| 摘要 |
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table. C: 0 CN (D co 'I N- 0 M z rU) (1) 0 > 0N N) U) E( ( W )~ 0 (D 0~ - e C: (D cy)10 __C (D =~ U)() Y C (UW C'4 10 -- C: 10 - e C'0 10 u XC LO0 0t LO *L (D C/N 10o 10c N~C 10) ) C: CO co N |
