧卡來儲存、輸送及組配其 個人计算環境。此外，本發明提供一安全的基礎設施用於 在智慧卡上管理使用者之個人計算環境資料。該使用者之 五、發明說明（3) 個人計算環境資料由該智慧卡被讀取且被用以組配一用戶 之電腦。 本發明之較佳實施例在一智慧卡儲存使用者之個人化 凡整功能的計算環境。—使用者:#訊資料庫被提供，其駐 於一伺服器上並含有數個使用者之使用者記錄。每一使用 者記錄含有個人計算環境資料。使用者記錄中之資料數量 一般大於智慧卡之儲存容量。 本發明允許使用者定出組配該用戶至該使用者之較佳 個人計算環境所需的資訊。若正確的個人計算環境資料未 駐於該智慧卡内，該用戶為所需的資訊查詢該伺服器並以 新的資料更新該智慧卡。若智慧卡記㈣被建播，該用戶 以一種「在最近最少被使用」之方法由該智慧卡去除舊的 指標直至有足夠的空間添加新的資料為止。 該使用者亦管理儲存在智慧卡與使用者資訊資料庫上 之其個人計算環境資料。該使用者被允許增加其使用者記 錄之大小以儲存更多資訊及創立多組個人計算環境資料。 伺服器透過安全的Web網站給予用戶對使用者記錄之 存取權。該使用者存取其資料、添增、修改與（或）刪除資 訊並經由該安全網站傳送資料至其智慧卡。 若用戶具有與伺服器之慢速或暫時的連接，該用戶能 容納該使用者之資料管理需求。該用戶下載所儲存之使用 者記錄至伺服器之使用者資訊資料庫。然後該使用者便可 以不需與伺服器連接地管理其資料。對使用者記錄之任何 改變猶後被送至祠服器以更新該使用者資訊資料庫。 五、發明說明（4) 具有使用者資訊資料庫之冗餘複製的數個伺服器在有 任何伺服器故障之情形中被使用。該等伺服器之一根據使 用者之使用型態被指定為該使用者之主要區域伺服器。該 用戶在獲取資料時實施伺服器間之負載平衡，且若該主要 饲服器故障或無法存取時自動地切換至其他伺服器。 本發明之其他層面與優點將由下列詳細描述結合以釋 例方式說明本發明之原理的附圖而變得明白的。 第1圖為依據本發明當使用者定出其個人計算環境所 需之指標時用戶至伺服器交換之執行流程的流程圖； 第2圖為依據本發明當使用者定出其個人計算環境所 需之指標時用戶至伺服器交換之執行流程的流程圖； 第3圖為依據本發明用於管理一伺服器資料庫與一智 慧卡間之使用者個人計算環境資料的概要 之流程圖； 第4圖顯示依據本發明在一用戶與一伺服器上為可存 取之使用者的指標之示意方塊圖； 第5圖顯示依據本發明在一用戶與一伺服器間使用者 指標之交換的示意方塊圖； 第6圖顯示依據描述當一使用者指標被刪除時該使用 者智慧卡、用戶、伺服器與一冗餘伺服器間的資料交換之 示意方塊圖； 第7圖為一示意方塊圖揭示當對特定使用者負責之伺 服器在該使用者依據本發明被遷移時被切換的情境； 第8圖為本發明較佳實施例之工作導向觀點的示意方 塊圖顯示依據本發明之用於以個人環境為基礎的資料管理 五、發明說明（5) 系統之用戶與伺服器工作；以及 第9圖為本發明較佳實施例之工作導向觀點的示意方 塊圖，顯讀據本發明之用独用戶為基礎的資料管理系 統之用戶與伺服器工作。 η 本發明在電腦環境之由智慧卡致動的個人計算環境系 統中被實施。依據本發明之系統允許使用者經由一智慧卡 來儲存、輸送及組配其個人計算環境。此外，本發明為智 慧卡上之使用者個人計算環境資料管理提供一安全的基礎 設施。 本發明以極端緊緻的系統提供給一移動式電腦使用 者，還允許使用者在世界各地攜帶足夠的機器可讀取之資 料以容易地建立其完整功能的移動式個人計算環境。 本發明之一較佳實施例在一智慧卡中儲存足夠的資訊 以允許將一移動式電腦使用者之完整功能的移動式個人計 算環境特徵化。移動式個人計算環境供應的資訊會隨系統 至系統而不同。然而，儲存在智慧卡的資訊數量足以為使 用者創立一致的計算環境。如作業系統偏好、最愛的 網站、電子郵件地址、***資訊、ISp資訊、程式偏好、 程式環境等之資訊被儲存於該智慧卡内。 參照第1圖，當使用者開始使用一用戶電腦時，該使 用者透過在開機之自動開始（步驟10丨）或透過手動開始（步 驟102)來啟動本發明之用戶電腦程式。一智慧卡閱讀機/ 終端機被連接至該使用者之電腦或駐於其中，讀取該使用 者之智慧卡。該用戶電腦程式由智慧卡擷取指標（步驟 五、發明說明（6) 103)。該使时透過本發明之❹者介面^本發明所需 之資料(步驟104)以至少建立其移動式個人環境之一； 分。 本發明尋找該智慧卡以決定特定的資料是否在智慧卡 之區域記憶體出現（步驟1〇5)。若該特定資料在智慧卡之記 憶體内時，則本發明由智慧卡擷取資料以便本發明之後續 使用（步驟1G6)。若該特定資料不在智慧卡之記憶體内時， 則本發明經由網際網路或其他方法存取一安全的伺服器， 其儲存額外的資料以更完整地將該移動式電腦使用者之完 整功能的個人計算環境特徵化（步驟1〇8)。然後本發明由該 伺服器擷取該特定資料以便本發明之後續使用（步驟ι〇9) 並更新該智慧卡（步驟110)。若該資料不在伺服器内時（步 驟108)，則其為由使用者來之新資料而必須被記錄及被用 以存取網際網路（步驟11丨）。 針對第2圖，在已由智慧卡、伺服器或直接由使用者 擷取所需之資料下，用戶電腦程式使用該資料來構建統一 資源***（URL)(步驟201)，且可能的話收集立即直接存 取網際網路網站所需之使用者名稱、密碼與網際網路書籤 資料’此構成移動式電腦使用者之移動式個人環境的至少 某些部分（步驟202)。 使用以此方式被構建之資料下，然後本發明建立一 URL命令並將之送至網際網路（步驟203)。該等URL、使 用者名稱 '密碼與網際網路網站書籤資料若完整的話會允 許移動式電腦使用者登入特定的網際網路網站（步驟 588531 五、發明說明（7 ) 204) ’並立刻前進到此網際網路網站之特定網頁（步驟 2〇5)。若某些資訊不正確或不完整，在與用URL*存取之 網際網路網站交談下，/該移動式電腦使用者可於必要時鍵 入使用者名稱、密碼與網際網路資料以存取所要的網際網 路網頁（步驟207, 208)，或可透過圖形使用者介面（Gm) 供應此資訊，其提供拖曳與放下能力（步驟21〇，211)。 參照第3圖，為啟動或更新儲存在智慧卡上之指標， 使用者啟動本發明之用戶電腦程式（步驟3〇1 , 3〇2)，指示 該程式經由網際網路或其他方法存取該伺服器，其儲存將 移動式使用者完整功能的個人計算環境特徵化之額外資訊 (步驟303)。該伺服器允許使用者改變將其移動式個人環境 特徵化之資料（步驟304)，例如添加新的網際網路網站至其 環境。在使用者定出將在其移動式個人環境被進行之改變 後，該伺服器連結該特定的網際網路網站並決定被更新之 指標以便儲存在智慧卡上（步驟3〇5)。 在連結該特定的網際網路網站及更新示意方塊圖在伺 服器之計算環境資訊後（步驟306)，本發明意圖在連結至其 電腦之使用者智慧卡上更新所儲存之指標（步驟3〇7)。若該 智慧卡記憶體已經滿了（步驟3〇9)，則一記錄由儲存在智慧 卡者中被刪除，直至該智慧卡具有足夠自由的記憶體來儲 存該更新後之指標為止（步驟311)。否則，若該智慧卡記憶 體未滿（步驟309)，則更新後之指標立刻被儲存在智慧卡上 (步驟310)。除了在該智慧卡上儲存該更新後之指標外，該 饲服器亦在其資料庫儲存其更新後之指標，此將其移動式 10 588531 五、發明說明（〇 電腦使用者之移動式個人環境特徵化（步驟3〇8)。5. Description of the invention (1) The present invention relates to mobile computing in a computer environment. More special is the personal personal computing environment for users who store, manage and retrieve mobile computers intelligently. Inventory computing environments generally require users to carry a laptop or laptop computer to maintain a fully functional true personal computing environment when moving locations. Although the physical size of laptops and laptops is relatively small, users of relatively bulky mobile computers continue to look for smaller and lighter devices to provide and maintain their personal computing environments. An example of a smaller and lighter device that has recently gained significant market popularity is the personal digital assistant (pDA). However, although PDAs are smaller and lighter than laptops and laptops and provide a personal computing environment, they do not provide the full personalization capabilities of desktop, laptop, or laptop portable computers. For example, when a PDA is removed from a computer user's full-featured computing environment, the PDA must be loaded with updated images of the data for use in permanent parts of the environment, such as ground, calendar, e-mail, and so on. Similarly, although the PDA returns to a fully functioning computing environment, the data in the PDA that has been changed since leaving the fully functioning computing environment must be transferred by pDA and / or isochronized back to the user's normal computer, and vice versa The same is true. Desktop computers with Internet access are found everywhere in industrialized countries around the world. Computer users often have access to such computers while traveling and use them to access the Internet to communicate with the world. This computer can be provided to mobile computer users in a fully-featured personal computing environment with sufficient materials and proper configuration. However, in the remote or short-term location (such as an airport kiosk or overnight accommodation) to establish a full-featured personal computer user of the mobile computer. 5. Description of the invention (2) The computing environment requires a huge amount of highly detailed information without error. With this regional computer. So the amount of information needed to assemble a regional computer to provide the full functionality of a mobile computer user's personal computing environment is disproportionately greater than the benefits obtained. The consequence is that no convenient hardware or software exists to allow mobile computer users to move their personal computing environments around the world with their fully functional personal computers. At present, smart cards are mainly used to facilitate financial transactions. However, since the smart card includes at least a limited number of non-electrically readable and writable memories and can also include a -programmable processor, it has the inherent ability to use for other purposes besides financial transactions. Storing data in the smart card, accessing the data, and activating the processor of the smart card to run computer programs require the smart card to be connected to a reader / terminal of some type. This smart card feature limits its potential for expanding use in mobile computing because there is currently no infrastructure to support smart cards for non-financial transaction uses. It is beneficial to provide a smart card-actuated personal computing environment system that allows users to store and transport the personal computing environment in the smart card and use the smart card group to distribute the computing environment. It is further beneficial to provide a smart card-actuated personal computing environment system to create an infrastructure for managing user personal computing environment data on smart cards. The invention provides a mobile personal computing environment system activated by a smart card. The system allows users to store, transport, and configure their personal computing environments via smart cards. In addition, the present invention provides a secure infrastructure for managing user's personal computing environment data on a smart card. Fifth, the user's invention description (3) The personal computing environment data is read by the smart card and used to configure a user's computer. A preferred embodiment of the present invention stores a user-friendly computing environment in a smart card. —Users: # 讯 信息 库 is provided, which resides on a server and contains user records of several users. Each user record contains personal computing environment data. The amount of data in the user record is generally greater than the storage capacity of the smart card. The present invention allows a user to determine the information needed to match the user to a better personal computing environment for the user. If the correct personal computing environment data does not reside in the smart card, the user queries the server for the required information and updates the smart card with new data. If a smart card is created and broadcast, the user removes the old indicators from the smart card in a "least recently used" method until there is enough space to add new data. The user also manages his personal computing environment data stored on the smart card and user information database. The user is allowed to increase the size of his user record to store more information and create multiple sets of personal computing environment data. The server gives users access to user records through a secure Web site. The user accesses his data, adds, modifies and / or deletes information and sends the data to his smart card via the secure website. If the user has a slow or temporary connection to the server, the user can accommodate the user's data management needs. The user downloads the stored user record to the server's user information database. The user can then manage his data without having to connect to a server. Any changes to the user record are sent to the temple server to update the user information database. 5. Description of the invention (4) Several servers with redundant copies of the user information database are used in the event of any server failure. One of these servers is designated as the user's primary area server based on the usage pattern of the user. The user implements load balancing among servers when obtaining data, and automatically switches to another server if the main feeder fails or cannot be accessed. Other aspects and advantages of the invention will become apparent from the following detailed description taken in conjunction with the accompanying drawings, which illustrate the principles of the invention by way of example. FIG. 1 is a flowchart of a user-to-server exchange execution flow when a user determines an index required by his personal computing environment according to the present invention; FIG. 2 is a flow chart of an execution process when a user determines his personal computing environment according to the present invention Flow chart of the execution flow of user-to-server exchange when required indicators are shown; Figure 3 is a flowchart of an overview of user personal computing environment data for managing a server database and a smart card according to the present invention; Fig. 4 shows a schematic block diagram of an index of a user that is accessible on a user and a server according to the present invention; Fig. 5 shows a schematic diagram of the user index exchange between a user and a server according to the present invention Block diagram; Figure 6 shows a schematic block diagram describing the data exchange between a user's smart card, user, server, and a redundant server when a user indicator is deleted; Figure 7 is a schematic block diagram Reveal the situation when the server responsible for a specific user is switched when the user is migrated according to the present invention; FIG. 8 is a schematic view of a work-oriented perspective of a preferred embodiment of the present invention Block diagram showing data management based on personal environment according to the present invention V. Description of the invention (5) User and server work of the system; and FIG. 9 is a schematic block diagram of a work-oriented perspective of a preferred embodiment of the present invention The figure shows the user and server work of the single user-based data management system according to the present invention. η The invention is implemented in a personal computing environment system in a computer environment that is actuated by a smart card. The system according to the present invention allows users to store, transport, and configure their personal computing environment via a smart card. In addition, the present invention provides a secure infrastructure for user personal computing environment data management on smart cards. The present invention is provided to a mobile computer user in an extremely compact system, and also allows the user to carry enough machine-readable data around the world to easily establish a fully functional mobile personal computing environment. A preferred embodiment of the present invention stores sufficient information in a smart card to allow the full-featured mobile personal computing environment of a mobile computer user to be characterized. The information provided by a mobile personal computing environment varies from system to system. However, the amount of information stored on smart cards is sufficient to create a consistent computing environment for users. Information such as operating system preferences, favorite websites, email addresses, credit card information, ISp information, program preferences, program environment, etc. are stored in the smart card. Referring to FIG. 1, when a user starts to use a user computer, the user starts the user computer program of the present invention through automatic start (step 10 丨) or manual start (step 102) when the user starts up. A smart card reader / terminal is connected to or resides in the user's computer and reads the user's smart card. The user's computer program retrieves the indicators from the smart card (step V, invention description (6) 103). The user can establish at least one of his mobile personal environment through the user interface of the present invention ^ information required by the present invention (step 104); The present invention looks for the smart card to determine whether specific data appears in the area memory of the smart card (step 105). If the specific data is in the memory of the smart card, the present invention retrieves the data from the smart card for subsequent use of the present invention (step 1G6). If the specific data is not in the memory of the smart card, the present invention accesses a secure server via the Internet or other methods, which stores additional data to more completely complete the full functions of the mobile computer user Characterize your personal computing environment (step 108). The server then retrieves the specific data by the server for subsequent use of the invention (step 09) and updates the smart card (step 110). If the data is not in the server (step 108), it must be recorded and used to access the Internet as new data from the user (step 11 丨). For the second figure, after the required data has been retrieved by the smart card, server, or directly by the user, the user computer program uses the data to build a uniform resource locator (URL) (step 201), and collects it if possible Immediate and direct access to the username, password, and Internet bookmark data required for the Internet site 'constitutes at least some of the mobile personal environment of the mobile computer user (step 202). Using the data constructed in this way, the present invention then creates a URL command and sends it to the Internet (step 203). Such URLs, usernames, 'passwords, and Internet site bookmark data, if complete, will allow mobile computer users to log in to specific Internet sites (step 588531, invention description (7) 204)' and proceed immediately to Specific pages of this Internet site (step 205). If certain information is incorrect or incomplete, the user of the mobile computer can type in a username, password, and Internet data to access it when talking to an Internet site accessed with URL * The desired Internet page (steps 207, 208), or this information can be provided through a graphical user interface (Gm), which provides drag and drop capabilities (steps 21, 211). Referring to FIG. 3, in order to activate or update the indicators stored on the smart card, the user starts the user computer program of the present invention (steps 301, 302), and instructs the program to access the program via the Internet or other methods. A server that stores additional information that characterizes the fully functional personal computing environment of the mobile user (step 303). The server allows users to change the information that characterizes their mobile personal environment (step 304), such as adding a new Internet site to their environment. After the user has determined that changes will be made in his mobile personal environment, the server connects to that particular Internet site and decides to update the indicators for storage on the smart card (step 305). After linking the specific Internet website and updating the schematic block diagram of the server's computing environment information (step 306), the present invention intends to update the stored indicators on the user's smart card connected to its computer (step 3). 7). If the smart card memory is full (step 309), a record is deleted from the smart card holder until the smart card has enough free memory to store the updated indicator (step 311) ). Otherwise, if the memory of the smart card is not full (step 309), the updated index is immediately stored on the smart card (step 310). In addition to storing the updated indicator on the smart card, the feeder also stores its updated indicator in its database, which will be mobile 10 588531 V. Description of the invention (0 Mobile personal of computer users Environmental characterization (step 308).

若伺服器之資料庫中未使用之儲存的數量足以儲存更 新後之指標（步驟312)時，則資訊被儲存於資料庫内（步驟 313)。否則，伺服器首先為使用者提供為其指標分配更多 伺服器儲存之機會（步驟3 14)。若伺服器拒絕額外儲存之提 供，則伺服器由資料庫刪除一記錄至伺服器具有足夠自由 記憶體來儲存更新後之指標為止（步驟316)。然後伺服器將 更新後之指標加到儲存在資料庫中之指標（步驟315)。若使 用者接受額外儲存之提供（步驟3 14),則新的指標被加到伺 服器之資料庫（步驟315)。該移動式電腦使用者能在必要時 起始地定出更新資料，此將其移動式個人環境特徵化。 熟習本技藝者將易於了解到雖然移動式電腦使用者之 個人化電腦環境特定地在上面被提及，任何其他型式之資 訊，如人事資料、財務資料、作業系統、電腦人格、視訊 與（或）音頻資料等均容易地在其位置被取代。If the amount of unused storage in the server's database is sufficient to store the updated indicator (step 312), the information is stored in the database (step 313). Otherwise, the server first gives users the opportunity to allocate more server storage for their metrics (steps 3 to 14). If the server refuses to provide additional storage, the server deletes a record from the database until the server has enough free memory to store the updated indicators (step 316). The server then adds the updated indicators to the indicators stored in the database (step 315). If the user accepts the provision of additional storage (step 3 14), the new indicator is added to the database of the server (step 315). The user of the mobile computer can initially determine the update data when necessary, which characterizes his mobile personal environment. Those skilled in the art will readily understand that although the personal computer environment of mobile computer users is specifically mentioned above, any other type of information such as personnel data, financial information, operating system, computer personality, video and / or ) Audio materials etc. are easily replaced in their place.

針對第4圖，本發明提供一種基礎設施允許就財務交 易外之用途使用智慧卡。智慧卡4〇4經由網際網路、外部 網路或内部網路402與智慧卡閱讀機/終端機通訊而相互 連接。電腦使用者使用此裝置4〇1為某些計算功能定出特 徵饭疋《亥閱讀機/終端機被連接至使用者之個人電腦，用 於疋出计算功能之指標被儲存至此電腦記憶體403内。同 時，該指標經由網際網路、外部網路或内部網路4〇2,4〇5， 406被儲存至智慧卡404或可存取之祠服器。 參照第5圖，由於智慧卡擁有的記憶體數量有限，智 11 588531With respect to Figure 4, the present invention provides an infrastructure that allows the use of smart cards for purposes other than financial transactions. The smart card 404 communicates with the smart card reader / terminal via the Internet, extranet, or intranet 402 to communicate with each other. Computer users use this device 401 to define features for certain computing functions. "Hai readers / terminals are connected to the user's personal computer, and the indicators used to figure out the computing functions are stored in this computer memory 403 Inside. At the same time, the indicator is stored to the smart card 404 or an accessible temple server via the Internet, extranet or intranet 4402,405,406. Referring to Figure 5, due to the limited amount of memory the smart card has, the smart card 11 588531

五、發明說明（9) 慧卡僅儲存一部分的電腦使用者之總指標。當這些指標完 全地填入可用的智慧卡記憶體504，額外的另一指標造成 最不是近來被使用之指標由智慧卡記憶體5〇4被刪除。然 而’由於飼服器原則上比智慧卡504可儲存更多指標5〇5， 由智慧卡504被棄置之指標可保持在伺服器5〇2,506被儲 存且為可存取的。在此方式下，智慧卡504承載之指標將 各別電腦使用者503，505所定出之計算功能至少一部分特 徵化’而使得這些功能在任何適當地被規劃程式之智慧卡 閱讀機/終端機對全世界的電腦使用者為可存取的。 針對第6圖，在存取預先定出之電腦功能中，智慧卡 604被置於適當地被規劃程式之智慧卡閱讀機/終端機中， 儲存於智慧卡604中之指標由此被傳送至此閱讀機/終端 機或主電腦裝置之記憶體603。若所要求之指標未在智慧 卡之記憶體604出現，則伺服器602經由網際網路、外部 網路或内部網路607存取伺服器602以擷取儲存於此之指 標606。由於自伺服器602擷取特定的指標使其成為最近 被使用之指標，裝置601傳送該指標至裝置之記憶體603 二者，並以最近被使用之指標取代在智慧卡之記憶體6〇4 内最不是近來被使用之指標605。若新的指標在資料庫606 為滿的時被加到伺服器資料庫606，該系統棄置最不是近 來被使用之指標608，或可能的話讓使用者選擇如上述地 為其記錄分配更多的伺服器記憶體。 本發明之另一較佳實施例增加一備份伺服器609，其 含有被主伺服器602服務之整個使用者資料庫606之一致 12 588531 五、發明說明（ίο) 的複製。若該主伺服器602故障，該備份伺服器609會取 代之。該備份伺服器之資料庫61〇與外部介面611對主伺 服器602成份元件為相同的。 此外，數個伺服器可配合負載平衡被使用以處置大量 的用戶要求。用戶可藉由自每一伺服器使用例如回應時間 (RTT)在伺服器間實施其本身的負載平衡以決定最佳選 擇。若為使用者服務之主伺服器故障或則為不可存取的 時，則用戶將自動地切換至另一伺服器。 參照第7圖，為了有效率地運用在整個世界各種位置 分配的伺服器資源，本發明記錄世界中之位置，使用者由 此存取其移動式個人環境。記錄此資料允許伺服器合理地 決定已由一處移至他處之使用者，如由美國至日本。例如， 若先前大多由美國處所701，702，703存取其移動式個人 % 土兄704之使用者忽然開始在如一、兩個月之延續時段存 取整個由日本處所706，707，708之環境704，709 ,則伺 服器704可合理地決定該使用者已由美國搬到日本。若伺 服器704決定使用者已遷移其住所且若有另一個伺服器 709實體上較靠近使用者新住所，則在伺服器7〇4，7〇9二 者上作業之系統由更遠的伺服器7〇4有效地傳送使用者之 移動式個人環境指標705至較靠近的伺服器709。 針對第8圖，本發明之較佳實施例的高階工作觀點被 顯示。使用者將其智慧卡805***被連接至之用戶電腦或 所駐於此之智慧卡閱讀機。組配用戶系統模組8〇6透過讀 取/寫出智慧卡模組803閱讀智慧卡805。組配用戶系統模V. Description of the invention (9) The smart card stores only a part of the total index of computer users. When these indicators are completely filled into the available smart card memory 504, an additional indicator causes the least recently used indicator to be deleted from the smart card memory 504. However, since the feeder can, in principle, store more indicators 505 than the smart card 504, the indicators discarded by the smart card 504 can be kept at the server 502,506 and stored and accessible. In this way, the indicators carried by the smart card 504 characterize at least a part of the computing functions set by the respective computer users 503, 505 ', so that these functions are properly programmed in any smart card reader / terminal pair Computer users around the world are accessible. As shown in FIG. 6, in accessing a predetermined computer function, the smart card 604 is placed in a smart card reader / terminal that is appropriately programmed, and the indicators stored in the smart card 604 are transmitted here. Memory 603 of reader / terminal or host computer device. If the requested index does not appear in the memory 604 of the smart card, the server 602 accesses the server 602 via the Internet, an external network, or an internal network 607 to retrieve the index 606 stored therein. Since a specific indicator is retrieved from the server 602 to make it the most recently used indicator, the device 601 sends the indicator to both the device's memory 603 and replaces the memory in the smart card with the recently used indicator 604 Is the least recently used indicator 605. If a new indicator is added to the server database 606 when the database 606 is full, the system discards the indicator 608 that was least recently used or, if possible, allows the user to choose to allocate more of their records as described above Server memory. In another preferred embodiment of the present invention, a backup server 609 is added, which contains the entire user database 606 served by the main server 602. 12 588531 5. Copy of the invention description (ίο). If the main server 602 fails, the backup server 609 will replace it. The database 61 of the backup server and the external interface 611 to the main server 602 are the same. In addition, several servers can be used with load balancing to handle a large number of user requirements. Users can decide their best choice by implementing their own load balancing between the servers using, for example, response time (RTT) from each server. If the main server serving the user fails or is inaccessible, the user will automatically switch to another server. Referring to Figure 7, in order to efficiently use server resources allocated in various locations throughout the world, the present invention records locations in the world, from which users access their mobile personal environment. Recording this information allows the server to make reasonable decisions about users who have moved from one place to another, such as from the United States to Japan. For example, if the majority of users who previously accessed their mobile personal 701, 702, 703 in the United States, the local brother 704 suddenly started to access the entire environment from the Japanese premises 706, 707, 708 for a period of one or two months 704, 709, the server 704 can reasonably decide that the user has moved from the United States to Japan. If server 704 decides that the user has moved their residence and if there is another server 709 physically closer to the user's new residence, the system operating on both servers 704 and 709 is served by a farther server The server 704 effectively transmits the user's mobile personal environmental indicator 705 to the closer server 709. With respect to Fig. 8, a high-level working viewpoint of a preferred embodiment of the present invention is shown. The user inserts his smart card 805 into the connected user's computer or the smart card reader where it resides. The user system module 806 is configured to read the smart card 805 by reading / writing the smart card module 803. Configure user system modules

588531 五、發明說明（11 ) 組806自動地組配該用戶電腦為使用者之個人計算環境， 或透過使用者介面由智慧卡805就所需的資訊查詢使用者 以組配使用者之個人計算環境（如上述者），視使用者偏好 之設定而定。 使用者亦可管理儲存在其智慧卡805與伺服器資料庫 811上之指標。伺服器介面模組8〇1與含有使用者資訊之 女全的伺服器通訊。此通訊係透過安全的Web網站在伺服 器上之管理使用者資訊模組807被提供。該管理使用者資 訊模組807顯示儲存在伺服器資料庫8丨丨上之使用者的指 標。該使用者透過該安全的Web網站要求其指標。其指標 由伺服器資料庫811被尋找使用者資訊模組81〇擷取。該 哥找使用者資訊模組810轉送該指標資訊至管理使用者資 式模組807。駐於使用者智慧卡8〇5之指標透過伺服器介 面801被送至管理使用者資訊模組該智慧卡指標與 由伺服器資料庫811來之使用者指標被比較使用者資訊模 組808比較’其將二來源間定出相關並比較任何差異。管 理使用者資訊模組807透過安全的Web網頁顯示該資訊至 該使用者。 使用者可透過使用者介面模組802連接至安全網頁來 創立（就新的使用者而言）、添增、刪除及更新其指標。伺 服器資料庫811之指標透過更新使用者記錄模組809被更 新。智慧卡指標透過伺服器介面8 01被管理使用者資訊模 組807更新。伺服器介面801送出更新資訊至更新智慧卡 模組804。更新智慧卡模組透過讀取/寫出智慧卡模組8〇3 14 588531 五、發明說明（l2) 寫出該資訊至智慧卡8〇5。 此外’使用者指標記錄由一伺服器至更多區域伺服器 之任何傳送（假設使用者搬遷至另一處所的情形）被管理伺 服器資料庫模組812實施。 參照第9圖，本發明之另一較佳實施例被顯示，其除 了用戶具有性質上最可能是暫時性之伺服器模組（例如撥 接數據機連接）外，實施與第8圖描述相同之基本功能。第 8與9圖間之作業差異在於使用者何時管理其智慧卡與伺 服器資料庫上之指標。用戶透過管理使用者資訊模組9〇1 連接至伺服器上之用戶介面模組908。用戶介面模組908 為管理使用者資訊模組901收集使用者之指標。使用者記 錄由伺服器資料庫911被尋找使用者資訊模組91〇擷取。 一旦使用者指標被管理使用者資訊模組9〇 1接收，該 用戶可由該伺服器解除連接且該使用者在以與用戶離線地 管理其指標。比較使用者資訊模組907以與上述相同的方 式作業。由伺服器資料庫911與智慧卡905被獲取之資訊 透過使用者介面902被顯示給使用者。在使用者已更新其 指標且對伺服器資料庫911之使用者記錄的任何改變被要 求後，該用戶與伺服器之用戶介面9〇8重新連接。伺服器 資料庫911被更新使用者記錄模組9〇9以任何改變加以更 新。 本發明還有之另一較佳實施例將整個伺服器資料庫 911加密。每一使用者記錄被各別的加密，使得若一使用 者記錄被駭客模組並解密，其他的使用者記錄不會以任何588531 V. Description of the invention (11) Group 806 automatically configures the user's computer as the user's personal computing environment, or through the user interface, the smart card 805 queries the user for the required information to configure the user's personal computing The environment (such as the above) depends on the user's preferences. Users can also manage indicators stored on their smart cards 805 and server database 811. The server interface module 801 communicates with a server that contains user information. This communication is provided through a secure Web site management server information module 807 on the server. The management user information module 807 displays the user's indicators stored on the server database 8 丨 丨. The user requests its indicators through the secure Web site. The index is retrieved from the server database 811 by the search user information module 810. The brother finds the user information module 810 and forwards the indicator information to the management user information module 807. The indicator resident in the user's smart card 805 is sent to the management user information module through the server interface 801. The smart card indicator is compared with the user indicator from the server database 811 and compared with the user information module 808. 'It sets the correlation between the two sources and compares any differences. The management user information module 807 displays the information to the user through a secure Web page. A user can connect to a secure web page through the user interface module 802 to create (for new users), add, delete, and update their metrics. The index of the server database 811 is updated by updating the user record module 809. The smart card index is updated by the managed user information module 807 through the server interface 8 01. The server interface 801 sends the update information to the update smart card module 804. Update the smart card module by reading / writing the smart card module 803 14 588531 V. Description of the invention (l2) Write the information to the smart card 805. In addition, any transmission of user indicator records from one server to more regional servers (assuming the user moves to another location) is implemented by the management server database module 812. Referring to FIG. 9, another preferred embodiment of the present invention is shown. The implementation is the same as that described in FIG. 8 except that the user has a server module (such as a dial-up modem connection) that is most likely to be temporary in nature. Basic functions. The difference between Figures 8 and 9 is when users manage the indicators on their smart card and server databases. The user connects to the user interface module 908 on the server through the management user information module 901. The user interface module 908 collects user indicators for the management user information module 901. The user record is retrieved from the server database 911 by the search user information module 91. Once the user index is received by the management user information module 901, the user can be disconnected by the server and the user is managing his index offline with the user. The comparison user information module 907 operates in the same manner as described above. The information obtained from the server database 911 and the smart card 905 is displayed to the user through the user interface 902. After the user has updated his indicators and any changes to the user record of the server database 911 are required, the user reconnects with the server's user interface 908. The server database 911 is updated with the updated user record module 909 with any changes. Yet another preferred embodiment of the present invention encrypts the entire server database 911. Each user record is individually encrypted, so that if one user record is decrypted by the hacker module, the other user records will not

五、發明說明（13) 方式被連累。使用者5己錄之實際加密被用戶實施。管理使 用者資訊模組901由伺服器擷取使用者之加密的記錄。若 此失敗，則使用者必須創立新的記錄來存取。該伺服器使 用智慧卡905之ID透過尋找使用者資訊模組91〇來尋找及 擷取使用者記錄。該伺服器不知道該記錄之内容是什麼， 只知該記錄屬於該使用者（很像是保管箱）。該記錄經由用 戶介面模組908被送回給用戶。V. Description of the invention (13) The method is involved. The actual encryption recorded by user 5 is implemented by the user. The management user information module 901 retrieves the user's encrypted records from the server. If this fails, the user must create a new record to access it. The server uses the ID of the smart card 905 to find and retrieve user records through the user information module 910. The server does not know what the record is, only that the record belongs to the user (much like a safe deposit box). This record is returned to the user via the user interface module 908.

管理使用者資訊模組901使用儲存在智慧卡9〇5之智 慧卡905的加密鍵資訊將使用者記錄解密。每一智慧卡為 獨一的，且該加密鍵僅存在於特定的智慧卡而非伺服器 上。一旦使用者已對記錄中之指標完成任何改變，管理使 用者資訊模組901使用智慧卡9〇5上的加密鍵資訊將使用 者記錄加密，並將該記錄送回給伺服器。用戶介面模組9〇8 將加密後之記錄送至更新使用者記錄模組9〇9，其在伺服 器資料庫内以此新的加密後之記錄取代該使用者記錄。The management user information module 901 uses the encryption key information of the smart card 905 stored in the smart card 905 to decrypt the user record. Each smart card is unique, and the encryption key exists only on a specific smart card and not on the server. Once the user has made any changes to the indicators in the record, the management user information module 901 encrypts the user record using the encryption key information on the smart card 905 and sends the record back to the server. The user interface module 908 sends the encrypted record to the updated user record module 009, which replaces the user record with the new encrypted record in the server database.

此做法確保使用者記錄與智慧卡之一對一的映對，伺 服器資料庫911中之每-使用者記錄僅可被特定的智慧卡 解密。其亦確保伺服器資料庫911為安全的且不會容易地 受到連累。人侵者必須實體上具有每_張現存之智慧卡以 破壞整個資料庫。 若使用者遺失其智慧+，則有將智慧卡變形（m〇rph) 或重製之程序。使用者***新的智慧卡9〇5至用戶系統 内。該系統透過使用者♦面模組9G2讓使用者以與其首次 創立原始智慧卡相同的方式鍵人其個人資訊。然後新的智 16 五、發明說明（14) 慧卡905被啟動且加密鍵被重製。新智慧卡之id由使用者 介面模組902經過管理使用者資訊模組額被送至用戶介 面模組908。更新使用者記錄模组9〇9由祠服器資料庫9ΐι 上之使用者記錄去除原始智慧卡之ID並以新智慧卡之m 取代之。一旦此被完成，則使用者介面模組9〇2經由讀取/ 寫出智慧卡模組903將加密鍵置於新的智慧卡9〇5内。該 使用者之智慧卡現在已被重製且原來的智慧卡失效。 使用者有能力同步實施第8與9圖之伺服器功能。此 允許伺服器處置安全的Web存取與具有暫時性伺服器連接 之用戶。 熟習本技藝者將易於了解，雖然用戶與伺服器在上面 分離地被描述，用戶與伺服器二者可駐於同一實體機器 内0 雖然本發明在此處以參照較佳實施例被描述，熟習本 技藝者將易於了解其他應用可不偏離本發明之精神與領域 地取代此處被設立者。因之，本發明應僅被下面涵括之申 請專利範圍所限定。 元件標號對照 表 元件編號 譯 名 元件編號 譯 101 步驟 106 步驟 102 步驟 107 步驟 103 步驟 108 步驟 104 步驟 109 步驟 105 步驟 110 步驟 名 17 588531 五、發明說明（is 元件編號 譯 111 步驟 201 步驟 202 步驟 203 步驟 204 步驟 205 步驟 206 步驟 207 步驟 208 步驟 209 步驟 210 步驟 211 步驟 212 步驟 301 步驟 302 步驟 303 步驟 304 步驟 305 步驟 306 步驟 307 步驟 308 步驟 309 步驟 元件標號對照 名 元件編號 310 311 312 313 314 315 316 401 402 403 404 405 406 501 502 503 504 505 506 601 602 603 表 譯 名 步驟 步驟 步驟 步驟 步驟 步驟 步驟 裝置 網路 記憶體 智慧卡 網路 網路 閱讀機/終端機 伺服器 電腦用戶 記憶體 指標，電腦使用者 伺服器 閱讀機/終端機 伺服器 記憶體 18 588531 五、發明說明（l6) 元件標號 對照 表 元件編號 譯 名 元件編號 譯 名 604 記憶體 806 組配用戶系統模組 605 指標 807 管理使用者資訊模組 606 指標 808 比較使用者資訊模組 607 網路 809 更新使用者記錄模組 608 指標 810 尋找使用者資訊模組 609 伺服器 811 伺服器資料庫 610 伺服器資料庫 812 管理伺服器資料庫模組 611 外部介面 901 管理使用者資訊模組 701 處所 902 使用者介面模組 702 處所 903 讀取/寫出智慧卡模組 703 處所 904 更新智慧卡模組 704 個人環境 905 智慧卡 705 指標 906 組配用戶系統模組 706 處所 907 比較使用者資訊模組 707 處所 908 用戶介面 708 處所 909 更新使用者記錄模組 709 個人環境 910 尋找使用者資訊模組 801 伺服器介面模組 911 伺服器資料庫 802 使用者介面 912 管理伺服器資料庫模組 803 讀取/寫出智慧卡模組 804 更新智慧卡模組 805 智慧卡This practice ensures that the user record is mapped to one of the smart cards, and each user record in the server database 911 can only be decrypted by a specific smart card. It also ensures that the server database 911 is secure and not easily compromised. The invader must physically have every existing smart card to destroy the entire database. If the user loses his wisdom +, there is a process of deforming or recreating the smart card. The user inserts a new smart card 905 into the user system. The system allows users to key their personal information in the same way as the original smart card was first created through the user ’s 9G2 faceplate module. Then the new wisdom 16 V. Description of the invention (14) The smart card 905 is activated and the encryption key is reproduced. The ID of the new smart card is sent to the user interface module 908 by the user interface module 902 through the management user information module amount. Update the user record module 909. The user record on the temple server database 9ΐι removes the ID of the original smart card and replaces it with m of the new smart card. Once this is completed, the user interface module 902 places the encryption key in the new smart card 905 via the read / write smart card module 903. The user's smart card has now been remade and the original smart card is no longer valid. The user has the ability to implement the server functions of Figures 8 and 9 simultaneously. This allows the server to handle secure web access and users with temporary server connections. Those skilled in the art will readily understand that although the user and the server are described separately above, both the user and the server may reside in the same physical machine. Although the present invention is described herein with reference to a preferred embodiment, The skilled artisan will readily understand that other applications may be substituted for those established here without departing from the spirit and field of the invention. Therefore, the present invention should be limited only by the scope of patent application covered below. Component label comparison table Component number translation 101 component 106 step 102 step 107 step 103 step 108 step 104 step 109 step 105 step 110 step name 17 588531 5. Description of the invention (is component number translation 111 step 201 step 202 step 203 step 204 step 205 step 206 step 207 step 208 step 209 step 210 step 211 step 212 step 301 step 302 step 303 step 304 step 305 step 306 step 307 step 308 step 309 step component label comparison name component number 310 311 312 313 314 315 316 401 402 403 404 405 406 501 502 503 504 505 506 601 602 603 Table name translation steps steps steps steps steps steps device network memory smart card network network reader / terminal server computer user memory index, computer user Server reader / terminal server memory 18 588531 V. Description of the invention (l6) Component label comparison table Component number Translation name Component number translation 604 Memory 806 Grouping user system Module 605 Index 807 Manage User Information Module 606 Index 808 Compare User Information Module 607 Network 809 Update User Record Module 608 Index 810 Find User Information Module 609 Server 811 Server Database 610 Server Database 812 Management server database module 611 External interface 901 Management user information module 701 Location 902 User interface module 702 Location 903 Read / write smart card module 703 Location 904 Update smart card module 704 Personal Environment 905 Smart card 705 Index 906 User system module 706 Location 907 Compare user information module 707 Location 908 User interface 708 Location 909 Update user record module 709 Personal environment 910 Find user information module 801 Server interface Module 911 Server database 802 User interface 912 Management server database module 803 Read / write smart card module 804 Update smart card module 805 Smart card

1919

Claims (1)

588531 第91103685號申請”請專利範圍修正本91.8·26. 種用於健# s理與掏取移動式電腦使用者之個人 算環境的方法，該計算環境在-電腦環境中可由-智慧 卡予以攜帶，該方法包含之步驟為： 提供一智慧卡； 由該智慧卡讀取使用者之個人計算環境資料； 依據该個人計算環境資料組配一用戶；以及 其中該個人計算環境資料包括：作㈣統績效、最 愛的Web網站、電子郵件地址、***資訊、ISP資訊、 程式偏好與程式環境，但不限於此β 2·如申請專利範圍第丨項所述之方法，其中該讀取步驟進一 步包含之步驟為： 接受使用者輸入定出組配該用戶為該使用者偏好之 個人計算環境所需的資訊；以及 若該智慧卡不具有組配該用戶為該使用者偏好之足 夠資訊時，由一伺服器擷取正確的個人計算環境資料。 3.如申請專利範圍第2項所述之方法，進一步包含之步驟 在該冬慧卡上儲存正確的個人計算環境資料。 4·如申請專利範圍第1項所述之方法，進一步包含之步驟 提供駐於一祠服器上之使用者資訊資料庫； 其中該使用者資訊資料庫含有數個使用者之使用者 記錄；以及 六、申請專利範圍 、其中錢用者記錄含有之個人計算環境資料大 過該智慧卡之儲存容量。 σ 5.如申請專利範圍第4項所述之方法，進-步包含之步驟 為· 提仏使用者5己錄官理設施用於讓該使用者管理儲存 在該智慧卡與該使用者資訊資料庫上之個人計算環境資 料0 、 6·如申請專利範圍第5項所述之方法，其中該使转記錄管 X %駐於該用戶上，且其中該用戶與該伺服器連接以 擷取該使用者記錄。 7. 如申請專利範圍第5項所述之方法，其中該制者記錄管 理設施料該舰器上，且其中該用戶與㈣服器透過 一安全Web網站連接。 8. 如申請專利範_5項所述之方法，其中該使用者記錄管 理設施給^使用者在該使用者資訊資料庫上擴充該使用 者之使用者記錄的選擇機會。 * 9·如申請專利制第5韻叙料，其巾較时記錄管 理設施定義多組之個人計算環境資料。 邮申請專利範圍第4項所述之方法，其中數個祠服器含有 該使用者資訊資料庫之冗餘複製。 a如申請專利範圍第1〇項所述之方法，其中該用戶在獲取 使用者記錄時實施該等數個伺服器之負載平衡。 12·如申請專利範圍第1〇項所述之方法，其中一祠服器被指 定為該使用者之主要區域伺服器。 588531Application No. 588531 No. 91103685 "Please amend the patent scope 91.8 · 26. A method for health management and personal computing environment of mobile computer users, the computing environment can be provided by-smart card in-computer environment For carrying, the method includes the steps of: providing a smart card; reading the user's personal computing environment data by the smart card; assigning a user based on the personal computing environment data set; and wherein the personal computing environment data includes: System performance, favorite web site, email address, credit card information, ISP information, program preferences and program environment, but not limited to this β 2 · The method described in item 丨 of the scope of patent application, wherein the reading step further includes The steps are: accept user input to determine the information needed to match the user with the personal computing environment preferred by the user; and if the smart card does not have enough information to match the user with the user's preference A server retrieves correct personal computing environment data. 3. The method described in item 2 of the scope of patent application, further comprising steps Store the correct personal computing environment data on the Donghui Card. 4. The method described in item 1 of the scope of patent application, further comprising the steps of providing a user information database residing on a temple server; The user information database contains user records of several users; and 6. The scope of the patent application, in which the personal computing environment data contained in the money user record is greater than the storage capacity of the smart card. Σ 5. If the scope of patent application is the fourth The method described in the above item further includes the steps of: providing a user 5 with a recorded administrative facility for the user to manage personal computing environment data stored on the smart card and the user information database 0 6. The method as described in item 5 of the scope of patent application, wherein the transfer recording tube X% resides on the user, and wherein the user is connected to the server to retrieve the user record. 7. If applying The method described in item 5 of the patent scope, wherein the producer record management facility is located on the ship, and wherein the user and the server are connected through a secure Web site. The method described in the above item, wherein the user record management facility gives the user a choice of expanding the user's user record on the user information database. * 9. If the patent system applies to the 5th rhyme narrative, It records the multiple sets of personal computing environment data defined by the management facility. The method described in item 4 of the scope of the patent application by post, where several temple servers contain redundant copies of the user information database. The method described in item 10 of the scope, wherein the user implements load balancing of these servers when obtaining the user record. 12. The method described in item 10 of the scope of patent application, wherein Designated as the primary area server for this user. 13.如申請專利範圍第12項所述之方法，其中該主要伺服器 根據使用者之使用型態動態地被選擇。 14·如申明專利範圍第12項所述之方法，其中若該主要词服 器故障或無法存取時，該用戶自動地切換至另一伺服器。 15·如申請專利範圍第4項所述之方法，其中每_使用者記錄 使用由特定持有人之智慧卡來的一加密鍵被加密，且其13. The method according to item 12 of the scope of patent application, wherein the main server is dynamically selected according to the usage pattern of the user. 14. The method described in claim 12 of the patent scope, wherein if the main server fails or cannot be accessed, the user automatically switches to another server. 15. The method as described in item 4 of the scope of patent application, wherein each user record is encrypted using an encryption key from the smart card of the specific holder, and its 中母一該特疋智慧卡含有獨一的加密鍵僅駐於該特定智 慧卡上。 16·如申請專利範圍第15項所述之方法，其中使用者記錄之 加密與解密在該用戶發生，且其中該使用者記錄以加密 後之形式僅在該用戶與該伺服器間被傳送。 17.如申請專利範圍第1項所述之方法，進一步包含之步驟 為： 提供變形（morphing)設施用於重製使用者遺失之智 慧卡。The mother-in-law special smart card contains a unique encryption key that resides only on that particular smart card. 16. The method as described in item 15 of the scope of patent application, wherein the encryption and decryption of the user record occurs at the user, and wherein the user record is transmitted in encrypted form only between the user and the server. 17. The method according to item 1 of the scope of patent application, further comprising the steps of: providing a morphing facility to reproduce the lost smart card of the user. 18·—種用於儲存、管理與擷取移動式電腦使用者之個人計 算環境的裝置，該計算環境在一電腦環境中可由一智慧 卡予以攜帶，該裝置包含： 一智慧卡； 用於由該智慧卡讀取使用者之個人計算環境資料之 一模組； 用於依據該個人計算環境資料組配一用戶之一模 組；以及 其中該個人計算環境資料包括：作業系統績效、最 • 22 - 58853118 · —A device for storing, managing, and retrieving a personal computing environment of a mobile computer user. The computing environment can be carried by a smart card in a computer environment. The device includes: a smart card; The smart card reads a module of a user's personal computing environment data; is used to configure a module of a user based on the personal computing environment data set; and wherein the personal computing environment data includes: operating system performance, maximum • 22 -588531 六、申請專利範圍 愛的Web網站、電子郵件地址、***資訊、ISP資訊、 程式偏好與程式環境，但不限於此。 19·如申請專利範圍第18項所述之裝置，其中該讀取模組進 一步包含： 一模組用於接受使用者輸入定出組配該用戶為該使 用者偏好之個人計算環境所需的資訊；以及 一模組用於若該智慧卡不具有組配該用戶為該使用 者偏好之足夠資訊時，由一伺服器擷取正確的個人計算 環境資料。 20.如申請專利範圍第19項所述之裝置，進一步包含： 一模组用於在該智慧卡上儲存正確的個人計算環境 資料。 21·如申請專利範圍第18項所述之裝置，進一步包含： 駐於一伺服器上之使用者資訊資料庫； 其中該使用者資訊資料庫含有數個使用者之使用者 記錄；以及 其中該使用者記錄含有之個人計算環境資料大小超 過該智慧卡之儲存容量。 22·如申請專利範圍第21項所述之裝置，進一步包含： 使用者記錄管理設施用於讓該使用者管理儲存在該 智慧卡與該使用者資訊資料庫上之個人計算環境資料。 23.如申請專利範圍第22項所述之裝置，其中該使用者記錄 管理設施駐於該用戶上，且其中該用戶與該伺服器連接 以顧取該使用者記錄。 236. Scope of Patent Application Ai's Web site, email address, credit card information, ISP information, program preferences and program environment, but not limited to this. 19. The device according to item 18 of the scope of patent application, wherein the reading module further comprises: a module for accepting user input to specify the personal computing environment required by the user for the user's preference Information; and a module for obtaining correct personal computing environment data from a server if the smart card does not have sufficient information to match the user's preferences for the user. 20. The device according to item 19 of the scope of patent application, further comprising: a module for storing correct personal computing environment data on the smart card. 21. The device described in item 18 of the scope of patent application, further comprising: a user information database residing on a server; wherein the user information database contains user records of several users; and wherein the The size of the personal computing environment data contained in the user record exceeds the storage capacity of the smart card. 22. The device according to item 21 of the scope of patent application, further comprising: a user record management facility for the user to manage personal computing environment data stored on the smart card and the user information database. 23. The device as described in claim 22, wherein the user record management facility resides on the user, and wherein the user is connected to the server to access the user record. twenty three 588531 24. 如申請專利範圍第22項所述之裝置，其#該使用者記錄 管理設施駐於該用戶上’且其中該用戶與鋪服器透過 一安全Web網站連接。 25. 如申請專利範圍第22項所述之裝置，其_該使用者記錄 管理設施給予使用者在該使用者f訊資料庫上擴充該使 用者之使用者記錄的選擇機會。 26. 如申請專利範圍第22項所述之裝置，其中該使用者記錄 管理設施定義多組之個人計算環境資料。 27. 如申明專利範圍第21項所述之裝置，其中數個飼服器含 有該使用者資訊資料庫之冗餘複製。 28·如申請專利範圍第27項所述之裝置，其中該用戶在獲取 使用者記錄時實施該等數個伺服器之負載平衡。 29.如申請專利範圍第27項所述之裝置，其中一伺服器被指 定為該使用者之主要區域伺服器。 30·如申請專利範圍第29項所述之裝置，其中該主要伺服器 根據使用者之使用型態動態地被選擇。 31.如申請專利範圍第29項所述之裝置，其中若該主要伺服 器故障或無法存取時，該用戶自動地切換至另一伺服器。 32·如申請專利範圍第21項所述之裝置，其中每一使用者記 錄使用由特定持有人之智慧卡來的一加密鍵被加密，且 其中每一該特定智慧卡含有獨一的加密鍵僅駐於該特定 智慧卡上。 33·如申請專利範圍第32項所述之裝置，其中使用者記錄之 加密與解密在該用戶發生，且其中該使用者記錄以加密 -24 - 588531 六、申請專利範圍 後之形式僅在該用戶與該伺服器間被傳送。 34·如申請專利範圍第18項所述之裝置，進一步包含： 用於重製使用者遣失之智慧卡的變形（morphing)設 施。 35·—種用於儲存、管理與擷取移動式電腦使用者之個人計 算環境的方法，該計算環境在一電腦環境中可由一智慧 卡予以攜帶，該方法包含之步驟為： 提供讀取設施被連接至一用戶用於由該智慧卡讀取 該使用者之個人計算環境資料； 提供設施用於依據該個人計算環境資料組配該用 戶； 提供一使用者資訊資料庫駐於一伺服器上； 其中該使用者資訊資料庫含有數個使用者之使用者 記錄； 其中該使用者記錄含有之個人計算環境資料大小超 過該智慧卡之儲存容量； 其中該個人計算環境資料包括：作業系統績效、最 愛的Web”祠站、電子郵件地址、***資訊、Μ?資訊、 程式偏好與程式環境，但不限於此； 提供使用者記錄管理設施用於讓該使用者管理儲存 在該智慧卡與該使用者資訊資料庫上之個人計算環境資 料；以及 提供智慧切存設施用於在該智慧卡上儲存一部分 之使用者記錄。588531 24. The device described in item 22 of the scope of patent application, wherein the user record management facility resides on the user 'and wherein the user and the server are connected through a secure Web site. 25. The device described in item 22 of the scope of the patent application, where the user record management facility gives the user the opportunity to expand the user's user record on the user's database. 26. The device described in claim 22, wherein the user record management facility defines multiple sets of personal computing environment data. 27. The device described in claim 21 of the patent scope, in which several feeders contain redundant copies of the user information database. 28. The device according to item 27 of the scope of patent application, wherein the user implements load balancing of the plurality of servers when obtaining the user record. 29. The device described in item 27 of the scope of patent application, wherein one of the servers is designated as the user's main regional server. 30. The device according to item 29 of the scope of patent application, wherein the main server is dynamically selected according to the usage pattern of the user. 31. The device according to item 29 of the scope of patent application, wherein if the main server fails or cannot be accessed, the user automatically switches to another server. 32. The device according to item 21 of the scope of patent application, wherein each user record is encrypted using an encryption key from a specific holder's smart card, and each of the specific smart cards contains unique encryption The key resides only on that particular smart card. 33. The device described in item 32 of the scope of patent application, in which the encryption and decryption of the user record takes place in the user, and the user record is encrypted in the form of -24-588531 The user and the server are transmitted. 34. The device as described in item 18 of the scope of patent application, further comprising: a morphing device for reproducing a smart card lost by a user. 35 · —A method for storing, managing, and retrieving a personal computing environment of a mobile computer user, the computing environment can be carried by a smart card in a computer environment, and the method includes the steps of: providing reading facilities Connected to a user for reading the user's personal computing environment data by the smart card; providing facilities for matching the user with the personal computing environment data; providing a user information database residing on a server ; Where the user information database contains user records of several users; where the user record contains personal computing environment data that exceeds the storage capacity of the smart card; where the personal computing environment data includes: operating system performance, "Favorite Web" temple site, email address, credit card information, M? Information, program preferences and program environment, but not limited to this; provide user record management facilities for the user to manage the smart card and the use of storage Personal computing environment data on the consumer information database; and provide smart storage facilities for Store the user record a portion of the smart card. 588531 36.如申請專利範圍第35項所述之料，其中該使用者記錄 管理設施駐於該用戶上，且其中該用戶與該词服器連接 以#員取該使用者記錄。 37·如申請專利範圍第35項所述之方法，其中該使用者記錄 管理設施駐於錢服器上，且其中該用戶與鋪服器透 過一安全Web網頁連接。 38.如申請專利範圍第35項所述之方法，其中每一使用者記 錄使用由特定持有人之智慧卡來的一加密鍵被加密，且 其中每一該特定智慧卡含有獨一的加密鍵僅駐於該特定 智慧卡上。 39·如申請專利範圍第38項所述之方法，其中使用者記錄之 加密與解密在該用戶發生，且其中該使用者記錄以加密 後之形式僅在該用戶與該伺服器間被傳送。 40.如申請專利範圍第35項所述之方法，進一步包含之步驟 提供變形（morphing)設施用於重製使用者遺失之智 慧卡。 41· 一種用於儲存、管理與擷取移動式電腦使用者之個人計 算環境的裝置，該計算環境在一電腦環境中可由一智慧 卡予以攜帶，該裝置包含·· 讀取設施被連接至一用戶用於由該智慧卡讀取該使 用者之個人計算環境資料； 設施用於依據該個人計算環境資料組配該用戶； 一使用者資訊資料庫駐於一伺服器上； -26 - 六、申請專利範圍 其中該使用者資訊資料庫含有數個使用者之使用者 記錄； 其中該使用者記錄含有之個人計算環境資料大小超 過該智慧卡之儲存容量； 其中該個人計算環境資料包括：作業系統績效、最 愛的Web網站、電子郵件地址、***資訊、lsp資訊、 程式偏好與程式環境，但不限於此； 使用者記錄管理設施用於讓該使用者管理儲存在該 智慧卡與該使用者資訊資料庫上之個人計算環境資料； 以及 智慧卡儲存設施用於在該智慧卡上儲存一部分之使 用者記錄。 42·如申請專利範圍第41項所述之裝置，其中該使用者記錄 管理没施駐於該用戶上，且其中該用戶由該伺服器擷取 該使用者記錄。 43·如申請專利範圍第41項所述之裝置，其中該使用者記錄 管理設施駐於該伺服器上，且其中該用戶與該伺服器透 過一安全Web網頁連接。 44·如申請專利範圍第41項所述之裝置，其中每一使用者記 錄使用由特定持有人之智慧卡來的一加密鍵被加密，且 其中母一該特定智慧卡含有獨一的加密鍵僅駐於該特定 智慧卡上。 45·如申請專利範圍第44項所述之裝置，其中使用者記錄之 加密與解密在該用戶發生，且其中該使用者記錄以加密 • 27 - 588531588531 36. The material as described in item 35 of the scope of patent application, wherein the user record management facility resides on the user, and wherein the user is connected to the word server to retrieve the user record by # 员. 37. The method as described in claim 35, wherein the user record management facility resides on a money server, and wherein the user and the server are connected through a secure Web page. 38. The method described in claim 35, wherein each user record is encrypted using an encryption key from a smart card of a specific holder, and each of the specific smart cards contains unique encryption The key resides only on that particular smart card. 39. The method described in claim 38, wherein the encryption and decryption of the user record occurs at the user, and wherein the user record is transmitted in encrypted form only between the user and the server. 40. The method described in item 35 of the scope of patent application, further comprising the step of providing a morphing facility for reproducing the smart card lost by the user. 41. A device for storing, managing and retrieving the personal computing environment of a user of a mobile computer, the computing environment being carried by a smart card in a computer environment, the device comprising a reading facility connected to a The user is used by the smart card to read the personal computing environment data of the user; the facility is used to configure the user according to the personal computing environment data; a user information database resides on a server; -26-VI. The scope of patent application where the user information database contains user records of several users; where the size of the personal computing environment data contained in the user record exceeds the storage capacity of the smart card; where the personal computing environment data includes: operating system Performance, favorite web site, email address, credit card information, lsp information, program preferences and program environment, but not limited to this; the user record management facility is used by the user to manage the information stored in the smart card and the user Personal computing environment data on the database; and smart card storage facilities A part of the user record is stored on the card. 42. The device according to item 41 of the scope of patent application, wherein the user record management is not applied to the user, and wherein the user retrieves the user record by the server. 43. The device as described in claim 41, wherein the user record management facility resides on the server, and wherein the user and the server are connected via a secure Web page. 44. The device according to item 41 of the scope of patent application, wherein each user record is encrypted using an encryption key from a specific holder's smart card, and the mother-specific specific smart card contains unique encryption The key resides only on that particular smart card. 45. The device as described in item 44 of the scope of patent application, wherein the encryption and decryption of the user record occurs at the user, and wherein the user record is encrypted • 27-588531 六、申請專利範圍 後之形式僅在該用戶與該伺服器間被傳送。 46.如申請專利範圍第41項所述之裝置，進一步包含： 用於重製使用者遺失之智慧卡的變形（morphing)設 施0 -28 -6. The form after the scope of patent application is only transmitted between the user and the server. 46. The device according to item 41 of the scope of patent application, further comprising: a morphing device for reproducing a smart card lost by a user 0 -28-