Method and apparatus for applying a customer owned encryption

US 10,043,015 B2
Filed: 11/20/2014
Issued: 08/07/2018
Est. Priority Date: 11/20/2014
Status: Active Grant

First Claim

Patent Images

1. A method for applying customer specific encryption methods at a centralized storage server, the method comprising:

applying, by executing at least some first instructions with a processor, a first customer specific encryption method to a data file of a first customer at the centralized storage server to create a customer encrypted data file, the first customer specific encryption method including a first hash function different from a second hash function of a second customer specific encryption method to be applied to a second data file of a second customer;

deleting, by executing an instruction with the processor, the first customer specific encryption method from the centralized storage server, the deleting of the first customer specific encryption method including deleting the first hash function; and

after the applying of the first customer specific encryption method to create the customer encrypted data file, applying, by executing an instruction with the processor, a third encryption method, different from the first customer specific encryption method and the second customer specific encryption method, to the customer encrypted data file, the third encryption method being a general encryption method applied to a plurality of data files stored in the centralized storage server, the plurality of data files associated with a plurality of different customers including the first customer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, computer-readable storage device and apparatus for customer owned encryption at a centralized storage server are disclosed. For example, the method receives a data file for storage and a customer owned encryption method from the customer, applies the customer owned encryption method to the data file at the centralized storage server to create a customer encrypted data file, deletes the customer owned encryption method from the centralized storage server and applies a general encryption method to the customer encrypted data file, wherein the general encryption method is applied to all data files stored in the centralized storage server.

53 Citations

20 Claims

1. A method for applying customer specific encryption methods at a centralized storage server, the method comprising:
- applying, by executing at least some first instructions with a processor, a first customer specific encryption method to a data file of a first customer at the centralized storage server to create a customer encrypted data file, the first customer specific encryption method including a first hash function different from a second hash function of a second customer specific encryption method to be applied to a second data file of a second customer;
  
  deleting, by executing an instruction with the processor, the first customer specific encryption method from the centralized storage server, the deleting of the first customer specific encryption method including deleting the first hash function; and
  
  after the applying of the first customer specific encryption method to create the customer encrypted data file, applying, by executing an instruction with the processor, a third encryption method, different from the first customer specific encryption method and the second customer specific encryption method, to the customer encrypted data file, the third encryption method being a general encryption method applied to a plurality of data files stored in the centralized storage server, the plurality of data files associated with a plurality of different customers including the first customer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further including:
    - receiving, at the processor, a request from the first customer to retrieve the data file, wherein the request includes the first instructions to execute the first customer specific encryption method;
      
      decrypting, by executing an instruction with the processor, the general encryption method applied to the customer encrypted data file;
      
      decrypting, by executing at least some of the first instructions with the processor, the first customer specific encryption method applied to the data file;
      
      deleting, by executing an instruction with the processor, the first customer specific encryption method from the centralized storage server; and
      
      sending, the data file from the processor to the first customer.
  - 3. The method of claim 1, further including:
    - sending a request from the processor to the first customer to access the customer encrypted data file;
      
      receiving, at the processor, the first instructions to execute the first customer specific encryption method from the first customer;
      
      decrypting, by executing an instruction with the processor, the general encryption method applied to the customer encrypted data file;
      
      decrypting, by executing at least some of the first instructions with the processor, the first customer specific encryption method applied to the data file;
      
      accessing, by executing an instruction with the processor, information in the data file;
      
      applying, by executing at least some of the first instructions with the processor, the first customer specific encryption method to the data file to re-create the customer encrypted data file;
      
      deleting, by executing an instruction with the processor, the first customer specific encryption method from the centralized storage server; and
      
      applying, by executing an instruction with the processor, the general encryption method to the customer encrypted data file that was re-created.
  - 4. The method of claim 3, wherein the request to access the customer encrypted data file includes a request to obtain credit card information in the data file for a repeat billing.
  - 5. The method of claim 1, wherein the centralized storage server is maintained by a retailer.
  - 6. The method of claim 1, wherein the centralized storage server is maintained by a cloud storage service provider.
  - 7. The method of claim 1, wherein the first customer specific encryption method is created on an endpoint device of the first customer.
  - 8. The method of claim 1, wherein the general encryption method includes a secure hash algorithm.

9. A tangible computer-readable storage device including a first plurality of computer executable instructions, which when executed by a processor associated with a centralized storage server, causes the processor to perform operations for applying customer specific encryption methods at the centralized storage server, the operations comprising:
- executing at least some second instructions to apply a first customer specific encryption method to a data file of a first customer at the centralized storage server to create a customer encrypted data file, the first customer specific encryption method including a first hash function different from a second hash function of a second customer specific encryption method to be applied to a second data file of a second customer;
  
  deleting the first customer specific encryption method from the centralized storage server, the deleting of the first customer specific encryption method including deleting the first hash function; and
  
  after the executing of the at least some of the second instructions to apply the first customer specific encryption method to create the customer encrypted data file, applying a third encryption method, different from the first customer specific encryption method and the second customer specific encryption method, to the customer encrypted data file, the third encryption method being a general encryption method applied to a plurality of data files stored in the centralized storage server, the plurality of data files associated with a plurality of different customers including the first customer.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The tangible computer-readable storage device of claim 9, wherein the operations further include:
    - receiving a request from the first customer to retrieve the data file, wherein the request includes the second instructions to execute the first customer specific encryption method;
      
      decrypting the general encryption method applied to the customer encrypted data file;
      
      decrypting the first customer specific encryption method applied to the data file;
      
      deleting the first customer specific encryption method from the centralized storage server; and
      
      sending the data file to the first customer.
  - 11. The tangible computer-readable storage device of claim 9, wherein the operations further include:
    - sending a request to the first customer to access the customer encrypted data file;
      
      receiving the second instructions for executing the first customer specific encryption method from the first customer;
      
      decrypting the general encryption method applied to the customer encrypted data file;
      
      decrypting the first customer specific encryption method applied to the data file;
      
      accessing information in the data file;
      
      applying the first customer specific encryption method to the data file to re-create the customer encrypted data file;
      
      deleting the first customer specific encryption method from the centralized storage server; and
      
      applying the general encryption method to the customer encrypted data file that was re-created.
  - 12. The tangible computer-readable storage device of claim 11, wherein the request to access the customer encrypted data file includes a request to obtain credit card information in the data file for a repeat billing.
  - 13. The tangible computer-readable storage device of claim 9, wherein the centralized storage server is maintained by a retailer.
  - 14. The tangible computer-readable storage device of claim 9, wherein the centralized storage server is maintained by a cloud storage service provider.
  - 15. The tangible computer-readable storage device of claim 9, wherein the first customer specific encryption method is created on an endpoint device of the first customer.
  - 16. The tangible computer-readable storage device of claim 9, wherein the general encryption method includes a secure hash algorithm.

17. A centralized storage server, comprising:
- a processor; and
  
  a computer-readable storage device including a first plurality of computer executable instructions which, when executed by the processor, causes the processor to perform operations, the operations including;
  
  executing at least some second instructions to apply a first customer specific encryption method to a data file of a first customer at the centralized storage server to create a customer encrypted data file, the first customer specific encryption method including a first hash function different from a second hash function of a second customer specific encryption method to be applied to a second data file of a second customer;
  
  deleting the first customer specific encryption method from the centralized storage server, the deleting of the first customer specific encryption method including deleting the first hash function; and
  
  after the executing of the at least some of the second instructions to apply the first customer specific encryption method to create the customer encrypted data file, applying a third encryption method, different from the first customer specific encryption method and the second customer specific encryption method, to the customer encrypted data file, the third encryption method being a general encryption method applied to a plurality of data files stored in the centralized storage server, the plurality of data files associated with a plurality of different customers including the first customer.
- View Dependent Claims (18, 19, 20)
- - 18. The apparatus of claim 17, wherein the operations further include:
    - receiving a request from the first customer to retrieve the data file, wherein the request includes the second instructions to execute the first customer specific encryption method;
      
      decrypting the general encryption method applied to the customer encrypted data file;
      
      decrypting the first customer specific encryption method applied to the data file;
      
      deleting the first customer specific encryption method from the centralized storage server; and
      
      sending the data file to the first customer.
  - 19. The apparatus of claim 17, wherein the operations further include:
    - sending a request to the first customer to access the customer encrypted data file;
      
      receiving the second instructions to execute the first customer specific encryption method from the first customer;
      
      decrypting the general encryption method applied to the customer encrypted data file;
      
      decrypting the first customer specific encryption method applied to the data file;
      
      accessing information in the data file;
      
      applying the first customer specific encryption method to the data file to re-create the customer encrypted data file;
      
      deleting the first customer specific encryption method from the centralized storage server; and
      
      applying the general encryption method to the customer encrypted data file that was re-created.
  - 20. The apparatus of claim 19, wherein the request to access the customer encrypted data file includes a request to obtain credit card information in the data file for a repeat billing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Fontanetta, Amee, Rios, Roque
Primary Examiner(s)
Iwarere, Oluseye

Application Number

US14/549,543
Publication Number

US 20160147999A1
Time in Patent Office

1,356 Days
Field of Search

713165, 713189, 713171, 713153
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06Q 20/14   specially adapted for billi...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 40/12   Accounting

Method and apparatus for applying a customer owned encryption

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for applying a customer owned encryption

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links