SELECTIVE ENCRYPTION OF PROFILE FIELDS FOR MULTIPLE CONSUMERS
First Claim
1. A method for accessing encrypted fields in a profile, comprising:
- retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and
using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosed embodiments relate to a system that provides a selective encryption technique that encrypts all of the fields in a profile, and selectively enables consumers of the profile information to decrypt specific fields in the profiles. This is accomplished by encrypting each field in the profile using a randomly generated symmetric key, and then encrypting the symmetric key for each field with public keys belonging to individuals who are authorized to access each field. These encrypted public keys are stored in a header of the profile to enable individuals to use their corresponding private keys to decrypt symmetric keys for the specific fields that they are authorized to access.
19 Citations
33 Claims
-
1. A method for accessing encrypted fields in a profile, comprising:
-
retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers; using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for accessing encrypted fields in a profile, the method comprising:
-
retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers; using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system that facilitates accessing encrypted fields in a profile, comprising:
-
at least one processor and at least one associated memory; and a decryption mechanism that executes on the at least one processor, wherein during operation, the decryption mechanism; retrieves the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers; uses a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and uses the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification