PRIVACY PROTECTION SYSTEM

US 20070250904A1
Filed: 04/19/2007
Published: 10/25/2007
Est. Priority Date: 04/19/2006
Status: Active Grant

First Claim

Patent Images

1. A system for enforcing at least one privacy policy in relation to user data, the system comprising:

a user system;

a broker system; and

a service provider system,wherein the user system is operable to;

encrypt the user data using a symmetric encryption algorithm and an encryption key generated in dependence on said at least one privacy policy and a master key associated with the user system; and

transmit the encrypted user data to the service provider in the form of a digital container that includes the encrypted user data and said at least one privacy policy; and

wherein the broker system is operable to;

receive a request from the service provider to access the user data, the request including said at least one privacy policy;

verify that the request complies with said at least one privacy policy; and

if so, regenerate the encryption key in dependence on the master key and at least one privacy policy supplied by the service provider;

whereby the service provider system is able to decrypt the user data using a symmetric decryption algorithm and the regenerated encryption key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system is disclosed for enforcing at least one privacy policy in relation to user data, the system comprising: a user system, a broker system, and a service provider system, the user system being operable to: encrypt the user data using a symmetric encryption algorithm and an encryption key generated in dependence on said at least one privacy policy and a master key associated with the user system; and transmit the encrypted user data to the service provider in the form of a digital container that includes the encrypted user data and said at least one privacy policy; and the broker system being operable to: receive a request from the service provider to access the user data, the request including said at least one privacy policy; verify that the request complies with said at least one privacy policy; and if so, regenerate the encryption key in dependence on the master key and at least one privacy policy supplied by the service provider, whereby the service provider system is able to decrypt the user data using a symmetric decryption algorithm and the regenerated encryption key.

84 Citations

View as Search Results

60 Claims

1. A system for enforcing at least one privacy policy in relation to user data, the system comprising:
- a user system;
  
  a broker system; and
  
  a service provider system,wherein the user system is operable to;
  
  encrypt the user data using a symmetric encryption algorithm and an encryption key generated in dependence on said at least one privacy policy and a master key associated with the user system; and
  
  transmit the encrypted user data to the service provider in the form of a digital container that includes the encrypted user data and said at least one privacy policy; and
  
  wherein the broker system is operable to;
  
  receive a request from the service provider to access the user data, the request including said at least one privacy policy;
  
  verify that the request complies with said at least one privacy policy; and
  
  if so, regenerate the encryption key in dependence on the master key and at least one privacy policy supplied by the service provider;
  
  whereby the service provider system is able to decrypt the user data using a symmetric decryption algorithm and the regenerated encryption key.

2. A user computer system for use in a system for enforcing at least one privacy policy in relation to user data, the user computer system comprising:
- encryption key generation means for generating an encryption key in dependence on a master key and in dependence on privacy policy data representing the or each privacy policy;
  
  encryption means for carrying out symmetric encryption of the user data with the encryption key to form encrypted user data; and
  
  combiner means for combining the encrypted user data and privacy policy data to form a digital container for secure transmission of the user data.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 3. The user computer system according to claim 2, wherein the encryption key generation means is operable to derive the encryption key from an output of a one-way hash function that takes the master key and the privacy policy data as an input.
  - 4. The user computer system according to claim 3, wherein the encryption key generation means is adapted to select the hash function from a plurality of hash functions, and the combining means is operable to include hash function identification data in the container, the hash function identification data being associated with the selected hash function.
  - 5. The user computer system according to claim 2, further comprising network interface means for communicating with a broker computer system and for transmitting the digital container to a service provider system.
  - 6. The user computer system according to claim 5, further comprising secure communication means for establishing a secure connection with the broker computer system, and wherein the user computer system is operable to transfer the master key between the user computer system and the broker computer system via the secure connection.
  - 7. The user computer system according to claim 5, wherein the combining means is operable to include broker identification data in the digital container, the broker identification data being associated with the broker computer system.
  - 8. The user computer system according to claim 5, further comprising means for receiving usage data from the broker computer system, the usage data relating to a request to decrypt the digital container received by the broker computer system.
  - 9. The user computer system according to claim 2, wherein the combining means is operable to include master key identification data in the digital container, the master key identification data being associated with the master key.
  - 10. The user computer system according to claim 2, further comprising means for storing the digital container, whereby the digital container can be transmitted on demand.
  - 11. The user computer system according to claim 2, wherein the user computer system is operable to generate and transmit the digital container in response to a request.
  - 12. The user computer system according to claim 2, wherein the user computer system is operable to execute a web browser plug-in embodying at least one of the encryption key generation means, encryption means and combiner means.

13. A broker computer system for use in a system for enforcing at least one privacy policy in relation to user data, the broker computer system comprising:
- storage means for storing a master key;
  
  network interface means for receiving a request to decrypt encrypted user data from a requesting system, the request including privacy policy data representing the or each privacy policy;
  
  verification means for verifying that the request complies with the or each privacy policy; and
  
  encryption key generation means, operable when the verification means determines that the request does comply with the or each privacy policy, for generating an encryption key, in dependence on the master key and in dependence on the privacy policy data, for transmission to the requesting system.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. The broker computer system according to claim 13, wherein the encryption key generation means is operable to derive the encryption key from an output of a one-way hash function that takes the master key and the privacy policy data as an input.
  - 15. The broker computer system according to claim 14, wherein the encryption key generation means is operable to select the hash function from a plurality of hash functions on the basis of hash function identification data included in the request to decrypt encrypted user data.
  - 16. The broker computer system according to claim 13, further comprising secure communication means for transmitting the encryption key to the requesting system via a secure connection.
  - 17. The broker computer system according to claim 13, further comprising means for authenticating the requesting system.
  - 18. The broker computer system according to claim 13, further comprising means for generating usage data for transmission to a user computer system associated with the user data, the usage data relating to the request to decrypt the encrypted user data.
  - 19. The broker computer system according to claim 13, wherein the storage means is operable to store at least one further master key, and the broker computer system is operable to select the first master key on the basis of master key identification data included in the request to decrypt encrypted user data.
  - 20. The broker computer system according to claim 13, further comprising a user broker system, including the storage means for storing the master key, and a service provider broker system,the service provider system comprising:
    - means for transmitting a request to the user broker system to obtain a key, the key being one of the master key and the encryption key; and
      
      means for receiving the key from the user broker system in response to the request; and
      
      the user broker system comprising;
      
      means for receiving a request from the service provider broker system to obtain the key; and
      
      means for transmitting the key to the service provider broker system in response to the request.
  - 21. The broker computer system according to claim 20, including at least one further user broker system, and wherein the service provider broker system selects the first user broker system on the basis of user broker identification data included in the request to decrypt encrypted user data.
  - 22. The broker computer system according to claim 21, wherein the service provider system is operable to transmit the privacy policy data to the user broker system, and user broker system includes the verification means for verifying that the request complies with the or each privacy policy.
  - 23. The broker computer system according to claim 20, wherein the user broker system further comprises means for authenticating the service provider broker system.

24. A service provider system for use in a system for enforcing at least one privacy policy in relation to user data, the service provider computer system comprising:
- network interface means operable to;
  
  receive from a user computer system a digital container including encrypted user data and privacy policy data representing the or each privacy policy;
  
  transmit to a broker computer system a request to decrypt the encrypted user data in the digital container, the request including the privacy policy data from the digital container; and
  
  receive the encryption key from the broker computer system; and
  
  decryption means for carrying out symmetric decryption of the encrypted user data with the encryption key.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. The service provider system according to claim 24, wherein the service provider system is operable to transmit user broker system identification data to the broker computer system, the user broker system identification data being associated with a user broker system which has access to a master key for generating the encryption key.
  - 26. The service provider system according to claim 24, wherein the service provider system is operable to select the broker computer system from a plurality of broker computer systems on the basis of user broker system identification data contained in the digital container.
  - 27. The service provider system according to claim 26, wherein the service provider system is operable to transmit master key identification data to the service broker system, the master key identification data being associated with a master key for generating the encryption key.
  - 28. The service provider system according to claim 24, further comprising monitoring means operable to:
    - monitor incoming network traffic to identify received digital containers;
      
      interact with the network interface means to decrypt user data in the digital containers; and
      
      store the decrypted user data for later use by the service provider system.
  - 29. The service provider system according to claim 24, further comprising an internal broker system, in communication with the network interface means, the internal broker system comprising:
    - storage means for storing at least one encryption key obtained by the network interface means;
      
      input means for receiving a request to access user data in a digital container associated with one of the at least one encryption keys;
      
      verification means for verifying that the request complies with the or each privacy policy included in the digital container; and
      
      output means for outputting the stored encryption key corresponding to the received request if the verification means determines that the request complies with the or each privacy policy.

30. A system for enforcing at least one privacy policy in relation to user data, the system including:
- a user computer system comprising;
  
  encryption key generation means for generating an encryption key in dependence on a master key and in dependence on privacy policy data representing the or each privacy policy;
  
  encryption means for carrying out symmetric encryption of the user data with the encryption key to form encrypted user data; and
  
  combiner means for combining the encrypted user data and privacy policy data to form a digital container for secure transmission of the user data;
  
  a broker computer system and comprising;
  
  storage means for storing a master key;
  
  network interface means for receiving a request to decrypt encrypted user data from a requesting system, the request including privacy policy data representing the or each privacy policy;
  
  verification means for verifying that the request complies with the or each privacy policy; and
  
  encryption key generation means, operable when the verification means determines that the request does comply with the or each privacy policy, for generating an encryption key, in dependence on the master key and in dependence on the privacy policy data, for transmission to the requesting system;
  
  a service provider computer system comprising;
  
  network interface means operable to;
  
  receive from a user computer system a digital container including encrypted user data and privacy policy data representing the or each privacy policy;
  
  transmit to a broker computer system a request to decrypt the encrypted user data in the digital container, the request including the privacy policy data from the digital container; and
  
  receive the encryption key from the broker computer system; and
  
  decryption means for carrying out symmetric decryption of the encrypted user data with the encryption key.

31. A method of enforcing at least one privacy policy in relation to user data, the method comprising:
- at a user system;
  
  encrypting the user data using a symmetric encryption algorithm and an encryption key generated in dependence on said at least one privacy policy and a master key associated with the user system; and
  
  transmitting the encrypted user data to a service provider in the form of a digital container that includes the encrypted user data and said at least one privacy policy; and
  
  at a broker system;
  
  receiving a request from the service provider to access the user data, the request including said at least one privacy policy;
  
  verifying that the request complies with said at least one privacy policy; and
  
  if so, regenerating the encryption key in dependence on the master key and at least one privacy policy supplied by the service provider;
  
  whereby the service provider system is able to decrypt the user data using a symmetric decryption algorithm and the regenerated encryption key.

32. A method for use by a user computer apparatus in a system for enforcing at least one privacy policy in relation to user data, the method comprising the steps of:
- generating an encryption key in dependence on a master key and in dependence on privacy policy data representing the or each privacy policy;
  
  carrying out symmetric encryption of the user data with the encryption key to form encrypted user data; and
  
  combining the encrypted user data and privacy policy data to form a digital container for secure transmission of the user data.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 33. The method according to claim 32, wherein the step of generating an encryption key includes deriving the encryption key from an output of a one-way hash function that takes the master key and the privacy policy data as an input.
  - 34. The method according to claim 33, further comprising selecting the hash function from a plurality of hash functions, and including hash function identification data in the container, the hash function identification data being associated with the selected hash function.
  - 35. The method according to claim 32, further comprising communicating with a broker computer system and transmitting the digital container to a service provider system.
  - 36. The method according to claim 35, further comprising establishing a secure connection with the broker computer system, and transferring the master key between the user computer system and the broker computer system via the secure connection.
  - 37. The method according to claim 35, further comprising including broker identification data in the digital container, the broker identification data being associated with the broker computer system.
  - 38. The method according to claim 35, further comprising receiving usage data from the broker computer system, the usage data relating to a request to decrypt the digital container received by the broker computer system.
  - 39. The method according to claim 32, further comprising including master key identification data in the digital container, the master key identification data being associated with the master key.
  - 40. The method according to claim 32, further comprising storing the digital container, whereby the digital container can be transmitted on demand.
  - 41. The method according to claim 32, further comprising generating and transmitting the digital container in response to a request.
  - 42. The method according to claim 32, further comprising providing a web browser plug-in operable to perform at least one of the steps of generating the encryption key, carrying out symmetric encryption of the user data, and combining the encrypted user data and privacy policy data.

43. A method for use by a broker computer apparatus in a system for enforcing at least one privacy policy in relation to user data, the method comprising:
- storing a master key;
  
  receiving a request to decrypt encrypted user data from a requesting system, the request including privacy policy data representing the or each privacy policy;
  
  verifying that the request complies with the or each privacy policy; and
  
  when it has been verified that the request does comply with the or each privacy policy, generating an encryption key, in dependence on the master key and in dependence on the privacy policy data, for transmission to the requesting system.
- View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
- - 44. The method according to claim 43, wherein the step of generating an encryption key comprises deriving the encryption key from an output of a one-way hash function that takes the master key and the privacy policy data as an input.
  - 45. The method according to claim 44, wherein the step of generating an encryption key further comprises selecting the hash function from a plurality of hash functions on the basis of hash function identification data included in the request to decrypt encrypted user data.
  - 46. The method according to claim 43, further comprising transmitting the encryption key to the requesting system via a secure connection.
  - 47. The method according to claim 43, further comprising authenticating the requesting system.
  - 48. The method according to claim 43, further comprising generating usage data for transmission to a user computer system associated with the user data, the usage data relating to the request to decrypt the encrypted user data.
  - 49. The method according to claim 43, wherein the step of storing further comprises storing at least one further master key, and the method further comprises selecting the first master key on the basis of master key identification data included in the request to decrypt encrypted user data.
  - 50. The method according to claim 43, for use by a user broker system and a service provider broker system, wherein the method further comprises transmitting a request from the service provider broker system to the user broker system to obtain a key, the key being one of the master key and the encryption key, and receiving the key from the user broker system in response to the request.
  - 51. The method according to claim 50, further comprising selecting the user broker system from a plurality of user broker systems on the basis of user broker identification data included in the request to decrypt encrypted user data.
  - 52. The method according to claim 51, further comprising transmitting the privacy policy data from the service broker system to the user broker system, and wherein the user broker system carries out the step of verifying that the request complies with the or each privacy policy.
  - 53. The method according to claim 50, further comprising authenticating the service provider broker system.

54. A method for use by a service provider apparatus in a system for enforcing at least one privacy policy in relation to user data, the method comprising:
- receiving from a user computer system a digital container including encrypted user data and privacy policy data representing the or each privacy policy;
  
  transmitting to a broker computer system a request to decrypt the encrypted user data in the digital container, the request including the privacy policy data from the digital container;
  
  receiving the encryption key from the broker computer system; and
  
  carrying out symmetric decryption of the encrypted user data with the encryption key.
- View Dependent Claims (55, 56, 57, 58, 59)
- - 55. The method according to claim 54, further comprising transmitting user broker system identification data to the broker computer system, the user broker system identification data being associated with a user broker system which has access to a master key for generating the encryption key.
  - 56. The method according to claim 54, further comprising selecting the broker computer system from a plurality of broker computer systems on the basis of user broker system identification data contained in the digital container.
  - 57. The method according to claim 54, further comprising transmitting master key identification data to the service broker system, the master key identification data being associated with a master key for generating the encryption key.
  - 58. The method according to claim 54, further comprising:
    - monitoring incoming network traffic to identify received digital containers;
      
      carrying out the steps necessary to decrypt user data in the digital containers; and
      
      storing the decrypted user data for later use.
  - 59. The method according to claim 54, further comprising:
    - storing at least one encryption key that has been obtained;
      
      receiving a request to access user data in a digital container associated with one of the at least one encryption keys;
      
      verifying that the request complies with the or each privacy policy included in the digital container; and
      
      outputting the stored encryption key corresponding to the received request if the verification means determines that the request complies with the or each privacy policy.

60. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thales Holdings UK Plc (Thales SA)
Original Assignee
Thales Holdings UK Plc (Thales SA)
Inventors
WALLER, Adrian

Granted Patent

US 8,799,981 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/0435   wherein the sending and rec...

H04L 9/3073   involving pairings, e.g. id...

PRIVACY PROTECTION SYSTEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

60 Claims

Specification

Solutions

Use Cases

Quick Links

PRIVACY PROTECTION SYSTEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

60 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links