×

Sensitive user information management system and method

  • US 9,787,668 B1
  • Filed: 08/03/2015
  • Issued: 10/10/2017
  • Est. Priority Date: 08/03/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method for storing sensitive user information for subsequent access by a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:

  • receiving a network request over a cryptographically secured network communications channel established with a client, the network request having a payload, the payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information, wherein the client is an application of an online service that provides particular end-user functionality to users of the online service;

    wherein the target data store compartment is one of a plurality of data store compartments of a data store;

    wherein the data store comprises a database table;

    wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;

    verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the data store compartment;

    based on the verifying that the client has permission to access the data store compartment, storing the sensitive user information in the data store compartment;

    wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;

    (a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row; and

    returning the token to the client over the cryptographically secured network communications channel for use to later retrieve the sensitive user information from the target data store compartment.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×