PUBLICLY READABLE BLOCKCHAIN REGISTRY OF PERSONALLY IDENTIFIABLE INFORMATION BREACHES

US 20180205712A1
Filed: 03/14/2018
Published: 07/19/2018
Est. Priority Date: 09/01/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

maintaining, by a first service provider, a blockchain registry comprising signed descriptors for a plurality of users of services provided by a plurality of service providers, the signed descriptors corresponding to personally identifiable information (PII) of the plurality of users that has been breached at services offered by the plurality of service providers;

determining the PII for a user of a first service provided by the first service provider has been breached;

writing a signed descriptor for the PII that has been breached to the blockchain registry; and

synchronizing a publically available blockchain registry with the blockchain registry, the synchronizing comprising communicating the signed descriptor for the PII that has been breached at the first service to the publicly available blockchain registry.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.

138 Citations

20 Claims

1. A computer-implemented method comprising:
- maintaining, by a first service provider, a blockchain registry comprising signed descriptors for a plurality of users of services provided by a plurality of service providers, the signed descriptors corresponding to personally identifiable information (PII) of the plurality of users that has been breached at services offered by the plurality of service providers;
  
  determining the PII for a user of a first service provided by the first service provider has been breached;
  
  writing a signed descriptor for the PII that has been breached to the blockchain registry; and
  
  synchronizing a publically available blockchain registry with the blockchain registry, the synchronizing comprising communicating the signed descriptor for the PII that has been breached at the first service to the publicly available blockchain registry.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising requesting that the user of the first service provide new PII and a corresponding signed descriptor to the first service provider.
  - 3. The method of claim 1, further comprising subscribing, by the service provider, to the publicly available blockchain registry.
  - 4. The method of claim 3, further comprising receiving updates to the blockchain registry, the updates provided by the plurality of service providers to the publicly available blockchain registry, the publicly available blockchain registry comprising the signed descriptors for the plurality of users of the services provided by the plurality of service providers indicating PII that has been breached at services offered by the plurality of service providers.
  - 5. The method of claim 4, further comprising querying the blockchain registry to determine if PII for a second user of the first service has been breached at a service provided by at least one of the plurality of service providers.
  - 6. The method of claim 5, wherein the querying includes determining if a signed descriptor provided by the second user to the service provider has been written to the blockchain registry.
  - 7. The method of claim 6, further comprising, upon determining PII for a user has been breached, requesting the second user to provide new PII and corresponding signed descriptors.
  - 8. The method of claim 1, wherein the PII is used by the service provider to verify an identity of the second user.
  - 9. The method of claim 1, further comprising, upon determining the PII of the user has been breached, invalidating the PII for the user.
  - 10. The method of claim 1, further comprising querying the blockchain registry for a private key message, the private key message being written to the publicly available blockchain registry by the user indicating that a private key of the user has been stolen.
  - 11. The method of claim 10, wherein the private key message includes a public key of the user that has been signed with a private key of the user.
  - 12. The method of claim 10, further comprising, upon identifying the private key message for the user, invalidating a public key of the user.
  - 13. The method of claim 10, further comprising requesting the user to associate a user identification with a new public-private key pair.
  - 14. The method of claim 1, further comprising providing client tools that generate signed descriptors for the PII transparently to the user.
  - 15. The method of claim 1, wherein each signed descriptor can only be generated with possession of a private key of the user.

16. One or more computer storage media having computer-executable instructions embodied thereon that, when executed by a computer, causes the computer to perform operations, the operations comprising:
- maintaining, by a first service provider, a blockchain registry comprising signed descriptors for a plurality of users of services provided by a plurality of service providers, the signed descriptors corresponding to personally identifiable information (PII) of the plurality of users that has been breached;
  
  receiving updates to the blockchain registry, the updates provided by the plurality of service providers to the publicly available blockchain registry, the publicly available blockchain registry comprising the signed descriptors for the plurality of users of the services provided by the plurality of service providers indicating PII that has been breached at services offered by the plurality of service providers; and
  
  querying the blockchain registry for a private key message, the private key message being written to the publicly available blockchain registry by a user of the plurality of users indicating that a private key of the user has been stolen.
- View Dependent Claims (17, 18, 19)
- - 17. The media of claim 16, wherein the private key message includes a public key of the user that has been signed with a private key of the user.
  - 18. The media of claim 17, further comprising, upon identifying the private key message for the user, invalidating a public key of the user.
  - 19. The media of claim 18, further comprising requesting the user to associate a user identification with a new public-private key pair.

20. A computerized system comprising:
- a processor; and
  
  computer storage media storing computer-useable instructions that, when used by the processor, cause the processor to;
  
  maintaining, by a first service provider, a blockchain registry comprising signed descriptors for a plurality of users of services provided by a plurality of service providers, the signed descriptors corresponding to personally identifiable information (PII) of the plurality of users that has been breached at services offered by the plurality of service providers;
  
  determining the PII for a user of a first service provided by the first service provider has been breached;
  
  writing a signed descriptor for the PII that has been breached to the blockchain registry; and
  
  synchronizing the blockchain registry with the publically available blockchain registry, the synchronizing comprising communicating the signed descriptor for the PII that has been breached at the first service to a publicly available blockchain registry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
VERSTEEG, STEVEN CORNELIS, HASTINGS, NATHAN ALLIN, YAO, XIEN, BIRD, JOHN SINCLAIR

Granted Patent

US 10,284,533 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/245   Query processing

G06F 21/552   involving long-term monitor...

G06F 21/6263   during internet communicati...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/10   Integrity

PUBLICLY READABLE BLOCKCHAIN REGISTRY OF PERSONALLY IDENTIFIABLE INFORMATION BREACHES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

138 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PUBLICLY READABLE BLOCKCHAIN REGISTRY OF PERSONALLY IDENTIFIABLE INFORMATION BREACHES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

138 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links