Token-based secure data management
First Claim
1. A system, comprising at least one computing device configured to implement one or more services, wherein the one or more services:
- generates a token for sensitive user data, the token identifying a data type of the sensitive user data;
stores the sensitive user data to a first data storage service and nonsensitive data related to the sensitive data to a second data storage service;
provides, to a first entity, the token and the nonsensitive data, the token provided in place of the sensitive user data;
receives a request for the sensitive user data from a second entity, the request including the token;
identifies a set of sensitive user data from secure data stored in the first data storage service, individual sensitive user data items of the set of sensitive user data having a data type that matches the data type identified by the token;
generates a hash for individual sensitive user data items in the set of sensitive user data; and
provides the hash for the individual sensitive user data items in the set of sensitive user data to an entity not authorized to receive the sensitive user data associated with the set of sensitive user data.
1 Assignment
0 Petitions
Accused Products
Abstract
In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.
27 Citations
20 Claims
-
1. A system, comprising at least one computing device configured to implement one or more services, wherein the one or more services:
-
generates a token for sensitive user data, the token identifying a data type of the sensitive user data; stores the sensitive user data to a first data storage service and nonsensitive data related to the sensitive data to a second data storage service; provides, to a first entity, the token and the nonsensitive data, the token provided in place of the sensitive user data; receives a request for the sensitive user data from a second entity, the request including the token; identifies a set of sensitive user data from secure data stored in the first data storage service, individual sensitive user data items of the set of sensitive user data having a data type that matches the data type identified by the token; generates a hash for individual sensitive user data items in the set of sensitive user data; and provides the hash for the individual sensitive user data items in the set of sensitive user data to an entity not authorized to receive the sensitive user data associated with the set of sensitive user data. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method, comprising:
under control of one or more computer systems configured with executable instructions, generating a first token for sensitive data, the first token identifying a data type of the sensitive data; storing, in a memory, in association with the first token, the sensitive data as secure data in an encrypted form; providing nonsensitive data related to the sensitive data, and the first token in place of the sensitive data, to a first entity authorized to receive the nonsensitive data; identifying a set of secure data from the secure data stored in the memory, individual secure data of the set of secure data having a data type that matches the data type identified by the first token; generating a hash for individual secure data in the set of secure data; and providing the hash for individual secure data in the set of secure data to a second entity not authorized to receive the sensitive data associated with the set of secure data. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. One or more non-transitory computer-readable media storing computer-executable instructions that, as a result of being executed, cause one or more processors to:
-
generating a first token for a first piece of sensitive data; storing, in a memory, the first piece of sensitive data as secure data; providing, to a first entity, a first nonsensitive data associated with the first piece of sensitive data, and the first token in place of the first piece of sensitive data; generating a second token for a second piece of sensitive data; providing the second token in place of the second piece of sensitive data to a second entity that maintains nonsensitive data associated with the second piece of sensitive data; generating a first hash associated with the first piece of sensitive data; generating a second hash associated with the second piece of sensitive data; determining that the first hash matches the second hash; and as a result of having determined that the first hash matches the second hash, indicating to the second entity that the first piece of sensitive data and the second piece of sensitive data are linked. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification