Media Agnostic, Distributed, and Defendable Data Retention
First Claim
1. A computer-implemented method comprising:
- receiving user data associated with a user'"'"'s interaction with Web content;
responsive to receiving the user data, processing the user data to identify sensitive data in the user data;
accessing, from a key manager computing device, a time-limited encryption key;
encrypting the sensitive data with the time-limited encryption key effective to provide encrypted sensitive data; and
providing the encrypted sensitive data to a data consumer.
2 Assignments
0 Petitions
Accused Products
Abstract
A data protector is described. In an implementation, the data protector promotes and enforces a data retention policy of a data consumer. In an implementation, the data protector limits access to sensitive data to the data consumers. A key manager provides a time-limited encryption key to the data protector. Responsive to collection of the time-limited encryption key from the key manager and sensitive data from a data provider, the data protector encrypts the sensitive data with the time-limited encryption key effective to produce encrypted sensitive data. In some embodiments, the data protector'"'"' provides a data consumer with access to the encrypted sensitive data and the key manager provides the data consumer with access to the time-limited encryption key to decrypt the encrypted sensitive data. The key manager deletes the time-limited encryption key in compliance with the data retention policy of the data consumer.
73 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving user data associated with a user'"'"'s interaction with Web content; responsive to receiving the user data, processing the user data to identify sensitive data in the user data; accessing, from a key manager computing device, a time-limited encryption key; encrypting the sensitive data with the time-limited encryption key effective to provide encrypted sensitive data; and providing the encrypted sensitive data to a data consumer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more computer-readable storage media comprising instructions that are executable to cause a computing device to perform a process comprising:
-
receiving user data; processing the user data to identify one or more entity identifiers associated with one or more respective entities; identifying entity specific sensitive data within the user data, the entity specific sensitive data being associated with at least one of the entities; and encrypting the entity specific sensitive data with a time-limited encryption key specifically associated with said at least one of the entities effective to produce encrypted entity specific sensitive data. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
one or more processors; one or more computer readable storage media; one or more modules embodied on the one or more computer readable storage media and executable under the influence of the one or more processors to; generate a key generation instruction according to a key generation policy; responsive to the key generation instruction, generate a time-limited encryption key; store the time-limited encryption key in a protected database; generate an encryption key access instruction according to a data access policy; and responsive to the encryption key access instruction, provide an online service provider with access to the protected database storing the time-limited encryption key. - View Dependent Claims (19, 20)
-
Specification