Systems and methods for anonosizing data

US 9,619,669 B2
Filed: 06/06/2016
Issued: 04/11/2017
Est. Priority Date: 11/01/2013
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a communication interface for sending data over a network;

a memory having, stored therein, computer program code;

one or more data sources; and

one or more processing units operatively coupled to the memory and configured to execute instructions in the computer program code that cause the one or more processing units to;

obtain data from each of the one or more data sources pertaining to a first plurality of data subjects;

generate a first dynamically-changing, temporally unique identifier for a first data subject in the first plurality of data subjects, wherein the first data subject is in each of a first data source and a second data source of the one or more data sources;

generate one or more second dynamically-changing, temporally unique identifiers corresponding to one or more quasi-identifiers in each of the first data source and the second data source, wherein each quasi-identifier has a value;

receive, over the network, a first request for the values of the one or more quasi-identifiers in the first data source;

receive, over the network, a second request for the values of the one or more quasi-identifiers in the second data source;

transform the values obtained from the first request into one or more third dynamically changing temporally unique identifiers;

transform the values obtained from the second request into one or more fourth dynamically changing temporally unique identifiers;

store, in the memory;

the first dynamically changing, temporally unique identifier;

the second dynamically-changing, temporally unique identifier;

the one or more third dynamically-changing, temporally unique identifiers; and

the one or more fourth dynamically-changing, temporally unique identifiers; and

send the first dynamically-changing, temporally unique identifier;

the second dynamically-changing, temporally unique identifier;

the one or more third dynamically-changing, temporally unique identifiers; and

the one or more fourth dynamically-changing, temporally unique identifiers over the network.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity, and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent desired—are disclosed herein. This concept is also referred to herein as “anonosizing.” In some embodiments, the anonosizing of data may be implemented by encoding and decoding data under controlled conditions to support specific uses within designated authorized contexts. By anonosizing data controls via “identifying” and/or “associating” data elements within a population, data uses may be restricted to only those uses permissioned by a data subject or authorized third party. If new authorized data uses arise, all original data value and utility may be retained to support them—to the extent authorized by a data subject or authorized third party—but inappropriate, i.e., non-permissioned, uses of identifying information may be prevented.

66 Citations

View as Search Results

48 Claims

1. A system, comprising:
- a communication interface for sending data over a network;
  
  a memory having, stored therein, computer program code;
  
  one or more data sources; and
  
  one or more processing units operatively coupled to the memory and configured to execute instructions in the computer program code that cause the one or more processing units to;
  
  obtain data from each of the one or more data sources pertaining to a first plurality of data subjects;
  
  generate a first dynamically-changing, temporally unique identifier for a first data subject in the first plurality of data subjects, wherein the first data subject is in each of a first data source and a second data source of the one or more data sources;
  
  generate one or more second dynamically-changing, temporally unique identifiers corresponding to one or more quasi-identifiers in each of the first data source and the second data source, wherein each quasi-identifier has a value;
  
  receive, over the network, a first request for the values of the one or more quasi-identifiers in the first data source;
  
  receive, over the network, a second request for the values of the one or more quasi-identifiers in the second data source;
  
  transform the values obtained from the first request into one or more third dynamically changing temporally unique identifiers;
  
  transform the values obtained from the second request into one or more fourth dynamically changing temporally unique identifiers;
  
  store, in the memory;
  
  the first dynamically changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers; and
  
  send the first dynamically-changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers over the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1, wherein the first dynamically-changing, temporally unique identifier comprises a Replacement Dynamically Changing De-Identifier (R-DDID).
  - 3. The system of claim 2, wherein the one or more third dynamically-changing, temporally unique identifiers comprise Association Dynamically Changing De-Identifiers (A-DDIDs).
  - 4. The system of claim 1, wherein the Replacement Dynamically Changing De-Identifier (R-DDID) comprises a specific value.
  - 5. The system of claim 1, wherein each of the Association Dynamically Changing De-Identifiers (A-DDIDs) comprises a specific value.
  - 6. The system of claim 3, wherein the instructions further cause the one or more processing units to:
    - use a first key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a first view of the Replacement Dynamically Changing De-Identifier (R-DDID); and
      
      use a second key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a second view of the Replacement Dynamically Changing De-Identifier (R-DDID),wherein the first key is different from the second key.
  - 7. The system of claim 3, wherein the instructions further cause the one or more processing units to:
    - use a third key to transform a first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a third view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs); and
      
      use a fourth key to transform the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a fourth view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs),wherein the third key is different from the fourth key, andwherein the third view is different from the fourth view.
  - 8. The system of claim 1, wherein a first one of the second dynamically-changing, temporally unique identifiers has the same value in the first data source and the second data source.
  - 9. The system of claim 1, wherein at least one of the one or more third dynamically changing temporally unique identifiers comprises a first unintelligible form.
  - 10. The system of claim 1, wherein at least one of the one or more fourth dynamically changing temporally unique identifiers comprises a second unintelligible form.
  - 11. The system of claim 9, wherein the first unintelligible form comprises encrypted data.
  - 12. The system of claim 10, wherein the first unintelligible form comprises encrypted data.
  - 13. The system of claim 1, wherein at least one of the one or more data sources comprises a particular subset, population, or cohort of data subjects.
  - 14. The system of claim 1, wherein each of the one or more data sources pertains to a particular plurality of data subjects during a particular time period.
  - 15. The system of claim 3, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a numerical grouping, or a categorical grouping.
  - 16. The system of claim 3, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a discrete value, or a discrete set of values.

17. A non-transitory computer readable medium comprising computer executable instructions stored thereon to cause one or more processing units to:
- obtain data from each of the one or more data sources pertaining to a first plurality of data subjects;
  
  generate a first dynamically-changing, temporally unique identifier for a first data subject in the first plurality of data subjects, wherein the first data subject is in each of a first data source and a second data source of the one or more data sources;
  
  generate one or more second dynamically-changing, temporally unique identifiers corresponding to one or more quasi-identifiers in each of the first data source and the second data source, wherein each quasi-identifier has a value;
  
  receive, over a network, a first request for the values of the one or more quasi-identifiers in the first data source;
  
  receive, over the network, a second request for the values of the one or more quasi-identifiers in the second data source;
  
  transform the values obtained from the first request into one or more third dynamically changing temporally unique identifiers;
  
  transform the values obtained from the second request into one or more fourth dynamically changing temporally unique identifiers;
  
  store, in the memory;
  
  the first dynamically changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers; and
  
  send the first dynamically-changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers over the network.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 18. The non-transitory computer readable medium of claim 17, wherein the first dynamically-changing, temporally unique identifier comprises an Replacement Dynamically Changing De-Identifier (R-DDID).
  - 19. The non-transitory computer readable medium of claim 18, wherein the one or more third dynamically-changing, temporally unique identifiers comprise Association Dynamically Changing De-Identifiers (A-DDIDs).
  - 20. The non-transitory computer readable medium of claim 17, wherein the Replacement Dynamically Changing De-Identifier (R-DDID) comprises a specific value.
  - 21. The non-transitory computer readable medium of claim 17, wherein each of the Association Dynamically Changing De-Identifiers (A-DDIDs) comprises a specific value.
  - 22. The non-transitory computer readable medium of claim 19, wherein the instructions further cause the one or more processing units to:
    - use a first key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a first view of the Replacement Dynamically Changing De-Identifier (R-DDID); and
      
      use a second key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a second view of the Replacement Dynamically Changing De-Identifier (R-DDID),wherein the first key is different from the second key.
  - 23. The non-transitory computer readable medium of claim 19, wherein the instructions further cause the one or more processing units to:
    - use a third key to transform a first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a third view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs); and
      
      use a fourth key to transform the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a fourth view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs),wherein the third key is different from the fourth key, andwherein the third view is different from the fourth view.
  - 24. The non-transitory computer readable medium of claim 17, wherein a first one of the second dynamically-changing, temporally unique identifiers has the same value in the first data source and the second data source.
  - 25. The non-transitory computer readable medium of claim 17, wherein at least one of the one or more third dynamically changing temporally unique identifiers comprises a first unintelligible form.
  - 26. The non-transitory computer readable medium of claim 17, wherein at least one of the one or more fourth dynamically changing temporally unique identifiers comprises a second unintelligible form.
  - 27. The non-transitory computer readable medium of claim 25, wherein the first unintelligible form comprises encrypted data.
  - 28. The non-transitory computer readable medium of claim 26, wherein the first unintelligible form comprises encrypted data.
  - 29. The non-transitory computer readable medium of claim 17, wherein at least one of the one or more data sources comprises a particular subset, population, or cohort of data subjects.
  - 30. The non-transitory computer readable medium of claim 17, wherein each of the one or more data sources pertains to a particular plurality of data subjects during a particular time period.
  - 31. The non-transitory computer readable medium of claim 19, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a numerical grouping, or a categorical grouping.
  - 32. The non-transitory computer readable medium of claim 19, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a discrete value, or a discrete set of values.

33. A computer-implemented method comprising:
- obtaining data from each of one or more data sources pertaining to a first plurality of data subjects;
  
  generating a first dynamically-changing, temporally unique identifier for a first data subject in the first plurality of data subjects, wherein the first data subject is in each of a first data source and a second data source of the one or more data sources;
  
  generating one or more second dynamically-changing, temporally unique identifiers corresponding to one or more quasi-identifiers in each of the first data source and the second data source, wherein each quasi-identifier has a value;
  
  receiving, over a network, a first request for the values of the one or more quasi-identifiers in the first data source;
  
  receiving, over the network, a second request for the values of the one or more quasi-identifiers in the second data source;
  
  transforming the values obtained from the first request into one or more third dynamically changing temporally unique identifiers;
  
  transforming the values obtained from the second request into one or more fourth dynamically changing temporally unique identifiers;
  
  storing, in the memory;
  
  the first dynamically changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers; and
  
  sending the first dynamically-changing, temporally unique identifier;
  
  the second dynamically-changing, temporally unique identifier;
  
  the one or more third dynamically-changing, temporally unique identifiers; and
  
  the one or more fourth dynamically-changing, temporally unique identifiers over the network.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- - 34. The computer-implemented method of claim 33, wherein the first dynamically-changing, temporally unique identifier comprises a Replacement Dynamically Changing De-Identifier (R-DDID).
  - 35. The computer-implemented method of claim 34, wherein the one or more third dynamically-changing, temporally unique identifiers comprise Association Dynamically Changing De-Identifiers (A-DDIDs).
  - 36. The computer-implemented method of claim 33, wherein the Replacement Dynamically Changing De-Identifier (R-DDID) comprises a specific value.
  - 37. The computer-implemented method of claim 33, wherein each of the Association Dynamically Changing De-Identifiers (A-DDIDs) comprises a specific value.
  - 38. The computer-implemented method of claim 35, further comprising the acts of:
    - using a first key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a first view of the Replacement Dynamically Changing De-Identifier (R-DDID); and
      
      using a second key to transform the Replacement Dynamically Changing De-Identifier (R-DDID) into a second view of the Replacement Dynamically Changing De-Identifier (R-DDID),wherein the first key is different from the second key.
  - 39. The computer-implemented method of claim 35, further comprising the acts of:
    - using a third key to transform a first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a third view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs); and
      
      using a fourth key to transform the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs) into a fourth view of the first one of the Association Dynamically Changing De-Identifiers (A-DDIDs),wherein the third key is different from the fourth key, andwherein the third view is different from the fourth view.
  - 40. The computer-implemented method of claim 33, wherein a first one of the second dynamically-changing, temporally unique identifiers has the same value in the first data source and the second data source.
  - 41. The computer-implemented method of claim 33, wherein at least one of the one or more third dynamically changing temporally unique identifiers comprises a first unintelligible form.
  - 42. The computer-implemented method of claim 33, wherein at least one of the one or more fourth dynamically changing temporally unique identifiers comprises a second unintelligible form.
  - 43. The computer-implemented method of claim 41, wherein the first unintelligible form comprises encrypted data.
  - 44. The computer-implemented method of claim 42, wherein the first unintelligible form comprises encrypted data.
  - 45. The computer-implemented method of claim 33, wherein at least one of the one or more data sources comprises a particular subset, population, or cohort of data subjects.
  - 46. The computer-implemented method of claim 33, wherein each of the one or more data sources pertains to a particular plurality of data subjects during a particular time period.
  - 47. The computer-implemented method of claim 35, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a numerical grouping, or a categorical grouping.
  - 48. The computer-implemented method of claim 35, wherein at least one of the one or more Association Dynamically Changing De-Identifiers (A-DDIDs) comprises one of the following:
    - a discrete value, or a discrete set of values.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Anonos IP LLC
Original Assignee
Anonos, Inc.
Inventors
LaFever, Malcolm Gary, Myerson, Ted N., Mason, Steven
Primary Examiner(s)
Jeudy, Josnel

Application Number

US15/174,797
Publication Number

US 20160283745A1
Time in Patent Office

309 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/6263   during internet communicati...

G06F 2221/2101   Auditing as a secondary aspect

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/0281   Proxies

H04L 63/0414   during transmission, i.e. p...

Systems and methods for anonosizing data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for anonosizing data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links