CUSTOMER VEHICLE DATA SECURITY METHOD

US 20170193026A1
Filed: 01/06/2016
Published: 07/06/2017
Est. Priority Date: 01/06/2016
Status: Active Grant

First Claim

Patent Images

1. A method of operating a database stored on one or more computers, wherein the database comprises:

an identifier mapping table that contains mapping data entries wherein each mapping data entry associates a unique identifier with an affiliated identifier;

a plaintext table that contains non-sensitive data entries; and

an encryption table that contains sensitive data entries; and

wherein the method comprises the steps of;

(a) receiving a data message, wherein the data message contains a unique identifier;

(b) providing an affiliated identifier to be associated with the unique identifier;

(c) selecting to store at least part of the data message and the affiliated identifier in the plaintext table, in the encrypted table, or in both;

(d) storing the at least part of the data message and the affiliated identifier in the selected table(s);

(e) storing a new mapping data entry in the identifier mapping table, wherein the new mapping data entry contains the unique identifier and the affiliated identifier;

(f) encrypting the identifier mapping table using a first encryption key; and

(g) writing the encrypted identifier mapping table to a non-volatile, computer-readable medium.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A database system and method for managing and storing sensitive and non-sensitive vehicle data. Received vehicle data messages are processed to separate out sensitive and non-sensitive data. The data is stored in a database having: an encrypted table, a plain-text table, and an identification mapping table. The encrypted table contains the sensitive data entries in an encrypted format. The plain-text table contains the non-sensitive data entries in a plaintext form. The identification mapping table contains a plurality of mapping data entries, wherein each mapping data entry associates a unique identifier to an affiliated identifier that is used to recall data from the encrypted table and the plain-text table.

Citations

14 Claims

1. A method of operating a database stored on one or more computers, wherein the database comprises:
- an identifier mapping table that contains mapping data entries wherein each mapping data entry associates a unique identifier with an affiliated identifier;
  
  a plaintext table that contains non-sensitive data entries; and
  
  an encryption table that contains sensitive data entries; and
  
  wherein the method comprises the steps of;
  
  (a) receiving a data message, wherein the data message contains a unique identifier;
  
  (b) providing an affiliated identifier to be associated with the unique identifier;
  
  (c) selecting to store at least part of the data message and the affiliated identifier in the plaintext table, in the encrypted table, or in both;
  
  (d) storing the at least part of the data message and the affiliated identifier in the selected table(s);
  
  (e) storing a new mapping data entry in the identifier mapping table, wherein the new mapping data entry contains the unique identifier and the affiliated identifier;
  
  (f) encrypting the identifier mapping table using a first encryption key; and
  
  (g) writing the encrypted identifier mapping table to a non-volatile, computer-readable medium.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the unique identifier contains a vehicle identifier, a vehicle module identifier, a personal identifier, or any combination thereof.
  - 3. The method of claim 2, wherein the unique identifier further contains a timestamp.
  - 4. The method of claim 1, wherein the data message that is received in step (a) is encrypted and further comprising the step of decrypting at least part of the data message subsequently after the data message is received.
  - 5. The method of claim 1, further comprising the step of loading the identifier mapping table into random access memory.
  - 6. The method of claim 5, further comprising the step of decrypting the identifier mapping table.
  - 7. The method of claim 1, further comprising the step of encrypting the at least part of the data message using a second encryption key when the at least part of the data message is selected to be stored in the encrypted table.
  - 8. The method of claim 7, wherein a salt is prepended or appended to the at least part of the data message before encrypting using the second encryption key.
  - 9. The method of claim 1, wherein the affiliated identifier is randomly or pseudorandomly generated.
  - 10. The method of claim 1, wherein the data message includes both sensitive data and non-sensitive data.
  - 11. The method of claim 10, wherein the sensitive data is selected to be stored in the encrypted table and the non-sensitive data is selected to be stored in the plaintext table.
  - 12. The method of claim 1, further comprising the step of generating a checksum from at least part of the plaintext data entry after storing at least part of the data message into the plaintext table.
  - 13. The method of claim 12, wherein the new mapping data entry contains the checksum that was generated in the generating step.

14. A database system, comprising:
- a database stored on a computer-readable medium, comprising;
  
  an encrypted table, wherein the encrypted table contains a plurality of sensitive data entries, wherein each sensitive data entry contains sensitive information and is in an encrypted format;
  
  a plain-text table, wherein the plain-text table contains a plurality of non-sensitive data entries, wherein each non-sensitive data entry is in a plaintext form; and
  
  an identification mapping table, wherein the identification mapping table contains a plurality of mapping data entries, wherein each mapping data entry associates a unique identifier to an affiliated identifier that is used to recall data from the encrypted table and the plain-text table;
  
  a computer, wherein the computer comprises a processor, memory, and a computer-readable medium; and
  
  an application that is stored on the computer, wherein the application manages input and output operations performed by the computer for the database in response to receiving data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Motors LLC (General Motors Company)
Original Assignee
General Motors LLC (General Motors Company)
Inventors
PETTOVELLO, Primo Mark

Granted Patent

US 9,946,744 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 16/2282   Tablespace storage structur...

G06F 21/00   Security arrangements for p...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2212/1052   Security improvement

G06F 2212/402   Encrypted data

H04L 9/14   using a plurality of keys o...

CUSTOMER VEHICLE DATA SECURITY METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

CUSTOMER VEHICLE DATA SECURITY METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links