Systems and methods to secure personally identifiable information
First Claim
1. A method implemented in a computer system hosting a three-dimensional virtual reality world, the method comprising:
- collecting personally identifiable information of users of accounts to access the three-dimensional virtual reality world hosted on the computer system, wherein;
each respective account in the accounts is identified by an account identifier; and
each respective data field of personally identifiable information of the respective account is identified by a data field identifier;
storing a global key;
generating an encryption key from the global key, the account identifier, and the data field identifier for a content of the respective data field of the personally identifiable information of the respective account, wherein;
the content is encrypted using the encryption key to generate an encrypted content of the respective data field of the personally identifiable information of the respective account, andthe encrypted content is decryptable using the encryption key;
determining an identification of a storage location for the respective data field of the personally identifiable information of the respective account; and
storing the identification of the storage location in a first storage device that is separate from a second storage device that stores, at the storage location, the encrypted contents of personally identifiable information of the accounts.
8 Assignments
0 Petitions
Accused Products
Abstract
A method implemented in a computing system hosting a three-dimensional virtual reality world. The computer system collects personally identifiable information of users of accounts, where each account in the accounts is identified by an account identifier and each data field of personally identifiable information of each account is identified by a data field identifier. The system uses a scrypt function to generate an encryption key from the global key, the account identifier, and the data field identifier specifically for the content of the data field of the personally identifiable information of the respective account. Different encryption keys are used for different data fields and different accounts. Encrypted content of a data field is stored at a random location; and the identification of the random location is stored in a device, database or system, separate from where the encrypted contents of the data fields of the accounts are stored.
18 Citations
20 Claims
-
1. A method implemented in a computer system hosting a three-dimensional virtual reality world, the method comprising:
-
collecting personally identifiable information of users of accounts to access the three-dimensional virtual reality world hosted on the computer system, wherein; each respective account in the accounts is identified by an account identifier; and each respective data field of personally identifiable information of the respective account is identified by a data field identifier; storing a global key; generating an encryption key from the global key, the account identifier, and the data field identifier for a content of the respective data field of the personally identifiable information of the respective account, wherein; the content is encrypted using the encryption key to generate an encrypted content of the respective data field of the personally identifiable information of the respective account, and the encrypted content is decryptable using the encryption key; determining an identification of a storage location for the respective data field of the personally identifiable information of the respective account; and storing the identification of the storage location in a first storage device that is separate from a second storage device that stores, at the storage location, the encrypted contents of personally identifiable information of the accounts. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computing system hosting a three-dimensional virtual reality world, the system comprising:
-
a key master; a server system; a first data storage device controlled by the server system and storing; a three-dimensional model of the virtual reality world; and avatar models representing residences of the virtual reality world; and a second data storage device controlled by the key master and storing; a location database; and a global key; wherein users of accounts to access the three-dimensional virtual reality world hosted on the computer system have personally identifiable information; wherein each respective account in the accounts is identified by an account identifier; wherein each respective data field of personally identifiable information of the respective account is identified by a data field identifier; wherein the key master generates an encryption key from the global key, the account identifier, and the data field identifier for a content of the respective data field of the personally identifiable information of the respective account; wherein the server system encrypts the content using the encryption key to generate an encrypted content of the respective data field of the personally identifiable information of the respective account; wherein the encrypted content is decryptable using the encryption key; wherein the location database stores an identification of a storage location in the first data storage device for the respective data field of the personally identifiable information of the respective account; and wherein the first data storage device stores the encrypted content of the respective data field of the personally identifiable information of the respective account at the storage location identified by the identification. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer storage medium storing instructions which, when executed on a computer system, cause the computer system to perform a method, the method comprising:
-
collecting personally identifiable information of users of accounts to access a three-dimensional virtual reality world hosted on the computer system, wherein; each respective account in the accounts is identified by an account identifier; and each respective data field of personally identifiable information of the respective account is identified by a data field identifier; storing a global key; generating an encryption key from the global key, the account identifier, and the data field identifier for a content of the respective data field of the personally identifiable information of the respective account, wherein; the content is encrypted using the encryption key to generate an encrypted content of the respective data field of the personally identifiable information of the respective account, and the encrypted content is decryptable using the encryption key; determining an identification of a storage location for the respective data field of the personally identifiable information of the respective account; and storing the identification of the storage location in a first storage device that is separate from a second storage device that stores, at the storage location, the encrypted contents of personally identifiable information of the accounts. - View Dependent Claims (18, 19, 20)
-
Specification