| CPC H04L 63/0428 (2013.01) [G06F 21/6254 (2013.01); G06F 21/6263 (2013.01)] | 20 Claims |
|
1. A system, comprising:
one or more processors with associated memory that implement a privacy preserving supplemental content server (PPSCS), configured to:
serve supplemental content to a plurality of users when the users consume content published by a content server, wherein the supplemental content are selected based at least in part on user-private information about the users;
store a first secret share of a user-to-segment map (USM), wherein the USM contains the user-private information about the users, wherein the first secret share does not reveal the user-private information, and wherein a second secret share of the USM is stored at the content server;
receive a request from the content server to serve supplemental content to a user, wherein the request indicates a request context determined by the content server;
execute one side of a privacy preserving protocol with the content server to perform a lookup of user segment data of the user in the USM based at least in part on the request context, wherein the privacy preserving protocol guarantees that:
(a) the content server does not learn any user-private information about the user in the USM,
(b) the PPSCS learns at most one user segment of the user, and
(c) the PPSCS cannot track the user over multiple requests from the content server using any user-private information about the user in the USM learned during the execution;
select the supplemental content for the request based at least in part on results of the lookup; and
send the supplemental content in a response according to the request, wherein the response does not reveal the supplemental content to the content server.
|