Protecting subscriber information from third parties

US 9,210,132 B2
Filed: 06/28/2013
Issued: 12/08/2015
Est. Priority Date: 06/28/2013
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a data warehouse of a network service provider including at least one computing device configured to execute instructions on a processor of the computing device to cause the data warehouse to perform operations comprising;

receiving data records including subscriber-identifiable information associated with a network subscriber to the network service provider and demographic attributes associated with the network subscriber;

extracting the subscriber-identifiable information and the demographic attributes;

generating a user identifier hash value based on the subscriber-identifiable information and a periodically-updated salt value; and

providing a hashed record to a query server, the hashed record including the demographic attributes of the network subscriber and the user identifier hash value;

generating user identifier hash values for a first time period using the periodically-updated salt value;

receiving a second periodically-updated salt value from a key manager for use in generating user identifier hash values associated with a second time period;

generating a second user identifier hash value based on the subscriber-identifiable information and the second periodically-updated salt value; and

providing an updated hashed record to the query server including the demographic attributes of the network subscriber and the second user identifier hash value.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data warehouse and method of providing a record that includes both desired demographic information and undiscoverable individual information are described. Data records including subscriber-identifiable information associated with a device of a subscriber to the network service provider and demographic attributes associated with the network subscriber are initially extracted from the record. A hash value based on subscriber-identifiable information associated with the subscriber device is generated and used to generate a user identifier hash value based on the subscriber-identifiable information and a periodically-updated salt value. The record is updated to form a hashed record that includes the demographic attributes of the network subscriber, the hash value, and the user identifier hash value. The hashed record is then supplied in response to a request from a query server.

10 Citations

14 Claims

1. A system, comprising:
- a data warehouse of a network service provider including at least one computing device configured to execute instructions on a processor of the computing device to cause the data warehouse to perform operations comprising;
  
  receiving data records including subscriber-identifiable information associated with a network subscriber to the network service provider and demographic attributes associated with the network subscriber;
  
  extracting the subscriber-identifiable information and the demographic attributes;
  
  generating a user identifier hash value based on the subscriber-identifiable information and a periodically-updated salt value; and
  
  providing a hashed record to a query server, the hashed record including the demographic attributes of the network subscriber and the user identifier hash value;
  
  generating user identifier hash values for a first time period using the periodically-updated salt value;
  
  receiving a second periodically-updated salt value from a key manager for use in generating user identifier hash values associated with a second time period;
  
  generating a second user identifier hash value based on the subscriber-identifiable information and the second periodically-updated salt value; and
  
  providing an updated hashed record to the query server including the demographic attributes of the network subscriber and the second user identifier hash value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the subscriber-identifiable information is associated with a subscriber device of the subscriber.
  - 3. The system of claim 1, wherein the data warehouse is further configured toprovide operations comprising:
    - generating a partial hash value based on the subscriber-identifiable information, the partial hash value remaining constant across multiple periodically-updated salt values; and
      
      including the partial hash value in the hashed record.
  - 4. The system of claim 1, further comprising:
    - a first data source configured to provide subscriber-identifiable information associated with subscriber devices connected to the network service provider; and
      
      a second data source configured to provide demographic attributes of subscribers to the network service provider.
  - 5. The system of claim 1, further comprising a key manager configured to periodically update the salt value, receive a query from the server requesting the salt value, and provide the salt value responsive to the query.
  - 6. The system of claim 1, wherein the data warehouse is further configured to provide operations comprising including the user identifier hash value and the second user identifier hash value in the updated hashed record to allow for matching of either of the user identifier hash value and the second user identifier hash value.
  - 7. The system of claim 1, wherein the data warehouse is further configured to provide operations comprising performing the one-way secured encryption by performing a hash of the subscriber-identifiable information into digests with a fixed salt value, encoding the digests into text strings, and further applying a truncation to the text strings to create the partial hash value, thereby protecting the privacy of the subscriber-identifiable information.
  - 8. The system of claim 7, wherein the subscriber-identifiable information includes mobile device numbers, the digests are 256 bits in length, and wherein the hash generates encrypted identifiers and the truncation creates re-encrypted identifiers using the first 90 bits of the encrypted identifiers.

9. A method, comprising:
- receiving data records including subscriber-identifiable information associated with a network subscriber to a network service provider and demographic attributes associated with the network subscriber;
  
  extracting the subscriber-identifiable information and the demographic attributes;
  
  generating, by a privacy engine of the network service provider, a user identifier hash value based on the subscriber-identifiable information and a periodically-updated salt value;
  
  providing a hashed record by the privacy engine to a query server, the hashed record including the demographic attributes of the network subscriber and the user identifier hash value;
  
  generating user identifier hash values for a first time period using the periodically-updated salt value;
  
  receiving a second periodically-updated salt value from a key manager for use in generating user identifier hash values associated with a second time period;
  
  generating a second user identifier hash value based on the subscriber-identifiable information and the second periodically-updated salt value; and
  
  providing an updated hashed record to the query server including the demographic attributes of the network subscriber and the second user identifier hash value.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9, further comprising at least one of:
    - receiving, from a first data source, subscriber-identifiable information associated with subscriber devices connected to the network service provider;
      
      receiving, from a second data source, demographic attributes of subscribers to the network service provider; and
      
      receiving a periodically updated salt value from a key server.
  - 11. The method of claim 9, further comprising including the user identifier hash value and the second user identifier hash value in the updated hashed record to allow for matching of either of the user identifier hash value and the second user identifier hash value.

12. A non-transitory computer readable medium storing a program, the program being executable by a processor of a computing device to provide operations comprising:
- receiving data records including subscriber-identifiable information associated with a network subscriber to a network service provider and demographic attributes associated with the network subscriber;
  
  extracting the subscriber-identifiable information and the demographic attributes;
  
  generating a user identifier hash value based on the subscriber-identifiable information and a periodically-updated salt value;
  
  providing a hashed record to a query server, the hashed record including the demographic attributes of the network subscriber and the user identifier hash value;
  
  generating user identifier hash values for a first time period using the periodically-updated salt value;
  
  receiving a second periodically-updated salt value from a key manager for use in generating user identifier hash values associated with a second time period;
  
  generating a second user identifier hash value based on the subscriber-identifiable information and the second periodically-updated salt value; and
  
  providing an updated hashed record to the query server including the demographic attributes of the network subscriber and the second user identifier hash value.
- View Dependent Claims (13, 14)
- - 13. The non-transitory computer readable medium of claim 12, further providing for operations comprising at least one of:
    - receiving, from a first data source, subscriber-identifiable information associated with subscriber devices connected to the network service provider;
      
      receiving, from a second data source, demographic attributes of subscribers to the network service provider; and
      
      receiving a periodically updated salt value from a key server.
  - 14. The non-transitory computer readable medium of claim 12, further providing for operations comprising including the user identifier hash value and the second user identifier hash value in the updated hashed record to allow for matching of either of the user identifier hash value and the second user identifier hash value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
Arya, Siddhartha Kumar
Primary Examiner(s)
Tolentino, Roderick

Application Number

US13/930,314
Publication Number

US 20150006885A1
Time in Patent Office

893 Days
Field of Search

726 26- 30
US Class Current

1/1
CPC Class Codes

H04L 63/0428 wherein the data content is...

Protecting subscriber information from third parties

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Protecting subscriber information from third parties

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others