Anonymization as a service

US 9,076,016 B2
Filed: 08/20/2012
Issued: 07/07/2015
Est. Priority Date: 08/20/2012
Status: Active Grant

First Claim

Patent Images

1. A method performed by one or more network devices, comprising:

receiving, by one of the network devices, user criteria for providing anonymization of a plurality of user-identified types of data generated from a set of data-generating applications resident on a user device, wherein the user criteria includes an encryption level and a reconstruction risk level for different ones of the types of data;

generating, by one of the network devices and based on the user criteria, a default workflow for achieving the user criteria;

providing, by one of the network devices and to the user device, the default workflow;

receiving, by one of the network devices, user input to the default workflow;

generating, based on the user input, final workflow instructions for transmitting data from the user device;

sending, by one of the network devices and to the user device, the final workflow instructions;

receiving, by one of the network devices, anonymized data transmitted from the user device based on the final workflow instructions;

determining, by one of the network devices, multiple scores for the anonymized data, wherein the multiple scores include a profile score that indicates a qualitative ranking of a relative level of anonymity of the anonymized data, and a reconstruction risk score that relatively quantifies information content in the anonymized data to an overall noise level; and

sending, by one of the network devices, at least one of the profile score or the reconstruction risk score to the user device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One or more network devices receive user criteria for providing anonymization of data from a user device and generate a default workflow for achieving the user criteria. The network devices provide, to the user device, the default workflow and receive user input to the default workflow. The network devices generate and send, based on the user input, final workflow instructions for transmitting data from the user device. The network devices also receive anonymized data transmitted from the user device based on the final workflow instructions. The network devices can provide trend observations of the anonymized data for use by third parties without granting access to the anonymized data.

10 Citations

View as Search Results

19 Claims

1. A method performed by one or more network devices, comprising:
- receiving, by one of the network devices, user criteria for providing anonymization of a plurality of user-identified types of data generated from a set of data-generating applications resident on a user device, wherein the user criteria includes an encryption level and a reconstruction risk level for different ones of the types of data;
  
  generating, by one of the network devices and based on the user criteria, a default workflow for achieving the user criteria;
  
  providing, by one of the network devices and to the user device, the default workflow;
  
  receiving, by one of the network devices, user input to the default workflow;
  
  generating, based on the user input, final workflow instructions for transmitting data from the user device;
  
  sending, by one of the network devices and to the user device, the final workflow instructions;
  
  receiving, by one of the network devices, anonymized data transmitted from the user device based on the final workflow instructions;
  
  determining, by one of the network devices, multiple scores for the anonymized data, wherein the multiple scores include a profile score that indicates a qualitative ranking of a relative level of anonymity of the anonymized data, and a reconstruction risk score that relatively quantifies information content in the anonymized data to an overall noise level; and
  
  sending, by one of the network devices, at least one of the profile score or the reconstruction risk score to the user device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the default workflow is configured to be presented on the user device via an interactive user interface.
  - 3. The method of claim 1, wherein the user input includes one of accepting the default workflow or modifying the default work flow.
  - 4. The method of claim 1, wherein the final workflow includes multiple anonymizing proxy devices to obfuscate origination from the user device.
  - 5. The method of claim 1, further comprising:
    - receiving, from the user device, a request to conduct an anonymous data transaction, wherein the request includes a user device identifier;
      
      authorizing the request; and
      
      storing, in a memory, a record of the request.
  - 6. The method of claim 1, further comprising:
    - storing, in a de-scoped repository of received data, the received data transmitted from the user device.
  - 7. The method of claim 1, wherein the user input into the default workflow is provided in an encrypted format, and wherein the method further comprises:
    - decrypting the received user input.
  - 8. The method of claim 1, wherein the final workflow instructions are configured to be accessed via an application program interface (API) residing on the user device.
  - 9. The method of claim 6, further comprising:
    - identifying trends based on data in the de-scoped repository; and
      
      providing, to a third-party device, access to the identified trends, wherein the access to the identified trends does not include access to the data in the de-scoped repository.
  - 10. The method of claim 9, wherein providing access to the identified trends includes presenting one of a Predictive Model Markup Language (PMML) model or situational real-time scoring.

11. A system, comprising:
- one or more first network devices configured to;
  
  receive user criteria for providing anonymization of a plurality of user-identified types of data generated from a set of data-generating applications resident on a user device, wherein the user criteria includes;
  
  a first encryption level and a first reconstruction risk level, selected by a user, for a first one of the data-generating applications, anda second encryption level and a second reconstruction risk level, selected by the user, for a second one of the data-generating applications, wherein the first and second ones of the data-generating applications differ,generate, based on the user criteria, a default workflow for achieving data anonymization according to the user criteria with respect to a first type of data generated from the first one of the data-generating applications and a second type of data generated from the second one of the data-generating applications,provide, to the user device, the default workflow,receive, from the user device, user input to the default workflow,generate, based on the user input, final workflow instructions for anonymizing the first and second types of data and transmitting the anonymized data from the user device, andsend, to the user device, the final workflow instructions.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system of claim 11, further comprising:
    - one or more second network devices configured to;
      
      receive encrypted data transmitted from the user device based on the final workflow instructions, anddecrypt the encrypted data.
  - 13. The system of claim 12, further comprising:
    - one or more third network devices configured to;
      
      receive, from the user device, a request to conduct an anonymized data transaction, wherein the request includes a user device identifier,verify eligibility of the user device based on the user device identifier, andprovide instructions for a session between the user device and the one or more second network devices to receive the encrypted data.
  - 14. The system of claim 12, further comprising:
    - one or more fourth network devices configured to;
      
      store the decrypted data in a de-scoped repository combined with other data, andcollate the combined data in the de-scoped repository as anonymized trend observations.
  - 15. The system of claim 12, wherein the one or more second network devices are further configured to:
    - determine a reconstruction risk score and a relative level of anonymity for the received encrypted data, andsend, to the user device, at least one of the reconstruction risk score or the relative level of anonymity.
  - 16. The system of claim 14, wherein the one or more fourth network devices are further configured to:
    - provide, to a third-party device, access to the trend observations, wherein the access to the trend observations does not include access to the decrypted data in the de-scoped repository.

17. A user device, comprising:
- a network interface to communicate with one or more remote systems;
  
  one or more memories to store instructions; and
  
  one or more processors configured to execute instructions in the one or more memories to;
  
  present a first user interface to receive eligibility information for the user device to conduct anonymized transactions with a service provider network, wherein the eligibility information includes;
  
  a first reconstruction risk level for a first type of data, associated with first ones of the anonymized transactions, corresponding to a first set of data-generating applications resident on the user device,a second reconstruction risk level for a second type of data, associated with second ones of the anonymized transactions, corresponding to a second set of data-generating applications resident on the user device, andan encryption level for the first and second types of data associated with the first and second anonymized transactions, respectivelyreceive, via the first user interface, the eligibility information,transmit the eligibility information to a network device associated with the service provider network,receive, from the network device, a default workflow configuration to conduct the first anonymized transactions with respect to a first type of data generated from the first set of data-generating applications and the second anonymized transactions with respect to a second type of data generated from the second set of data-generating applications,present a second user interface including the default workflow configuration,receive, via the second user interface, user input for the default workflow configuration to create an approved workflow configuration for the first and second anonymized transactions,transmit the approved workflow configuration to the network device, andreceive, from the network device, an instruction set to implement the approved workflow configuration.
- View Dependent Claims (18, 19)
- - 18. The user device of claim 17, wherein the eligibility information further includes:
    - a unique identifier for the user device.
  - 19. The user device of claim 17, wherein the one or more processors configured to execute instructions in the one or more memories to:
    - encrypt data to be transferred using an anonymized transaction, andtransmit the encrypted data based on the instruction set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Raman, Madhusudan, Tippett, Peter Steven
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
Salehi, Helai

Application Number

US13/589,239
Publication Number

US 20140053244A1
Time in Patent Office

1,051 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6263 during internet communicati...

Anonymization as a service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Anonymization as a service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links