| 发明名称 |
MANAGING UNLINKABLE IDENTIFIERS FOR CONTROLLED PRIVACY-FRIENDLY DATA EXCHANGE |
| 摘要 |
A method for managing unlinkable database user identifiers includes distributing to a first database a first encrypted user identifier, a first database identifier, and a first database user identifier; distributing to a second database a second encrypted user identifier, a second database identifier, and a second database user identifier; receiving from the first database a third encryption and a fourth encryption, the third encryption being formed from the first encrypted user identifier, the second database identifier, and a message comprised in the fourth encryption; decrypting the third encryption thereby obtaining a decrypted value; deriving a blinded user identifier from the decrypted value; and sending the encrypted blinded user identifier and the fourth encrypted value to the second server thereby enabling the second server to compute the second database user identifier from the encrypted blinded database user identifier and the decrypted fourth encrypted value. |
| 申请公布号 |
US2015332064(A1) |
申请公布日期 |
2015.11.19 |
| 申请号 |
US201514707193 |
申请日期 |
2015.05.08 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Camenisch Jan L.;Lehmann Anja |
| 分类号 |
G06F21/62;H04L9/30;H04L29/06 |
主分类号 |
G06F21/62 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for managing unlinkable database user identifiers, the method comprising:
distributing to a first database a first encrypted user identifier, a first database identifier, and a first database user identifier; distributing to a second database a second encrypted user identifier, a second database identifier, and a second database user identifier; receiving from the first database a third encryption and a fourth encryption, the third encryption being formed from the first encrypted user identifier, the second database identifier, and a message comprised in the fourth encryption; decrypting the third encryption thereby obtaining a decrypted value; deriving a blinded user identifier from the decrypted value; and sending the encrypted blinded user identifier and the fourth encrypted value to the second server thereby enabling the second server to compute the second database user identifier from the encrypted blinded database user identifier and the decrypted fourth encrypted value. |
| 地址 |
Armonk NY US |
