PRIVACY FIREWALL

US 20140047551A1
Filed: 08/12/2013
Published: 02/13/2014
Est. Priority Date: 08/10/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a privacy computer located within a secure area, a message directed at a recipient computer located outside the secure area, wherein the message includes private information;

identifying, by the privacy computer, the private information using a plurality of privacy rules;

anonymizing, by the privacy computer, the message according to the plurality of privacy rules; and

forwarding the message to the recipient computer located outside the secure area, wherein the message includes anonymized information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention relate to systems and methods for providing an anonymization engine. One embodiment of the present invention relates to a method comprising receiving a message directed at a recipient computer located outside a secure area by a privacy computer located within a secure area. The privacy computer may identify private information using a plurality of privacy rules and anonymize the message according to the plurality of privacy rules. Another embodiment may be directed to a method comprising receiving a request for sensitive data from a requesting computer. An anonymization computer may determine a sensitive data record associated with the request and may anonymize the sensitive data record by performing at least two of: removing unnecessary sensitive data entries from the sensitive data record, masking the sensitive data entries to maintain format, separating the sensitive data entries into associated data groupings, and de-contexting the data.

Citations

20 Claims

1. A method comprising:
- receiving, by a privacy computer located within a secure area, a message directed at a recipient computer located outside the secure area, wherein the message includes private information;
  
  identifying, by the privacy computer, the private information using a plurality of privacy rules;
  
  anonymizing, by the privacy computer, the message according to the plurality of privacy rules; and
  
  forwarding the message to the recipient computer located outside the secure area, wherein the message includes anonymized information.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the plurality of privacy rules include limitations on the type information that is allowed to be sent outside the secure area.
  - 3. The method of claim 1, wherein identifying the private information using the plurality of privacy rules further comprises:
    - determining a set of the plurality of privacy rules associated with the recipient computer; and
      
      comparing the private information to the set of the plurality of privacy rules.
  - 4. The method of claim 1, wherein anonymizing the message according to the plurality of privacy rules includes at least two of:
    - removing unnecessary private information;
      
      masking the private information to maintain format;
      
      separating the private information into associated data groupings; and
      
      de-contexting the private information.
  - 5. The method of claim 1, wherein the anonymization may be reversed by the recipient computer to obtain the private information.

6. A privacy computer located within a secure area comprising:
- a processor; and
  
  a computer-readable medium coupled to the processor, the computer-readable medium comprising code executable by the processor for performing a method, the method comprising;
  
  receiving a message directed at a recipient computer located outside the secure area, wherein the message includes private information;
  
  identifying the private information using a plurality of privacy rules;
  
  anonymizing the message according to the plurality of privacy rules; and
  
  forwarding the message to the recipient computer located outside the secure area, wherein the message includes anonymized information.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The privacy computer of claim 6, wherein the plurality of privacy rules include limitations on the type information that is allowed to be sent outside the secure area.
  - 8. The privacy computer of claim 6, wherein identifying the private information using the plurality of privacy rules further comprises:
    - determining a set of the plurality of privacy rules associated with the recipient computer; and
      
      comparing the private information to the set of the plurality of privacy rules.
  - 9. The privacy computer of claim 6, wherein anonymizing the message according to the plurality of privacy rules includes at least two of:
    - removing unnecessary private information;
      
      masking the private information to maintain format;
      
      separating the private information into associated data groupings; and
      
      de-contexting the private information.
  - 10. A system comprising the privacy computer of claim 6, and a recipient computer, operationally coupled via a communications network.

11. A method comprising:
- receiving a request for sensitive data from a requesting computer;
  
  determining a sensitive data record including the sensitive data associated with the request;
  
  determining anonymization rules associated with the requesting computer;
  
  anonymizing, by an anonymization computer, the sensitive data record using the anonymization rules to generate an anonymized data record by performing at least two of;
  
  removing unnecessary sensitive data from the sensitive data record;
  
  masking the sensitive data to maintain format;
  
  separating the sensitive data into associated data groupings; and
  
  de-contexting the sensitive data; and
  
  sending the anonymized data record to the requesting computer.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, further comprising:
    - identifying search criteria from the sensitive data record before anonymizing the sensitive data record; and
      
      flagging the search criteria to ensure the search criteria are not anonymized.
  - 13. The method of claim 11, wherein the anonymization rules are designed to anonymize the sensitive data record for a particular purpose.
  - 14. The method of claim 11, wherein the anonymized data record includes a hidden record identifying which anonymization rules have been executed on the anonymized data record, and wherein the recipient computer uses the hidden record to reverse the anonymization of the anonymized data record.
  - 15. The method of claim 11, wherein the anonymization computer may reverse the anonymization processes using anonymization data stored during anonymization.

16. An anonymization computer comprising:
- a processor; and
  
  a computer-readable medium coupled to the processor, the computer-readable medium comprising code executable by the processor for performing a method, the method comprising;
  
  receiving a request for sensitive data from a requesting computer;
  
  determining a sensitive data record including sensitive data associated with the request;
  
  determining anonymization rules associated with the requesting computer;
  
  anonymizing, by an anonymization computer, the sensitive data record using the anonymization rules to generate an anonymized data record by performing at least two of;
  
  removing unnecessary sensitive data from the sensitive data record;
  
  masking the sensitive data to maintain format;
  
  separating the sensitive data into associated data groupings;
  
  identifying search criteria from the sensitive data record; and
  
  de-contexting the sensitive data; and
  
  sending the anonymized data record to the requesting computer.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The anonymization computer of claim 16, the method further comprising:
    - identifying search criteria from the sensitive data record before anonymizing the sensitive data record; and
      
      flagging the search criteria to ensure the search criteria are not anonymized.
  - 18. The anonymization computer of claim 16, wherein the anonymization rules are designed to anonymize the sensitive data record for a particular purpose.
  - 19. The anonymization computer of claim 16, wherein the anonymized data record includes a hidden record identifying which anonymization rules have been executed on the anonymized data record, wherein the recipient computer uses the hidden record to reverse the anonymization of the anonymized data record.
  - 20. The anonymization computer of claim 16, wherein the anonymization computer may reverse the anonymization processes using anonymization data stored during anonymization.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Nagasundaram, Sekhar, Aissi, Selim

Granted Patent

US 9,665,722 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 16/285   Clustering or classification

G06F 21/60   Protecting data

G06F 21/606   by securing the transmissio...

G06F 21/6254   by anonymising data, e.g. d...

H04L 63/0209   Architectural arrangements,...

H04L 63/107   wherein the security polici...

PRIVACY FIREWALL

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PRIVACY FIREWALL

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links