Algorithm-based anonymous customer references

US 9,450,919 B2
Filed: 08/24/2012
Issued: 09/20/2016
Est. Priority Date: 04/12/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor; and

a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;

receiving, via a network device of a telecommunication network, a message sent from a user equipment and directed to a device of an untrusted entity, the user equipment being authenticated to the network device of the telecommunication network using a static identifier associated with the user equipment;

assigning a domain-specific first anonymous customer reference to the static identifier;

inserting the domain-specific first anonymous customer reference into the message resulting in an updated message;

facilitating a transmission of the updated message to the device of the untrusted entity;

receiving a request for a second anonymous customer reference; and

based on determining that the second anonymous customer reference is a valid anonymous customer reference, transmitting the second anonymous customer reference to a network gateway device of the telecommunication network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and methodology that facilitates management and utilization of domain-specific anonymous customer references (ACRs) for protecting subscriber privacy across different domains is disclosed herein. In one aspect, on receiving user authorization, an ACR services (ACRS) component can generate an ACR that is to be inserted in a communication or message transmitted from a user equipment to an untrusted entity. The ACR can be generated based on address data associated with the untrusted entity and/or a unique subscriber identifier associated with the user equipment. As an example, the ACR creation component can generate the ACR based on a cryptographic hash, a static encryption key, and/or a dynamic encryption key. If the ACR is forwarded to a trusted entity, the trusted entity can calculate the unique subscriber identifier based on evaluating the ACR and/or exchange the ACR for the unique subscriber identifier via a secure communication with the ACRS component.

27 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a processor; and
  
  a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
  
  receiving, via a network device of a telecommunication network, a message sent from a user equipment and directed to a device of an untrusted entity, the user equipment being authenticated to the network device of the telecommunication network using a static identifier associated with the user equipment;
  
  assigning a domain-specific first anonymous customer reference to the static identifier;
  
  inserting the domain-specific first anonymous customer reference into the message resulting in an updated message;
  
  facilitating a transmission of the updated message to the device of the untrusted entity;
  
  receiving a request for a second anonymous customer reference; and
  
  based on determining that the second anonymous customer reference is a valid anonymous customer reference, transmitting the second anonymous customer reference to a network gateway device of the telecommunication network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein the operations further comprise:
    - inserting the domain-specific first anonymous customer reference into a subsequent message transmitted from the user equipment to the device of the untrusted entity resulting in an updated subsequent message; and
      
      facilitating a second transmission of the updated subsequent message to the device of the untrusted entity.
  - 3. The system of claim 1, wherein the operations further comprise:
    - generating the domain-specific first anonymous customer reference based at least in part on address data associated with the device of the untrusted entity.
  - 4. The system of claim 3, wherein the address data comprises at least one of a uniform resource locator, a fully qualified domain name, an internet protocol address, or a uniform resource identifier.
  - 5. The system of claim 3, wherein the operations further comprise:
    - generating the domain-specific first anonymous customer reference based at least in part on a cryptographic hash of the address data.
  - 6. The system of claim 3, wherein the operations further comprise:
    - generating the domain-specific first anonymous customer reference based at least in part on a static encryption key that is determined based on the address data.
  - 7. The system of claim 6, wherein the operations further comprise:
    - directing, to another device of a trusted entity, a decryption key corresponding to the static encryption key, wherein the other device of the trusted entity utilizes the decryption key to calculate the static identifier based on the domain-specific first anonymous customer reference in response to receipt of the domain-specific first anonymous customer reference from the device of the untrusted entity.
  - 8. The system of claim 3, wherein the operations further comprise:
    - generating the domain-specific first anonymous customer reference based at least in part on a dynamic encryption key.
  - 9. The system of claim 8, wherein the operations further comprise:
    - directing data associated with the dynamic encryption key to another device of a trusted entity, wherein the other device of the trusted entity utilizes the data to determine a current value of the dynamic encryption key and employs the current value of the dynamic encryption key to determine the static identifier based on the domain-specific first anonymous customer reference in response to receipt of the domain-specific first anonymous customer reference from the device of the untrusted entity.
  - 10. The system of claim 1, wherein the static identifier is associated with a subscriber identity module of the user equipment.
  - 11. The system of claim 1, wherein the operations further comprise:
    - deleting the domain-specific first anonymous customer reference based on a condition associated with an authorization of the user equipment being determined to have been satisfied, wherein the condition is a verification of the authorization of the user equipment.

12. A method, comprising:
- receiving, by a system comprising at least one processor within a wireless communication network, a communication transmitted by a user equipment and directed to a device of an untrusted entity;
  
  determining, by the system, a static identifier associated with the user equipment based at least in part on an authorization of the user equipment with the wireless communication network;
  
  determining, by the system, a static encryption key based on address data associated with the device of the untrusted entity;
  
  receiving, by the system, a request for an anonymous customer reference;
  
  determining, by the system, that a previous anonymous customer reference associated with the untrusted entity is unavailable;
  
  based at least in part on the static identifier, the static encryption key, and the previous anonymous customer reference being determined to be unavailable, generating, by the system, the anonymous customer reference specific to the untrusted entity;
  
  inserting, by the system, the anonymous customer reference into the communication; and
  
  facilitating, by the system, a transmission of the communication comprising the anonymous customer reference to the device of the untrusted entity.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12, wherein the transmission is a first transmission and the method further comprises:
    - receiving, by the system, a subsequent communication transmitted by the user equipment and directed to the device of the untrusted entity;
      
      inserting, by the system, the anonymous customer reference into the subsequent communication; and
      
      facilitating, by the system, a second transmission of the subsequent communication including the inserted anonymous customer reference to the device of the untrusted entity.
  - 14. The method of claim 12, wherein the generating comprises applying a cryptographic hash to address data associated with the device of the untrusted entity.
  - 15. The method of claim 12, wherein the generating comprises encrypting address data associated with the device of the untrusted entity based on the static encryption key.
  - 16. The method of claim 12, wherein the generating comprises encrypting address data associated with the device of the untrusted entity based on a dynamic encryption key.
  - 17. The method of claim 12, wherein the anonymous customer reference is generated in response to receiving a user authorization.

18. A non-transitory machine-readable storage medium, comprising executable instructions that, when executed by a processor, facilitate performance of operations, comprising:
- receiving a message transmitted from a user equipment and directed to a device of an untrusted entity;
  
  identifying a static identifier associated with the user equipment based at least in part on an authorization of the user equipment with a telecommunication network;
  
  determining a static encryption key based on address data associated with the device of the untrusted entity;
  
  receiving an anonymous customer reference request, wherein the anonymous customer reference request comprises an anonymous customer reference;
  
  modifying the message resulting in a modified message, the modifying comprising inserting the anonymous customer reference into the message;
  
  transmitting a decryption key to another device of a trusted entity in response to a condition related to the trusted entity being determined to have been satisfied; and
  
  directing the modified message to the device of the untrusted entity.
- View Dependent Claims (19, 20)
- - 19. The non-transitory machine readable storage medium of claim 18, wherein the anonymous customer reference is a first anonymous customer reference, and wherein the operations further comprise:
    - generating a second anonymous customer reference based on encrypting address data associated with the device of the untrusted entity.
  - 20. The non-transitory machine readable storage medium of claim 19, wherein the operations further comprise:
    - verifying user authorization prior to the generating the second anonymous customer reference.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Mohajeri, Shahram, Sullivan, Bryan L.
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Truong, Thong

Application Number

US13/594,161
Publication Number

US 20140059343A1
Time in Patent Office

1,488 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0281   Proxies

H04W 12/02   Protecting privacy or anony...

H04W 12/06   Authentication

H04W 12/75   Temporary identity

Algorithm-based anonymous customer references

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Algorithm-based anonymous customer references

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links