Privacy-preserving data verification
US-2021182418-A1 · Jun 17, 2021 · US
Content control through third-party data aggregation services
US11354439B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11354439-B2 |
| Application number | US-202016891149-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 3, 2020 |
| Priority date | Jun 3, 2020 |
| Publication date | Jun 7, 2022 |
| Grant date | Jun 7, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Aspects include receiving a request from a user to access data that was acquired by a third-party from a data owner, the data in an encrypted format unreadable by the user. In response to receiving the request from the user to access the data, a third-party key from the third-party is requested and a data owner key from the data owner is requested. The third-party key and the data owner key are applied to the data in the encrypted format to generate the data in an unencrypted format readable by the user. The user is provided with access to the data in the unencrypted format.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving a request from a user to access data that was acquired by a third-party from a data owner, the data in an encrypted format unreadable by the user; in response to receiving the request from the user to access the data: requesting a third-party key from the third-party; and requesting, by a security appliance of the user, a data owner key from the data owner, the requesting a data owner key from the data owner comprising communicating with a security appliance of the data owner to request the data owner key, wherein the security appliance of the data owner returns the data owner key in response to determining that the data owner authorizes the user to have access to the data, thereby providing the data owner with control of access to the data after the data has been acquired by the third-party; and in response to receiving the third-party key and the data owner key: applying the third-party key and the data owner key to the data in the encrypted format to generate the data in an unencrypted format readable by the user; and providing the user with access to the data in the unencrypted format. 2. The method of claim 1 , wherein the requesting a third-party key from the third-party comprises communicating with a security appliance of the third-party to request the third-party key, wherein the security appliance returns the third-party key in response to determining that the third-party authorizes the user to have access to the data. 3. The method of claim 1 , wherein the third-party is a data broker. 4. The method of claim 1 , wherein the encrypted format of the data was generated by encrypting the data using the data owner key and encrypting the data encrypted using the data owner key using the third-party key. 5. The method of claim 1 , further comprising in response to receiving the request from the user to access the data, logging the request from the user to access the data. 6. The method of claim 1 , further comprising in response to providing the user with access to the data in the unencrypted format, logging the providing the user with access to the data in the unencrypted format. 7. The method of claim 1 , wherein the data in the unencrypted format includes at least a subset of the data being masked or redacted. 8. A system comprising: one or more processors for executing computer readable instructions, the computer readable instructions controlling the one or more processors to perform operations comprising: receiving a request from a user to access data that was acquired by a third-party from a data owner, the data in an encrypted format unreadable by the user; in response to receiving the request from the user to access the data: requesting a third-party key from the third-party; and requesting, by a security appliance of the user, a data owner key from the data owner, the requesting a data owner key from the data owner comprising communicating with a security appliance of the data owner to request the data owner key, wherein the security appliance of the data owner returns the data owner key in response to determining that the data owner authorizes the user to have access to the data, thereby providing the data owner with control of access to the data after the data has been acquired by the third-party; and in response to receiving the third-party key and the data owner key: applying the third-party key and the data owner key to the data in the encrypted format to generate the data in an unencrypted format readable by the user; and providing the user with access to the data in the unencrypted format. 9. The system of claim 8 , wherein the requesting a third-party key from the third-party comprises communicating with a security appliance of the third-party to request the third-party key, wherein the security appliance returns the third-party key in response to determining that the third-party authorizes the user to have access to the data. 10. The system of claim 8 , wherein the third-party is a data broker. 11. The system of claim 8 , wherein the encrypted format of the data was generated by encrypting the data using the data owner key and encrypting the data encrypted using the data owner key using the third-party key. 12. The system of claim 8 , wherein the operations further comprise, in response to receiving the request from the user to access the data, logging the request from the user to access the data. 13. The system of claim 8 , wherein the operations further comprise, in response to providing the user with access to the data in the unencrypted format, logging the providing the user with access to the data in the unencrypted format. 14. The system of claim 8 , wherein the data in the unencrypted format includes at least a subset of the data being masked or redacted. 15. A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by one or more processors to cause the one or more processors to perform operations comprising: receiving a request from a user to access data that was acquired by a third-party from a data owner, the data in an encrypted format unreadable by the user; in response to receiving the request from the user to access the data: requesting a third-party key from the third-party; and requesting, by a security appliance of the user, a data owner key from the data owner, the requesting a data owner key from the data owner comprising communicating with a security appliance of the data owner to request the data owner key, wherein the security appliance of the data owner returns the data owner key in response to determining that the data owner authorizes the user to have access to the data, thereby providing the data owner with control of access to the data after the data has been acquired by the third-party; and in response to receiving the third-party key and the data owner key: applying the third-party key and the data owner key to the data in the encrypted format to generate the data in an unencrypted format readable by the user; and providing the user with access to the data in the unencrypted format. 16. The computer program product of claim 15 , wherein the requesting a third-party key from the third-party comprises communicating with a security appliance of the third-party to request the third-party key, wherein the security appliance returns the third-party key in response to determining that the third-party authorizes the user to have access to the data. 17. The computer program product of claim 15 , wherein the encrypted format of the data was generated by encrypting the data using the data owner key and encrypting the data encrypted using the data owner key using the third-party key.
Assignees
Inventors
Classifications
- G06F21/6254Primary
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
- G06F21/602Primary
Providing cryptographic facilities or services · CPC title
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
by registering files or documents with a third party · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11354439B2 cover?
- Aspects include receiving a request from a user to access data that was acquired by a third-party from a data owner, the data in an encrypted format unreadable by the user. In response to receiving the request from the user to access the data, a third-party key from the third-party is requested and a data owner key from the data owner is requested. The third-party key and the data owner key are…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6254. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 07 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).