System and method to anonymize data transmitted to a destination computing device
First Claim
Patent Images
1. A method for anonymizing data, comprising:
- receiving data to be anonymized by an anonymization system executed on a computing device, the data including a plurality of characters;
generating a request for a data encryption key with a corresponding request identifier;
providing a data store associating a plurality of generated masked data encryption key with their corresponding request identifier;
verifying if there is a match between the corresponding request identifier and a stored request identifier;
when there is a match, receiving the associated masked data encryption key corresponding to the request identifier for the data encryption key in response to the request;
when there is no match, generating a masked data encryption key corresponding to the request identifier for the data encryption key byproviding a first encryption key, a second encryption key and a master key;
masking the master key with the first encryption key using a computer implemented first crypto function to generate a masked master key; and
generating the masked data encryption key using a computer implemented second crypto function and the masked master key;
receiving the generated masked data encryption key in response to the request;
retrieving the data encryption key from the received masked data encryption key by de-masking the masked data encryption key using a computer implemented third crypto function and the second encryption key; and
anonymizing the data using an anonymization module executed on the computing device to derive an anonymized data using the retrieved data encryption key.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and system for anonymizing data is disclosed. Data to be anonymized is received by an anonymization system. A request for a data encryption key is generated. A masked data encryption key is received in response to the request. The data encryption key is retrieved from the masked data encryption key. The data is anonymized using an anonymization module to derive an anonymized data using the data encryption key.
85 Citations
18 Claims
-
1. A method for anonymizing data, comprising:
-
receiving data to be anonymized by an anonymization system executed on a computing device, the data including a plurality of characters; generating a request for a data encryption key with a corresponding request identifier; providing a data store associating a plurality of generated masked data encryption key with their corresponding request identifier; verifying if there is a match between the corresponding request identifier and a stored request identifier; when there is a match, receiving the associated masked data encryption key corresponding to the request identifier for the data encryption key in response to the request; when there is no match, generating a masked data encryption key corresponding to the request identifier for the data encryption key by providing a first encryption key, a second encryption key and a master key; masking the master key with the first encryption key using a computer implemented first crypto function to generate a masked master key; and generating the masked data encryption key using a computer implemented second crypto function and the masked master key; receiving the generated masked data encryption key in response to the request; retrieving the data encryption key from the received masked data encryption key by de-masking the masked data encryption key using a computer implemented third crypto function and the second encryption key; and anonymizing the data using an anonymization module executed on the computing device to derive an anonymized data using the retrieved data encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system to anonymize data, comprising:
-
an anonymization system executed on a computing device configured to receive data to be anonymized, the data including a plurality of characters; generate a request for a data encryption key with a corresponding request identifier; receive a masked data encryption key in response to the request; retrieve the data encryption key from the masked data encryption key; and anonymize the data using an anonymization module executed on the computing device to derive an anonymized data using the retrieved data encryption key, wherein the system further including;
a data store with each generated masked data encryption key associated with their corresponding request identifier;a match between the corresponding request identifier and a stored request identifier is verified for a match by the system, and when there is a match, the masked data encryption key corresponding to the request identifier is received in response to the request; when there is no match, a masked data encryption key corresponding to the request identifier for the data encryption key is generated and received in response to the request, wherein a masked master key is generated by masking a master key with a first encryption key using a computer implemented first crypto function; and the masked data encryption key is generated using a computer implemented second crypto function and the masked master key; and wherein, the data encryption key is retrieved from the received masked data encryption key by de-masking the masked data encryption key using a computer implemented third crypto function and a second encryption key. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification