Distributed tokenization using several substitution steps
First Claim
1. A method for distributed tokenization of sensitive strings of characters in a local server, the method comprising:
- receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character;
receiving a sensitive string of characters at the local server;
selecting a substring of the sensitive string of characters;
replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters;
selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and
replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
-
Citations
47 Claims
-
1. A method for distributed tokenization of sensitive strings of characters in a local server, the method comprising:
-
receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character; receiving a sensitive string of characters at the local server; selecting a substring of the sensitive string of characters; replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters; selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A local server for distributed tokenization of sensitive strings of characters comprising:
-
a non-transitory computer-readable storage medium comprising executable computer instructions configured to, when executed, perform steps comprising; receiving at the local server from a central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character; receiving a sensitive string of characters at the local server; selecting a substring of the sensitive string of characters; replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters; selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token; a processor configured to execute the computer instructions.
-
-
17. A system for distributed tokenization of sensitive strings of characters comprising:
-
a central server; and at least one local server; wherein the at least one local server comprises; a non-transitory computer-readable storage medium comprising executable computer instructions configured to, when executed, perform steps comprising; receiving at the local server from the central server one or more token lookup tables having a plurality of tokens, each token comprising at least one character; receiving a sensitive string of characters at the local server; selecting a substring of the sensitive string of characters; replacing the selected substring of the sensitive string of characters with a first token from the received token lookup tables to form an intermediate tokenized string of characters; selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and replacing the selected substring of the intermediate tokenized string of characters with a second token from the received token lookup tables to form a final tokenized string of characters, the second token being different from the first token; a processor configured to execute the computer instructions.
-
-
18. A method for tokenization of sensitive strings, the method comprising:
-
receiving a sensitive string of characters; selecting a substring of the sensitive string of characters; forming an intermediate tokenized string of characters, by a processor, by replacing the selected substring of the sensitive string of characters with a first token; selecting a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and forming a final tokenized string of characters, by the processor, by replacing the selected substring of the intermediate tokenized string of characters with a second token, the second token being different from the first token. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. An apparatus for tokenization of sensitive strings, the apparatus comprising:
-
a first data processing system, the first data processing system comprising; an input configured to; receive a sensitive string of characters; and a processor configured to; select a substring of the sensitive string of characters; replace the selected substring of the sensitive string of characters with a first token from a set of tokens to form an intermediate tokenized string of characters; select a substring of the intermediate tokenized string of characters, the selected substring of the intermediate tokenized string of characters including at least one character replaced by the first token; and replace the selected substring of the intermediate tokenized string of characters with a second token different from the first token from the set of tokens to form a final tokenized string of characters. - View Dependent Claims (44, 45, 46, 47)
-
Specification