System and method for disguising data

US 20040181670A1
Filed: 03/10/2003
Published: 09/16/2004
Est. Priority Date: 03/10/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for disguising and de-identifying data comprising:

retrieving an input value from an input data set containing confidential information;

generating an index value based upon the input value;

retrieving a substitute value from a lookup table using the index value, the substitute value containing non-confidential information;

constructing an output value based upon the substitute value; and

storing the output value in an output data set.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for disguising and de-identifying data is provided. Records are extracted from an input data set containing confidential information (e.g., a production database). One or more data transformation algorithms for disguising specific types of data, including first names, last names, company names, telephone numbers, addresses, social security numbers, and e-mail addresses, in addition to generic data, are applied to the records to disguise or “scrub” confidential information therefrom. The transformation algorithms retrieve substitute information from one or more lookup tables, or generate substitute information using in-memory manipulation rules, and produce output records containing the substitute information. The output records are structurally similar to the input records, contain no confidential information, and are stored in an output data set that can be utilized in less-secure (e.g., non-production) environments. Optionally, transformation keys can be provided for increasing confidentiality and improving transformation effectiveness. A configuration tool allows users of various roles to define, approve, and implement data transformation rules, parameters, and processes.

103 Citations

View as Search Results

50 Claims

1. A method for disguising and de-identifying data comprising:
- retrieving an input value from an input data set containing confidential information;
  
  generating an index value based upon the input value;
  
  retrieving a substitute value from a lookup table using the index value, the substitute value containing non-confidential information;
  
  constructing an output value based upon the substitute value; and
  
  storing the output value in an output data set.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the step of generating the index value comprises hashing the input record to provide a hash value.
  - 3. The method of claim 2, further comprising applying a modulus function to the hash value to produce the index value.
  - 4. The method of claim 1, wherein the step of retrieving the substitute value comprises retrieving a substitute first name from a first name lookup table if the input value corresponds to a first name.
  - 5. The method of claim 1, wherein the step of retrieving the substitute value comprises retrieving a substitute last name from a last name lookup table if the input value corresponds to a last name.
  - 6. The method of claim 1, wherein the step of retrieving the substitute value comprises retrieving a substitute company name from a company name lookup table if the input value corresponds to a company name.
  - 7. The method of claim 1, wherein the step of retrieving the substitute value comprises retrieving a substitute street address from an address lookup table if the input value corresponds to an address.
  - 8. The method of claim 7, wherein the step of constructing the output value comprises constructing a new address using the substitute street address, an original state, and an original postal code.
  - 9. The method of claim 1, wherein the step of retrieving the substitute value comprises retrieving a substitute ISP name from an ISP lookup table if the input value corresponds to an e-mail address.
  - 10. The method of claim 9, wherein the step of constructing the output value comprises constructing a new e-mail address using the substitute ISP name and a substitute last name.
  - 11. The method of claim 1, further comprising allowing a user to control data transformation using a configuration tool.
  - 12. The method of claim 11, further comprising allowing the user to define, approve, and initiate a data transformation process using the configuration tool.
  - 13. The method of claim 1, further comprising modifying an existing telephone number from the input value to remove confidential information if the input value corresponds to a telephone number.
  - 14. The method of claim 13, wherein the step of constructing the output value comprises constructing a new telephone number based upon a modified existing telephone number.
  - 15. The method of claim 1, further comprising modifying an existing social security number from the input value to remove confidential information if the input value corresponds to a social security number.
  - 16. The method of claim 15, wherein the step of constructing the output value comprises constructing a new social security number based upon a modified existing social security number.

17. A method for disguising and de-identifying data comprising:
- retrieving an input value from an input data set containing confidential information;
  
  generating a transformation key based upon the input value;
  
  manipulating the input value based upon the transformation key to produce an output value containing non-confidential information; and
  
  storing the output value in an output data set.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. The method of claim 17, wherein the step of generating the transformation key comprises generating a digit transposition key based upon the input value.
  - 19. The method of claim 18, wherein the step of manipulating the input value comprises transposing digits of the input value based upon the digit transposition key.
  - 20. The method of claim 17, wherein the step of manipulating the input value comprises transposing a portion of an existing telephone number to remove confidential information if the input value corresponds to a telephone number.
  - 21. The method of claim 17, wherein the step of manipulating the input value comprises transposing a portion of an existing social security number to remove confidential information if the input value corresponds to a social security number.
  - 22. The method of claim 17, further comprising allowing a user to control data transformation using a configuration tool.
  - 23. The method of claim 22, further comprising allowing the user to define, approve, and implement a data transformation process using the configuration tool.

24. A system for disguising and de-identifying data comprising:
- an input data set containing confidential information;
  
  a plurality of data transformation algorithms for removing confidential information from the input data set; and
  
  a driver program for invoking the plurality of data transformation algorithms on the input data set and producing an output data set having no confidential information, wherein data in the output data set is structurally similar to data in the input set and contains no confidential information.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 25. The system of claim 24, further comprising a lookup table utilized by the data transformation algorithm for substituting confidential information in the input data set with non-confidential information.
  - 26. The system of claim 25, wherein the lookup table comprises a first name lookup table, a last name lookup table, a company name lookup table, an address lookup table, or an ISP name lookup table.
  - 27. The system of claim 24, wherein the input data set comprises a secure data set in a production environment.
  - 28. The system of claim 24, wherein the plurality of data transformation algorithms comprises a first name transformation algorithm.
  - 29. The system of claim 24, wherein the plurality of data transformation algorithm comprises a last name transformation algorithm.
  - 30. The system of claim 24, wherein the plurality of data transformation algorithms comprises a company name transformation algorithm.
  - 31. The system of claim 24, wherein the plurality of data transformation algorithms comprises a telephone number transformation algorithm.
  - 32. The system of claim 24, wherein the plurality of data transformation algorithms comprises an address transformation algorithm.
  - 33. The system of claim 24, wherein the plurality of data transformation algorithms comprises a social security number transformation algorithm.
  - 34. The system of claim 24, wherein the plurality of data transformation algorithms comprises an e-mail address transformation algorithm.
  - 35. The system of claim 24, wherein the plurality of data transformation algorithms transforms logically-similar input values of the input data set to a single output value for storage in the output data set.
  - 36. The system of claim 24, wherein the plurality of data transformation algorithms transforms a given input value to a same output value for initial and subsequent transformations.
  - 37. The system of claim 24, further comprising a second lookup table utilized by the data transformation algorithm for substituting confidential information in the input data set with non-confidential information.
  - 38. The system of claim 37, wherein the second lookup table comprises a first name lookup table, a last name lookup table, a company name lookup table, an address lookup table, or an ISP name lookup table.

39. A method for disguising and de-identifying confidential information comprising:
- retrieving an input value from an input data set;
  
  determining a data type of the input value;
  
  applying a transformation algorithm to the input value based upon the type of the input value to produce an output value having no confidential information; and
  
  storing the output value in an output dataset.
- View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
- - 40. The system of claim 39, wherein subsequent transformations of the input value produce the same output value.
  - 41. The method of claim 39, further comprising retrieving and transforming additional input values from the input data set to produce output values having no confidential information.
  - 42. The method of claim 39, further comprising:
    - determining whether the input value corresponds to an invalid value; and
      
      preserving the input value if the input value corresponds to the invalid value.
  - 43. The method of claim 42, wherein the step of preserving the input value comprises:
    - preventing transformation of the input value; and
      
      setting the output value to the input value.
  - 44. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying a first name transformation algorithm to the input value to produce an output value having a new first name, the new first name being free of confidential information.
  - 45. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying a last name transformation algorithm to the input value to produce an output value having a new last name, the new last name being free of confidential information.
  - 46. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying a company name transformation algorithm to the input value to produce an output value having a new company name, the new company name being free of confidential information.
  - 47. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying an address transformation algorithm to the input value to produce an output value having a new address, the new address being free of confidential information.
  - 48. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying a telephone number transformation algorithm to the input value to produce an output value having a new telephone number, the new telephone number being free of confidential information.
  - 49. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying a social security number transformation algorithm to the input value to produce an output value having a new social security number, the new social security number being free of confidential information.
  - 50. The method of claim 39, wherein the step of applying the transformation algorithm comprises applying an e-mail address transformation algorithm to the input value to produce an output value having a new e-mail address, the new e-mail address being free of confidential information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Prudential Insurance Company of America (Prudential Financial Incorporated)
Original Assignee
Prudential Insurance Company of America (Prudential Financial Incorporated)
Inventors
Chin, Robert, Gashlin, Laura, Thune, Carl, Chin, Barbara, Howard, Barbara

Application Number

US10/385,199
Publication Number

US 20040181670A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/6263 during internet communicati...

System and method for disguising data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

103 Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for disguising data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links