Systems and methods for enforcing centralized privacy controls in de-centralized systems

US 10,572,684 B2
Filed: 04/26/2018
Issued: 02/25/2020
Est. Priority Date: 11/01/2013
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a communication interface for sending data over a network;

a memory having, stored therein, computer program code and one or more distributed ledgers capable of recording data records; and

one or more processing units operatively coupled to the memory and configured to execute instructions in the computer program code that cause the one or more processing units to;

obtain data from a first user pertaining to a first data subject;

generate a first dynamically-changing, temporally unique identifier (DDID) for the first data subject, wherein the first DDID is configured to replace a first value related to the first data subject;

store the first DDID in a first element of a first one of the one or more distributed ledgers;

receive, over the network, a first request from a first requesting party for the first value related to the first data subject;

send the first DDID to the first requesting party over the network in response to the first request when the first requesting party is not authorized to receive the first value; and

send the first value related to the first data subject to the first requesting party over the network in response to the first request when the first requesting party is authorized to receive the first value.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, computer-readable media, and methods for improving both data privacy/anonymity and data value, wherein data related to a data subject can be used and stored, e.g., in a distributed ledger data structure, such as a blockchain, while minimizing re-identification risk by unauthorized parties and enabling data, including quasi-identifiers, related to the data subject to be disclosed to any authorized party by granting access only to the data relevant to that authorized party'"'"'s purpose, time period, place and/or other criterion via the obfuscation of specific data values, e.g., pursuant to the European Union'"'"'s General Data Protection Regulation (GDPR) or other similar regulatory schemes. The techniques described herein maintain this level of privacy/anonymity while still satisfying the immutability, auditability, and verification mandated by blockchain and other distributed ledger technologies (DLTs) for the decentralized storage of transactional data. Such systems, media, and methods may be implemented on both classical and quantum computing devices.

Citations

20 Claims

1. A system, comprising:
- a communication interface for sending data over a network;
  
  a memory having, stored therein, computer program code and one or more distributed ledgers capable of recording data records; and
  
  one or more processing units operatively coupled to the memory and configured to execute instructions in the computer program code that cause the one or more processing units to;
  
  obtain data from a first user pertaining to a first data subject;
  
  generate a first dynamically-changing, temporally unique identifier (DDID) for the first data subject, wherein the first DDID is configured to replace a first value related to the first data subject;
  
  store the first DDID in a first element of a first one of the one or more distributed ledgers;
  
  receive, over the network, a first request from a first requesting party for the first value related to the first data subject;
  
  send the first DDID to the first requesting party over the network in response to the first request when the first requesting party is not authorized to receive the first value; and
  
  send the first value related to the first data subject to the first requesting party over the network in response to the first request when the first requesting party is authorized to receive the first value.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the network is decentralized, wherein the network comprises a plurality of nodes, and wherein each node in the network stores a copy of the first one of the one or more distributed ledgers.
  - 3. The system of claim 2, wherein the first one of the one or more distributed ledgers comprises a blockchain, and wherein the first element comprises a first block.
  - 4. The system of claim 1, wherein the one or more processing units are further configured to execute instructions in the computer program code that further cause the one or more processing units to:
    - obtain a request from a first user for provision of a privacy policy; and
      
      determine a first privacy policy based, at least in part, on the request,wherein the first DDID is further configured to comply with the determined first privacy policy.
  - 5. The system of claim 1, wherein the first DDID points to a storage location containing the first value related to the first data subject.
  - 6. The system of claim 5, wherein the one or more processing units are further configured to execute instructions in the computer program code that further cause the one or more processing units to:
    - obtain a request from the first user to modify the first value related to the data subject to be a first modified value; and
      
      store the first modified value in the storage location containing the first value related to the data subject.
  - 7. The system of claim 1, wherein the first data subject comprises a first executable term of a smart contract.

8. A computer-implemented method comprising:
- obtaining data from a first user pertaining to a first data subject;
  
  generating a first dynamically-changing, temporally unique identifier (DDID) for the first data subject, wherein the first DDID is configured to replace a first value related to the first data subject;
  
  storing the first DDID in a first element of a first one of one or more distributed ledgers;
  
  receiving, over a network, a first request from a first requesting party for the first value related to the first data subject;
  
  sending the first DDID to the first requesting party over the network in response to the first request when the first requesting party is not authorized to receive the first value; and
  
  sending the first value related to the first data subject to the first requesting party over the network in response to the first request when the first requesting party is authorized to receive the first value.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The computer-implemented method of claim 8, wherein the network is decentralized, wherein the network comprises a plurality of nodes, wherein each node in the network stores a copy of the first one of the one or more distributed ledgers, wherein the first one of the one or more distributed ledgers comprises a blockchain, and wherein the first element comprises a first block.
  - 10. The computer-implemented method of claim 8, further comprising:
    - obtaining a request from a first user for provision of a privacy policy; and
      
      determining a first privacy policy based, at least in part, on the request,wherein the first DDID is further configured to comply with the determined first privacy policy.
  - 11. The computer-implemented method of claim 8, wherein the first DDID points to a storage location containing the first value related to the first data subject.
  - 12. The computer-implemented method of claim 11, further comprising:
    - obtaining a request from the first user to modify the first value related to the data subject to be a first modified value; and
      
      storing the first modified value in the storage location containing the first value related to the data subject.
  - 13. The computer-implemented method of claim 8, wherein the first data subject comprises a first executable term of a smart contract.

14. A non-transitory program storage device, readable by a programmable control device, comprising instructions stored thereon that, when executed, cause the programmable control device to:
- obtain data from a first user pertaining to a first data subject;
  
  generate a first dynamically-changing, temporally unique identifier (DDID) for the first data subject, wherein the first DDID is configured to replace a first value related to the first data subject;
  
  store the first DDID in a first element of a first one of one or more distributed ledgers;
  
  receive, over a network, a first request from a first requesting party for the first value related to the first data subject;
  
  send the first DDID to the first requesting party over the network in response to the first request when the first requesting party is not authorized to receive the first value; and
  
  send the first value related to the first data subject to the first requesting party over the network in response to the first request when the first requesting party is authorized to receive the first value.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The non-transitory program storage device of claim 14, wherein the network is decentralized, wherein the network comprises a plurality of nodes, and wherein each node in the network stores a copy of the first one of the one or more distributed ledgers.
  - 16. The non-transitory program storage device of claim 15, wherein the first one of the one or more distributed ledgers comprises a blockchain, and wherein the first element comprises a first block.
  - 17. The non-transitory program storage device of claim 14, wherein the instructions further comprise instructions that, when executed, further cause the programmable control device to:
    - obtain a request from a first user for provision of a privacy policy; and
      
      determine a first privacy policy based, at least in part, on the request,wherein the first DDID is further configured to comply with the determined first privacy policy.
  - 18. The non-transitory program storage device of claim 14, wherein the first DDID points to a storage location containing the first value related to the first data subject.
  - 19. The non-transitory program storage device of claim 18, wherein the instructions further comprise instructions that, when executed, further cause the programmable control device to:
    - obtain a request from the first user to modify the first value related to the data subject to be a first modified value; and
      
      store the first modified value in the storage location containing the first value related to the data subject.
  - 20. The non-transitory program storage device of claim 14, wherein the first data subject comprises a first executable term of a smart contract.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Anonos IP LLC
Original Assignee
Anonos, Inc.
Inventors
LaFever, Malcolm Gary, Myerson, Ted N., Mason, Steven
Primary Examiner(s)
Jeudy, Josnel

Application Number

US15/963,609
Publication Number

US 20180307859A1
Time in Patent Office

670 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2115   Third party

G16H 10/60   for patient-specific data, ...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/0407   wherein the identity of one...

H04L 63/0414   during transmission, i.e. p...

H04L 63/068   using time-dependent keys, ...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 63/20   for managing network securi...

H04L 9/16   the keys or algorithms bein...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3297   involving time stamps, e.g....

H04L 9/50   using hash chains, e.g. blo...

Systems and methods for enforcing centralized privacy controls in de-centralized systems

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for enforcing centralized privacy controls in de-centralized systems

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links