GB2484519A

GB2484519A - Protecting personal information held by an Internet Service Provider

Info

Publication number: GB2484519A
Application number: GB1017365.6A
Authority: GB
Inventors: Yariv Tal
Original assignee: Individual
Current assignee: Individual
Priority date: 2010-10-14
Filing date: 2010-10-14
Publication date: 2012-04-18
Also published as: GB201017365D0

Abstract

A service subscriber s personal details are protected from malicious attacks, e.g. by hackers . Real personal details of the user 10, e.g. an email address, password or credit-card number, are received from the service providerâ s system 100 over a network. Virtual personal details are generated based on the real personal details, preferably at a location 230 other than that of the service providerâ s system, and stored 120 on the service providerâ s system. The real personal details are encrypted and the encrypted details are stored 240 at a location other than that of the service provider. The real personal details are used in a transaction or operation, carried out by the service providerâ s system, at a location other than that of the service providerâ s system, e.g. to send email 130, 250 without the userâ s presence. In an embodiment, real personal details of a registered subscriber are used to regenerate virtual personal details for comparison with virtual details previously stored at the service provider. If the virtual details match then the subscriber is allowed access to the service.

Description

t V.' INTELLECTUAL ..* PROPERTY OFFICE Application No. GB 1017365.6 RTM Date:16 February 2011 The following terms are registered trademarks and should be read as such wherever they occur in this document: Java Intellectual Properly Office is an operating name of the Patent Office www.ipo.gov.uk

PRESERVING PERSONAL INFORMATION IN SERVICE PROVIDER SYSTEM

OVER THE INTENET USING COMPLEMENTARY ARCHITECTURE

BACKGROUND

1. TECHNICAL FIELD

[0001] The present invention relates to the field of security and privacy of personal information and identity theft, and more particularly, to personal information of subscribers of providers of services over the internet.

2. DISCUSSION OF RELATED ART [0002] A service provider, which may be any sort of organization, may offer services and products to subscribers through its website. Typically, in order to access the services or products, a subscriber will have to provide personal information.

Generally, a subscriber will provide personal information by filling in a form on a webpage on the site of the service provider. The personal information may include one or more of an e-mail address, a password, a physical address, a telephone number, a bank account number, a credit card number or any other personal details.

[0003] It is not uncommon for service providers to store the information as-is in a database, which makes it susceptible to theft by third parties. For example, subscribers may provide e-mail addresses to a service provider, perhaps as login names. Third party access to the list of e-mail addresses may lead to spamming where the addresses are used to send unsolicited messages.

[0004] Subscribers also often provide passwords and, to make matters worse, they may use the same passwords across a number of websites of service provider. Theft from one site can therefore lead to access to many sites.

[0005] In addition, subscribers commonly provide financial information to a service provider, particularly if they are purchasing services or goods from it, and, if such information is obtained, it can be used to steal from the users or in fraudulent transactions, [0006] Even when the personal information is protected by being stored in encrypted form in the database of the service provider, it has to be retrieved for the day-to-day transactions and operation of the service provider, at which point it is again susceptible to theft.

[0007] Improving the security of the web server of service providers may be time consuming and requires constant updating and particular expertise. What is more, service providers tend to have numerous network and web interfaces, allowing multiple potential breaches in security and raising the risk of a breach as a result of an interface being left open due to human error.

[0008] Another way of tackling these security problems is for subscribers to use different variants of their personal information for each service provider. For example, for e-mail, this involves using a different e-mail address for each service provider. However, this requires a lot of work and management on the part of the subscriber in both creating and keeping track of all the variants.

[0009] US Patent 6643687 discloses the use of "proxy" email addresses, instead of the user's real email address, for all email traffic to the user.

[0010] US Patent Application 20070180039 discloses a method for reducing unsolicited email messages by using disposable email addresses and forwarding mail from these disposable addresses to the user.

[0011] US Patent Application 20020138581 discloses a system and method of creating an email forwarding address during an Internet session where a user is viewing a web page that includes a prompt for an email address.

[0012] US Patent 7689007 discloses a system enabling users to generate a secondary identity for use instead of their real identity. Unfortunately, this system requires the user to initiate the generation of the secondary identity, and can still present a security risk if the user uses the same secondary identity to login with multiple service providers. While the methods disclosed in the listed documents all allow the creation of a virtual or dummy email or virtual identity, thus preserving user privacy and allowing for "throwing away" an exposed identity detail, they all require initiation by the user, explicitly using the virtual identity detail instead of the real detail. They also require the management of identities by the user and, most importantly, the burden is on the user to either use a different identity per service provider or to proactively replace identity details if they are stolen from a service provider (assuming the user is lucky enough to know the details were stolen).

[0013] Another approach is to separate different types of personal details from each other, into "sensitive" and "non-sensitive" data, as disclosed in International patent application W02006009648. This approach prevents theft by physically separating the two (or more) portions of data that together form a risk. The problem with this approach is that, for example, in the case of a user's email address and password, while it allows for a separation between a user's email address and a user's password and prevents the theft of a list containing both, it still allows for the theft of "only" the user's email, allowing usage for spamming. In this respect, this method is no different than storing a one-way-hashed user's password instead of the plaintext usefs password.

[0014] US Patent Application 20020111910 discloses a scheme whereby users store their email address with a third party, and a unique identifier generated by the third party is used to identify the user to the service provider. This prevents theft from the service provider, but theft is still possible from the third party; it is not seamless, and the burden of initiating this protection scheme is on the user.

[0015] In yet another approach, as disclosed in International patent application W02001054342, the user's personal details are encrypted and the key is then split and distributed between the user, the service provider's server and, possibly, a third server.

Using this method, a user's personal details can only be accessed by obtaining all parts of the encryption key, requiring the user actually to be logged-in. While this method is useful in preventing personal details theft, it requires the user to participate in using the user's personal details preventing its use for cases where the service provider needs to initiate the action (i.e. sending the user an email, charging the user at a later time [i.e. only after an ordered package is shipped], printing a shipping address for a package that has been prepared for shipping), and again it is not seamless to the user and requires the user to both initiate and participate in the process. An excerpt from the patent application makes this clear: "A tradeoff exists in that server 2] may not perform any on-line or off-line services that involve encryption and decryption of such data on behalf of user B without user B logging into server 2], passing authentication, and initiating a request..." [0016] A variant on the above approach might attempt to distribute the keys between servers only, nullifying the need for the user to be actively logged-in. Unfortunately, since the service provider's servers will need to be able to obtain all key parts in order to perform actions without user participation, a hacker that has gained access to the service provider's server can also obtain all the key parts and decrypt the personal details.

[0017] Figure 1 is a high level schematic block diagram illustrating a Service Provider System (SPS) 100 according to prior art. As may be clearly shown, SPS 100 is susceptible to malicious attacks carried out by a hacker 30 on database 111.

Specifically, the personal information of registered subscribers 10 that is prone to abuse by hacker 30 is stored on database 111 in the SPS 100. This architecture is therefore hard to secure.

[0018] What is required is a method for the automatic, user-intervention-free, creation and management of virtual personal information to avoid unwarranted use of real personal information.

BRIEF SUMMARY

[0019] According to one aspect of the invention, there is provided a method of protecting Real Personal Detail (RPD) used in Service Provider Systems (SPS) from malicious attacks from hackers. The method may include the following stages: generating a Virtual Personal Detail (VPD) based on RPD and optionally on Service Provider (SP) distinguishing detail (e.g. SP name); storing the VPD on the SPS; encrypting the RPD to yield an encrypted RPD; and storing the encrypted RPD on a location other than the SPS location, wherein using the RPD for at least one of: a transaction and an operation by the SPS is canied out on a location other than the SPS location. The relevant RPD is found using the matched VPD that is stored on the SPS.

[0020] These, additional, and/or other aspects and/or advantages of the present invention are: set forth in the detailed description which follows; possibly inferable from the detailed description; and/or learnable by practice of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS

[0021] The present invention will be more readily understood from the detailed description of embodiments thereof made in conjunction with the accompanying drawings of which: Figure 1 is a high level schematic block diagram of existing art; and Figure 2 is a high level block diagram of Service Provider System (SPS) that may securely connect to a Personal Details Privacy System (PDPS) according to some embodiments of the invention.

DETAILED DESCRIPTION

[0022] Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and the arrangement of the components set forth in the following description or illustrated in the drawings. The invention is applicable to other embodiments or of being practiced or carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein is for the purpose of description and should not be regarded as limiting.

[0023] Prior to setting forth the description of the embodiments of the invention, it may be helpful to set forth definitions of certain terms that will be used hereinafter.

[0024] The term "internet server" as used herein in this application, is defined as a dedicated computer, connected to the internet and may receive or send messages over the internet.

[0025] The term "Personal-Details-Privacy-System" (PDPS) as used herein in this application, is defined as a system that secures personal information of subscribers that is given to service providers over the internet.

[0026] The term "Service Provider" (SP) as used herein in this application, is defined as a business that provides services over the internet to its subscribers. For example, web applications, e-commerce and information portals.

[0027] The term "Service Provider System" (SPS) as used herein in this application, is defined as a system used by a business that provides services over the internet to its subscribers. For example, web applications, e-commerce and information portals.

[0028] The term "Real-Personal-Detail" (RPD) as used herein in this application, is defined as an actual detail of subscriber such as email address, credit card number, home address, billing address etc. [0029] The term "Virtual-Personal-Detail" (VPD) as used herein in this application, is defined as an arbitrary detail that is being generated such as virtual email address, virtual credit card number, etc. [0030] The term "dedicated-service-server" (DSS) as used herein in this application, is defined as a server designated for a specific purpose such as SMTP server to send emails, a server running billing software to charge subscribers etc. [0031] The term "actual use" as used herein in this application, is related to actual data usage in transactions and operations, for example, using an email address to send an email, using a credit card number to bill a registered subscriber and the like.

[0032] It is understood that internet as a computer network is used as non limiting example only and other computer networks may be used to carry out the embodiments of the present invention.

[0033] Embodiments of the present invention provide means to automatically protect personal information and identity theft of subscribers registered to an SPS over the internet. Examples of susceptible personal information are email addresses, credit card numbers and home addresses.

[0034] For example, email addresses are used over the internet not only to send and receive emails, some other purposes are: to login to different Service Provider System (SPS), receive notifications and information from SPS upon subscription etc. In the later cases the email address is commonly either stored as plain-text on the SPS or in an easy to decrypt manner, to allow its use by a DSS. Such improper protection of the RPD, makes the RPD susceptible to hacker attacks and abuse.

[0035] According to an aspect of the present invention, there is provided a Personal Details Privacy System (PDPS) that automatically processes, stores and manages personal information of subscribers for the SPS, and protects that information while still allowing its use in transactions and operations by the DSS.

[0036] Figure 2 is a high level schematic block diagram illustrating SPS 100 serving subscriber 10 in operation over the internet to the PDPS 200, advantageously protecting personal information on the SPS 100 from malicious attacks of hackers 30.

The PDPS 200 may include the following components: internet server 210, firewall 220, VPD administrator server 230, database 240, and DSS 250.

The DSS may require communication with a third party service provider 300.

[0037] According to some embodiments, automated Personal Details Privacy System (PDPS) 200 supports providers of services 100 over the internet, in protecting prone-to-abuse personal information of subscribers. The PDPS 200 may include an internet server 210 configured to connect between the SPS 100 and the PDPS 200 over the internet; a Virtual Personal Detail (VPD) administrator server 230, configured to: (i) generate a new unique VPD in response to a new Real Person Detail (RPD), (ii) encrypt a new RPD to yield an encrypted RPD, (iii) retrieve the encrypted RPD, and (iv) decrypt the encrypted RPD with the matched VPD to yield an RPD.

110038] PDPS 200 may further include a firewall 220 configured to protect the VPD administrator server 230 and connect between the internet server 210 and the VPD administrator server 230. Further, the PDPS 200 may include a database 240 connected to the VPD administrator server 230 and configured to store encrypted RPD and additional information. Moreover, the PDPS 200 may include a DSS 250 configured to accommodate an actual use of the RFD for transactions and operations bytheSP.

[0039] Initial registration by one of the subscribers to the SPS 100 when protected by the PDPS 200 is performed by the following steps: the SPS 100 is transmitting the RPD of the subscriber to the internet server 210 in the PDPS 200 and then the internet server 210 is forwarding the RPD to the VPD administrator server 230 via the firewall 220, the VPD administrator server 230 checks if the RPD does not exist in the database 240, and then stores encrypted RPD in the database 240 and generates a new unique VPD from the RPD and optionally an SP distinguishing detail (e.g. SF name), the VPD is stored on the database 120 located on the SPS 100, to be used for identifying and deciphering of encrypted RPD; [0040] When one of the registered subscribers wishes to login to the SPS 100, the SPS 100 receives the RPD from the registered subscriber and transmits the RPD to the VPD administrator server 230 via the internet server 210, and in response the VPD administrator server 230 parses the request and regenerates the VPD that is matching the given RPD. The SPS then compares the VPD to the one stored in its database 120.

[0041] The following is a specific example that should not be limiting and for illustration purposes only.

[0042] Advantageously, embodiments of the present invention suggest a stronger protection than existing security means, by preventing the RFD from actually being stored and requiring cooperation between the SPS and the PDPS to allow its usage.

Moreover, the present invention saves time and effort that may be invested in existing security means, in which constantly updating security of SPS by experts in the field.

Also, in many cases SP have multiple networks and web interfaces, allowing for multiple potential breaches in security sometimes by a human error of one of the employees by using the PDPS, the potential risk and damage caused by such breaches may be mitigated.

[0043] As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or computer program product.

Accordingly, aspects of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a "circuit," "module" or "system." Furthermore, aspects of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon.

[0044] Any combination of one or more computer readable medium(s) may be utilized. The computer readable medium may be a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

[0045] Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wire-line, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

[0046] Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalitalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute partly on the PDPS and partly on the SPS or as a stand-alone software package securely connected to the SPS. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).

[0047] Aspects of the present invention are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.

[0048] These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.

[0049] The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.

[0050] The aforementioned flowchart and diagrams illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concunently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

[0051] In the above description, an embodiment is an example or implementation of the inventions. The various appearances of "one embodiment," "an embodiment" or "some embodiments" do not necessarily all refer to the same embodiments.

[0052] Although various features of the invention may be described in the context of a single embodiment, the features may also be provided separately or in any suitable combination. Conversely, although the invention may be described herein in the context of separate embodiments for clarity, the invention may also be implemented in a single embodiment.

[0053] Reference in the specification to "some embodiments", "an embodiment", "one embodiment" or "other embodiments" means that a particular feature, structure, or characteristic described in connection with the embodiments is included in at least some embodiments, but not necessarily all embodiments, of the inventions.

[0054] It is to be understood that the phraseology and terminology employed herein is not to be construed as limiting and are for descriptive purpose only.

[0055] The principles and uses of the teachings of the present invention may be better understood with reference to the accompanying description, figures and

examples.

[0056] It is to be understood that the details set forth herein do not construe a limitation to an application of the invention.

[0057] Furthermore, it is to be understood that the invention can be carried out or practiced in various ways and that the invention can be implemented in embodiments other than the ones outlined in the description above.

[0058] It is to be understood that the terms "including", "comprising", "consisting" and grammatical variants thereof do not preclude the addition of one or more components, features, steps, or integers or groups thereof and that the terms are to be construed as specifying components, features, steps or integers.

[0059] If the specification or claims refer to "an additional" element, that does not preclude there being more than one of the additional element.

[0060] It is to be understood that where the claims or specification refer to "a" or "an" element, such reference is not be construed that there is only one of that element.

[0061] It is to be understood that where the specification states that a component, feature, structure, or characteristic "may", "might", "can" or "could" be included, that particular component, feature, structure, or characteristic is not required to be included.

[0062] Where applicable, although state diagrams, flow diagrams or both may be used to describe embodiments, the invention is not limited to those diagrams or to the corresponding descriptions. For example, flow need not move through each illustrated box or state, or in exactly the same order as illustrated and described.

[0063] Methods of the present invention may be implemented by performing or completing manually, automatically, or a combination thereof, selected steps or tasks.

[0064] The term "method" may refer to manners, means, techniques and procedures for accomplishing a given task including, but not limited to, those manners, means, techniques and procedures either known to, or readily developed from known manners, means, techniques and procedures by practitioners of the art to which the invention belongs.

[0065] The descriptions, examples, methods and materials presented in the claims and the specification are not to be construed as limiting but rather as illustrative only.

[0066] Meanings of technical and scientific terms used herein are to be commonly understood as by one of ordinary skill in the art to which the invention belongs, unless otherwise defined.

[0067] The present invention may be implemented in the testing or practice with methods and materials equivalent or similar to those described herein.

[0068] Any publications, including patents, patent applications and articles, referenced or mentioned in this specification are herein incorporated in their entirety into the specification, to the same extent as if each individual publication was specifically and individually indicated to be incorporated herein. In addition, citation or identification of any reference in the description of some embodiments of the invention shall not be construed as an admission that such reference is

available as prior art to the present invention.

[0069] While the invention has been described with respect to a limited number of embodiments, these should not be construed as limitations on the scope of the invention, but rather as exemplifications of some of the preferred embodiments.

Other possible variations, modifications, and applications are also within the scope of the invention.

Claims

CLAIMSWhat is claimed is: 1. A method of protecting Real Personal Detail (RPD) used in Service Provider Systems (SPS) from malicious attacks of hackers, the method comprising: receiving an RPD from the SPS over a network; generating a Virtual Personal Detail (VPD) based on RPD; storing the VPD on an SPS location; encrypting the RPD to yield an encrypted RPD; storing the encrypted RPD on a location other than the SPS location, wherein using the RPD for at least one of: a transaction and an operation by the SPS being carried out on a location other than the SPS location.
2. The method of claim 1, wherein the generating is further based on Service Provider (SP) distinguishing detail.
3. The method of claim 1, further comprising: creating the VPD on a location other than the SPS; storing the VPD on the SPS; encrypting the RPD; storing the encrypted RPD on the location other than the SPS; and using RPD for at least one of: operations and transactions logically separated from the SPS, wherein the method is useable for initially registering RPD in SPS.
4. The method of claim 1, further comprising: transmitting the RPD received by the SPS to a logically separated server; encrypting the RPD by using a key; and sending a generated VPD to the SPS upon successful retrieval of the encrypted RPD or an enor message upon failure retrieval, wherein the method is useable for logging of a registered subscriber to SPS connected to the logically separated server.
5. A method according to any one of claims 1 to 4, wherein the real personal information comprises one or more of: an e-mail address, a password, a physical address, a telephone number, a bank account number or a credit card number.
6. A method according to any of claims 1 to 5, wherein the encrypting is using a random symmetric key and a random symmetric encryption algorithm.
7. An automated Personal Details Privacy System (PDPS) supporting providers of services over the internet, in protecting prone-to-abuse personal information of subscribers, the PDPS comprising: an internet server configured to connect between one or more Service Providers (SP) and the PDPS over the internet; a Virtual Personal Detail (VPD) administrator server, configured to: (i) generate a new unique VPD in response to a new Real Person Detail (RPD), (ii) encrypt a new RPD to yield an encrypted RPD, (iii) retrieve the encrypted RPD, and (iv) decrypt the encrypted RPD to yield an RPD; a firewall configured to protect the VPD administrator server and connect between the internet server and the VPD administrator server; a database connected to the VPD administrator server and configured to store encrypted RPD and additional information; a dedicated-service-server configured to accommodate an actual use of the RPD in at least one of: transactions and operations by the SP, wherein the VPD administrator server is operable in combination with the dedicated-service-server to perform an actual use of the RPD as per request of the SPS.
8. The automated PDPS of claim 7, wherein in a case that one of the subscribers performs an initial registration to the SPS, the internet server in the PDPS receives the RPD of the subscriber from the SPS and forwards the RPD to the VPD administrator server via the firewall, wherein the VPD administrator server stores encrypted RPD in the database of the PDPS and generates a new unique VPD based on an SP distinguishing detail and RPD in case the RPD does not exist in the database of the PDPS, and wherein the database of the SPS stores the VPD.
9. The system of claim 7, wherein in a case of a login of a registered subscriber to the SPS, the SPS receives the RPD from the registered subscriber and transmits the RPD to the VPD administrator server in the PDPS via the internet server in the PDPS, wherein in response the VPD administrator server sends a VPD matching the given RPD to the SPS upon successful retrieval from the database or an error message upon failure of retrieval from database and the SPS checks if the VPD sent is on its list of VPD.
10. A computer program product, configured to protect Real Personal Detail (RPD) used in Service Provider Systems (SPS) from malicious attacks from hackers, the computer program product comprising: a computer readable storage medium having computer readable program embodied therewith, the computer readable program comprising: computer readable program configured to generate a Virtual Personal Detail (VPD) based on RPD and an SP distinguishing detail; computer readable program configured to store the VPD on an SPS location; computer readable program configured to encrypt the RPD to yield an encrypted RPD; computer readable program configured to store the encrypted RPD on a location other than the SPS location, wherein using the RPD for at least one of: a transaction and an operation by the SPS are carried out on a location other than the SPS location.
11. The computer program product of claim 10, further comprising: computer readable program configured to create the VPD on the location other than the SPS; computer readable program configured to store the VPD on the SPS; computer readable program configured to encrypt the RPD; storing the encrypted RPD on the location other than the SPS; and computer readable program configured to enable a use of the RPD for at least one of: operations and transactions logically separated from the SPS, wherein the computer program product is useable for initially registering RPD.
12. The computer program product of claim 10, further comprising: computer readable program configured to transmit the RPD received by the SPS to a logically separated server; computer readable program configured to encrypt the RPD by using a key; and computer readable program configured to send a success message to the SPS upon successful retrieval of the encrypted RPD or an error message upon failure retrieval, wherein the computer program product is useable for logging of a registered subscriber to SPS connected to the logically separated server.
13. A network security system method comprising receiving user personal information from a service provider over the network, generating a set of encrypted values by encrypting the personal information and an SP distinguishing detail, storing the set of encrypted values in a storage location in a data store, which storage location has a location identifier, generating an encrypted storage location identifier by encrypting the storage location identifier and sending the encrypted storage location identifier to the server for the server to store.
14. A method according to claim 13, wherein the network is the Internet.
15. A method according to claim 13 or claim 14, comprising of periodically creating a re-encrypted set of values by re-encrypting the personal information and the SP distinguishing detail, and storing the re-encrypted values in the storage location.
16. A method according to any one of claims 13 to 15, wherein the real personal information comprises one or more of: an e-mail address, a password, a physical address, a telephone number, a bank account number or a credit card number.
17. A method according to any of claims 13 to 16, wherein the personal information and the SP distinguishing detail are encrypted using a random symmetric key and a random symmetric encryption algorithm.
18. A method according to claim 17, wherein the encrypted values include the SP distinguishing detail and the personal information encrypted as a pair, the encryption key encrypted using the personal information, and an obfuscated form of the SP distinguishing detail, and an obfuscated form of the personal information.
19. A method according to claim 17 or claim 18 wherein the storage location identifier is encrypted using the encryption key.
20. A method according to claim 19 wherein the personal information comprises an e- mail address and the encrypted storage location identifier takes the form of an e-mail address.
21. A method according to any preceding claim further comprising subsequently receiving user personal information, creating a sub-set of encrypted values by encrypting the user personal information and the SP distinguishing detail, identifying the storage location of each set of encrypted values containing the sub-set, and cross-referencing the values from each identified location to determine the identified location with consistent values.
22. A method according to any preceding claim, further comprising subsequently receiving information of data to send to a user identified by the encrypted storage location identifier, decrypting the encrypted storage location identifier to provide a location identifier, decrypting the set of values from the identified location to retrieve the personal information, and sending the data to the user using the retrieved personal information.
23. A method according to any preceding claim wherein the personal information comprises a modifiable information, comprising receiving a request to change a modifiable information for a user identified by the encrypted storage location identifier, which request includes a new modifiable information, decrypting the encrypted storage location identifier to provide a location identifier, decrypting the set of values from the identified location to retrieve the modifiable information from the identified location, encrypting the new modifiable information, and adding the encrypted modifiable information to the set of values in the storage location.
24. A network security system for carrying out a method according to any of claims 13 to 23.
25. A system according to claim 24 further comprising an encoding server for creating the set of encrypted values and for encrypting the storage location identifier.
26. A system according to claim 25 further comprising a network server between the network and the encoding server.
27. A system according to claim 24 or claim 25 further comprising an e-mail server between the encoding server and the network.
28. A system according to claim 26 or claim 27 further comprising a firewall between the network server and/or the e-mail server and the encoding server.
29. A network service provider system comprising a data store for storing an encrypted storage location identifier created by a security system according to any of claims 22 to 28.
30. A service provider according to claim 29 further comprising a network server between the network and the data store.
31. A service provider according to claim 29 or claim 30 further comprising an e-mail server between the network and the data store.