Token-based secure data management
First Claim
1. A system, comprising a processor and memory storing instructions that, if executed by the processor:
- receive a request for sensitive user data from a second entity, the request including a token provided to a first entity in place of the sensitive data;
assign a time to live to the sensitive user data;
delete the sensitive user data following expiration of the time to live; and
as a result of deleting the sensitive user data, send an instruction to the first entity to delete the token corresponding to the sensitive user data.
1 Assignment
0 Petitions
Accused Products
Abstract
In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.
-
Citations
20 Claims
-
1. A system, comprising a processor and memory storing instructions that, if executed by the processor:
-
receive a request for sensitive user data from a second entity, the request including a token provided to a first entity in place of the sensitive data; assign a time to live to the sensitive user data; delete the sensitive user data following expiration of the time to live; and as a result of deleting the sensitive user data, send an instruction to the first entity to delete the token corresponding to the sensitive user data. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method, comprising:
-
under control of one or more computer systems configured with executable instructions, assigning a time to live to sensitive data associated with a first token provided to a first entity in place of the sensitive data; deleting the sensitive data following expiration of the time to live; and as a result of deleting the sensitive data, sending an instruction to the first entity to delete the token corresponding to the sensitive data. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable media storing computer-executable instructions that, as a result of being executed, cause one or more processors to:
-
assign a time to live to a first piece of sensitive data associated with a first token, the first token provided to a first entity in place of the sensitive data; delete the first piece of sensitive data following expiration of the time to live; and as a result of deleting the first piece of sensitive data, send an instruction to the first entity to delete the first token corresponding to the first piece of sensitive data. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification