Database system and method for encryption and protection of confidential information

US 7,451,481 B2
Filed: 03/02/2006
Issued: 11/11/2008
Est. Priority Date: 04/29/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A database system for encryption and protection of confidential data comprising:

a data source system receiving confidential data and first associated data;

a secure data network interface system coupled to the data source system over an open network, the data network interface system receiving the confidential data and the first associated data from the data source system, the data network interface system further comprising;

a secure data storage system coupled to the data network interface system and isolated from the open network;

a data encryption system generating a unique encrypted identifier for the confidential data; and

a data association system associating the confidential data with the unique encrypted identifier and storing the confidential data, the first associated data and the unique encrypted identifier in the secure data storage system;

a secure data network coupled to the secure data network interface system, the secure data network receiving the confidential data and the first associated data, generating second associated data, and providing the second associated data to the secure data network interface system;

the data association system of the secure data network interface system receiving the second associated data, associating the second associated data with the confidential data, the first associated data and the unique encrypted identifier and storing the confidential data, the first associated data and the unique encrypted identifier in the secure data storage system;

the secure data network interface system providing the unique encrypted identifier and the second associated data to the data source system over the open network;

the data source system storing the first associated data, the unique identifier and the second associated data without the confidential data, so as to prevent unwanted access to the confidential data at the data source system over the open network; and

wherein the data source system requests additional data from the secure data network through the secure data network interface system using the unique identifier, and the secure data network interface system translates the secure identifier to the confidential information for transmission over the secure data network and translates the confidential information to the unique identifier to transmit the additional data to the data source system over the open network;

wherein the data source system further comprises a exception data substitution system receiving exception data and the unique identifier from the secure data network interface system and transmitting exception response data to the secure data network interface system in response to the exception data.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A database system for encryption and protection of confidential data is provided. The database system includes a data source system receiving confidential data and first associated data. A secure data network interface system is connected to the data source system over an open network, the data network interface system receives the confidential data and the first associated data from the data source system and further comprises a secure data storage system coupled to the data network interface system and isolated from the open network, a data encryption system generating a unique encrypted identifier for the confidential data, and a data association system associating the confidential data with the unique encrypted identifier and storing the confidential data, the first associated data and the unique encrypted identifier in the secure data storage system.

Citations

15 Claims

1. A database system for encryption and protection of confidential data comprising:
- a data source system receiving confidential data and first associated data;
  
  a secure data network interface system coupled to the data source system over an open network, the data network interface system receiving the confidential data and the first associated data from the data source system, the data network interface system further comprising;
  
  a secure data storage system coupled to the data network interface system and isolated from the open network;
  
  a data encryption system generating a unique encrypted identifier for the confidential data; and
  
  a data association system associating the confidential data with the unique encrypted identifier and storing the confidential data, the first associated data and the unique encrypted identifier in the secure data storage system;
  
  a secure data network coupled to the secure data network interface system, the secure data network receiving the confidential data and the first associated data, generating second associated data, and providing the second associated data to the secure data network interface system;
  
  the data association system of the secure data network interface system receiving the second associated data, associating the second associated data with the confidential data, the first associated data and the unique encrypted identifier and storing the confidential data, the first associated data and the unique encrypted identifier in the secure data storage system;
  
  the secure data network interface system providing the unique encrypted identifier and the second associated data to the data source system over the open network;
  
  the data source system storing the first associated data, the unique identifier and the second associated data without the confidential data, so as to prevent unwanted access to the confidential data at the data source system over the open network; and
  
  wherein the data source system requests additional data from the secure data network through the secure data network interface system using the unique identifier, and the secure data network interface system translates the secure identifier to the confidential information for transmission over the secure data network and translates the confidential information to the unique identifier to transmit the additional data to the data source system over the open network;
  
  wherein the data source system further comprises a exception data substitution system receiving exception data and the unique identifier from the secure data network interface system and transmitting exception response data to the secure data network interface system in response to the exception data.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1 wherein the data source system stores the unique identifier until a predetermined period of time has elapsed after the additional data is received from the secure data network.
  - 3. The system of claim 1 wherein the data source system further comprises a settlement data substitution system transmitting a settlement request and the unique identifier to the secure data network interface system and receiving a settlement confirmation and the unique identifier from the secure data network interface system.
  - 4. The system of claim 1 wherein the exception data substitution system receives a transaction identifier, exception category data and the unique identifier from the secure data network interface system and transmitting biometric data to the secure data network interface system in response to the transaction identifier, the exception category data and the unique identifier.
  - 5. The system of claim 1 wherein the data source system and the secure data network interface system utilize data fields in a proprietary or pre-existing messaging format to communicate using the unique encrypted identifier.

6. A method for encryption and protection of confidential data comprising:
- receiving confidential data and first associated data at a data source system;
  
  transmitting the confidential data and the first associated data from the data source system over an open network to a data network interface system;
  
  storing the confidential data and the first associated data in a secure data storage system that is coupled to the data network interface system and isolated from the open network;
  
  transmitting the confidential data and the first associated data to a secure data network;
  
  generating second associated data at the secure data network in response to the confidential data and the first associated data;
  
  transmitting the second associated data to the secure data network interface system;
  
  generating a unique encrypted identifier for the confidential data;
  
  associating the second associated data with the confidential data, the first associated data and the unique encrypted identifier at the secure data network interface system;
  
  storing the confidential data, the first associated data, the second associated data and the unique encrypted identifier in the secure data storage system;
  
  transmitting the unique encrypted identifier and the second associated data to the data source system over the open network;
  
  storing the first associated data, the unique identifier and the second associated data at the data source system without the confidential data, so as to prevent unwanted access to the confidential data at the data source system over the open network;
  
  requesting additional data from the secure data network through the secure data network interface system using the unique identifier;
  
  translating the secure identifier to the confidential information at the secure data network interface system for transmission over the secure data network; and
  
  translating the confidential information to the unique identifier to transmit the additional data to the data source system over the open network;
  
  receiving exception data and the unique identifier from the secure data network interface system and transmitting exception response data to the secure data network interface system in response to the exception data.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6 further comprising storing the unique identifier at the data source system until a predetermined period of time has elapsed after the additional data is received from the secure data network.
  - 8. The method of claim 6 further comprising transmitting a settlement request and the unique identifier to the secure data network interface system and receiving a settlement confirmation and the unique identifier from the secure data network interface system.
  - 9. The method of claim 6 further comprising receiving a transaction identifier, exception category data and the unique identifier from the secure data network interface system and transmitting biometric data to the secure data network interface system in response to the transaction identifier, the exception category data and the unique identifier.
  - 10. The method of claim 6 further comprising using data fields in a proprietary or pre-existing messaging format to communicate using the unique encrypted identifier.

11. A database system for encryption and protection of confidential data comprising:
- a data source system receiving confidential data and first associated data;
  
  a secure data network interface system coupled to the data source system over an open network, the data network interface system receiving the confidential data and the first associated data from the data source system, the data network interface system having means for securely storing the confidential data and the first associated data, generating a unique encrypted identifier for the confidential data, and associating the confidential data with the unique encrypted identifier;
  
  a secure data network coupled to the secure data network interface system, the secure data network receiving the confidential data and the first associated data, generating second associated data, and providing the second associated data to the secure data network interface system;
  
  the secure data network interface system further having means for receiving the second associated data, associating the second associated data with the confidential data, the first associated data and the unique encrypted identifier;
  
  the secure data network interface system further having means for providing the unique encrypted identifier and the second associated data to the data source system over the open network; and
  
  wherein the data source system includes means for requesting additional data from the secure data network through the secure data network interface system using the unique identifier, and the secure data network interface system includes means for translating the secure identifier to the confidential information for transmission over the secure data network and translating the confidential information to the unique identifier to transmit the additional data to the data source system over the open network;
  
  wherein the data source system further comprises means for receiving exception data and the unique identifier from the secure data network interface system and transmitting exception response data to the secure data network interface system in response to the exception data.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11 wherein the data source system includes means for storing the unique identifier until a predetermined period of time has elapsed after the additional data is received from the secure data network.
  - 13. The system of claim 11 wherein the data source system further comprises means for transmitting a settlement request and the unique identifier to the secure data network interface system and receiving a settlement confirmation and the unique identifier from the secure data network interface system.
  - 14. The system of claim 11 wherein the data source system further comprises means for receiving a transaction identifier, exception category data and the unique identifier from the secure data network interface system and transmitting biometric data to the secure data network interface system in response to the transaction identifier, the exception category data and the unique identifier.
  - 15. The system of claim 11 wherein the data source system and the secure data network interface system include means for utilizing data fields in a proprietary or pre-existing messaging format to communicate using the unique encrypted identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Original Assignee
Merchant-Link LLC (Shift4 Payments, Inc.)
Inventors
Jaffe, Miriam, Zloth, Susan M., Lane, Daniel J., Freedman, Jonathan N., Bauer, Stephanie
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
Pearson; David J

Application Number

US11/366,189
Publication Number

US 20080040776A1
Time in Patent Office

985 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 21/602   Providing cryptographic fac...

G06F 21/6227   where protection concerns t...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2107   File encryption

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

Database system and method for encryption and protection of confidential information

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Database system and method for encryption and protection of confidential information

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links