SYSTEM FOR PROTECTING SENSITIVE DATA WITH DISTRIBUTED TOKENIZATION
First Claim
1. A method for protecting sensitive information using distributed tokenization systems, wherein each tokenization system includes a tokenization server and a local database, and wherein each of the local databases stores a common tokenization table, the method comprising:
- with the tokenization systems, receiving token requests from token requestors, wherein each of the token requests includes sensitive information; and
with the tokenization servers, generating tokens corresponding to the sensitive information in the token requests, wherein the tokenization server at each tokenization system generates tokens by running sensitive information from token requests through a number of rounds of a Feistel network that uses the common tokenization table stored at that tokenization system.
5 Assignments
0 Petitions
Accused Products
Abstract
A token generating organization may include distributed tokenization systems for generating tokens corresponding to sensitive information. Sensitive information may include sensitive numbers such as social security numbers, credit card numbers or other private numbers. A tokenization system may include multiple physically distinct hardware platforms each having a tokenization server and a database. A tokenization server may run portions of a sensitive number through a predetermined number of rounds of a Feistel network. Each round of the Feistel network may include tokenizing portions of the sensitive number using a fractional token table stored an associated database and modifying the tokenized portions by reversibly adding portions of the sensitive number to the tokenized portions. The fractional token table may include partial sensitive numbers and corresponding partial tokens. A sensitive-information-recovery request including the token may be directed to the token generating organization from the token requestor to recover sensitive information.
-
Citations
7 Claims
-
1. A method for protecting sensitive information using distributed tokenization systems, wherein each tokenization system includes a tokenization server and a local database, and wherein each of the local databases stores a common tokenization table, the method comprising:
-
with the tokenization systems, receiving token requests from token requestors, wherein each of the token requests includes sensitive information; and with the tokenization servers, generating tokens corresponding to the sensitive information in the token requests, wherein the tokenization server at each tokenization system generates tokens by running sensitive information from token requests through a number of rounds of a Feistel network that uses the common tokenization table stored at that tokenization system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification