Selective encryption of profile fields for multiple consumers
First Claim
1. A method for encrypting fields in a profile, comprising:
- adding a profile associated with a user to a profile snapshot queue, wherein the profile includes encrypted fields that have been encrypted using symmetric keys, and a header including access information, wherein the access information comprises multiple versions of single symmetric keys encrypted by public keys associated with a plurality of consumers and wherein each of the plurality of consumers has different permissions to access the encrypted fields;
receiving a request by a consumer of the plurality of consumers to access the profile;
transmitting the profile from the profile snapshot queue to the consumer;
receiving an update to the profile from the user, wherein the update comprises updated fields corresponding to the encrypted fields and an update header;
adding the update to a live update queue, wherein the live update queue is accessible by the plurality of consumers;
encrypting the updated fields with symmetric keys;
encrypting the symmetric keys with a public key of the consumer;
storing the encrypted symmetric keys in the update header; and
enabling the consumer to access the update from the live update queue.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosed embodiments relate to a system that provides a selective encryption technique that encrypts all of the fields in a profile, and selectively enables consumers of the profile information to decrypt specific fields in the profiles. This is accomplished by encrypting each field in the profile using a randomly generated symmetric key, and then encrypting the symmetric key for each field with public keys belonging to individuals who are authorized to access each field. These encrypted public keys are stored in a header of the profile to enable individuals to use their corresponding private keys to decrypt symmetric keys for the specific fields that they are authorized to access.
22 Citations
27 Claims
-
1. A method for encrypting fields in a profile, comprising:
-
adding a profile associated with a user to a profile snapshot queue, wherein the profile includes encrypted fields that have been encrypted using symmetric keys, and a header including access information, wherein the access information comprises multiple versions of single symmetric keys encrypted by public keys associated with a plurality of consumers and wherein each of the plurality of consumers has different permissions to access the encrypted fields; receiving a request by a consumer of the plurality of consumers to access the profile; transmitting the profile from the profile snapshot queue to the consumer; receiving an update to the profile from the user, wherein the update comprises updated fields corresponding to the encrypted fields and an update header; adding the update to a live update queue, wherein the live update queue is accessible by the plurality of consumers; encrypting the updated fields with symmetric keys; encrypting the symmetric keys with a public key of the consumer; storing the encrypted symmetric keys in the update header; and enabling the consumer to access the update from the live update queue. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for encrypting fields in a profile, comprising:
-
adding a profile associated with a user to a profile snapshot queue, wherein the profile includes encrypted fields that have been encrypted using symmetric keys, and a header including access information, wherein the access information comprises multiple versions of single symmetric keys encrypted by public keys associated with a plurality of consumers and wherein each of the plurality of consumers has different permissions to access the encrypted fields; receiving a request by a consumer of the plurality of consumers to access the profile; transmitting the profile from the profile snapshot queue to the consumer; receiving an update to the profile from the user, wherein the update comprises updated fields corresponding to the encrypted fields and an update header; adding the update to a live update queue, wherein the live update queue is accessible by the plurality of consumers; encrypting the updated fields with symmetric keys; encrypting the symmetric keys with a public key of the consumer; storing the encrypted symmetric keys in the update header; and enabling the consumer to access the update from the live update queue. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system that facilitates accessing encrypted fields in a profile, comprising:
-
at least one processor and at least one associated memory; and a decryption mechanism that executes on the at least one processor, wherein the decryption mechanism is configured to perform a method for encrypting fields in a profile, comprising; adding a profile associated with a user to a profile snapshot queue, wherein the profile includes encrypted fields that have been encrypted using symmetric keys, and a header including access information, wherein the access information comprises multiple versions of single symmetric keys encrypted by public keys associated with a plurality of consumers and wherein each of the plurality of consumers has different permissions to access the encrypted fields; receiving a request by a consumer of the plurality of consumers to access the profile; transmitting the profile from the profile snapshot queue to the consumer; receiving an update to the profile from the user, wherein the update comprises updated fields corresponding to the encrypted fields and an update header; adding the update to a live update queue, wherein the live update queue is accessible by the plurality of consumers; encrypting the updated fields with symmetric keys; encrypting the symmetric keys with a public key of the consumer; storing the encrypted symmetric keys in the update header; and enabling the consumer to access the update from the live update queue. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification