Sensitive data aliasing

US 10,146,957 B1
Filed: 12/11/2017
Issued: 12/04/2018
Est. Priority Date: 01/27/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A computerized method of encoding data sets containing sensitive information and generating aliases to represent data elements, the method comprising:

providing access to sensitive personal data sets in a storage device, wherein the sensitive personal data sets include encrypted data elements using an encryption method, wherein the encrypted data elements are used to disguise or hide user-identification information; and

by operating at least one computer,using aliases independent from the data elements to generate an association between the aliases and the encrypted data elements; and

providing at least two levels of restricted access to the encrypted data elements, including a first level through which authorized users retrieve information from or associated with the sensitive personal data sets but without the user-identification information, wherein the user-identification information is disguised or hidden by way of a first encryption method, and including a second level through which another set of authorized users retrieve information from or associated with the sensitive personal data sets and with access to the user-identification information even though the user-identification information is disguised or hidden by way of the first encryption method, wherein the second level of the restricted access includes carrying out a method of decryption.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Database management and security is implemented in a variety of embodiments. In one such embodiment, data sets containing sensitive data elements are analyzed using aliases representing sensitive data elements. In another embodiment, the sensitive data elements are stored in an encrypted form for use from a secure access, while the alias is available for standard access.

Citations

15 Claims

1. A computerized method of encoding data sets containing sensitive information and generating aliases to represent data elements, the method comprising:
- providing access to sensitive personal data sets in a storage device, wherein the sensitive personal data sets include encrypted data elements using an encryption method, wherein the encrypted data elements are used to disguise or hide user-identification information; and
  
  by operating at least one computer,using aliases independent from the data elements to generate an association between the aliases and the encrypted data elements; and
  
  providing at least two levels of restricted access to the encrypted data elements, including a first level through which authorized users retrieve information from or associated with the sensitive personal data sets but without the user-identification information, wherein the user-identification information is disguised or hidden by way of a first encryption method, and including a second level through which another set of authorized users retrieve information from or associated with the sensitive personal data sets and with access to the user-identification information even though the user-identification information is disguised or hidden by way of the first encryption method, wherein the second level of the restricted access includes carrying out a method of decryption.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computerized method of claim 1, wherein the first level of the restricted access is provided to a set of standard users and includes using the aliases in place of the sensitive data elements to disguise or hide the user-identification information.
  - 3. The computerized method of claim 1, wherein the first level of the restricted access uses the aliases in place of the data elements for a set of standard users, and wherein at least some of the standard users are not included in the other set of authorized users associated with the second level.
  - 4. The computerized method of claim 1, wherein the data elements are stored in a first database and the aliases are stored in a second database, and wherein each of the first and second databases is communicatively coupled to said at least one computer via the two levels of restricted access.
  - 5. The computerized method of claim 1, wherein the second level includes maintaining the association between the aliases and the data elements.
  - 6. The computerized method of claim 1, wherein the second level includes decrypting the data elements and subsequently encrypting the data elements using a second encryption method.
  - 7. The computerized method of claim 1, wherein the second level includes:
    - decrypting the data elements and subsequently encrypting the data elements using a second encryption method; and
      
      maintaining the association between the aliases and the data elements.
  - 8. The computerized method of claim 1, further including tracking and creating a log of activities, including access communications, by at least one of the standard users and the other set of authorized users.
  - 9. The computerized method of claim 1, further including tracking and creating a log of activities, including access communications, by each of the standard users and the other set of authorized users.
  - 10. The computerized method of claim 1, further including maintaining credit card information associated with the sensitive personal data sets.
  - 11. The computerized method of claim 1, further including maintaining user-sensitive medical information associated with the sensitive personal data sets.
  - 12. The computerized method of claim 1, further including maintaining social security information associated with the sensitive personal data sets.
  - 13. The computerized method of claim 1, further including access, corresponding to the first level, for performing a statistical analysis.
  - 14. The computerized method of claim 1, wherein access, corresponding to the first level, is performed for a statistical analysis, through which encrypted forms of the sensitive data elements are associated with aliases, and through which the aliases, or representative information, is used for the statistical analysis independent of any encryption of the sensitive data elements.
  - 15. The computerized method of claim 1, wherein access, corresponding to the first level, is performed for a statistical analysis, through which the statistical analysis is run for medical purposes using aliases in place of patient-identifiers while using both the aliases and the encryption to mitigate risk of the patient-identifiers being fraudulently derived.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Appriss Retail Information LLC
Original Assignee
Verisk Crime Analytics, Inc.
Inventors
Duhaime, David A., Duhaime, Brad J.
Primary Examiner(s)
Jeudy, Josnel

Application Number

US15/838,092
Time in Patent Office

358 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/122   using management policies b...

G06F 21/32   using biometric data, e.g. ...

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06F 21/6227   where protection concerns t...

G06F 21/6245   Protecting personal data, e...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2101   Auditing as a secondary aspect

G06Q 20/356   Aspects of software for car...

G06Q 20/383   Anonymous user system

H04L 9/0625   with splitting of the data ...

H04L 9/0631   Substitution permutation ne...

H04L 9/0643   Hash functions, e.g. MD5, S...

Sensitive data aliasing

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Sensitive data aliasing

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links