Collision avoidance in a distributed tokenization environment
First Claim
1. A computer-implemented method for tokenizing data comprising:
- generating, by a central token management system, a unique set of values for each of a plurality of clients communicatively coupled to the central token management system, wherein each unique set of values is generated by the central token management system for the plurality of clients to avoid collisions between token values generated by the plurality of clients based on the unique sets of values;
providing, by the central token management system, each generated unique set of values to a corresponding client of the plurality of clients, each client configured to generate one or more token values based on a value within the unique set of values corresponding to the client and to store the generated token values in a token table mapping the generated token values to corresponding input values;
receiving, by the central token management system, a request from a requesting client of the plurality of clients for an additional unique set of values;
generating, by the central token management system, the additional unique set of values to avoid collisions with the previously generated unique sets of values; and
providing, by the central token management, the additional unique set of values to the requesting client.
3 Assignments
0 Petitions
Accused Products
Abstract
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
-
Citations
18 Claims
-
1. A computer-implemented method for tokenizing data comprising:
-
generating, by a central token management system, a unique set of values for each of a plurality of clients communicatively coupled to the central token management system, wherein each unique set of values is generated by the central token management system for the plurality of clients to avoid collisions between token values generated by the plurality of clients based on the unique sets of values; providing, by the central token management system, each generated unique set of values to a corresponding client of the plurality of clients, each client configured to generate one or more token values based on a value within the unique set of values corresponding to the client and to store the generated token values in a token table mapping the generated token values to corresponding input values; receiving, by the central token management system, a request from a requesting client of the plurality of clients for an additional unique set of values; generating, by the central token management system, the additional unique set of values to avoid collisions with the previously generated unique sets of values; and providing, by the central token management, the additional unique set of values to the requesting client. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable medium storing executable computer instructions for tokenizing data, the instructions, when executed by a hardware processor, configured to perform steps comprising:
-
generating, by a central token management system, a unique set of values for each of a plurality of clients communicatively coupled to the central token management system, wherein each unique set of values is generated by the central token management system for the plurality of clients to avoid collisions between token values generated by the plurality of clients based on the unique sets of values; providing, by the central token management system, each generated unique set of values to a corresponding client of the plurality of clients, each client configured to generate one or more token values based on a value within the unique set of values corresponding to the client and to store the generated token values in a token table mapping the generated token values to corresponding input values; receiving, by the central token management system, a request from a requesting client of the plurality of clients for an additional unique set of values; generating, by the central token management system, the additional unique set of values to avoid collisions with the previously generated unique sets of values; and providing, by the central token management, the additional unique set of values to the requesting client. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system for tokenizing data comprising:
-
a plurality of client devices; and a central token management system communicatively coupled to the plurality of client devices and configured to perform steps comprising; generating a unique set of values for each of the plurality of client devices, wherein each unique set of values is generated by the central token management system for the plurality of clients to avoid collisions between token values generated by the plurality of clients based on the unique sets of values; providing each generated unique set of values to a corresponding client device of the plurality of client devices, each client device configured to generate one or more token values based on a value within the unique set of values corresponding to the client device and to store the generated token values in a token table mapping the generated token values to corresponding input values; receiving a request from a requesting client device of the plurality of client devices for an additional unique set of values; generating the additional unique set of values to avoid collisions with the previously generated unique sets of values; and providing the additional unique set of values to the requesting client device. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification