Method and system for handling sensitive data in a content delivery network

US 8,799,674 B1
Filed: 12/06/2010
Issued: 08/05/2014
Est. Priority Date: 12/04/2009
Status: Active Grant

First Claim

Patent Images

1. Apparatus, comprising:

a hardware processor;

computer memory holding computer program instructions that when executed by the hardware processor perform a set of operations under the control of configuration data that includes one or more keys, each key in the configuration data being a public key of a cryptographic key pair associated with one of a set of issuing entities, the public key having an associated secret key that is available at a computing entity distinct and remote from the apparatus, the set of operations comprising;

receiving a message body that includes sensitive data, the message body being a component of a message directed to a third party domain;

determining an identity of an issuing entity associated with the sensitive data;

parsing the message body to extract at least a portion of the sensitive data;

applying to the portion of the sensitive data extracted the public key of the issuing entity whose identity was determined to generate a value V;

discarding the portion of the sensitive data extracted;

determining whether the value V is associated with an identifier W associated with a third party domain;

in response to determining that the value V is associated with an identifier W associated with the third party domain, retrieving a token T that associates (V,W) and forwarding the message including the token onward to the third party domain;

in response to determining that the value V is not associated with an identifier W associated with the third party domain, generating a new token that associates (V,W) and forwarding the message including the new token onward to the third party domain;

receiving a response from the third party domain that includes the token or the new token previously forwarded with the message;

in response to receiving the response from the third party domain, retrieving the value V and issuing a new request to the computing entity at which the secret key is available, the new request including the value V; and

receiving a response from the computing entity indicating that a transaction associated with the sensitive data is authorized to proceed, the computing entity having applied the secret key to the value V to identify the sensitive data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Using cryptographic techniques, sensitive data is protected against disclosure in the event of a compromise of a content delivery network (CDN) edge infrastructure. These techniques obviate storage and/or transfer of such sensitive data, even with respect to payment transactions that are being authorized or otherwise enabled from CDN edge servers.

Citations

11 Claims

1. Apparatus, comprising:
- a hardware processor;
  
  computer memory holding computer program instructions that when executed by the hardware processor perform a set of operations under the control of configuration data that includes one or more keys, each key in the configuration data being a public key of a cryptographic key pair associated with one of a set of issuing entities, the public key having an associated secret key that is available at a computing entity distinct and remote from the apparatus, the set of operations comprising;
  
  receiving a message body that includes sensitive data, the message body being a component of a message directed to a third party domain;
  
  determining an identity of an issuing entity associated with the sensitive data;
  
  parsing the message body to extract at least a portion of the sensitive data;
  
  applying to the portion of the sensitive data extracted the public key of the issuing entity whose identity was determined to generate a value V;
  
  discarding the portion of the sensitive data extracted;
  
  determining whether the value V is associated with an identifier W associated with a third party domain;
  
  in response to determining that the value V is associated with an identifier W associated with the third party domain, retrieving a token T that associates (V,W) and forwarding the message including the token onward to the third party domain;
  
  in response to determining that the value V is not associated with an identifier W associated with the third party domain, generating a new token that associates (V,W) and forwarding the message including the new token onward to the third party domain;
  
  receiving a response from the third party domain that includes the token or the new token previously forwarded with the message;
  
  in response to receiving the response from the third party domain, retrieving the value V and issuing a new request to the computing entity at which the secret key is available, the new request including the value V; and
  
  receiving a response from the computing entity indicating that a transaction associated with the sensitive data is authorized to proceed, the computing entity having applied the secret key to the value V to identify the sensitive data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The apparatus as described in claim 1 wherein the sensitive data is PCI data.
  - 3. The apparatus as described in claim 2 wherein the PCI data is a credit card number.
  - 4. The apparatus as described in claim 1 wherein the operation of retrieving the value V and issuing a new request includes using the token or new token received from the third party domain together with the value W to retrieve the value V.
  - 5. The apparatus as described in claim 1 wherein the response from the third party domain is a payment request.
  - 6. The apparatus as described in claim 1 wherein the operation of applying to the sensitive data the public key of the issuing entity includes padding the sensitive data with given data before applying the public key.
  - 7. The apparatus as described in claim 6 wherein the given data is data associated with a content delivery network with which the apparatus is associated.
  - 8. The apparatus as described in claim 6 wherein the given data is obfuscation data to prevent a rainbow attack against a data store in which tokens are maintained.
  - 9. The apparatus as described in claim 1 wherein the portion of the sensitive data extracted is all of the sensitive data in the message body.
  - 10. The apparatus as described in claim 1 wherein the portion of the sensitive data extracted is configurable.

11. A computer program product in a non-transitory computer readable medium for use in a data processing system, the computer program product holding computer program instructions which, when executed by the data processing system, are operable to:
- receive a message body that includes sensitive data, the message body being a component of a message directed to a third party domain;
  
  determine an identity of an issuing entity associated with the sensitive data;
  
  parsing the message body to extract at least a portion of the sensitive data;
  
  apply to the portion of the sensitive data extracted a public key of the issuing entity whose identity was determined to generate a value V, the public key having an associated secret key that is available at a remote computing entity;
  
  discard the portion of the sensitive data extracted;
  
  determine whether the value V is associated with an identifier W associated with a third party domain;
  
  in response to a determination that the value V is associated with an identifier W associated with the third party domain, retrieve a token T that associates (V,W) and forward the message including the token onward to the third party domain;
  
  in response to a determination that the value V is not associated with an identifier W associated with the third party domain, generate a new token that associates (V,W) and forward the message including the new token onward to the third party domain;
  
  receive a response from the third party domain that includes the token or the new token previously forwarded with the message;
  
  in response to receiving the response from the third party domain, retrieve the value V and issue a new request to the remote computing entity at which the secret key is available, the new request including the value V; and
  
  receive a response from the remote computing entity indicating that a transaction associated with the sensitive data is authorized to proceed, the computing entity having applied the secret key to the value V to identify the sensitive data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Akamai Technologies, Inc.
Original Assignee
Akamai Technologies, Inc.
Inventors
Leighton, F. Thomson
Primary Examiner(s)
Thiaw, Catherine
Assistant Examiner(s)
ZAIDI, SYED A

Application Number

US12/960,840
Time in Patent Office

1,338 Days
Field of Search

713/189, 713/171, 726/6
US Class Current

713/189
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

G06Q 20/02   involving a neutral party, ...

G06Q 20/3829   involving key management

G06Q 20/401   Transaction verification

G06Q 2220/00   Business processing using c...

G06Q 30/0635   Processing of requisition o...

G16H 10/60   for patient-specific data, ...

H04L 2209/60   Digital content management,...

H04L 2463/102   applying security measure f...

H04L 63/0407   wherein the identity of one...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3247   involving digital signatures

H04W 12/03   Protecting confidentiality,...

H04W 12/041   Key generation or derivation

H04W 12/065   Continuous authentication

H04W 12/084   using delegated authorisati...

H04W 12/122   Counter-measures against at...

H04W 12/67 : Risk-dependent, e.g. select...

H04W 12/69 : Identity-dependent

View All

Method and system for handling sensitive data in a content delivery network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for handling sensitive data in a content delivery network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links