Search

US-12619763-B2 - Systems and methods to secure personally identifiable information

US12619763B2US 12619763 B2US12619763 B2US 12619763B2US-12619763-B2

Abstract

A method implemented in a computing system hosting a three-dimensional virtual reality world. The computer system collects personally identifiable information of users of accounts, where each account in the accounts is identified by an account identifier and each data field of personally identifiable information of each account is identified by a data field identifier. The system uses a script function to generate an encryption key from the global key, the account identifier, and the data field identifier specifically for the content of the data field of the personally identifiable information of the respective account. Different encryption keys are used for different data fields and different accounts. Encrypted content of a data field is stored at a random location; and the identification of the random location is stored in a device, database or system, separate from where the encrypted contents of the data fields of the accounts are stored.

Inventors

  • Nicolas J. Scheiblauer
  • Aaron Torres
  • Landon Oakes McDowell
  • Christopher Allen Nowell

Assignees

  • THUNES FINANCIAL SERVICES LLC

Dates

Publication Date
20260505
Application Date
20210405

Claims (16)

  1. 1 . A method, comprising: storing a global key; generating an encryption key from the global key, an account identifier, and a data field identifier for a content of a respective data field of personally identifiable information of a respective account; determining a storage location for the respective data field, wherein the storage location is stored in the database in an encrypted form; and storing the storage location separate from encrypted contents; wherein the encryption key is not stored in the computer system.
  2. 2 . The method of claim 1 , wherein the storage location is stored in a database separate from a data storage of the encrypted contents of the personally identifiable information of the accounts.
  3. 3 . The method of claim 2 , wherein the storage location is encrypted using the encryption key and stored in the database.
  4. 4 . The method of claim 2 , wherein generating the encryption key is performed using a resource-intensive password-based key derivation function.
  5. 5 . The method of claim 4 , wherein the resource-intensive password-based key derivation function is a scrypt function.
  6. 6 . The method of claim 5 , wherein the global key is stored and controlled by a key master.
  7. 7 . The method of claim 6 , wherein access to the database is controlled by the key master.
  8. 8 . A computer system, comprising: a key master; a server system; a first data storage device controlled by the server system and storing: a three-dimensional model; avatar models; and a second data storage device controlled by the key master and storing: a location database; a global key; wherein the key master generates an encryption key from the global key, an account identifier, and a data field identifier for a content of a respective data field of the personally identifiable information of the respective account; wherein presence of the encryption key in the computer system is transient.
  9. 9 . The computer system of claim 8 , wherein the server system queries the key master for the encryption key using the account identifier, and the data field identifier to obtain the encryption key and identification of a storage location.
  10. 10 . The computer system of claim 9 , wherein the identification of the storage location is encrypted using the encryption key for storage in the location database.
  11. 11 . The computer system of claim 9 , wherein generating of the encryption key is performed using a resource-intensive password-based key derivation function.
  12. 12 . The computer system of claim 11 , wherein the resource-intensive password-based key derivation function is a scrypt function.
  13. 13 . A non-transitory computer storage medium storing instructions which, when executed on a computer system, cause the computer system to perform a method, the method comprising: storing a global key; generating an encryption key from the global key, an account identifier, and a data field identifier for a content of a respective data field of personally identifiable information of a respective account; determining a storage location for the respective data field, wherein the storage location is stored in the database in an encrypted form; and storing the storage location separate from encrypted contents; wherein the encryption key is not stored in the computer system.
  14. 14 . The non-transitory computer storage medium of claim 13 , wherein the method further comprises: encrypting the content using the encryption key to generate encrypted content of the respective data field; and storing the encrypted content at the storage location identified by determining the storage location.
  15. 15 . The non-transitory computer storage medium of claim 14 , wherein the encryption key is generated using a scrypt function.
  16. 16 . The non-transitory computer storage medium of claim 15 , wherein the encrypted contents of personally identifiable information of the accounts are stored in a data storage device that has no information revealing association of encrypted contents of different fields of personally identifiable information as being associated with one account.

Description

RELATED APPLICATIONS The present application is a continuation of U.S. patent application Ser. No. 16/536,205, filed Aug. 8, 2019, issued as U.S. Pat. No. 10,970,416 on Apr. 6, 2021, which is a continuation application of U.S. patent application Ser. No. 15/599,158, filed May 18, 2017, issued as U.S. Pat. No. 10,410,015 on Sep. 10, 2019, both entitled “Systems and Methods to Secure Personally Identifiable Information,” the entire disclosures of which applications are all hereby incorporated herein by reference. FIELD OF THE TECHNOLOGY At least some technologies disclosed herein relate to information security in general and more specifically but not limited to prevention of unauthorized access to personally identifiable information of users of a three-dimensional virtual world. BACKGROUND Computer technologies have developed for the presentation of three-dimensional virtual worlds to users of computing devices. For example, a virtual world can be hosted on a set of server computers (e.g., secondlife.com). Client programs or viewers can be installed on user computers for connections to the server computers and for user participation in the virtual world. Users of a virtual world can be presented as the residents of the virtual world in the form of avatars. The resident avatars can travel in the three-dimensional virtual world, explore the three-dimensional virtual world, meet other resident avatars for virtual social activities, and communicate with each other via voice, instant messaging, text chart, local chat, and/or group chat. The avatars may build, create, shop and trade virtual objects and services with each other in the three-dimensional virtual world. Avatars of a virtual world may take various forms, such as human, animal, vegetable, etc. In a virtual world, users may customize various aspects of their avatars and may choose to resemble the users themselves in appearance as they are in the real world. A user may have multiple avatars, but use only one avatar at a time for participation in the virtual world. In a virtual world, a user of a client program or viewer of the virtual world can use conventional input devices to control the activities of the avatar that represents the user in the virtual world, such as keyboards and pointer control device (e.g., mouse, touch pad, track ball, joystick, and touch screen). The view of the virtual world as currently being seen by the avatar at its current position and orientation can be presented on a display device, such as a computer monitor, a display of a notebook computer, and a touch screen of a mobile device. Users of the virtual world are typically required to register with a computer system that hosts the virtual world. The registration information of the users may include personally identifiable information, which is typically organized in the accounts of the users, together with the resources and data allocated to and/or acquired by the users, such as the avatars of the users, virtual objects and/or currencies acquired by the users, the preferences of the users, etc. BRIEF DESCRIPTION OF THE DRAWINGS The embodiments are illustrated by way of example and not limitation in the figures of the accompanying drawings in which like references indicate similar elements. FIG. 1 shows a computer system in which techniques of the present disclosure can be used. FIG. 2 illustrates a technique to store personally identifiable information according to one embodiment. FIG. 3 shows a technique to generate an encryption key according to one embodiment. FIG. 4 shows an encryption process according to one embodiment. FIG. 5 shows a method to store the data of a data field according to one embodiment. FIG. 6 shows a method to retrieve the data of a data field stored according to one embodiment. FIG. 7 shows a data processing system on which the methods of the present disclosure can be implemented. DETAILED DESCRIPTION The following description and drawings are illustrative and are not to be construed as limiting. Numerous specific details are described to provide a thorough understanding. However, in certain instances, well known or conventional details are not described in order to avoid obscuring the description. References to one or an embodiment in the present disclosure are not necessarily references to the same embodiment; and, such references mean at least one. A computing system hosting a virtual world may collect personally identifiable information (PII) of users during the registration process to create the accounts of the users. The personally identifiable information (PII) of users may be stored but infrequently used during the presentation of the virtual world to the users. The techniques of the present disclosure improve the security of the storage of the personally identifiable information (PII) of the users. The techniques prevent and/or deter unauthorized discovery of the personally identifiable information of the users even when the database storing th