Systems and method for providing a data security service
First Claim
1. A method for providing services utilizing encrypted data, the method comprising:
- receiving, at a first data center from a first device, data in connection with a service request initiated by a user, wherein the first data center is configured to provide encryption and decryption functionality, wherein the service request is generated and transmitted by a graphical user interface application configured to;
receive the data from the user, determine whether the data comprises information subject to payment card industry data security standard (PCI DSS) regulations, and selectively transmit the data to the first data center or a second data center based on whether the data comprises information subject to PCI DSS regulations, wherein the graphical user interface transmits the data to the first data center when the data comprises information subject to PCI DSS regulations and transmits the data to the second data center when the data does not comprise information subject to PCI DSS regulations;
encrypting, by the first data center, the data to produce encrypted data;
transmitting the encrypted data from the first data center to the second data center, wherein the second data center is configured to store and provide encrypted data in connection with providing services to one or more users;
receiving, at the second data center, the encrypted data from the first data center;
storing the encrypted data in a database accessible to the second data center;
receiving, at the first data center, a request to access the data from an end point device, wherein the end point device is configured to process the data in connection with fulfilling the service request, and wherein the end point device is operated by an entity that is different from the user;
retrieving, by the first data center, the encrypted data from the database accessible to the second data center;
decrypting, at the first data center, the encrypted data to produce decrypted data; and
providing, from the first data center, the decrypted data to the end point device, wherein the end point device fulfills the service request based on the encrypted data.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and computer-readable media for providing standards compliant encryption, storage, and retrieval of data are disclosed. In an embodiment, data is received at a first data center from a first device in connection with a service request, and encrypted to produce encrypted data. The encrypted data may be transmitted from the first data center to the first device, and then may subsequently be received at a second data center. The second data center may store the encrypted data in a database accessible to the second data center. Because all data provided to the system is encrypted by the first data center prior to being stored and/or provided to the second data center, the database and the second data center may be out of the scope of compliance monitoring, auditing, and reporting for one or more data security standards.
-
Citations
18 Claims
-
1. A method for providing services utilizing encrypted data, the method comprising:
-
receiving, at a first data center from a first device, data in connection with a service request initiated by a user, wherein the first data center is configured to provide encryption and decryption functionality, wherein the service request is generated and transmitted by a graphical user interface application configured to;
receive the data from the user, determine whether the data comprises information subject to payment card industry data security standard (PCI DSS) regulations, and selectively transmit the data to the first data center or a second data center based on whether the data comprises information subject to PCI DSS regulations, wherein the graphical user interface transmits the data to the first data center when the data comprises information subject to PCI DSS regulations and transmits the data to the second data center when the data does not comprise information subject to PCI DSS regulations;encrypting, by the first data center, the data to produce encrypted data; transmitting the encrypted data from the first data center to the second data center, wherein the second data center is configured to store and provide encrypted data in connection with providing services to one or more users; receiving, at the second data center, the encrypted data from the first data center; storing the encrypted data in a database accessible to the second data center; receiving, at the first data center, a request to access the data from an end point device, wherein the end point device is configured to process the data in connection with fulfilling the service request, and wherein the end point device is operated by an entity that is different from the user; retrieving, by the first data center, the encrypted data from the database accessible to the second data center; decrypting, at the first data center, the encrypted data to produce decrypted data; and providing, from the first data center, the decrypted data to the end point device, wherein the end point device fulfills the service request based on the encrypted data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform operations for providing services utilizing encrypted data, the operations comprising:
-
receiving, at a first data center from a first device, data in connection with a service request initiated by a user, wherein the first data center is configured to provide encryption and decryption functionality, wherein the service request is generated and transmitted by a graphical user interface application configured to;
receive the data from the user determine whether the data comprises information subject to payment card industry data security standard (PCI DSS) regulations, and selectively transmit the data to the first data center or a second data center based on whether the data comprises information subject to PCI DSS regulations, wherein the graphical user interface transmits the data to the first data center when the data comprises information subject to PCI DSS regulations and transmits the data to the second data center when the data does not comprise information subject to PCI DSS regulations;encrypting, by the first data center, the data to produce encrypted data; transmitting the encrypted data from the first data center to the second data center, wherein the second data center is configured to store and provide encrypted data in connection with providing services to one or more users; receiving, at the second data center, the encrypted data from the first data center; storing the encrypted data in a database accessible to the second data center; receiving, at the first data center, a request to access the data from an end point device, wherein the end point device is configured to process the data in connection with fulfilling the service request, and wherein the end point device is operated by an entity that is different from the user; retrieving, by the first data center, the encrypted data from the database accessible to the second data center; decrypting, at the first data center, the encrypted data to produce decrypted data; and providing, from the first data center, the decrypted data to the end point device, wherein the end point device fulfills the service request based on the encrypted data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for providing services utilizing encrypted data, the system comprising:
-
a first data center comprising; at least one first processor; an encryption module executable by the at least one processor; and a first communication interface configured to communicatively couple the first data center to a network; and a second data center comprising; at least one second processor; a database; and a second communication interface configured to communicatively couple the second data center to the network; a graphical user interface application configured to; receive data from a user; configure a service request based on the data; determine whether the service request comprises information subject to payment card industry data security standard (PCI DSS) regulations; and selectively transmit the data to the first data center or the second data center based on whether the data comprises information subject to PCI DSS regulations, wherein the graphical user interface transmits the data to the first data center when the data comprises information subject to PCI DSS regulations and transmits the data to the second data center when the data does not comprise information subject to PCI DSS regulations, wherein the first data center is configured to; receive data from a first device in connection with the service request initiated by the user; in response to receiving the service request, encrypt the data to produce encrypted data; transmit the encrypted data from the first data center to the second data center, wherein the second data center is configured to; receive the encrypted data from the first data center; and store the encrypted data at the database, and wherein the first data center is further configured to; receive a request to access the data from an end point device, wherein the end point device is configured to process the data in connection with fulfilling the service request, and wherein the end point device is operated by an entity that is different from the user; in response to receiving the request from the end point device, retrieve the encrypted data from the database of the second data center; decrypt the encrypted data to produce decrypted data; and provide the decrypted data to the end point device, wherein the end point device fulfills the service request based on the encrypted data. - View Dependent Claims (16, 17, 18)
-
Specification