Centrally managed use case-specific entity identifiers
First Claim
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, comprising:
- determine, in response to receiving identifier translation request from a requesting service, the identifier translation request comprising a first use case-specific entity identifier that is specific to a first use case, whether the requesting service has authorization to translate entity identifiers to entity identifiers specific to a second use case;
reject the identifier translation request when the requesting service does not have authorization;
generate, in response to receiving an actual entity identifier by decrypting the first use case-specific entity identifier, a second use case-specific entity identifier based at least in part on encrypting the actual entity identifier using a use case-generic encryption key and a use case-specific salt, the second use case-specific entity identifier and the use case-specific salt being specific to the second use case; and
send, responsive to the requesting service having authorization, the second use case-specific entity identifier to the requesting service in response to the identifier translation request.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for centrally managed use case-specific entity identifiers. An identifier translation service receives an identifier translation request from a requesting service. The request specifies a first use case-specific entity identifier, which is specific to a first use case. An actual entity identifier is obtained by decrypting the first use case-specific entity identifier. A second use case-specific entity identifier is generated based at least in part on encrypting the actual entity identifier. The second use case-specific entity identifier is sent to the requesting service in response to the identifier translation request.
10 Citations
21 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, comprising:
-
determine, in response to receiving identifier translation request from a requesting service, the identifier translation request comprising a first use case-specific entity identifier that is specific to a first use case, whether the requesting service has authorization to translate entity identifiers to entity identifiers specific to a second use case; reject the identifier translation request when the requesting service does not have authorization; generate, in response to receiving an actual entity identifier by decrypting the first use case-specific entity identifier, a second use case-specific entity identifier based at least in part on encrypting the actual entity identifier using a use case-generic encryption key and a use case-specific salt, the second use case-specific entity identifier and the use case-specific salt being specific to the second use case; and send, responsive to the requesting service having authorization, the second use case-specific entity identifier to the requesting service in response to the identifier translation request. - View Dependent Claims (2, 3)
-
-
4. A system, comprising:
at least one computing device configured to at least; decrypt, in response to receiving an identifier translation request from a requesting service, the identifier translation request comprising a first use case-specific entity identifier that is specific to a first use case, the first use case-specific entity identifier to produce an actual entity identifier; generate a second use case-specific entity identifier based at least in part on encrypting the actual entity identifier, the second use case-specific entity identifier being specific to a second use case; and send the second use case-specific entity identifier to the requesting service in response to the identifier translation request. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. A method, comprising:
-
receiving, via at least one of one or more computing devices, an identifier translation request from a requesting service, the identifier translation request comprising a plurality of first use case-specific entity identifiers, the plurality of first use case-specific entity identifiers being specific to a first use case; obtaining, via at least one of the one or more computing devices, a plurality of actual entity identifiers by decrypting the plurality of first use case-specific entity identifiers; generating, via at least one of the one or more computing devices, a plurality of second use case-specific entity identifiers based at least in part on encrypting individual ones of the plurality of actual entity identifiers, the plurality of second use case-specific entity identifiers being specific to a second use case; and sending, via at least one of the one or more computing devices, the plurality of second use case-specific entity identifiers to the requesting service in response to the identifier translation request. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification