SELECTIVE ENCRYPTION OF PROFILE FIELDS FOR MULTIPLE CONSUMERS

US 20170126644A1
Filed: 10/30/2015
Published: 05/04/2017
Est. Priority Date: 10/30/2015
Status: Active Grant

First Claim

Patent Images

1. A method for accessing encrypted fields in a profile, comprising:

retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;

using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and

using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed embodiments relate to a system that provides a selective encryption technique that encrypts all of the fields in a profile, and selectively enables consumers of the profile information to decrypt specific fields in the profiles. This is accomplished by encrypting each field in the profile using a randomly generated symmetric key, and then encrypting the symmetric key for each field with public keys belonging to individuals who are authorized to access each field. These encrypted public keys are stored in a header of the profile to enable individuals to use their corresponding private keys to decrypt symmetric keys for the specific fields that they are authorized to access.

19 Citations

View as Search Results

33 Claims

1. A method for accessing encrypted fields in a profile, comprising:
- retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
  
  using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and
  
  using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising accessing encrypted fields in an update to the profile by:
    - retrieving the update, wherein the update includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
      
      using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the update that the consumer is allowed to access; and
      
      using the subset of the symmetric keys to decrypt values in the subset of the encrypted fields that the consumer is allowed to access.
  - 3. The method of claim 1, wherein each encrypted field in the profile is encrypted with a different symmetric key.
  - 4. The method of claim 1, wherein the header includes multiple encrypted versions of a single symmetric key, which have been encrypted using public keys associated with different consumers.
  - 5. The method of claim 4, wherein the header is organized to facilitate looking up encrypted versions of symmetric keys belonging to a given consumer.
  - 6. The method of claim 1,wherein the encrypted versions of symmetric keys for the consumer contained in the header are produced by,generating a symmetric key for the consumer,using the symmetric key for the consumer to encrypt symmetric keys for fields the consumer is allowed to access,using a public key for the consumer to encrypt the symmetric key for the consumer, andstoring the encrypted symmetric keys for the fields the consumer is allowed to access and the encrypted symmetric key for the consumer in the header;
    - andwherein using the private key associated with the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access includes,using the private key for the consumer to decrypt the encrypted symmetric key for the consumer, andusing the decrypted symmetric key for the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access.
  - 7. The method of claim 1, wherein the profiles in the profile store include:
    - personal profiles containing personal attributes associated with corresponding people; and
      
      organizational profiles containing organizational attributes associated with corresponding organizations.
  - 8. The method of claim 1, wherein the method further comprises revoking access by the consumer to one or more fields in the profile by updating the header of the profile to remove encrypted versions of symmetric keys that can be decrypted using a private key associated with the consumer.
  - 9. The method of claim 1, wherein retrieving the profile includes retrieving the profile from a profile snapshot queue, wherein the profile snapshot queue is periodically populated by accessing each profile in the profile store while the profile store is being updated, and recording a snapshot of each accessed profile in the profile snapshot queue.
  - 10. The method of claim 8, wherein the profile snapshot queue is accessible by multiple consumers, and each of the multiple consumers can read through the profile snapshot queue at a different speed.
  - 11. The method of claim 1, wherein prior to accessing the profile, the method further comprises encrypting the profile by:
    - encrypting each field in the profile using an associated symmetric key in a set of symmetric keys;
      
      using public keys associated with a set of consumers to encrypt the set of symmetric keys to produce a set of encrypted symmetric keys; and
      
      storing the set of encrypted symmetric keys in the header for the profile.

12. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for accessing encrypted fields in a profile, the method comprising:
- retrieving the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
  
  using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and
  
  using the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The non-transitory computer-readable storage medium of claim 12, wherein the method further comprises accessing encrypted fields in an update to the profile by:
    - retrieving the update, wherein the update includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
      
      using a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the update that the consumer is allowed to access; and
      
      using the subset of the symmetric keys to decrypt values in the subset of the encrypted fields that the consumer is allowed to access.
  - 14. The non-transitory computer-readable storage medium of claim 12, wherein each encrypted field in the profile is encrypted with a different symmetric key.
  - 15. The non-transitory computer-readable storage medium of claim 12, wherein the header includes multiple encrypted versions of a single symmetric key, which have been encrypted using public keys associated with different consumers.
  - 16. The non-transitory computer-readable storage medium of claim 15, wherein the header is organized to facilitate looking up encrypted versions of symmetric keys belonging to a given consumer.
  - 17. The non-transitory computer-readable storage medium of claim 12,wherein the encrypted versions of symmetric keys for the consumer contained in the header are produced by,generating a symmetric key for the consumer,using the symmetric key for the consumer to encrypt symmetric keys for fields the consumer is allowed to access,using a public key for the consumer to encrypt the symmetric key for the consumer, andstoring the encrypted symmetric keys for the fields the consumer is allowed to access and the encrypted symmetric key for the consumer in the header;
    - andwherein using the private key associated with the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access includes,using the private key for the consumer to decrypt the encrypted symmetric key for the consumer, andusing the decrypted symmetric key for the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access.
  - 18. The non-transitory computer-readable storage medium of claim 12, wherein the profiles in the profile store include:
    - personal profiles containing personal attributes associated with corresponding people; and
      
      organizational profiles containing organizational attributes associated with corresponding organizations.
  - 19. The non-transitory computer-readable storage medium of claim 12, wherein the method further comprises revoking access by the consumer to one or more fields in the profile by updating the header of the profile to remove encrypted versions of symmetric keys that can be decrypted using a private key associated with the consumer.
  - 20. The non-transitory computer-readable storage medium of claim 12, wherein retrieving the profile includes retrieving the profile from a profile snapshot queue, wherein the profile snapshot queue is periodically populated by accessing each profile in the profile store while the profile store is being updated, and recording a snapshot of each accessed profile in the profile snapshot queue.
  - 21. The non-transitory computer-readable storage medium of claim 20, wherein the profile snapshot queue is accessible by multiple consumers, and each of the multiple consumers can read through the profile snapshot queue at a different speed.
  - 22. The non-transitory computer-readable storage medium of claim 12, wherein prior to accessing the profile, the method further comprises encrypting the profile by:
    - encrypting each field in the profile using an associated symmetric key in a set of symmetric keys;
      
      using public keys associated with a set of consumers to encrypt the set of symmetric keys to produce a set of encrypted symmetric keys; and
      
      storing the set of encrypted symmetric keys in the header for the profile.

23. A system that facilitates accessing encrypted fields in a profile, comprising:
- at least one processor and at least one associated memory; and
  
  a decryption mechanism that executes on the at least one processor, wherein during operation, the decryption mechanism;
  
  retrieves the profile, wherein the profile includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
  
  uses a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the profile that the consumer is allowed to access; and
  
  uses the subset of the symmetric keys to decrypt values in the subset of encrypted fields that the consumer is allowed to access.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 24. The system of claim 23, wherein while accessing encrypted fields in an update to the profile, the decryption mechanism:
    - retrieves the update, wherein the update includes the encrypted fields that have been encrypted using symmetric keys, and a header including encrypted versions of the symmetric keys, wherein the symmetric keys have been encrypted using public keys associated with consumers;
      
      uses a private key associated with a consumer to decrypt a subset of the symmetric keys, wherein the subset of the symmetric keys was used to encrypt a subset of the encrypted fields in the update that the consumer is allowed to access; and
      
      uses the subset of the symmetric keys to decrypt values in the subset of the encrypted fields that the consumer is allowed to access.
  - 25. The system of claim 23, wherein each encrypted field in the profile is encrypted with a different symmetric key.
  - 26. The system of claim 23, wherein the header includes multiple encrypted versions of a single symmetric key, which have been encrypted using public keys associated with different consumers.
  - 27. The system of claim 26, wherein the header is organized to facilitate looking up encrypted versions of symmetric keys belonging to a given consumer.
  - 28. The system of claim 23,wherein the encrypted versions of symmetric keys for the consumer contained in the header are produced by an encryption mechanism that,generates a symmetric key for the consumer,uses the symmetric key for the consumer to encrypt symmetric keys for fields the consumer is allowed to access,uses a public key for the consumer to encrypt the symmetric key for the consumer, andstores the encrypted symmetric keys for the fields the consumer is allowed to access and the encrypted symmetric key for the consumer in the header;
    - andwherein while using the private key associated with the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access, the decryption mechanism,uses the private key for the consumer to decrypt the encrypted symmetric key for the consumer, anduses the decrypted symmetric key for the consumer to decrypt the subset of symmetric keys for the fields the consumer is allowed to access.
  - 29. The system of claim 23, wherein the profiles in the profile store include:
    - personal profiles containing personal attributes associated with corresponding people; and
      
      organizational profiles containing organizational attributes associated with corresponding organizations.
  - 30. The system of claim 23, further comprising a revocation mechanism that revokes access by the consumer to one or more fields in the profile by updating the header of the profile to remove encrypted versions of symmetric keys that can be decrypted using a private key associated with the consumer.
  - 31. The system of claim 23, wherein while retrieving the profile, the decryption mechanism retrieves the profile from a profile snapshot queue, wherein the profile snapshot queue is periodically populated by accessing each profile in the profile store while the profile store is being updated, and recording a snapshot of each accessed profile in the profile snapshot queue.
  - 32. The system of claim 31, wherein the profile snapshot queue is accessible by multiple consumers, and each of the multiple consumers can read through the profile snapshot queue at a different speed.
  - 33. The system of claim 23, further comprising an encryption mechanism, wherein prior to the decryption mechanism accessing the profile, the encryption mechanism encrypts the profile by:
    - encrypting each field in the profile using an associated symmetric key in a set of symmetric keys;
      
      using public keys associated with a set of consumers to encrypt the set of symmetric keys to produce a set of encrypted symmetric keys; and
      
      storing the set of encrypted symmetric keys in the header for the profile.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Ullrich, Tobias, Pfannenschmidt, Lars, Wisniewski, Frank

Granted Patent

US 10,230,701 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/045   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/3268   using certificate validatio...

SELECTIVE ENCRYPTION OF PROFILE FIELDS FOR MULTIPLE CONSUMERS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

SELECTIVE ENCRYPTION OF PROFILE FIELDS FOR MULTIPLE CONSUMERS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links