Secure database management system for confidential records using separately encrypted identifier and access request
First Claim
Patent Images
1. A method for managing data comprising:
- transmitting a packet of data including an identifier encrypted in a first code and a data access request encrypted with a second code to a first system, the data access request requesting data corresponding to the identifier, the first system configured to decode and authenticate the identifier and to forward the data access request with an internal index to a second system.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for managing sensitive data is described. The system prevents a system administrator from accessing sensitive data by storing data and identifier information on different computer systems. Each query is encrypted using two codes, the first code readable only by an identifier database and a second code readable only by a data access database. By routing the data path from a source terminal to the identifier database which substitutes an internal ID, then to the data access database and back to the source terminal, data security is significantly improved.
603 Citations
15 Claims
-
1. A method for managing data comprising:
transmitting a packet of data including an identifier encrypted in a first code and a data access request encrypted with a second code to a first system, the data access request requesting data corresponding to the identifier, the first system configured to decode and authenticate the identifier and to forward the data access request with an internal index to a second system. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. An apparatus under control of a first administrator to process secure data comprising:
-
an input port to receive an identifier encrypted in a first code and a data access request encrypted in a second code from a source, the data access request requesting data corresponding to the identifier; a processor to decrypt the first code and determine an internal identification corresponding to the identifier; and an output connection to output the internal identification and the data access request encrypted in the second code to a second apparatus including a second database operating under a second administrator. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A system to manage sensitive data comprising:
-
a source terminal to receive a data access request, and output a data packet, the data packet including a first subsection of identifier information coded in a first code and a second subsection of request data coded in a second code, the data access request requesting data corresponding to the identifier information; an identifier database to receive the data packet and decode the identifier information, the identifier subnetwork retrieving an internal identifier based on the identifier information, and associating the internal identifier with the request data coded in the second code; and a data request database to receive the internal identifier and the request data coded in the second code, the data request database to decode the request data and return a response to the source terminal. - View Dependent Claims (13, 14)
-
-
15. A method of managing sensitive data comprising:
-
receiving an internal identifier associated with a coded data request from an identifier database, the coded data request requesting data corresponding to the internal identifier; decoding the coded data request and performing the data request; and transmitting an output response to a source terminal.
-
Specification