CA2403488A1 - Automatic identity protection system with remote third party monitoring - Google Patents

Automatic identity protection system with remote third party monitoring Download PDF

Info

Publication number
CA2403488A1
CA2403488A1 CA002403488A CA2403488A CA2403488A1 CA 2403488 A1 CA2403488 A1 CA 2403488A1 CA 002403488 A CA002403488 A CA 002403488A CA 2403488 A CA2403488 A CA 2403488A CA 2403488 A1 CA2403488 A1 CA 2403488A1
Authority
CA
Canada
Prior art keywords
data
mapping
working
domain
working data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002403488A
Other languages
French (fr)
Other versions
CA2403488C (en
Inventor
Hakon Gudbjartsson
Sverrir Karlsson
Skeggi Thormar
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Decode Genetics ehf
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2403488A1 publication Critical patent/CA2403488A1/en
Application granted granted Critical
Publication of CA2403488C publication Critical patent/CA2403488C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/383Anonymous user system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/04Masking or blinding
    • H04L2209/043Masking or blinding of tables, e.g. lookup, substitution or mapping
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms

Abstract

This invention provides an automated system for the processing of data packets, composed of personal identifiers and personal data, such that the personally identifiable data sent by one party may be considered anonymous once received by a second party. The invention uses secret sharing techniques to facilitate distributed key management of the mapping functions and strong authentication to allow the system to be operated remotely.

Claims (37)

1. An apparatus (150) for use in a computer network (105) for mapping data between different domains comprising:
a communication module (107) for establishing a communication connection between a sender of one domain defining a security zone for one group of regular users (109) and a receiver in a different domain defining a different security zone for a different group of regular users (110);
a mapping module (106) coupled to the communication module (107) for mapping working data (301) of the one domain to working data (301) of the different domain, the working data (301) having an identifier portion (304) and a research data portion including personal data (305) of individuals, the mapping module (106) mapping between the identifier portion (304) of the working data (301) in the one domain to the identifier portion (304) of the working data (301) in the different domain.
2. Apparatus as claimed in Claim 1 wherein the communication connection is a secure communication channel formed by the communication module (i) authenticating the sender and receiver, resulting in an authorized sender and authorized receiver, and (ii) encrypting working data transmitted over the channel.
3. Apparatus as claimed in Claim 2 wherein the mapping module employs encryption in the mapping of working data in the domain to working data in the different domain such that the working data transmitted to the authorised receiver is anonymous data.
4. Apparatus as claimed in Claim 1 further comprising a secret sharing module for controlling access to the apparatus.
5. Apparatus as claimed in Claim 4 wherein the secret sharing module controls access to the mapping module.
6. Apparatus as claimed in Claim 4 further comprising permanent storage means for storing data in a tamper-proof manner.
7. Apparatus as claimed in Claim 6 wherein the permanent storage means encrypts non-queried parts of the data, said encryption using an encryption key, and the secret sharing module storing the encryption key.
8. Apparatus as claimed in Claim 7 wherein the permanent storage means employs digital signatures on queried parts of the data to detect changes in data and thereby prevent tampering.
9. Apparatus as claimed in Claim 8 wherein each digital signature is formed from a message digest of a concatenation of the encryption key and data.
10. Apparatus as claimed in Claim 8 wherein the permanent storage means maintains a summary measure of stored data.
11. Apparatus as claimed in Claim 10 wherein said summary measure has a respective digital signature.
12. Apparatus as claimed in Claim 1 wherein the mapping module defines a mapping between any two domains by storing a mapping table having cross references between identifier portions of working data of the two domains.
13. Apparatus as claimed in Claim 12 wherein the mapping module stores a mapping table for plural domains, the mapping table being formed of (i) an index section and (ii) a working reference section, the index section indicating identifier portion of working data in a first subject domain and the working reference section indicating corresponding identifier portion in a second domain, the working reference being encrypted, such that the mapping module performs decryption on a part of the mapping table to determine usable cross reference of the working data.
14. Apparatus as claimed in Claim 1 wherein the mapping module maps working data among plural domains.
15. Apparatus as claimed in Claim 1 wherein the sender and receiver are respectively one of a software implementation and a human being.
16. Apparatus as claimed in Claim 1 wherein connection of the sender and receiver is in respective different sessions.
17. Apparatus as claimed in Claim 1 wherein the communication module further enables communication connection by a supervisor in addition to the sender and receiver.
18. Apparatus as claimed in Claim 17 wherein the communication connection by the supervisor enables remote operation of the apparatus by the supervisor.
19. Apparatus as claimed in Claim 1 wherein the identifier portion of the working data includes identifiers from plural domains, the mapping module mapping multiple identifiers between multiple domains for each research portion of the working data.
20. Apparatus as claimed in Claim 1 further comprising:
a secured container;
a computer system executing the communication module and the mapping module; and a firewall coupled to the computer system, the computer system and firewall being housed by the secured container so as to provide tamper-proof hardware.
21. A method for transferring and mapping data between different domains in a computer network (105), comprising the steps of:
transmitting working data from a sender in one domain defining a security zone for one group of regular users (109) to a receiver in a different domain defining a different security zone for a different group of regular users (110), the working data having an identifier portion (304) and a research data portion including personal data (305) of individuals; and mapping the working data of the one domain to working data of the different domain by mapping between the identifier portion (304) of the working data in the one domain to the identifier portion (304) of the working data in the different domain.
22. A method as claimed in Claim 21 further comprising the step of establishing a secure communication connection between the sender and receiver, wherein said secure communication connection includes (i) authentication of the sender and receiver, resulting in an authorized sender and authorized receiver, and (ii) encryption of the transmitted working data.
23. A method as claimed in Claim 22 wherein the step of mapping includes encrypting such that the working data received by the authorized receiver is anonymous data.
24. A method as claimed in Claim 21 further comprising the step of controlling access within the computer network.
25. A method as claimed in Claim 21 further comprising the step of storing data in a tamper-proof manner in a permanent storage.
26. A method as claimed in Claim 25 wherein the step of storing includes encrypting non-queried parts of the data.
27. A method as claimed in Claim 26 wherein the step of storing further includes assigning a respective digital signature to each queried part of the data to enable detection of changes in the data and thereby prevent tampering.
28. A method as claimed is Claim 27 wherein the step of encrypting employs an encryption key, and the step of assigning includes forming a digital signature from a message digest of a concatenation of data and the encryption key.
29. A method as claimed in Claim 27 wherein the step of storing working data includes maintaining a summary measure of stored data.
30. A method as claimed in Claim 29 wherein the step of maintaining a summary measure includes assigning a digital signature to the summary measure.
31. A method as claimed in Claim 21 wherein the step of mapping includes storing a mapping table having cross references between the identifier portions of the working data of the two domains.
32. A method as claimed in Claim 31 wherein the step of storing a mapping table includes storing a respective mapping table for each domain, each mapping table being formed of (i) an index section and (ii) a working reference section, the index section indicating identifier portion of working data in a first subject domain and the working reference section indicating corresponding identifier portion in a second subject domain, the working reference being encrypted; and decrypting a part of the mapping table to determine usable cross reference of the working data.
33. A method as claimed in Claim 21 wherein the step of mapping includes mapping working data among plural domains.
34. A method as claimed in Claim 21 wherein the sender and receiver are respectively one of a software implementation and a human being.
35. A method as claimed in Claim 21 further comprising the step of establishing a communication connection between the sender and receiver where the sender is connected in one session and the receiver is connected in a different session.
36. A method as claimed in Claim 21 further comprising the step of connecting a supervisor to the computer network.
37. A method as claimed in Claim 36 further comprising the step of enabling remote control by the supervisor.
CA2403488A 2000-03-17 2001-03-13 Automatic identity protection system with remote third party monitoring Expired - Lifetime CA2403488C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US19026200P 2000-03-17 2000-03-17
US60/190,262 2000-03-17
PCT/IB2001/000358 WO2001069839A2 (en) 2000-03-17 2001-03-13 Automatic identity protection system with remote third party monitoring

Publications (2)

Publication Number Publication Date
CA2403488A1 true CA2403488A1 (en) 2001-09-20
CA2403488C CA2403488C (en) 2011-10-18

Family

ID=22700614

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2403488A Expired - Lifetime CA2403488C (en) 2000-03-17 2001-03-13 Automatic identity protection system with remote third party monitoring

Country Status (10)

Country Link
US (1) US7404079B2 (en)
JP (1) JP2003527035A (en)
AU (2) AU4442601A (en)
CA (1) CA2403488C (en)
DE (1) DE10195924T1 (en)
GB (1) GB2375697B (en)
IS (1) IS2078B (en)
MX (1) MXPA02008919A (en)
SE (1) SE520078C2 (en)
WO (1) WO2001069839A2 (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7457948B1 (en) * 2000-09-29 2008-11-25 Lucent Technologies Inc. Automated authentication handling system
FR2847401A1 (en) * 2002-11-14 2004-05-21 France Telecom Access to a network service with rapid, revokable anonymous authentication and session creation and maintenance for online auctions, uses anonymous certificate of authority to produce anonymous signature which can be checked if needed
US8321946B2 (en) * 2003-12-05 2012-11-27 Hewlett-Packard Development Company, L.P. Method and system for preventing identity theft in electronic communications
US8146141B1 (en) * 2003-12-16 2012-03-27 Citibank Development Center, Inc. Method and system for secure authentication of a user by a host system
US7640594B2 (en) * 2004-01-21 2009-12-29 Sap Ag Secure storage in a file system
WO2009113444A1 (en) * 2008-03-10 2009-09-17 三菱電機株式会社 Confidential information management device, information processing device, and confidential information management system
US9425960B2 (en) * 2008-10-17 2016-08-23 Sap Se Searchable encryption for outsourcing data analytics
WO2010071843A1 (en) * 2008-12-19 2010-06-24 Privatetree, Llc. Systems and methods for facilitating relationship management
US20100262836A1 (en) * 2009-04-13 2010-10-14 Eric Peukert Privacy and confidentiality preserving mapping repository for mapping reuse
US20100313009A1 (en) * 2009-06-09 2010-12-09 Jacques Combet System and method to enable tracking of consumer behavior and activity
US9621584B1 (en) * 2009-09-30 2017-04-11 Amazon Technologies, Inc. Standards compliance for computing data
US8799022B1 (en) * 2011-05-04 2014-08-05 Strat ID GIC, Inc. Method and network for secure transactions
KR101575282B1 (en) * 2011-11-28 2015-12-09 한국전자통신연구원 Agent device and method for sharing security information based on anonymous identifier between security management domains
US8793805B1 (en) * 2012-07-30 2014-07-29 Amazon Technologies, Inc. Automatic application dependent anonymization
US8955075B2 (en) * 2012-12-23 2015-02-10 Mcafee Inc Hardware-based device authentication
US8850543B2 (en) * 2012-12-23 2014-09-30 Mcafee, Inc. Hardware-based device authentication
US9419953B2 (en) 2012-12-23 2016-08-16 Mcafee, Inc. Trusted container
US10489861B1 (en) 2013-12-23 2019-11-26 Massachusetts Mutual Life Insurance Company Methods and systems for improving the underwriting process
US11403711B1 (en) 2013-12-23 2022-08-02 Massachusetts Mutual Life Insurance Company Method of evaluating heuristics outcome in the underwriting process
US9633209B1 (en) 2014-02-21 2017-04-25 Amazon Technologies, Inc. Chaining of use case-specific entity identifiers
US9344409B2 (en) * 2014-07-18 2016-05-17 Bank Of America Corporation Method and apparatus for masking non-public data elements in uniform resource indentifiers (“URI”)
US10320574B2 (en) 2017-05-05 2019-06-11 International Business Machines Corporation Blockchain for open scientific research
JP7287096B2 (en) * 2019-05-09 2023-06-06 大日本印刷株式会社 Information processing device, control method and program

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3962539A (en) * 1975-02-24 1976-06-08 International Business Machines Corporation Product block cipher system for data security
US4405829A (en) * 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
US5657390A (en) * 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5638445A (en) * 1995-09-19 1997-06-10 Microsoft Corporation Blind encryption
US5907677A (en) * 1996-08-23 1999-05-25 Ecall Inc. Method for establishing anonymous communication links
CA2264912C (en) * 1996-09-06 2002-11-19 Walker Asset Management Limited Partnership Method and system for establishing and maintaining user-controlled anonymous communications
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network
US5961593A (en) * 1997-01-22 1999-10-05 Lucent Technologies, Inc. System and method for providing anonymous personalized browsing by a proxy system in a network
US5923842A (en) * 1997-03-06 1999-07-13 Citrix Systems, Inc. Method and apparatus for simultaneously providing anonymous user login for multiple users
US6591291B1 (en) * 1997-08-28 2003-07-08 Lucent Technologies Inc. System and method for providing anonymous remailing and filtering of electronic mail
US7143438B1 (en) * 1997-09-12 2006-11-28 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support
US6023510A (en) * 1997-12-24 2000-02-08 Philips Electronics North America Corporation Method of secure anonymous query by electronic messages transported via a public network and method of response
US6081793A (en) * 1997-12-30 2000-06-27 International Business Machines Corporation Method and system for secure computer moderated voting
US6151631A (en) * 1998-10-15 2000-11-21 Liquid Audio Inc. Territorial determination of remote computer location in a wide area network for conditional delivery of digitized products
DE19914631A1 (en) * 1999-03-31 2000-10-12 Bosch Gmbh Robert Input procedure in a driver information system

Also Published As

Publication number Publication date
MXPA02008919A (en) 2003-02-12
IS2078B (en) 2006-02-15
US20010027519A1 (en) 2001-10-04
CA2403488C (en) 2011-10-18
WO2001069839A2 (en) 2001-09-20
WO2001069839A3 (en) 2002-03-07
GB2375697B (en) 2004-03-24
DE10195924T1 (en) 2003-04-24
US7404079B2 (en) 2008-07-22
GB2375697A (en) 2002-11-20
SE520078C2 (en) 2003-05-20
IS6547A (en) 2002-09-13
AU2001244426B2 (en) 2006-06-08
SE0202712L (en) 2002-10-29
AU4442601A (en) 2001-09-24
JP2003527035A (en) 2003-09-09
GB0221138D0 (en) 2002-10-23
SE0202712D0 (en) 2002-09-13

Similar Documents

Publication Publication Date Title
CA2403488A1 (en) Automatic identity protection system with remote third party monitoring
US7231526B2 (en) System and method for validating a network session
US7991998B2 (en) Secure proximity verification of a node on a network
US8407477B2 (en) Information distribution system and program for the same
CN103812854B (en) Identity authentication system, device and method and identity authentication requesting device
US20050193199A1 (en) Accessing protected data on network storage from multiple devices
KR20010072206A (en) Method and apparatus for secure distribution of public/private key pairs
JPH10508438A (en) System and method for key escrow and data escrow encryption
JP2000261427A (en) Encryption communication terminal, encryption communication center equipment, encryption communication system and storage medium
WO1998045981A3 (en) Cryptographic system and protocol for establishing secure authenticated remote access
KR20170047717A (en) Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device
JP4752064B2 (en) Communication system on public line for restricting access, terminal connection device and server connection restriction device
US20050141718A1 (en) Method of transmitting and receiving message using encryption/decryption key
US8161565B1 (en) Key release systems, components and methods
CN103595534A (en) Data encryption and decryption system supporting device revoking operation and implementing method
US10764260B2 (en) Distributed processing of a product on the basis of centrally encrypted stored data
CN106972928B (en) Bastion machine private key management method, device and system
EP2985749A2 (en) Symmetric encryption device, and method used
US20150100777A1 (en) Secure Federated Identity Service
JPH11239128A (en) Information protection method for remote diagnosing system and its system device
JP4752063B2 (en) Communication system on public line for restricting access, terminal connection device and server connection restriction device
JP2001285286A (en) Authentication method, recording medium, authentication system, terminal, and device for generating recording medium for authentication
WO2016204700A1 (en) System for secure transmission of voice communication via communication network and method of secure transmission of voice communication
KR0171003B1 (en) Information protecting protocol
JPH0373633A (en) Cryptographic communication system

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20210315