Secure data exchange

US 9,043,892 B2
Filed: 03/05/2013
Issued: 05/26/2015
Est. Priority Date: 06/01/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising:

identifying an initial request from a user, the initial request being generated at a client application;

extracting information associated with the user from the initial request;

decrypting the extracted information that is encrypted by an encryption algorithm;

storing the information in a non-transitory storage medium;

creating, by at least one processor, a token that references the stored information;

returning the token in response to the initial request;

receiving the token in a subsequent request via an API;

accessing the information stored in the non-transitory storage medium using the token; and

using, by the at least one processor, the accessed information to generate a response to the subsequent request.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data transfer method performed at a proxy server includes intercepting a data request from a client computer that is directed to a target server, encrypting profile information, augmenting the data request by adding the encrypted profile information to the data request, and sending the augmented data request to the target server. A data transfer method that is performed at an information server includes receiving a data request from a proxy server, extracting profile information added to the data request by the proxy server, using the extracted profile information to generate a response, and sending the response to the proxy server.

Citations

38 Claims

1. A method comprising:
- identifying an initial request from a user, the initial request being generated at a client application;
  
  extracting information associated with the user from the initial request;
  
  decrypting the extracted information that is encrypted by an encryption algorithm;
  
  storing the information in a non-transitory storage medium;
  
  creating, by at least one processor, a token that references the stored information;
  
  returning the token in response to the initial request;
  
  receiving the token in a subsequent request via an API;
  
  accessing the information stored in the non-transitory storage medium using the token; and
  
  using, by the at least one processor, the accessed information to generate a response to the subsequent request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method as recited in claim 1, wherein the subsequent request is received from an intermediary server.
  - 3. The method as recited in claim 1, further comprising associating a time to live value with the token, the time to live value specifying a time period during which the token is valid.
  - 4. The method as recited in claim 3, wherein the information in the initial request is encrypted within a header of the request.
  - 5. The method as recited in claim 4, wherein the initial request comprises an HTTP request.
  - 6. The method as recited in claim 4, wherein the information is encrypted using a symmetric encryption algorithm.
  - 7. The method as recited in claim 5, further comprisingdetermining an IP address of a client computer including the client application at which the initial request was generated;
    - andquerying a database to determine an identity associated with the IP address in the database.
  - 8. The method as recited in claim 7, further comprising:
    - extracting an encrypted key from the initial request;
      
      decrypting the encrypted key; and
      
      using the decrypted key to decrypt the information extracted from the initial request.
  - 9. The method as recited in claim 8, wherein decrypting the encrypted key comprises decrypting the encrypted key using a public key algorithm and a private key.
  - 10. The method as recited in claim 1, further comprising encrypting the token.
  - 11. The method as recited in claim 10, further comprising associating a sequence counter value with the token.
  - 12. The method as recited in claim 10, further comprising associating a time to live value with the token.
  - 13. The method as recited in claim 1, further comprising:
    - receiving a flush directive, the flush directive referencing the token; and
      
      discarding the information referenced by the token upon receiving the flush directive.

14. A method comprising:
- receiving, at a first server, an initial request;
  
  obtaining, using the first server, user information from the initial request;
  
  decrypting the user information that is encrypted by an encryption algorithm;
  
  storing the user information in a non-transitory storage medium;
  
  returning an identifier in response to the initial request;
  
  receiving a subsequent request including the identifier via an API;
  
  retrieving the stored user information using the identifier; and
  
  using, by the first server, the retrieved user information to generate a response to the subsequent request.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 36, 37, 38)
- - 15. The method as recited in claim 14, wherein the initial request is addressed to the first server.
  - 16. The method as recited in claim 15, wherein the initial request originated at a client device.
  - 17. The method as recited in claim 16, wherein the initial request is an HTTP request.
  - 18. The method as recited in claim 16, wherein the initial request is received via an API.
  - 19. The method as recited in claim 16, wherein the subsequent request is received from a second server in communication with the client device.
  - 20. The method as recited in claim 19, further comprising sending the response to the subsequent request to the second server.
  - 21. The method as recited in claim 20, wherein the response is sent to the second server via an API.
  - 22. The method as recited in claim 20, wherein the user information comprises demographic information about a user.
  - 23. The method as recited in claim 22, wherein the information is encrypted using a symmetric encryption algorithm.
  - 24. The method as recited in claim 22, further comprising encrypting the identifier.
  - 25. The method as recited in claim 24, wherein the identifier comprises a token.
  - 26. The method as recited in claim 25, further comprising associating a sequence counter value with the token.
  - 27. The method as recited in claim 25, further comprising associating a time to live value with the token.
  - 28. The method as recited in claim 25, further comprising:
    - receiving a flush directive, the flush directive referencing the token; and
      
      discarding the user information referenced by the token upon receiving the flush directive.
  - 36. The method as recited in claim 25, wherein the instructions, when executed by the at least one server, cause the system to associate a sequence counter value with the token.
  - 37. The method as recited in claim 25, wherein the instructions, when executed by the at least one server, cause the system to associate a time to live value with the token.
  - 38. The method as recited in claim 25, wherein the instructions, when executed by the at least one server, cause the system to encrypt the token.

29. A system comprising:
- at least one server;
  
  a non-transitory storage medium storing instructions, that when executed by the at least one server, cause the system to;
  
  identify an initial request from a user, the initial request being generated at a client device;
  
  extract information associated with the user from the initial request;
  
  decrypt the information that is encrypted by an encryption algorithm;
  
  store the information in the non-transitory storage medium;
  
  return a token that references the stored information in response to the initial request;
  
  identify the token in a subsequent request received via an API;
  
  access the information referenced by the token stored in the non-transitory storage medium; and
  
  use the accessed information to generate a response to the subsequent request.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. The system as recited in claim 29, wherein the initial request is addressed to the at least one server.
  - 31. The system as recited in claim 30, wherein the initial request is an HTTP request.
  - 32. The system as recited in claim 30, wherein the initial request is received via an API.
  - 33. The system as recited in claim 30, wherein the subsequent request is received from a second server in communication with the client device.
  - 34. The system as recited in claim 33, wherein the instructions, when executed by the at least one server, cause the system to send the response to the subsequent request to the second server.
  - 35. The system as recited in claim 29, whereinthe information in the initial request is encrypted using a symmetric encryption algorithm.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Harada, Larry T., Dolecki, Mark A., Purdum, Christopher S, Hendren, C. Hudson III
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Nobahar, Abdulhakim

Application Number

US13/786,273
Publication Number

US 20130191905A1
Time in Patent Office

812 Days
Field of Search

None
US Class Current

726/9
CPC Class Codes

G06Q 20/3821   Electronic credentials

H04L 61/5007   Internet protocol [IP] addr...

H04L 63/0281   Proxies

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

H04L 63/08   for authentication of entit...

H04L 67/02   based on web technology, e....

H04L 67/561   Adding application-function...

H04L 67/568   Storing data temporarily at...

Secure data exchange

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Secure data exchange

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links