Method and system for fully encrypted repository

US 8,769,304 B2
Filed: 06/15/2012
Issued: 07/01/2014
Est. Priority Date: 06/16/2011
Status: Active Grant

First Claim

Patent Images

1. A method for using information in conjunction with a data repository, the method comprising:

encrypting data associated with the information using an encryption key to generate encrypted data, wherein;

the data associated with the information comprises a field and a value; and

the encrypted data comprises an encrypted field and an encrypted value;

sending at least the encrypted data to the data repository;

receiving a request for at least the value from a remote device;

sending a request for at least the value to the data repository, wherein the request for at least the value comprises the encrypted field;

receiving at least the encrypted value from the data repository, wherein the data repository uses the encrypted field to identify the encrypted value;

decrypting the encrypted value; and

sending at least the value to the remote device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to an embodiment of the present invention, a method for using information in conjunction with a data repository includes encrypting data associated with the information with an encryption key, sending at least the encrypted data to the data repository, and possibly deleting the information. The method also includes receiving a request for the information from a remote device, and sending a request for the encrypted data to the data repository. The method further includes receiving the encrypted data from the data repository, decrypting the encrypted data using the encryption key, and sending the information to the remote device.

100 Citations

View as Search Results

16 Claims

1. A method for using information in conjunction with a data repository, the method comprising:
- encrypting data associated with the information using an encryption key to generate encrypted data, wherein;
  
  the data associated with the information comprises a field and a value; and
  
  the encrypted data comprises an encrypted field and an encrypted value;
  
  sending at least the encrypted data to the data repository;
  
  receiving a request for at least the value from a remote device;
  
  sending a request for at least the value to the data repository, wherein the request for at least the value comprises the encrypted field;
  
  receiving at least the encrypted value from the data repository, wherein the data repository uses the encrypted field to identify the encrypted value;
  
  decrypting the encrypted value; and
  
  sending at least the value to the remote device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 further comprising:
    - receiving an authentication request from the data repository, wherein;
      
      the request for at least the value comprises a second field encrypted with the encryption key; and
      
      the authentication request is associated with the second field;
      
      sending an authentication response to the data repository; and
      
      receiving an encrypted second value associated with the encrypted second field only if the authentication response satisfies the authentication request.
  - 3. The method of claim 1 wherein the information comprises a credit card number associated with a user.
  - 4. The method of claim 1 wherein the data repository is remotely located.
  - 5. The method of claim 1 wherein the data repository cannot decrypt the encrypted data.
  - 6. The method of claim 1 further comprising deleting the encrypted data, such that the encrypted data stored at the data repository is not stored locally.
  - 7. The method of claim 1 wherein the information is used in a transaction between a user and the remote device.
  - 8. The method of claim 7 wherein the transaction comprises the user making a purchase from the remote device.
  - 9. The method of claim 1 further comprising preventing a decryption key associated with the encrypted data from being stored in the data repository.
  - 10. The method of claim 1 wherein the data repository comprises a fully encrypted data store.

11. A system for protecting information, the system comprising:
- a data repository configured to;
  
  receive encrypted data comprising an encrypted field and an encrypted value;
  
  receive a first request for the encrypted data, wherein the first request comprises the encrypted field;
  
  retrieve the encrypted data by comparing the encrypted data to the encrypted field; and
  
  send the encrypted value in response to the first request; and
  
  a user module operating on a user device, configured to;
  
  receive a second request for information from a remote device;
  
  encrypt a field using an encryption key to generate the encrypted field;
  
  send the first request for the encrypted data to the data repository;
  
  receive the encrypted value from the data repository;
  
  recover a value from the encrypted value; and
  
  send at least the value to the remote device.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11 wherein the user module comprises an app operating on a mobile device.
  - 13. The system of claim 11 wherein the user module comprises code running in a web browser.
  - 14. The system of claim 11 wherein the user module is further configured to encrypt the field using deterministic encryption.
  - 15. The system of claim 11 wherein the user module is further configured to:
    - generate the encrypted data;
      
      send the encrypted data to the identity repository prior to the first request; and
      
      delete the information after encrypting the data associated with the information.

16. An information protection system comprising:
- a user device coupled to a network and including a data processor and a non-transitory computer-readable storage medium comprising a plurality of computer-readable instructions tangibly embodied on the non-transitory computer-readable storage medium, which, when executed by a data processor, provide encrypted data protection, the plurality of instructions comprising;
  
  instructions that cause the data processor to encrypt data associated with the information using an encryption key to generate encrypted data, wherein;
  
  the data associated with the information comprises a field and a value; and
  
  the encrypted data comprises an encrypted field and an encrypted value;
  
  instructions that cause the data processor to send at least the encrypted data to the data repository;
  
  instructions that cause the data processor to receive a request for at least the value from a remote device;
  
  instructions that cause the data processor send a request for at least the value to the data repository, wherein the request for at least the value comprises the encrypted field;
  
  instructions that cause the data processor to receive at least the encrypted value from the data repository, wherein the data repository uses the encrypted field to identify the encrypted value;
  
  instructions that cause the data processor to decrypt the encrypted data using the encryption keythe encrypted value; and
  
  instructions that cause the data processor to send at least the value to the remote device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Neustar Incorporated
Original Assignee
OneID Inc.
Inventors
Kirsch, Steven Todd
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
BAYOU, YONAS A

Application Number

US13/524,432
Publication Number

US 20120324242A1
Time in Patent Office

746 Days
Field of Search

713/189
US Class Current

713/189
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6245   Protecting personal data, e...

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/384   using social networks

G06Q 20/401   Transaction verification

G06Q 20/405   Establishing or using trans...

G06Q 30/0609   Buyer or seller confidence ...

G06Q 40/02   Banking, e.g. interest calc...

H04L 63/0435   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

Method and system for fully encrypted repository

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

100 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Method and system for fully encrypted repository

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others