Sensitive user information management system and method

US 9,787,668 B1
Filed: 08/03/2015
Issued: 10/10/2017
Est. Priority Date: 08/03/2015
Status: Active Grant

First Claim

Patent Images

1. A method for storing sensitive user information for subsequent access by a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:

receiving a network request over a cryptographically secured network communications channel established with a client, the network request having a payload, the payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information, wherein the client is an application of an online service that provides particular end-user functionality to users of the online service;

wherein the target data store compartment is one of a plurality of data store compartments of a data store;

wherein the data store comprises a database table;

wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;

verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the data store compartment;

based on the verifying that the client has permission to access the data store compartment, storing the sensitive user information in the data store compartment;

wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;

(a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row; and

returning the token to the client over the cryptographically secured network communications channel for use to later retrieve the sensitive user information from the target data store compartment.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Sensitive user information management system and method. In accordance with some embodiments of the subject innovations, a RESTful “custodial” web service is provided to online service applications of an online service for storing and retrieving sensitive user information. More particularly, the custodial web service offers an operational interface to the online service applications accessible over a data network. The operational interface comprises two operations: STORE and RETRIEVE. The STORE operation allows an online service application to store sensitive user information with the custodial web service. The RETRIEVE operation allows the online service application to later retrieve the sensitive user information from the custodial web service. The custodial web service also ensures that received sensitive user information is cryptographically encrypted when in the custody of the web service.

Citations

16 Claims

1. A method for storing sensitive user information for subsequent access by a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:
- receiving a network request over a cryptographically secured network communications channel established with a client, the network request having a payload, the payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information, wherein the client is an application of an online service that provides particular end-user functionality to users of the online service;
  
  wherein the target data store compartment is one of a plurality of data store compartments of a data store;
  
  wherein the data store comprises a database table;
  
  wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;
  
  verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the data store compartment;
  
  based on the verifying that the client has permission to access the data store compartment, storing the sensitive user information in the data store compartment;
  
  wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;
  
  (a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row; and
  
  returning the token to the client over the cryptographically secured network communications channel for use to later retrieve the sensitive user information from the target data store compartment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the network request specifies an operation to perform against the data store compartment;
    - and wherein verifying that the client has permission to access the data store compartment comprises verifying, based on the target data store compartment identifier and the client identifying information in the digital certificate presented by the client, that the client has permission to perform the operation against the data store compartment.
  - 3. The method of claim 1, wherein the client identifying information in the digital certificate comprises a network address associated with the client.
  - 4. The method of claim 1, wherein the client identifying information in the digital certificate comprises a service name associated with the client.
  - 5. The method of claim 1, wherein storing the sensitive user information in the data store compartment comprises:
    - encrypting the sensitive user information using a symmetric encryption algorithm to produce encrypted data; and
      
      storing the encrypted data in the target data store compartment.
  - 6. The method of claim 1, wherein storing the sensitive user information in the target data store compartment comprises:
    - encrypting the sensitive user information using an encryption key and a symmetric encryption algorithm to produce encrypted data;
      
      generating a message authentication code of the encrypted data using the encryption key and a cryptographic hash function; and
      
      storing the encrypted data in the target data store compartment in association with the message authentication code.
  - 7. The method of claim 1, wherein the sensitive user information received in the network request is encrypted by the client.
  - 8. The method of claim 1, further comprising:
    - receiving an expiry time for the sensitive user information in the network request; and
      
      automatically deleting the sensitive user information from the target data store compartment after the expiry time.

9. A method for providing access to sensitive user information to a client, the method performed by a computing system comprising one or more processors and memory, the method comprising:
- receiving a network request over a cryptographically secured network communications channel established with the client, the network request having a payload, the payload comprising a token and an identifier of a target data store compartment from which to retrieve the sensitive user information;
  
  wherein the client is an application of an online service that provides particular end-user functionality to users of the online service;
  
  wherein the target data store compartment is one of a plurality of data store compartments of a data store;
  
  wherein the data store comprises a database table;
  
  wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;
  
  verifying, based on the target data store compartment identifier and client identifying information in a digital certificate presented by the client, that the client has permission to access the target data store compartment;
  
  based on the verifying that the client has permission to access the data store compartment, returning sensitive user information associated with the token in the target data store compartment to the client over the cryptographically secured network communications channel; and
  
  wherein the sensitive user information is associated with the token by a particular row of the database table, the particular row comprising;
  
  (a) the target data store compartment identifier as a value in a first column of the particular row, (b) the sensitive user information as a value in a second column of the particular row, and (c) the token as a value in a third column of the particular row.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the network request specifies an operation to perform against the data store compartment;
    - and wherein verifying that the client has permission to access the data store compartment comprises verifying, based on the target data store compartment identifier and the client identifying information in the digital certificate associated with the cryptographically secured network communications channel presented by the client, that the client has permission to perform the operation against the target data store compartment.
  - 11. The method of claim 9, wherein the client identifying information in the digital certificate comprises a network address associated with the client.
  - 12. The method of claim 9, wherein the client identifying information in the digital certificate comprises a service name associated with the client.
  - 13. The method of claim 9, wherein returning the sensitive user information to the client comprises:
    - decrypting encrypted sensitive user information associated with the token in the target data store compartment to produce decrypted data; and
      
      wherein the sensitive user information returned to the client comprises the decrypted data.
  - 14. The method of claim 13, further comprising:
    - prior to decrypting the encrypted sensitive user information associated with the token in the target data store compartment to produce the decrypted data, successfully verifying authenticity of the encrypted sensitive user information, based on a message authentication code associated with the encrypted sensitive user information in the target data store compartment.
  - 15. The method of claim 9, wherein the network request is a Hypertext Transfer Protocol (HTTP) request or a HTTP-Secure (HTTPS) request.

16. A method for storing and providing access to sensitive user information, the method performed by a computing system comprising one or more processors and memory, the method comprising:
- receiving a first network request over a first cryptographically secured network communications channel established with a first client, the first network request having a first payload, the first payload comprising the sensitive user information and an identifier of a target data store compartment in which to store the sensitive user information;
  
  wherein the first client is an application of an online service that provides particular end-user functionality to users of the online service;
  
  wherein the target data store compartment is one of a plurality of data store compartments of a data store;
  
  wherein the data store comprises a database table;
  
  wherein each table row of the database table belongs to one data store compartment of the plurality of data store compartments;
  
  verifying, based on the target data store compartment identifier and client identifying information in a first digital certificate presented by the first client, that the first client has permission to access the target data store compartment;
  
  storing the sensitive user information in the target data store compartment;
  
  wherein the storing the sensitive user information in the target data store compartment is based on adding a new table row to the database table, the new table row comprising;
  
  (a) the target data store compartment identifier as a value in a first column of the new table row, (b) the sensitive user information as a value in a second column of the new table row, and (c) a token as a value in a third column of the new table row;
  
  returning the token to the first client over the first cryptographically secured network communications channel for use in later retrieving the sensitive user information from the target data store compartment;
  
  receiving a second network request over a second cryptographically secured network communications channel established with a second client, the second network request having a second payload, the second payload comprising the token and the identifier of the target data store compartment from which to retrieve the sensitive user information;
  
  verifying, based on the target data store compartment identifier and client identifying information in a second digital certificate presented by the second client, that the second client has permission to access the target data store compartment;
  
  returning the sensitive user information to the second client over the second cryptographically secured network communications channel; and
  
  wherein the sensitive user information is associated with the token in the target data store compartment by the new table row added to the database table.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
LinkedIn Corporation (Microsoft Corporation)
Inventors
Marathe, Nikhil, Mani, Arvind, Krishnan, Ganesh
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Khan, Sher A

Application Number

US14/816,949
Time in Patent Office

799 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/168   above the transport layer

H04L 9/3236   using cryptographic hash fu...

H04L 9/3263   involving certificates, e.g...

Sensitive user information management system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Sensitive user information management system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links