Sensitive user information management system and method
First Claim
1. A method for storing sensitive user information for subsequent access by a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:
- receiving a network request over a cryptographically secured network communications channel established with a client, the network request having a payload, the payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information, wherein the client is an application of an online service that provides particular end-user functionality to users of the online service;
wherein the target data store compartment is one of a plurality of data store compartments of a data store;
wherein the data store comprises a database table;
wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;
verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the data store compartment;
based on the verifying that the client has permission to access the data store compartment, storing the sensitive user information in the data store compartment;
wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;
(a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row; and
returning the token to the client over the cryptographically secured network communications channel for use to later retrieve the sensitive user information from the target data store compartment.
2 Assignments
0 Petitions
Accused Products
Abstract
Sensitive user information management system and method. In accordance with some embodiments of the subject innovations, a RESTful “custodial” web service is provided to online service applications of an online service for storing and retrieving sensitive user information. More particularly, the custodial web service offers an operational interface to the online service applications accessible over a data network. The operational interface comprises two operations: STORE and RETRIEVE. The STORE operation allows an online service application to store sensitive user information with the custodial web service. The RETRIEVE operation allows the online service application to later retrieve the sensitive user information from the custodial web service. The custodial web service also ensures that received sensitive user information is cryptographically encrypted when in the custody of the web service.
-
Citations
16 Claims
-
1. A method for storing sensitive user information for subsequent access by a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:
-
receiving a network request over a cryptographically secured network communications channel established with a client, the network request having a payload, the payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information, wherein the client is an application of an online service that provides particular end-user functionality to users of the online service; wherein the target data store compartment is one of a plurality of data store compartments of a data store; wherein the data store comprises a database table; wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments; verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the data store compartment; based on the verifying that the client has permission to access the data store compartment, storing the sensitive user information in the data store compartment; wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;
(a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row; andreturning the token to the client over the cryptographically secured network communications channel for use to later retrieve the sensitive user information from the target data store compartment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for providing access to sensitive user information to a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:
-
receiving a network request over a cryptographically secured network communications channel established with the client, the network request having a payload, the payload comprising a token and an identifier of a target data store compartment from which to retrieve the sensitive user information; wherein the client is an application of an online service that provides particular end-user functionality to users of the online service; wherein the target data store compartment is one of a plurality of data store compartments of a data store; wherein the data store comprises a database table; wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments; verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the target data store compartment; based on the verifying that the client has permission to access the data store compartment, returning sensitive user information associated with the token in the target data store compartment to the client over the cryptographically secured network communications channel; and wherein the sensitive user information is associated with the token by a particular row of the database table, the particular row comprising;
(a) the target data store compartment identifier as a value in a first column of the particular row, (b) the sensitive user information as a value in a second column of the particular row, and (c) the token as a value in a third column of the particular row. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for storing and providing access to sensitive user information, the method performed by a computing system comprising one or more processors and memory, the method comprising:
-
receiving a first network request over a first cryptographically secured network communications channel established with a first client, the first network request having a first payload, the first payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information; wherein the first client is an application of an online service that provides particular end-user functionality to users of the online service; wherein the target data store compartment is one of a plurality of data store compartments of a data store; wherein the data store comprises a database table; wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments; verifying, based on the target data store compartment identifier and client identifying information in a first digital certificate presented by the first client, that the first client has permission to access the target data store compartment; storing the sensitive user information in the target data store compartment; wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;
(a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row;returning the token to the first client over the first cryptographically secured network communications channel for use in later retrieving the sensitive user information from the target data store compartment; receiving a second network request over a second cryptographically secured network communications channel established with a second client, the second network request having a second payload, the second payload comprising the token and the identifier of the target data store compartment from which to retrieve the sensitive user information; verifying, based on the target data store compartment identifier and client identifying information in a second digital certificate presented by the second client, that the second client has permission to access the target data store compartment; returning the sensitive user information to the second client over the second cryptographically secured network communications channel; and wherein the sensitive user information is associated with the token in the target data store compartment by the new table row added to the database table.
-
Specification