US20080082837A1 - Apparatus and method for continuous data protection in a distributed computing network - Google Patents
Apparatus and method for continuous data protection in a distributed computing network Download PDFInfo
- Publication number
- US20080082837A1 US20080082837A1 US11/904,684 US90468407A US2008082837A1 US 20080082837 A1 US20080082837 A1 US 20080082837A1 US 90468407 A US90468407 A US 90468407A US 2008082837 A1 US2008082837 A1 US 2008082837A1
- Authority
- US
- United States
- Prior art keywords
- data
- encryption
- rest
- rest system
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- the subject disclosure relates to methods and systems for protecting sensitive electronic information, and more particularly to improved methods and systems for protecting credit card information as such information is processed, stored, and travels across a distributed computing network.
- SSL secure sockets layer
- S-HTTP Secure HyperText Transfer Protocol
- SSL utilizes handshake-based key distribution with complex public key cryptography techniques
- S-HTTP is designed to send individual messages securely.
- intermediaries in the process are not able to do more than simply move the incoming file to a subsequent destination, even though the intermediary is an integral part of the ongoing client-server relationship.
- the very nature of the security mechanisms presents limitations in that in order for an intermediary to have access, the access criteria must be duplicated in a complex and difficult to maintain manner.
- One embodiment of the invention is directed to a system for secure data storage and transmission comprising a first security module for protecting data in a first data at rest system and a second security module for protecting data in a second data at rest system. At least a subset of data stored in the first data at rest system is encrypted.
- the first security module is associated with a first key domain defining encryption parameters for the first data at rest system. At least a subset of data stored in the second data at rest system is encrypted.
- the second security module is associated with a second key domain defining encryption parameters for the second data at rest system. At least one encryption parameter for the second data at rest system differs from at least one encryption parameter for the first data at rest system so that a datum is reencrypted when the datum is transferred from the first data at rest system to the second data at rest system.
- encryption parameters may comprise encryption keys or encryption algorithms.
- the first security module may encrypt data stored on the first data at rest system.
- the second security module may encrypt data stored on the second data at rest system.
- the system may also include a security management module which promulgates a security policy.
- the security management module may be communicatively coupled with the first security module and the second security module.
- the security management module may store an audit log.
- encryption parameters in the first key domain may be altered independently of encryption parameters in the second key domain.
- Another embodiment of the invention is directed to a selective data access system comprising a first data field encrypted with a first encryption key and a second data field encrypted with a second encryption key.
- a first user has access to the first encryption key and a second user has access to a second encryption key.
- a third user has access to both the first and the second encryption keys.
- the first data field and the second data field may reside in the same database.
- the first data field and the second data field may reside in the same table.
- Another embodiment of the invention is directed to a method of data transfer comprising storing data and encryption status information for the data in a first data at rest system, examining the encryption status information when transferring the data from the first data at rest system to a second data at rest system, and reencrypting the data if the first data at rest system and the second data at rest system are associated with different key domains.
- the key domains define encryption parameters.
- encryption parameters comprise encryption keys or encryption algorithms.
- Another embodiment of the invention is directed to a method for providing partial access to data comprising generating a report for a third party, the report containing obfuscated sensitive information, allowing the third party to examine the report, and providing access to unobfuscated sensitive information if the third party identifies information of interest.
- the obfuscated sensitive information may be pronouncable.
- the method may include generating a report comprises obtaining obfuscated data from a substitution cipher.
- the obfuscated sensitive data may be of the same data category as the unobfuscated sensitive data.
- the report may include obfuscated sensitive data selected from the group consisting of names, social security numbers, indications of treatment, telephone numbers and combinations thereof.
- Another embodiment of the invention is directed to a method of secure data transport comprising encrypting a datum, storing the datum in a first data at rest system, and transferring the datum to a second data at rest system.
- the datum remains encrypted during transfer and storage.
- the first data at rest system can be associated with a first domain and the second data at rest system can be associated with a second domain.
- the datum may be encrypted in accordance with the second domain before transfer.
- the datum may be encrypted in accordance with the second domain after transfer.
- FIG. 1 depicts a sample workflow illustrating the numerous components and communications which can compromise sensitive data.
- FIG. 2 depicts another environment 200 for implementation of the subject technology.
- FIG. 3 depicts a complex data flow diagram, representing some of the possible data flows in an enterprise.
- FIG. 4 is a flow diagram illustrating the flow of data under some embodiments of the invention herein.
- FIG. 5 depicts a data flow in which fields are decrypted in a database.
- FIG. 6 is a graphical depiction of key management system including a database, a security module, and an audit log.
- FIG. 7 depicts a scenario where a central key management system coordinates the use of different encryption formats in a data flow between databases and files.
- FIG. 8 depicts a scenario where a central key management system coordinates the use of different encryption key domains in a data flow between databases and files.
- FIGS. 9 and 10 depict how multiple encryption keys may be used to provide selective access to data.
- FIG. 11 depicts end to end encryption using DTP for data transmitted between a database and a browser.
- FIG. 12 depicts various examples of how data may be encrypted while in storage and in transit between a client, a server, and a database.
- FIG. 13 illustrates examples of format definitions for Data at Rest (Storage Format) and Data in Transit (Transit Format).
- FIG. 14 illustrates additional examples of format definitions for Data at Rest and Data in Transit.
- FIGS. 15 and 16 illustrate how an application/user that is not trusted with clear text data may validate masked data and export data in DTP format.
- FIG. 17 depicts an example of an application, user and/or view accessing a server that is referencing an item with formats defined for data export/import and data storage.
- FIG. 18 depicts an example of a PROTEGRITY® Utilities module accessing a PROTEGRITY® server that is referencing an item with formats defined for data import and data storage.
- FIG. 19 illustrates re-encryption when crossing domains.
- the present invention overcomes many of the prior art problems associated with transferring sensitive data in a distributed computing network.
- the advantages, and other features of the system disclosed herein, will become more readily apparent to those having ordinary skill in the art from the following detailed description of certain preferred embodiments taken in conjunction with the drawings which set forth representative embodiments of the present invention and wherein like reference numerals identify similar structural elements. All relative descriptions herein such as upstream, downstream, left, right, up, and down are with reference to the Figures, and not meant in a limiting sense.
- a processor generally is logic circuitry that responds to and processes instructions that drive a computer and can include, without limitation, a central processing unit, an arithmetic logic unit, an application specific integrated circuit, a task engine, and/or any combinations, arrangements, or multiples thereof.
- Software or code generally refers to computer instructions which, when executed on one or more digital data processing devices, cause interactions with operating parameters, sequence data/parameters, database entries, network connection parameters/data, variables, constants, software libraries, and/or any other elements needed for the proper execution of the instructions, within an execution environment in memory of the digital data processing device(s).
- a module is a functional aspect, which may include software and/or hardware. Typically, a module encompasses the necessary components to accomplish a task. It is envisioned that the same hardware could implement a plurality of modules and portions of such hardware being available as needed to accomplish the task.
- Those of ordinary skill will recognize that the software and various processes discussed herein are merely exemplary of the functionality performed by the disclosed technology and thus such processes and/or their equivalents may be implemented in commercial embodiments in various combinations without materially affecting the operation of the disclosed technology.
- a network can be a series of network nodes (each node being a digital data processing device, for example) that can be interconnected by network devices and communication lines (e.g., public carrier lines, private lines, satellite lines, etc.) that enable the network nodes to communicate.
- network devices e.g., public carrier lines, private lines, satellite lines, etc.
- the transfer of data (e.g., messages) between network nodes can be facilitated by network devices such as routers, switches, multiplexers, bridges, gateways, etc.
- the subject technology balances security and operational needs by employing systems, methods, apparatus and data structures where:
- a credit card number (and other sensitive fields) are partially encrypted (e.g., using Data Type Preserving encryption or related methods) at the first point of capture (in the commerce chain);
- the sensitive fields stay partially encrypted (with an optional re-encryption of some fields or parts of the fields content) throughout the commerce chain, enabling most applications to process without any field level decryption; and/or
- This embodiment results in high transparency and low overhead.
- data length control reduces the need for changes to database and file structures in applications by preserving the length and/or the datatype of the encrypted field.
- Datatype preservation simply means that each ciphertext field is as valid as the plaintext field it replaces.
- the method defines an appropriate alphabet of valid characters and performing all operations within the constraints of the defined alphabet. Each different datatype requires a judicious choice of alphabet.
- An alphabet consisting of numeric digits (“0123456789”) could be used to encrypt most number data, such as social security numbers (e.g. 123-45-6789).
- DLC reduces the need for changes to database structures and applications by preserving the datatype of the encrypted field
- Each ciphertext field is as valid as the plaintext field it replaces.
- the invention described minimizes the cost of securing enterprise information and allows for the secure sharing of data within the enterprise and with appropriate individuals outside of the enterprise.
- DTP and DLC can be implemented with different methods, including AES Counter Mode, where numeric in/out can be “compressed” to also include meta data within the original length of an alpha-numeric field. It is a further object of the subject technology to monitor user behavior. In business use-cases, the benefits are usage control for enterprise data and validation of usage behavior for critical applications and data.
- the flow charts herein illustrate the structure or the logic of the present technology, possibly as embodied in computer program software for execution on a computer, digital processor or microprocessor.
- Those skilled in the art will appreciate that the flow charts illustrate the structures of the computer program code elements, including logic circuits on an integrated circuit, that function according to the present technology.
- the present invention is practiced in its essential embodiment(s) by a machine component that renders the program code elements in a form that instructs a digital processing apparatus (e.g., computer) to perform a sequence of function step(s) corresponding to those shown in the flow charts.
- FIG. 1 there is shown a block diagram of workflow through an environment 100 that can employ the systems and methods of the subject technology.
- the subject technology protects sensitive data in such an environment and the infinite variations thereof.
- the following discussion describes the structure of such an environment 100 but further discussion of the application's program and data modules that embody the methodology of the present invention is described elsewhere herein.
- the environment 100 is a client/server network, which can support electronic commerce (e-commerce).
- the environment 100 includes a plurality of servers which communicate with a distributed computer network via communication channels, whether wired or wireless, as is well known to those of ordinary skill in the pertinent art.
- the distributed computer network is the Internet.
- the servers may be provided by various entities within the environment 100 .
- the servers are not drawn but rather the illustrative components thereof are shown as would be known to those of ordinary skill in the pertinent art.
- the servers may host multiple Web sites and house multiple databases 110 , 112 as necessary for e-commerce and the proper utilization of the subject technology.
- a server is any of a number of servers known to those skilled in the art that are intended to be operably connected to a network so as to operably link to a plurality of clients 102 , 104 , 106 , 108 via the distributed computer network.
- the server typically includes a central processing unit including one or more microprocessors such as those manufactured by Intel or AMD, random access memory (RAM), mechanisms and structures for performing I/O operations, a storage medium such as a magnetic hard disk drive(s), and an operating system for execution on the central processing unit.
- the hard disk drive of the server may be used for storing data, client applications and the like utilized by client applications.
- the hard disk drive(s) of the server also are typically provided for purposes of booting and storing the operating system, other applications or systems that are to be executed on the server, paging and swapping between the hard disk and the RAM.
- the distributed computer network may include any number of network systems well known to those skilled in the art.
- distributed computer network may be a combination of local area networks (LAN), wide area networks (WAN), or, other network technologies as is well known.
- LAN local area networks
- WAN wide area networks
- the preferred method of accessing information is the World Wide Web because navigation is intuitive and does not require technical knowledge.
- the plurality of computers or clients 102 , 104 , 106 , 108 can be similarly configured as the servers or simple systems such as desktop computers, laptop computers, personal digital assistants, cellular telephones and the like.
- the clients 102 , 104 , 106 , 108 allow users to conduct e-commerce and administrators to access information on the servers. For simplicity, only four clients 102 , 104 , 106 , 108 are shown.
- the clients 102 , 104 , 106 , 108 have displays and an input device(s) as would be appreciated by those of ordinary skill in the pertinent art.
- the display may be any of a number of devices known to those skilled in the art for displaying images responsive to outputs signals from the computers 102 , 104 , 106 , 108 .
- Such devices include but are not limited to cathode ray tubes (CRT), liquid crystal displays (LCDs), plasma screens and the like.
- CTR cathode ray tubes
- LCDs liquid crystal displays
- plasma screens and the like.
- the client 102 provides consumer access to the environment 100 whereas clients 104 , 106 , 108 are associated with vendors and/or an entity that provides the goods and/or services sought by the consumer. It will be recognized by those of ordinary skill in the art that the hardware of the clients 102 , 104 , 106 , 108 would often be interchangeable.
- a plurality of consumers typically can share the same client 102 and cookie technology can be utilized to facilitate access to the environment 100 . Of course, a plurality of users can utilize the environment 100 simultaneously.
- the clients 102 , 104 , 106 , 108 typically include a central processing unit including one or more micro-processors, mechanisms and structures for performing I/O operations (not shown), a storage medium such as a magnetic hard disk drive(s), a device for reading from and/or writing to removable computer readable media and operating system software for execution on the central processing unit.
- the application programs or software reside on the hard disk drive of a client for performing the functions in accordance with the subject technology.
- the hard disk drive simply has a browser for accessing a software application hosted on a server within the distributed computing network.
- a firewall and other conventional security measures may be employed between the client 102 and database 110 .
- the retailer may employ a database administrator (DBA)/software developer.
- DBA database administrator
- the client 102 allows a user to browse a Web site hosted by an entity such as a retailer. To make a transaction, the consumer places one or more desired items in an electronic shopping cart and proceeds to check out. At checkout, the consumer is prompted to provide payment information such as credit card information.
- the credit card company employs a server to store a point of service (POS) database 110 related to all the transactions.
- POS point of service
- a user may utilize an application on the client 102 other than a Web site to make a transaction.
- Such an application includes software downloaded from the Internet, installed from a diskette, CD, DVD or other persistent storage device, or pre-installed on the client 102 .
- the records of the POS database 110 must eventually be attended to in terms of payment and passed along to the retailer for storage in a mainframe database 112 stored in a server of the retailer. More particularly, the records are extracted and transferred such as by electronic mail as denoted graphically in area 114 . In area 116 , a file containing the records is uploaded to the mainframe database 112 while area 118 illustrates that data is loaded into the mainframe database 112 for storage and subsequent access as well.
- an extract, transform, and load (ETL) application 120 performs a process in data warehousing that involves extracting data from outside sources, transforming it to fit business needs, and ultimately and loading it into the data warehouse. ETL is the way data gets loaded into the warehouse.
- Data may be transferred between the POS database 110 and the mainframe database 112 through a variety of methods. As discussed above, records may be extracted and emailed to the mainframe 112 . Alternatively, data may be transferred through technologies including but not limited to Data Transformation Services, SQL ServerTM Transfer Manager and Bulk Copy Program, and SQL ServerTM Integration Services, all available as part of Microsoft® SQL ServerTM, available from Microsoft Corp. of Redmond, Wash.; and Data IntegratorTM, available from Pervasive Software, Inc. of Austin, Tex.
- FIG. 2 another more detailed view of an environment 200 for implementation of the subject technology is shown.
- the environment 200 has a plurality of clients 208 , 216 and servers 206 which access and utilize a plurality of databases 202 to conduct e-commerce.
- the general operation of FIG. 2 is well-known to one of ordinary skill in the art and, thus, not further described herein for brevity. In general, it will help in understanding of the relationship between applications and data with a Data Flow Diagram.
- DTP Data Type Preservation
- AES Counter Mode encryption is examples of encryption modes and transformation processes that can be used for data confidentiality in the provided examples.
- Data Type Preservation is described detail in U.S. patent application Ser. No. 09/721,942, filed Nov. 27, 2000, the contents of which are hereby incorporated by reference herein.
- FIG. 3 A complex data flow diagram, representing some of the possible data flows in an enterprise, is shown in FIG. 3 .
- Numerous components are shown including applications 302 , databases 304 , files 306 , networks 308 , data sources 310 , data warehouses 312 , servers 314 and vendors 316 .
- the connecting lines show that data may flow from any of these components to another component. Data may also flow between two or more of the same type of components.
- data 402 is captured.
- the data 402 may come from any source known now or in the future to one of ordinary skill in the art including but not limited to a web sites, e-commerce applications, electronic data exchange (EDI) and data mining applications.
- the data 402 is copied to a first file 404 where one or more fields 406 are encrypted with an encryption key 432 which resides in a key repository 434 .
- captured data may be copied directly to a database 412 , 420 .
- Data 408 may be copied from the first file 404 to a first database 412 .
- One or more fields 410 , 414 remain encrypted while being transferred and once placed on the first database 412 .
- Data 416 may also be transferred from the first database 412 to a second database 420 . Again, one or more fields 418 , 422 remain encrypted while being transferred and once placed on the second database 420 .
- Data 424 may also be transferred from the second database 420 to a second file 428 . Again, one or more fields 426 , 430 remain encrypted while being transferred and once placed in the second file 428 .
- FIG. 5 although selected fields are encrypted at point of data capture and can stay encrypted during the data's life cycle, another method 500 in which the credit card number contained in one or more fields 518 , 522 can be decrypted is shown.
- the following methods and depictions utilize similar principles and structures to the method 400 described above. Accordingly, like reference numerals in subsequent series, such as the “500” series instead of the “400” series, are used to indicate like elements whenever possible.
- the primary difference of the method 500 in comparison to the method 400 is the key 512 being available to the server storing database 520 . As a result, this server is allowed to de-encrypt and access the full credit card number stored in one or more fields 522 . Other servers will not need to install or operationally process encryption operations at all.
- data 502 is captured.
- the data 502 may come from any source known now or in the future to one of ordinary skill in the art including but not limited to a web sites, e-commerce applications, electronic data exchange (EDI) and data mining applications.
- the data 502 is copied to a first file 504 where one or more fields 506 are encrypted with an encryption key 532 which resides in a key repository 534 .
- captured data may be copied directly to a database 512 , 520 .
- Data 508 maybe copied from the first file 504 to a first database 512 .
- One or more fields 510 , 514 remain encrypted while being transferred and once placed on the first database 512 .
- Data 516 may also be transferred from the first database 512 to a second database 520 . Again, one or more fields 418 remain encrypted while being transferred to the second database 520 . At this point, the one or more fields 522 are de-encrypted using the encryption key 532 .
- Data 524 may also be transferred from the second database 520 to a second file 528 . Note that one or more fields 526 of the data 524 is reencrypted for transfer and storage in the second file 530 .
- a graphical depiction of key management is shown and referred to generally by the reference numeral 600 .
- a domain 530 is created 630 .
- each database 610 , 616 is monitored by a module 632 to coordinate compliance.
- Each module 632 stores the activity related to key 412 usage and data access in an audit log database 634 .
- a central key management solution is coordinating the use of encryption keys that are used in a data flow of encrypted data elements that are moving between different databases.
- modules 632 are depicted as “Protegrity” modules, such modules are in no way limited to products (e.g., DEFIANCETM and Secure.DataTM suites) distributed by Protegrity Corp. of Stamford, Conn.
- each respective file in the different database may use a unique encryption method, i.e., AES or Triple DES.
- AES Advanced Encryption Standard
- FIPS Federal Information Processing Standards
- Triple DES is an earlier block cypher still used in a variety of applications including electronic payments.
- Triple DES, its predecessor DES and AES are all described in Andrew S. Tanenbaum, Computer Networks 738-45 (4th ed. 2003), the contents of which is hereby incorporated by reference herein.
- each file 714 a, 716 a is stored in database 714 , 716 , respectively, and monitored by an application 740 as well as a DTP module 742 to coordinate compliance.
- the activity is stored in an audit log database 734 .
- a central key management solution with a distributed encryption solution is coordinating the use of different encryption keys and encryption formats in a data flow between databases and files.
- FIG. 8 a graphical depiction of another approach to key management is shown and referred to generally by the reference numeral 800 .
- a primary difference is several key domains 730 a - c are created.
- a central key management solution is coordinating the use of different encryption key domains in a data flow between databases and files, allowing different policies for managing the key life cycles separately for each domain.
- FIGS. 9 and 10 two scenarios of how different encryption keys may be given to different parties A, B, C to access different fields are shown.
- party A has full access by virtue of having both keys whereas parties B, C only have access to a single key, respectively, and thus can only access the portions of the credit card number encrypted thereby.
- the method for exchanging keys is very dependent on the existing infrastructure and what may be added. For instance, to use X.509, it is desirable to have some public key infrastructure (PKI). However, using Diffie-Hellman should for safety also include certificate handling. Having certificates allows the use of SSL. See generally Tanenbaum, Computer Networks 768-70, 791-92, the contents of which are incorporated by reference herein.0
- a database 902 exists with two encrypted fields 904 , 906 .
- Field 904 is encrypted with Key 1 908 and field 906 is encrypted with a Key 2 910 .
- User A has access to both Key 1 ( 908 ) and Key 2 ( 910 ).
- User B only has access to Key 2 ( 910 ).
- User C only has access to Key 1 ( 908 ).
- a database 1002 contains one or more sensitive fields 1004 . Separate encryption keys are assigned to sets containing one or more rows 1006 , 1008 . In a first set of one or more rows containing row 1006 , the sensitive field 1004 is encrypted with Key 1 ( 1010 ). In a second set of one or more rows containing row 1008 , the sensitive field 1004 is encrypted with Key 2 ( 1012 ). User A has access to both Key 1 ( 1010 ) and Key 2 ( 1012 ). User B only has access to Key 2 ( 1012 ). User C only has access to Key 1 ( 1010 ).
- FIG. 11 is end to end encryption using DTP for data transmitted between a database and a browser.
- a plurality of users 1102 , 1104 , 1106 have varying degrees of access to sensitive data (shaded) 1108 accessed by an application 1112 through a database 1110 .
- users 1104 and 1106 have certain rights to access and/or modify sensitive data 1108 .
- User 1104 may insert data in clear text.
- User 1106 may read the sensitive data 1108 in clear text.
- user 1102 may only view the sensitive data 1108 in cipher text.
- FIG. 12 depicts examples of DTP with different encryption key alternatives for data stored and in transit between a database, web/application sever and a user client. These examples of DTP with different encryption key alternatives can provide a solution for a virtual private database, client data security, and LAN encryption.
- data flow 1202 data in encrypted by the client 1212 and is encrypted again when stored on the database 1216 , resulting in double encryption.
- data flow 1204 data is encrypted by the client 1212 and stored as encrypted on the databse 1216 (without double encryption).
- system communications are encrypted, but not stored on the server 1214 or database 1216 , respectively.
- data flow 1210 data is encrypted by the server 1214 and reencrypted for storage in the database 1216 (but not necessarily with double encryption).
- FIG. 13 is an example of format definitions for Data at Rest (Storage Format) and Data in Transit (Transit Format).
- FIG. 14 demonstrates the need for a data export/import format. While data masking (e.g., converting 1234 5678 9009 8765 to 1234 XXXX XXX 8765) could be used in certain situations, the use of masking presupposes that the masked data will not be sent to another application or database. When this occurs, the data is of little use. Accordingly, by defining an export/import format, data 1402 is protected when sents from a database 1404 to an application 1406 . By utilizing an export/import format, a user 1408 may view only a minimal portion of the data 1402 before sending the data 1404 to another application or database (not shown) for further processing.
- data masking e.g., converting 1234 5678 9009 8765 to 1234 XXXXXX 8765
- the use of masking presupposes that the masked data will not be sent to another application or database. When this occurs, the data is of little use.
- the user 1408 may be a call center employee receiving a customer's order. In this situation, it is likely sufficient for the user 1408 to view only a few digits of the customer's credit card to verify that correct credit card will be charged. After the customer approves the transaction, the data 1404 may be transferred to an application for billing. This application (not shown) will need, and be able deencrypted the data 1404 to obtain the entire credit card number.
- the data export/import format may be implemented through the use of a view 1410 .
- a view is a read only virtual or logical table composed of the result set of a query.
- masking may be a useful component of a data export/import format.
- the data export/import format may specify that application 1406 display the number with masking to prevent confusion as to the actual number. This aspect of the invention is depicted in FIG. 15 .
- FIG. 16 is an example of application/user accessing a view that is referencing an item with formats defined for data export/import and data storage. As will be appreciated, FIG. 16 is similar to the system presented in FIG. 14 , and like number is used accordingly. The difference between FIGS. 14 and 16 is addition of a policy database 1412 .
- the policy database 1412 contains one or more item policies 1414 defining data export/import formats and data storage formats.
- module 1416 for coordinating data protection.
- module 1416 is depicted as “Protegrity Server”, module 1416 is in no way limited to products (e.g., DEFIANCETM and Secure.DataTM suites) distributed by Protegrity Corp. of Stamford, Conn. Rather, module 1416 could be any combination of hardware and/or software capable of interacting with policy database 1412 to produce view 1410 .
- Module 1416 may also have additional responsibilities including overall supervision of data security and/or the responsibilities of an access control system as described in U.S. Patent Application 2007/0083928, published Apr. 12, 2007, the contents of which are incorporated by reference.
- FIG. 18 depicts an embodiment of the invention in which the policy database and module are used for data import and output.
- a database 1804 containing sensitive data 1802 is import using an module 1806 .
- the module 1806 may be any utility for data import/export including DEFIANCETM and Secure.DataTM, both available from Protegrity Corp. of Stamford, Conn.; Data Transformation Services, SQL ServerTM Transfer Manager and Bulk Copy Program, and SQL ServerTM Integration Services, all available as part of MicrosoftTM SQL ServerTM, available from Microsoft Corp. of Redmond, Wash.; and Data IntegratorTM, available from Pervasive Software, Inc. of Austin, Tex.
- Data 1808 (not necessarily the same data as imported above) may be output to database 1810 .
- the module 1806 may utilize another module or server 1812 connected to a policy database 1814 as described herein.
- Plain text data 1906 is entered into database 1908 in key domain X 1902 .
- the data 1906 is encrypted.
- the data may be transmitted to database 1910 with out reencryption because database 1910 is also in key domain X 1902 .
- data 1906 is transferred to database 1912 , data 1906 must be reencrypted because database 1912 reside in key domain Y 1904 .
- formats discussed including formats for data in transit, data at rest, data import, and data export may be vary based on the user and/or the user's role.
- data export formats for an example, certain individuals and/or roles may be allowed to view clear text credit card data, while other individuals may only view cipher text credit card data.
- any functional element may perform fewer, or different, operations than those described with respect to the illustrated embodiment.
- functional elements e.g., modules, databases, interfaces, computers, servers and the like
- shown as distinct for purposes of illustration may be incorporated within other functional elements in a particular implementation.
Abstract
A system for secure data storage and transmission is provided. The system comprises a first security module for protecting data in a first data at rest system and a second security moducle for protecting data in a second data at rest system. At least one encryption parameter for the second data at rest system differs from at least one encryption parameter for the first data at rest system so that a datum is reencrypted when the datum is transferred from the first data at rest system to the second data at rest system.
Description
- This application claims priority to U.S. Provisional Patent Application 60/848,251, filed Sep. 29, 2006, the contents of which are incorporated in its entirety.
- The subject disclosure relates to methods and systems for protecting sensitive electronic information, and more particularly to improved methods and systems for protecting credit card information as such information is processed, stored, and travels across a distributed computing network.
- As the world of telecommunications, computer networking, and electronics continues to expand, the world as we know provides unprecedented access to information. Sitting in the glow of a computer screen, an individual can instantaneously access information on the opposite side of the planet by the Internet and other means. As companies continue to integrate such capabilities into more and more facets of their business, new and difficult challenges arise. In general, those with access to information are trustworthy and would never consider accessing and/or using information improperly. However, in the area of electronic commerce, credit card fraud and identity theft have become commonplace.
- Such problems have spurred advances in the technology of securing data. Examples of such advances are the commonly-used secure sockets layer (SSL) and S-HTTP security mechanisms. Whereas SSL utilizes handshake-based key distribution with complex public key cryptography techniques, S-HTTP is designed to send individual messages securely. In either case, intermediaries in the process are not able to do more than simply move the incoming file to a subsequent destination, even though the intermediary is an integral part of the ongoing client-server relationship. Hence, the very nature of the security mechanisms presents limitations in that in order for an intermediary to have access, the access criteria must be duplicated in a complex and difficult to maintain manner.
- Despite these advances, sensitive information is still commonly stolen and illicitly used. One area of weakness is the time when data is in transit and, particularly, in transit within a single entity or enterprise such as on an internal network. Similarly, as data passes between organizations, the data can be exposed by weak security measures and other infiltrations such as access data stolen from authorized personnel.
- It should be appreciated that the present invention can be implemented and utilized in numerous ways, including without limitation as a process, an apparatus, a system, a device, a method for applications now known and later developed or a computer readable medium. These and other unique features of the system disclosed herein will become more readily apparent from the following description and the accompanying drawings.
- One embodiment of the invention is directed to a system for secure data storage and transmission comprising a first security module for protecting data in a first data at rest system and a second security module for protecting data in a second data at rest system. At least a subset of data stored in the first data at rest system is encrypted. The first security module is associated with a first key domain defining encryption parameters for the first data at rest system. At least a subset of data stored in the second data at rest system is encrypted. The second security module is associated with a second key domain defining encryption parameters for the second data at rest system. At least one encryption parameter for the second data at rest system differs from at least one encryption parameter for the first data at rest system so that a datum is reencrypted when the datum is transferred from the first data at rest system to the second data at rest system.
- This embodiment may have several features. For example, encryption parameters mau comprise encryption keys or encryption algorithms. The first security module may encrypt data stored on the first data at rest system. The second security module may encrypt data stored on the second data at rest system.
- The system may also include a security management module which promulgates a security policy. The security management module may be communicatively coupled with the first security module and the second security module. The security management module may store an audit log. In some embodiments, encryption parameters in the first key domain may be altered independently of encryption parameters in the second key domain.
- Another embodiment of the invention is directed to a selective data access system comprising a first data field encrypted with a first encryption key and a second data field encrypted with a second encryption key. A first user has access to the first encryption key and a second user has access to a second encryption key.
- This embodiment may have several features. In some embodiments, a third user has access to both the first and the second encryption keys. The first data field and the second data field may reside in the same database. The first data field and the second data field may reside in the same table.
- Another embodiment of the invention is directed to a method of data transfer comprising storing data and encryption status information for the data in a first data at rest system, examining the encryption status information when transferring the data from the first data at rest system to a second data at rest system, and reencrypting the data if the first data at rest system and the second data at rest system are associated with different key domains. In some embodiments, the key domains define encryption parameters. In other embodiments, encryption parameters comprise encryption keys or encryption algorithms.
- Another embodiment of the invention is directed to a method for providing partial access to data comprising generating a report for a third party, the report containing obfuscated sensitive information, allowing the third party to examine the report, and providing access to unobfuscated sensitive information if the third party identifies information of interest.
- This embodiment of the invention can have various features. For example, the obfuscated sensitive information may be pronouncable. The method may include generating a report comprises obtaining obfuscated data from a substitution cipher. The obfuscated sensitive data may be of the same data category as the unobfuscated sensitive data. The report may include obfuscated sensitive data selected from the group consisting of names, social security numbers, indications of treatment, telephone numbers and combinations thereof.
- Another embodiment of the invention is directed to a method of secure data transport comprising encrypting a datum, storing the datum in a first data at rest system, and transferring the datum to a second data at rest system. The datum remains encrypted during transfer and storage.
- This embodiment of the invention can have various features. The first data at rest system can be associated with a first domain and the second data at rest system can be associated with a second domain. The datum may be encrypted in accordance with the second domain before transfer. The datum may be encrypted in accordance with the second domain after transfer.
- The presently disclosed embodiments will be further explained with reference to the attached drawings, wherein like structures are referred to by like numerals throughout the several views. The drawings shown are not necessarily to scale, with emphasis instead generally being placed upon illustrating the principles of the presently disclosed embodiments.
-
FIG. 1 depicts a sample workflow illustrating the numerous components and communications which can compromise sensitive data. -
FIG. 2 depicts anotherenvironment 200 for implementation of the subject technology. -
FIG. 3 depicts a complex data flow diagram, representing some of the possible data flows in an enterprise. -
FIG. 4 is a flow diagram illustrating the flow of data under some embodiments of the invention herein. -
FIG. 5 depicts a data flow in which fields are decrypted in a database. -
FIG. 6 is a graphical depiction of key management system including a database, a security module, and an audit log. -
FIG. 7 depicts a scenario where a central key management system coordinates the use of different encryption formats in a data flow between databases and files. -
FIG. 8 depicts a scenario where a central key management system coordinates the use of different encryption key domains in a data flow between databases and files. -
FIGS. 9 and 10 depict how multiple encryption keys may be used to provide selective access to data. -
FIG. 11 depicts end to end encryption using DTP for data transmitted between a database and a browser. -
FIG. 12 depicts various examples of how data may be encrypted while in storage and in transit between a client, a server, and a database. -
FIG. 13 illustrates examples of format definitions for Data at Rest (Storage Format) and Data in Transit (Transit Format). -
FIG. 14 illustrates additional examples of format definitions for Data at Rest and Data in Transit. -
FIGS. 15 and 16 illustrate how an application/user that is not trusted with clear text data may validate masked data and export data in DTP format. -
FIG. 17 depicts an example of an application, user and/or view accessing a server that is referencing an item with formats defined for data export/import and data storage. -
FIG. 18 depicts an example of a PROTEGRITY® Utilities module accessing a PROTEGRITY® server that is referencing an item with formats defined for data import and data storage. -
FIG. 19 illustrates re-encryption when crossing domains. - While the above-identified drawings set forth presently disclosed embodiments, other embodiments are also contemplated, as noted in the discussion. This disclosure presents illustrative embodiments by way of representation and not limitation. Numerous other modifications and embodiments can be devised by those skilled in the art which fall within the scope and spirit of the principles of the presently disclosed embodiments.
- The present invention overcomes many of the prior art problems associated with transferring sensitive data in a distributed computing network. The advantages, and other features of the system disclosed herein, will become more readily apparent to those having ordinary skill in the art from the following detailed description of certain preferred embodiments taken in conjunction with the drawings which set forth representative embodiments of the present invention and wherein like reference numerals identify similar structural elements. All relative descriptions herein such as upstream, downstream, left, right, up, and down are with reference to the Figures, and not meant in a limiting sense.
- For clarity, certain terms are defined generally as follows. A processor generally is logic circuitry that responds to and processes instructions that drive a computer and can include, without limitation, a central processing unit, an arithmetic logic unit, an application specific integrated circuit, a task engine, and/or any combinations, arrangements, or multiples thereof.
- Software or code generally refers to computer instructions which, when executed on one or more digital data processing devices, cause interactions with operating parameters, sequence data/parameters, database entries, network connection parameters/data, variables, constants, software libraries, and/or any other elements needed for the proper execution of the instructions, within an execution environment in memory of the digital data processing device(s).
- A module is a functional aspect, which may include software and/or hardware. Typically, a module encompasses the necessary components to accomplish a task. It is envisioned that the same hardware could implement a plurality of modules and portions of such hardware being available as needed to accomplish the task. Those of ordinary skill will recognize that the software and various processes discussed herein are merely exemplary of the functionality performed by the disclosed technology and thus such processes and/or their equivalents may be implemented in commercial embodiments in various combinations without materially affecting the operation of the disclosed technology.
- A network can be a series of network nodes (each node being a digital data processing device, for example) that can be interconnected by network devices and communication lines (e.g., public carrier lines, private lines, satellite lines, etc.) that enable the network nodes to communicate. The transfer of data (e.g., messages) between network nodes can be facilitated by network devices such as routers, switches, multiplexers, bridges, gateways, etc. that can manipulate and/or route data from an originating node to a destination node regardless of any dissimilarities in the network topology (e.g., bus, star, token ring, etc.), spatial distance (local, metropolitan, wide area network, etc.), transmission technology (e.g., TCP/IP, Systems Network Architecture, etc.), data type (e.g., data, voice, video, multimedia, etc.), nature of connection (e.g., switched, non-switched, dial-up, dedicated, virtual, etc.), and/or physical link (e.g., optical fiber, coaxial cable, twisted pair, wireless, etc.) between the originating and destination network nodes.
- In view of the challenges discussed herein, a need exists for a system and method that effectively provides protection of sensitive consumer data while allowing access to intermediaries in the e-commerce process.
- Still further, organizations need to allow downstream systems to utilize encrypted data. Typically, extract, transform, and load (ETL) tools cannot utilize encrypted data because the data type is not understood and/or the length control is not maintained. Thus, there is a need to preserve and control the data length and type while maintaining high level of security such as in the Advanced Encryption Standard (AES) or Triple Data Encryption Standard (3DES) systems.
- In one embodiment, the subject technology balances security and operational needs by employing systems, methods, apparatus and data structures where:
- 1. A credit card number (and other sensitive fields) are partially encrypted (e.g., using Data Type Preserving encryption or related methods) at the first point of capture (in the commerce chain);
- 2. The sensitive fields stay partially encrypted (with an optional re-encryption of some fields or parts of the fields content) throughout the commerce chain, enabling most applications to process without any field level decryption; and/or
- 3. Selected data (at file level and database file level) at rest on disk and backups is additionally and fully (double) encrypted.
- This embodiment results in high transparency and low overhead.
- It is an object of the subject technology to control the data length and type.
- Preferably, data length control (DLC) reduces the need for changes to database and file structures in applications by preserving the length and/or the datatype of the encrypted field. Datatype preservation simply means that each ciphertext field is as valid as the plaintext field it replaces. In one aspect, the method defines an appropriate alphabet of valid characters and performing all operations within the constraints of the defined alphabet. Each different datatype requires a judicious choice of alphabet. An alphabet consisting of numeric digits (“0123456789”) could be used to encrypt most number data, such as social security numbers (e.g. 123-45-6789). (The dashes, not included the chosen alphabet, are copied unchanged to the corresponding positions in the ciphertext output.) Other alphabets, such as all printable ASCII characters, all characters shared by ASCII and EBCDIC, or all hexadecimal digits can be used to encode a variety of common datatypes.
- As a result of DLC, the following advantages are realized:
- DLC reduces the need for changes to database structures and applications by preserving the datatype of the encrypted field; and
- Each ciphertext field is as valid as the plaintext field it replaces.
- It is a further object of the subject technology to provide secure sharing of enterprise information. In business use-cases the invention described minimizes the cost of securing enterprise information and allows for the secure sharing of data within the enterprise and with appropriate individuals outside of the enterprise.
- DTP and DLC can be implemented with different methods, including AES Counter Mode, where numeric in/out can be “compressed” to also include meta data within the original length of an alpha-numeric field. It is a further object of the subject technology to monitor user behavior. In business use-cases, the benefits are usage control for enterprise data and validation of usage behavior for critical applications and data.
- The flow charts herein illustrate the structure or the logic of the present technology, possibly as embodied in computer program software for execution on a computer, digital processor or microprocessor. Those skilled in the art will appreciate that the flow charts illustrate the structures of the computer program code elements, including logic circuits on an integrated circuit, that function according to the present technology. As such, the present invention is practiced in its essential embodiment(s) by a machine component that renders the program code elements in a form that instructs a digital processing apparatus (e.g., computer) to perform a sequence of function step(s) corresponding to those shown in the flow charts.
- Referring now to the
FIG. 1 , there is shown a block diagram of workflow through anenvironment 100 that can employ the systems and methods of the subject technology. The subject technology protects sensitive data in such an environment and the infinite variations thereof. The following discussion describes the structure of such anenvironment 100 but further discussion of the application's program and data modules that embody the methodology of the present invention is described elsewhere herein. - The
environment 100 is a client/server network, which can support electronic commerce (e-commerce). Theenvironment 100 includes a plurality of servers which communicate with a distributed computer network via communication channels, whether wired or wireless, as is well known to those of ordinary skill in the pertinent art. In the preferred embodiment, the distributed computer network is the Internet. The servers may be provided by various entities within theenvironment 100. For simplicity, the servers are not drawn but rather the illustrative components thereof are shown as would be known to those of ordinary skill in the pertinent art. The servers may host multiple Web sites and housemultiple databases - A server is any of a number of servers known to those skilled in the art that are intended to be operably connected to a network so as to operably link to a plurality of
clients - The distributed computer network may include any number of network systems well known to those skilled in the art. For example, distributed computer network may be a combination of local area networks (LAN), wide area networks (WAN), or, other network technologies as is well known. For the Internet, the preferred method of accessing information is the World Wide Web because navigation is intuitive and does not require technical knowledge.
- The plurality of computers or
clients clients clients clients computers FIG. 1 such illustration shall not be construed as limiting the present invention to the illustrated embodiment. - The
client 102 provides consumer access to theenvironment 100 whereasclients clients same client 102 and cookie technology can be utilized to facilitate access to theenvironment 100. Of course, a plurality of users can utilize theenvironment 100 simultaneously. - Similarly to the servers, the
clients - Still referring to
FIG. 1 , although not shown, a firewall and other conventional security measures may be employed between theclient 102 anddatabase 110. To administer these security measures and maintain thePOS database 110, the retailer may employ a database administrator (DBA)/software developer. - The
client 102 allows a user to browse a Web site hosted by an entity such as a retailer. To make a transaction, the consumer places one or more desired items in an electronic shopping cart and proceeds to check out. At checkout, the consumer is prompted to provide payment information such as credit card information. The credit card company employs a server to store a point of service (POS)database 110 related to all the transactions. In alternative embodiments, a user may utilize an application on theclient 102 other than a Web site to make a transaction. Such an application includes software downloaded from the Internet, installed from a diskette, CD, DVD or other persistent storage device, or pre-installed on theclient 102. - The records of the
POS database 110 must eventually be attended to in terms of payment and passed along to the retailer for storage in amainframe database 112 stored in a server of the retailer. More particularly, the records are extracted and transferred such as by electronic mail as denoted graphically inarea 114. In area 116, a file containing the records is uploaded to themainframe database 112 whilearea 118 illustrates that data is loaded into themainframe database 112 for storage and subsequent access as well. Working in the opposite direction, an extract, transform, and load (ETL)application 120 performs a process in data warehousing that involves extracting data from outside sources, transforming it to fit business needs, and ultimately and loading it into the data warehouse. ETL is the way data gets loaded into the warehouse. - Data may be transferred between the
POS database 110 and themainframe database 112 through a variety of methods. As discussed above, records may be extracted and emailed to themainframe 112. Alternatively, data may be transferred through technologies including but not limited to Data Transformation Services, SQL Server™ Transfer Manager and Bulk Copy Program, and SQL Server™ Integration Services, all available as part of Microsoft® SQL Server™, available from Microsoft Corp. of Redmond, Wash.; and Data Integrator™, available from Pervasive Software, Inc. of Austin, Tex. - Referring now to
FIG. 2 , another more detailed view of anenvironment 200 for implementation of the subject technology is shown. In brief, theenvironment 200 has a plurality ofclients servers 206 which access and utilize a plurality ofdatabases 202 to conduct e-commerce. The general operation ofFIG. 2 is well-known to one of ordinary skill in the art and, thus, not further described herein for brevity. In general, it will help in understanding of the relationship between applications and data with a Data Flow Diagram. - DTP (Data Type Preservation) and AES Counter Mode encryption are examples of encryption modes and transformation processes that can be used for data confidentiality in the provided examples. Data Type Preservation is described detail in U.S. patent application Ser. No. 09/721,942, filed Nov. 27, 2000, the contents of which are hereby incorporated by reference herein.
- A complex data flow diagram, representing some of the possible data flows in an enterprise, is shown in
FIG. 3 . Numerous components are shown includingapplications 302,databases 304,files 306,networks 308,data sources 310,data warehouses 312,servers 314 andvendors 316. The connecting lines show that data may flow from any of these components to another component. Data may also flow between two or more of the same type of components. - Referring now to
FIG. 4 ,data 402 is captured. Thedata 402 may come from any source known now or in the future to one of ordinary skill in the art including but not limited to a web sites, e-commerce applications, electronic data exchange (EDI) and data mining applications. Thedata 402 is copied to afirst file 404 where one ormore fields 406 are encrypted with anencryption key 432 which resides in akey repository 434. Alternatively, captured data may be copied directly to adatabase Data 408 may be copied from thefirst file 404 to afirst database 412. One ormore fields first database 412. This encryption prevents a breach of security during transfer and eliminates the need to frequently de-encrypt and re-encrypt data.Data 416 may also be transferred from thefirst database 412 to asecond database 420. Again, one ormore fields second database 420.Data 424 may also be transferred from thesecond database 420 to asecond file 428. Again, one ormore fields second file 428. - Referring now to
FIG. 5 , although selected fields are encrypted at point of data capture and can stay encrypted during the data's life cycle, another method 500 in which the credit card number contained in one ormore fields server storing database 520. As a result, this server is allowed to de-encrypt and access the full credit card number stored in one ormore fields 522. Other servers will not need to install or operationally process encryption operations at all. - Referring now to
FIG. 5 ,data 502 is captured. Thedata 502 may come from any source known now or in the future to one of ordinary skill in the art including but not limited to a web sites, e-commerce applications, electronic data exchange (EDI) and data mining applications. Thedata 502 is copied to afirst file 504 where one or more fields 506 are encrypted with anencryption key 532 which resides in akey repository 534. Alternatively, captured data may be copied directly to adatabase Data 508 maybe copied from thefirst file 504 to afirst database 512. One ormore fields first database 512. This encryption prevents a breach of security during transfer and eliminates the need to frequently de-encrypt and re-encrypt data.Data 516 may also be transferred from thefirst database 512 to asecond database 520. Again, one ormore fields 418 remain encrypted while being transferred to thesecond database 520. At this point, the one ormore fields 522 are de-encrypted using theencryption key 532.Data 524 may also be transferred from thesecond database 520 to asecond file 528. Note that one ormore fields 526 of thedata 524 is reencrypted for transfer and storage in thesecond file 530. - Referring now to
FIG. 6 , a graphical depiction of key management is shown and referred to generally by thereference numeral 600. To allow access to the key 412, adomain 530 is created 630. Although only twodatabases domain 630, the number of databases therein is unlimited. To oversee the distribution of the key 412, eachdatabase module 632 to coordinate compliance. Eachmodule 632 stores the activity related tokey 412 usage and data access in anaudit log database 634. As a result, a central key management solution is coordinating the use of encryption keys that are used in a data flow of encrypted data elements that are moving between different databases. Althoughmodules 632 are depicted as “Protegrity” modules, such modules are in no way limited to products (e.g., DEFIANCE™ and Secure.Data™ suites) distributed by Protegrity Corp. of Stamford, Conn. - Referring now to
FIG. 7 , a graphical depiction of another approach to key management is shown and referred to generally by thereference numeral 700. A primary difference is that each respective file in the different database may use a unique encryption method, i.e., AES or Triple DES. AES (Advanced Encryption Standard) is a block cypher adopted as an encryption standard by the United States government. AES is described in Federal Information Processing Standards (FIPS) Publication 197, the contents of which is hereby incorporated by reference herein. Triple DES is an earlier block cypher still used in a variety of applications including electronic payments. Triple DES, its predecessor DES and AES are all described in Andrew S. Tanenbaum, Computer Networks 738-45 (4th ed. 2003), the contents of which is hereby incorporated by reference herein. - Again, to oversee the distribution of the key, each file 714 a, 716 a is stored in
database application 740 as well as aDTP module 742 to coordinate compliance. The activity is stored in anaudit log database 734. As a result, a central key management solution with a distributed encryption solution is coordinating the use of different encryption keys and encryption formats in a data flow between databases and files. - Referring now to
FIG. 8 , a graphical depiction of another approach to key management is shown and referred to generally by thereference numeral 800. A primary difference is several key domains 730 a-c are created. As a result, a central key management solution is coordinating the use of different encryption key domains in a data flow between databases and files, allowing different policies for managing the key life cycles separately for each domain. - Referring now to
FIGS. 9 and 10 , two scenarios of how different encryption keys may be given to different parties A, B, C to access different fields are shown. InFIG. 9 , party A has full access by virtue of having both keys whereas parties B, C only have access to a single key, respectively, and thus can only access the portions of the credit card number encrypted thereby. The method for exchanging keys is very dependent on the existing infrastructure and what may be added. For instance, to use X.509, it is desirable to have some public key infrastructure (PKI). However, using Diffie-Hellman should for safety also include certificate handling. Having certificates allows the use of SSL. See generally Tanenbaum, Computer Networks 768-70, 791-92, the contents of which are incorporated by reference herein.0 - Referring now in particular to
FIG. 9 , a schematic represents access to sensitive data for three users A, B, and C. Adatabase 902 exists with twoencrypted fields Field 904 is encrypted withKey 1 908 andfield 906 is encrypted with aKey 2 910. User A has access to both Key 1 (908) and Key 2 (910). User B only has access to Key 2 (910). User C only has access to Key 1 (908). - Referring now in particular to
FIG. 10 , a schematic represents access to sensitive data for three users A, B, andC. A database 1002 contains one or moresensitive fields 1004. Separate encryption keys are assigned to sets containing one ormore rows rows containing row 1006, thesensitive field 1004 is encrypted with Key 1 (1010). In a second set of one or morerows containing row 1008, thesensitive field 1004 is encrypted with Key 2 (1012). User A has access to both Key 1 (1010) and Key 2 (1012). User B only has access to Key 2 (1012). User C only has access to Key 1 (1010). -
FIG. 11 is end to end encryption using DTP for data transmitted between a database and a browser. A plurality ofusers application 1112 through adatabase 1110. Through plug-ins key management system 1118,users sensitive data 1108.User 1104 may insert data in clear text.User 1106 may read thesensitive data 1108 in clear text. In contrast,user 1102 may only view thesensitive data 1108 in cipher text. -
FIG. 12 depicts examples of DTP with different encryption key alternatives for data stored and in transit between a database, web/application sever and a user client. These examples of DTP with different encryption key alternatives can provide a solution for a virtual private database, client data security, and LAN encryption. Indata flow 1202, data in encrypted by theclient 1212 and is encrypted again when stored on thedatabase 1216, resulting in double encryption. Indata flow 1204, data is encrypted by theclient 1212 and stored as encrypted on the databse 1216 (without double encryption). Indata flows server 1214 ordatabase 1216, respectively. Indata flow 1210, data is encrypted by theserver 1214 and reencrypted for storage in the database 1216 (but not necessarily with double encryption). -
FIG. 13 is an example of format definitions for Data at Rest (Storage Format) and Data in Transit (Transit Format). By using the invention herein, organizations can achieve significant performance and security gains by defining a single format such that data remains in the same protected format whether in storage or in transit and therefore need not be reformatted before or after transit. -
FIG. 14 demonstrates the need for a data export/import format. While data masking (e.g., converting 1234 5678 9009 8765 to 1234 XXXX XXXX 8765) could be used in certain situations, the use of masking presupposes that the masked data will not be sent to another application or database. When this occurs, the data is of little use. Accordingly, by defining an export/import format,data 1402 is protected when sents from adatabase 1404 to anapplication 1406. By utilizing an export/import format, auser 1408 may view only a minimal portion of thedata 1402 before sending thedata 1404 to another application or database (not shown) for further processing. For example, theuser 1408 may be a call center employee receiving a customer's order. In this situation, it is likely sufficient for theuser 1408 to view only a few digits of the customer's credit card to verify that correct credit card will be charged. After the customer approves the transaction, thedata 1404 may be transferred to an application for billing. This application (not shown) will need, and be able deencrypted thedata 1404 to obtain the entire credit card number. The data export/import format may be implemented through the use of aview 1410. A view is a read only virtual or logical table composed of the result set of a query. - The above description is not intended to deprecate masking techniques. Indeed, masking may be a useful component of a data export/import format. Using the above example, if the middle eight digits of a credit card number encrypted, the data export/import format may specify that
application 1406 display the number with masking to prevent confusion as to the actual number. This aspect of the invention is depicted inFIG. 15 . -
FIG. 16 is an example of application/user accessing a view that is referencing an item with formats defined for data export/import and data storage. As will be appreciated,FIG. 16 is similar to the system presented inFIG. 14 , and like number is used accordingly. The difference betweenFIGS. 14 and 16 is addition of apolicy database 1412. Thepolicy database 1412 contains one ormore item policies 1414 defining data export/import formats and data storage formats. - Referring to
FIG. 17 , the system depicted inFIG. 16 is further modified to include amodule 1416 for coordinating data protection. Althoughmodule 1416 is depicted as “Protegrity Server”,module 1416 is in no way limited to products (e.g., DEFIANCE™ and Secure.Data™ suites) distributed by Protegrity Corp. of Stamford, Conn. Rather,module 1416 could be any combination of hardware and/or software capable of interacting withpolicy database 1412 to produceview 1410.Module 1416 may also have additional responsibilities including overall supervision of data security and/or the responsibilities of an access control system as described in U.S. Patent Application 2007/0083928, published Apr. 12, 2007, the contents of which are incorporated by reference. -
FIG. 18 depicts an embodiment of the invention in which the policy database and module are used for data import and output. Adatabase 1804 containingsensitive data 1802 is import using anmodule 1806. Themodule 1806, may be any utility for data import/export including DEFIANCE™ and Secure.Data™, both available from Protegrity Corp. of Stamford, Conn.; Data Transformation Services, SQL Server™ Transfer Manager and Bulk Copy Program, and SQL Server™ Integration Services, all available as part of Microsoft™ SQL Server™, available from Microsoft Corp. of Redmond, Wash.; and Data Integrator™, available from Pervasive Software, Inc. of Austin, Tex. Data 1808 (not necessarily the same data as imported above) may be output todatabase 1810. Themodule 1806 may utilize another module orserver 1812 connected to apolicy database 1814 as described herein. - Referring now to
FIG. 19 , two key domains exist, X 1902 andY 1904.Plain text data 1906 is entered intodatabase 1908 inkey domain X 1902. Thedata 1906 is encrypted. The data may be transmitted todatabase 1910 with out reencryption becausedatabase 1910 is also inkey domain X 1902. However, whendata 1906 is transferred todatabase 1912,data 1906 must be reencrypted becausedatabase 1912 reside inkey domain Y 1904. - Any of the formats discussed including formats for data in transit, data at rest, data import, and data export may be vary based on the user and/or the user's role. Using data export formats for an example, certain individuals and/or roles may be allowed to view clear text credit card data, while other individuals may only view cipher text credit card data.
- It will be appreciated by those of ordinary skill in the pertinent art that the functions of several elements may, in alternative embodiments, be carried out by fewer elements, or a single element. Similarly, in some embodiments, any functional element may perform fewer, or different, operations than those described with respect to the illustrated embodiment. Also, functional elements (e.g., modules, databases, interfaces, computers, servers and the like) shown as distinct for purposes of illustration may be incorporated within other functional elements in a particular implementation.
- While the invention has been described with respect to preferred embodiments, those skilled in the art will readily appreciate that various changes and/or modifications can be made to the invention without departing from the spirit or scope of the invention.
Claims (24)
1. A system for secure data storage and transmission comprising:
a first security module for protecting data in a first data at rest system, at least a subset of data stored in the first data at rest system being encrypted, the first security module associated with a first key domain defining encryption parameters for the first data at rest system; and
a second security module for protecting data in a second data at rest system, at least a subset of data stored in the second data at rest system being encrypted, the second security module associated with a second key domain defining encryption parameters for the second data at rest system, at least one encryption parameter for the second data at rest system differing from at least one encryption parameter for the first data at rest system so that a datum is reencrypted when the datum is transferred from the first data at rest system to the second data at rest system.
2. The system of claim 1 wherein encryption parameters comprise encryption keys or encryption algorithms.
3. The system of claim 1 wherein the first security module encrypts data stored on the first data at rest system.
4. The system of claim 1 wherein the second security module encrypts data stored on the second data at rest system.
5. The system of claim 1 further comprising:
a security management module, wherein the security management module promulgates a security policy.
6. The system of claim 5 , wherein the security management module is communicatively coupled with the first security module and the second security module.
7. The system of claim 5 , wherein the security management module stores an audit log.
8. The system of claim 1 , wherein encryption parameters in the first key domain may be altered independently of encryption parameters in the second key domain.
9. A selective data access system comprising:
a first data field encrypted with a first encryption key; and
a second data field encrypted with a second encryption key, wherein a first user has access to the first encryption key and a second user has access to a second encryption key.
10. The system of claim 9 , wherein a third user has access to both the first and the second encryption keys.
11. The system of claim 9 , wherein the first data field and the second data field reside in the same database.
12. The system of claim 9 , wherein the first data field and the second data field reside in the same table.
13. A method of data transfer comprising:
storing data and encryption status information for the data in a first data at rest system;
examining the encryption status information when transferring the data from the first data at rest system to a second data at rest system; and
reencrypting the data if the first data at rest system and the second data at rest system are associated with different key domains.
14. The method of claim 13 , wherein the key domains define encryption parameters.
15. The method of claim 14 , wherein encryption parameters comprise encryption keys or encryption algorithms.
16. A method for providing partial access to data comprising:
generating a report for a third party, wherein the report includes obfuscated sensitive information;
allowing the third party to examine the report; and
providing access to unobfuscated sensitive information if the third party identifies information of interest.
17. The method of claim 16 , wherein the obfuscated sensitive information is pronouncable.
18. The method of claim 16 , wherein generating a report comprises obtaining obfuscated data from a substitution cipher.
19. The method of claim 16 , wherein the obfuscated sensitive data is of the same data category as the unobfuscated sensitive data.
20. A method as recited in claim 16 , wherein the report includes obfuscated sensitive data selected from the group consisting of names, social security numbers, indications of treatment, telephone numbers and combinations thereof.
21. A method of secure data transport comprising:
encrypting a datum;
storing the datum in a first data at rest system; and
transferring the datum to a second data at rest system, wherein the datum remains encrypted during transfer and storage.
22. The method of claim 21 , wherein the first data at rest system is associated with a first domain and the second data at rest system is associated with a second domain.
23. The method of claim 22 , wherein the datum is encrypted in accordance with the second domain before transfer.
24. The method of claim 22 , wherein the datum is encrypted in accordance with the second domain after transfer.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/904,684 US20080082837A1 (en) | 2006-09-29 | 2007-09-27 | Apparatus and method for continuous data protection in a distributed computing network |
US14/720,303 US9971906B2 (en) | 2006-09-29 | 2015-05-22 | Apparatus and method for continuous data protection in a distributed computing network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US84825106P | 2006-09-29 | 2006-09-29 | |
US11/904,684 US20080082837A1 (en) | 2006-09-29 | 2007-09-27 | Apparatus and method for continuous data protection in a distributed computing network |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/720,303 Continuation US9971906B2 (en) | 2006-09-29 | 2015-05-22 | Apparatus and method for continuous data protection in a distributed computing network |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080082837A1 true US20080082837A1 (en) | 2008-04-03 |
Family
ID=38961239
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/904,791 Active 2031-02-20 US8661263B2 (en) | 2006-09-29 | 2007-09-27 | Meta-complete data storage |
US11/904,684 Abandoned US20080082837A1 (en) | 2006-09-29 | 2007-09-27 | Apparatus and method for continuous data protection in a distributed computing network |
US14/164,823 Active US9152579B2 (en) | 2006-09-29 | 2014-01-27 | Meta-complete data storage |
US14/720,303 Active US9971906B2 (en) | 2006-09-29 | 2015-05-22 | Apparatus and method for continuous data protection in a distributed computing network |
US14/841,952 Active US9514330B2 (en) | 2006-09-29 | 2015-09-01 | Meta-complete data storage |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/904,791 Active 2031-02-20 US8661263B2 (en) | 2006-09-29 | 2007-09-27 | Meta-complete data storage |
Family Applications After (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/164,823 Active US9152579B2 (en) | 2006-09-29 | 2014-01-27 | Meta-complete data storage |
US14/720,303 Active US9971906B2 (en) | 2006-09-29 | 2015-05-22 | Apparatus and method for continuous data protection in a distributed computing network |
US14/841,952 Active US9514330B2 (en) | 2006-09-29 | 2015-09-01 | Meta-complete data storage |
Country Status (2)
Country | Link |
---|---|
US (5) | US8661263B2 (en) |
EP (2) | EP1909212B1 (en) |
Cited By (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080091944A1 (en) * | 2006-10-17 | 2008-04-17 | Von Mueller Clay W | Batch settlement transactions system and method |
US20080097954A1 (en) * | 2006-10-20 | 2008-04-24 | Microsoft Corporation | Ranged lookups |
US20080189214A1 (en) * | 2006-10-17 | 2008-08-07 | Clay Von Mueller | Pin block replacement |
US20080288403A1 (en) * | 2007-05-18 | 2008-11-20 | Clay Von Mueller | Pin encryption device security |
US7725726B2 (en) | 1996-02-15 | 2010-05-25 | Semtek Innovative Solutions Corporation | Method and apparatus for securing and authenticating encoded data and documents containing such data |
US7740173B2 (en) | 2004-09-07 | 2010-06-22 | Semtek Innovative Solutions Corporation | Transparently securing transactional data |
US8144940B2 (en) | 2008-08-07 | 2012-03-27 | Clay Von Mueller | System and method for authentication of data |
US8251283B1 (en) | 2009-05-08 | 2012-08-28 | Oberon Labs, LLC | Token authentication using spatial characteristics |
US8355982B2 (en) | 2007-08-16 | 2013-01-15 | Verifone, Inc. | Metrics systems and methods for token transactions |
US8423789B1 (en) | 2007-05-22 | 2013-04-16 | Marvell International Ltd. | Key generation techniques |
US20130104232A1 (en) * | 2011-10-25 | 2013-04-25 | Raytheon Company | Appliqué providing a secure deployment environment (sde) for a wireless communications device |
US8452965B1 (en) * | 2010-06-29 | 2013-05-28 | Emc Corporation | Self-identification of tokens |
US8645716B1 (en) | 2010-10-08 | 2014-02-04 | Marvell International Ltd. | Method and apparatus for overwriting an encryption key of a media drive |
US8655787B1 (en) | 2010-06-29 | 2014-02-18 | Emc Corporation | Automated detection of defined input values and transformation to tokens |
US9361617B2 (en) | 2008-06-17 | 2016-06-07 | Verifone, Inc. | Variable-length cipher system and method |
US20160359916A1 (en) * | 2015-06-03 | 2016-12-08 | Samsung Electronics Co., Ltd. | Electronic device and method for encrypting content |
US9531689B1 (en) * | 2014-11-10 | 2016-12-27 | The United States Of America As Represented By The Secretary Of The Navy | System and method for encryption of network data |
US9575768B1 (en) | 2013-01-08 | 2017-02-21 | Marvell International Ltd. | Loading boot code from multiple memories |
WO2017066644A1 (en) * | 2015-10-16 | 2017-04-20 | ORock Holdings, LLC | System for providing end-to-end protection against network-based attacks |
US9652249B1 (en) | 2008-09-18 | 2017-05-16 | Marvell World Trade Ltd. | Preloading an application while an operating system loads |
US9736801B1 (en) | 2013-05-20 | 2017-08-15 | Marvell International Ltd. | Methods and apparatus for synchronizing devices in a wireless data communication system |
US9769653B1 (en) | 2008-08-20 | 2017-09-19 | Marvell International Ltd. | Efficient key establishment for wireless networks |
US9836306B2 (en) | 2013-07-31 | 2017-12-05 | Marvell World Trade Ltd. | Parallelizing boot operations |
US9860862B1 (en) | 2013-05-21 | 2018-01-02 | Marvell International Ltd. | Methods and apparatus for selecting a device to perform shared functionality in a deterministic and fair manner in a wireless data communication system |
US9971906B2 (en) * | 2006-09-29 | 2018-05-15 | Protegrity Corporation | Apparatus and method for continuous data protection in a distributed computing network |
US20180198949A1 (en) * | 2017-01-06 | 2018-07-12 | Toshiba Tec Kabushiki Kaisha | Recording apparatus and method for making characters on credit card unreadable |
US10158607B2 (en) | 2013-09-12 | 2018-12-18 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US10275377B2 (en) | 2011-11-15 | 2019-04-30 | Marvell World Trade Ltd. | Dynamic boot image streaming |
US10979412B2 (en) | 2016-03-08 | 2021-04-13 | Nxp Usa, Inc. | Methods and apparatus for secure device authentication |
Families Citing this family (88)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU6104800A (en) | 1999-07-16 | 2001-02-05 | Intertrust Technologies Corp. | Trusted storage systems and methods |
KR100737359B1 (en) * | 2006-10-04 | 2007-07-10 | (주)이글로벌시스템 | Method to create Indexes for encrypted column |
US8209549B1 (en) | 2006-10-19 | 2012-06-26 | United Services Automobile Association (Usaa) | Systems and methods for cryptographic masking of private data |
US7730106B2 (en) * | 2006-12-28 | 2010-06-01 | Teradata Us, Inc. | Compression of encrypted data in database management systems |
US20090132419A1 (en) * | 2007-11-15 | 2009-05-21 | Garland Grammer | Obfuscating sensitive data while preserving data usability |
US8055668B2 (en) * | 2008-02-13 | 2011-11-08 | Camouflage Software, Inc. | Method and system for masking data in a consistent manner across multiple data sources |
US8225106B2 (en) * | 2008-04-02 | 2012-07-17 | Protegrity Corporation | Differential encryption utilizing trust modes |
US8813247B1 (en) * | 2008-04-07 | 2014-08-19 | Alex I. Alten | Providing cryptographic security for objective-oriented programming files |
US20090296926A1 (en) * | 2008-06-02 | 2009-12-03 | Sun Microsystems, Inc. | Key management using derived keys |
US8948375B2 (en) * | 2009-05-05 | 2015-02-03 | Voltage Security, Inc. | Systems for embedding information in data strings |
US7979410B2 (en) * | 2008-07-30 | 2011-07-12 | Oracle International Corp. | Maintaining referential integrity while masking |
US20110060915A1 (en) * | 2009-09-10 | 2011-03-10 | International Business Machines Corporation | Managing Encryption of Data |
US8666823B2 (en) | 2010-04-05 | 2014-03-04 | Voltage Security, Inc. | System for structured encryption of payment card track data |
US9432342B1 (en) | 2011-03-08 | 2016-08-30 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9852311B1 (en) | 2011-03-08 | 2017-12-26 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9231920B1 (en) | 2011-12-13 | 2016-01-05 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9356993B1 (en) | 2011-03-08 | 2016-05-31 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US11228566B1 (en) | 2011-03-08 | 2022-01-18 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9300637B1 (en) | 2011-03-08 | 2016-03-29 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US8726398B1 (en) | 2011-12-13 | 2014-05-13 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9413526B1 (en) | 2011-03-08 | 2016-08-09 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US8694646B1 (en) * | 2011-03-08 | 2014-04-08 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9292696B1 (en) | 2011-03-08 | 2016-03-22 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9667741B1 (en) | 2011-03-08 | 2017-05-30 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US9338220B1 (en) | 2011-03-08 | 2016-05-10 | Ciphercloud, Inc. | System and method to anonymize data transmitted to a destination computing device |
US8862902B2 (en) * | 2011-04-29 | 2014-10-14 | Seagate Technology Llc | Cascaded data encryption dependent on attributes of physical memory |
US8806223B2 (en) * | 2011-05-03 | 2014-08-12 | Douglas Norman Crowe | System and method for management of encrypted data |
KR101106604B1 (en) * | 2011-06-14 | 2012-01-20 | 펜타시큐리티시스템 주식회사 | Method and apparatus for data security using coding a message keeping nature |
GB201111554D0 (en) * | 2011-07-06 | 2011-08-24 | Business Partners Ltd | Search index |
US8930410B2 (en) * | 2011-10-03 | 2015-01-06 | International Business Machines Corporation | Query transformation for masking data within database objects |
KR101388724B1 (en) * | 2011-11-11 | 2014-04-25 | 닛본 덴끼 가부시끼가이샤 | Database encryption system, method, and computer-readable recording medium |
US8949625B2 (en) | 2012-01-30 | 2015-02-03 | Voltage Security, Inc. | Systems for structured encryption using embedded information in data strings |
US8935802B1 (en) | 2012-01-31 | 2015-01-13 | Protegrity Corporation | Verifiable tokenization |
US9648011B1 (en) | 2012-02-10 | 2017-05-09 | Protegrity Corporation | Tokenization-driven password generation |
US20130212007A1 (en) | 2012-02-10 | 2013-08-15 | Protegrity Corporation | Tokenization in payment environments |
US9773243B1 (en) | 2012-02-15 | 2017-09-26 | Voltage Security, Inc. | System for structured encryption of payment card track data with additional security data |
US9202086B1 (en) | 2012-03-30 | 2015-12-01 | Protegrity Corporation | Tokenization in a centralized tokenization environment |
US9223807B2 (en) | 2012-09-13 | 2015-12-29 | International Business Machines Corporation | Role-oriented database record field security model |
US9280373B1 (en) * | 2012-10-16 | 2016-03-08 | IntelliCorp Inc. | Data transfer guide |
US9400744B2 (en) | 2012-10-30 | 2016-07-26 | Mangstor, Inc. | Magnetic random access memory journal for multi-level cell flash memory |
US9930066B2 (en) * | 2013-02-12 | 2018-03-27 | Nicira, Inc. | Infrastructure level LAN security |
US9465954B1 (en) * | 2013-03-15 | 2016-10-11 | Dataguise Inc. | Method and system for tracking masking of data |
US20150026462A1 (en) * | 2013-03-15 | 2015-01-22 | Dataguise, Inc. | Method and system for access-controlled decryption in big data stores |
US9514169B2 (en) | 2013-09-23 | 2016-12-06 | Protegrity Corporation | Columnar table data protection |
US9571270B2 (en) | 2013-11-29 | 2017-02-14 | Portland State University | Construction and uses of variable-input-length tweakable ciphers |
US9576116B2 (en) * | 2013-12-26 | 2017-02-21 | Nxp B.V. | Secure software components anti-reverse-engineering by table interleaving |
US9304941B2 (en) | 2014-02-27 | 2016-04-05 | Mangstor, Inc. | Self-encrypting flash drive |
US9836497B2 (en) | 2014-04-18 | 2017-12-05 | International Business Machines Corporation | Enabling testing of production systems without affecting customer data sets system and method |
US9584492B2 (en) * | 2014-06-23 | 2017-02-28 | Vmware, Inc. | Cryptographic proxy service |
US20150379280A1 (en) | 2014-06-30 | 2015-12-31 | Nicira, Inc. | Method and Apparatus for Dynamically Creating Encryption Rules |
US9798893B2 (en) | 2015-01-29 | 2017-10-24 | International Business Machines Corporation | Secure format-preserving encryption of data fields |
CN107209787B (en) * | 2015-02-11 | 2022-02-08 | 维萨国际服务协会 | Improving searching ability of special encrypted data |
US9958521B2 (en) | 2015-07-07 | 2018-05-01 | Q Bio, Inc. | Field-invariant quantitative magnetic-resonance signatures |
US10194829B2 (en) | 2015-07-07 | 2019-02-05 | Q Bio, Inc. | Fast scanning based on magnetic resonance history |
US9665734B2 (en) * | 2015-09-12 | 2017-05-30 | Q Bio, Inc. | Uniform-frequency records with obscured context |
DE102015218373B4 (en) * | 2015-09-24 | 2017-05-04 | Siemens Aktiengesellschaft | Monitor an integrity of a test record |
US9866592B2 (en) * | 2015-09-28 | 2018-01-09 | BlueTalon, Inc. | Policy enforcement system |
US10964412B2 (en) | 2015-10-20 | 2021-03-30 | Q Bio, Inc. | Population-based medical rules via anonymous sharing |
US9871825B2 (en) | 2015-12-10 | 2018-01-16 | BlueTalon, Inc. | Policy enforcement for compute nodes |
US9916465B1 (en) * | 2015-12-29 | 2018-03-13 | Palantir Technologies Inc. | Systems and methods for automatic and customizable data minimization of electronic data stores |
CN108463968B (en) * | 2016-01-11 | 2022-03-29 | 维萨国际服务协会 | Fast format-preserving encryption of variable length data |
US10043016B2 (en) * | 2016-02-29 | 2018-08-07 | Cisco Technology, Inc. | Method and system for name encryption agreement in a content centric network |
US10222441B2 (en) | 2016-04-03 | 2019-03-05 | Q Bio, Inc. | Tensor field mapping |
US10359486B2 (en) | 2016-04-03 | 2019-07-23 | Q Bio, Inc. | Rapid determination of a relaxation time |
US10798073B2 (en) | 2016-08-26 | 2020-10-06 | Nicira, Inc. | Secure key management protocol for distributed network encryption |
US10977383B2 (en) * | 2016-10-05 | 2021-04-13 | Snowflake Inc. | Systems, methods, and devices for encrypting database data |
US11393046B1 (en) * | 2017-01-17 | 2022-07-19 | Intuit Inc. | System and method for perpetual rekeying of various data columns with a frequency and encryption strength based on the sensitivity of the data columns |
US10303895B1 (en) | 2017-01-19 | 2019-05-28 | Intuit Inc. | System and method for perpetual rekeying of various data columns with respective encryption keys and on alternating bases |
US11650195B2 (en) | 2017-02-03 | 2023-05-16 | Q Bio, Inc. | Iterative medical testing of biological samples |
US10680798B2 (en) * | 2017-02-15 | 2020-06-09 | Nxp Usa, Inc. | Masking storage transfer to protect against attacks |
US10936180B2 (en) | 2017-03-16 | 2021-03-02 | Q Bio, Inc. | User interface for medical information |
US10713238B2 (en) | 2017-11-14 | 2020-07-14 | Snowflake Inc. | Database metadata in immutable storage |
US10819519B2 (en) | 2017-11-21 | 2020-10-27 | Protegrity Corporation | Multi-tenant data protection in a centralized network environment |
US10528556B1 (en) | 2017-12-31 | 2020-01-07 | Allscripts Software, Llc | Database methodology for searching encrypted data records |
US10528557B1 (en) * | 2017-12-31 | 2020-01-07 | Allscripts Software, Llc | Database methodology for searching encrypted data records |
US11803650B1 (en) | 2018-07-23 | 2023-10-31 | Amazon Technologies, Inc. | Column access control |
CN110019075B (en) * | 2018-08-09 | 2021-08-10 | 苏州科达科技股份有限公司 | Log encryption method and device and log decryption method and device |
US11392714B1 (en) * | 2018-09-25 | 2022-07-19 | Amazon Technologies, Inc. | Hierarchically encrypted data management system |
US10903979B2 (en) * | 2018-11-30 | 2021-01-26 | International Business Machines Corporation | Batched execution of encryption operations |
US11360166B2 (en) | 2019-02-15 | 2022-06-14 | Q Bio, Inc | Tensor field mapping with magnetostatic constraint |
US11354586B2 (en) | 2019-02-15 | 2022-06-07 | Q Bio, Inc. | Model parameter determination using a predictive model |
EP4040322A1 (en) * | 2019-02-22 | 2022-08-10 | Visa International Service Association | Method and system for creating rapid searchable altered data in a database |
US11614509B2 (en) | 2019-09-27 | 2023-03-28 | Q Bio, Inc. | Maxwell parallel imaging |
KR102622283B1 (en) | 2019-09-27 | 2024-01-08 | 큐 바이오, 인코퍼레이티드 | Maxwell Parallel Imaging |
AU2021277745B2 (en) * | 2020-08-10 | 2023-12-07 | Walkme Ltd. | Privacy-preserving data collection |
US20200403779A1 (en) * | 2020-09-02 | 2020-12-24 | Intel Corporation | Error resilient cryptographic units and methods |
US20230097150A1 (en) * | 2021-09-24 | 2023-03-30 | International Business Machines Corporation | Generating Unique Word Embeddings for Jargon-Specific Tabular Data for Neural Network Training and Usage |
US11614508B1 (en) | 2021-10-25 | 2023-03-28 | Q Bio, Inc. | Sparse representation of measurements |
Citations (42)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6122378A (en) * | 1995-09-13 | 2000-09-19 | Hitachi, Ltd. | Data compression/encryption method and system |
US6154542A (en) * | 1997-12-17 | 2000-11-28 | Apple Computer, Inc. | Method and apparatus for simultaneously encrypting and compressing data |
US6249866B1 (en) * | 1997-09-16 | 2001-06-19 | Microsoft Corporation | Encrypting file system and method |
US6418421B1 (en) * | 1998-08-13 | 2002-07-09 | International Business Machines Corporation | Multimedia player for an electronic content delivery system |
US20030016821A1 (en) * | 2000-03-29 | 2003-01-23 | Vadium Technology, Inc. | One-time-pad encryption with keyable characters |
US20030091186A1 (en) * | 2001-10-12 | 2003-05-15 | Fontijn Wilhelmus Fransiscus Johannes | Apparatus and method for reading or writing user data |
US6671687B1 (en) * | 2000-09-29 | 2003-12-30 | Ncr Corporation | Method and apparatus for protecting data retrieved from a database |
US20040003251A1 (en) * | 2002-06-28 | 2004-01-01 | Attilla Narin | Domain-based trust models for rights management of content |
US20040022390A1 (en) * | 2002-08-02 | 2004-02-05 | Mcdonald Jeremy D. | System and method for data protection and secure sharing of information over a computer network |
US6886102B1 (en) * | 1999-07-14 | 2005-04-26 | Symantec Corporation | System and method for protecting a computer network against denial of service attacks |
US20050169473A1 (en) * | 2004-02-03 | 2005-08-04 | Candelore Brant L. | Multiple selective encryption with DRM |
US20050190920A1 (en) * | 2002-04-23 | 2005-09-01 | Petri Ahonen | System in a digital wireless data communication network for arranging end-to-end encryption and corresponding terminal equipment |
US6957330B1 (en) * | 1999-03-01 | 2005-10-18 | Storage Technology Corporation | Method and system for secure information handling |
US20060002559A1 (en) * | 2004-06-30 | 2006-01-05 | Nec Corporation | Method for preventing eavesdropping in wireless communication system |
US20060047977A1 (en) * | 2004-08-26 | 2006-03-02 | Mitsubishi Denki Kabushiki Kaisha | Key management apparatus, document security and editing system, and key management method |
US7111005B1 (en) * | 2000-10-06 | 2006-09-19 | Oracle International Corporation | Method and apparatus for automatic database encryption |
US20060218647A1 (en) * | 2005-03-22 | 2006-09-28 | Seagate Technology Llc | Data transcription in a data storage device |
US20060265330A1 (en) * | 2005-05-17 | 2006-11-23 | Canon Kabushiki Kaisha | Document management apparatus, method of controlling same, computer program and storage medium |
US7149722B1 (en) * | 2000-09-28 | 2006-12-12 | Microsoft Corporation | Retail transactions involving distributed and super-distributed digital content in a digital rights management (DRM) system |
US20070055891A1 (en) * | 2005-09-08 | 2007-03-08 | Serge Plotkin | Protocol translation |
US20070074047A1 (en) * | 2005-09-26 | 2007-03-29 | Brian Metzger | Key rotation |
US20070079119A1 (en) * | 2000-11-16 | 2007-04-05 | Ulf Mattsson | Encryption key rotation |
US20070083928A1 (en) * | 2001-11-23 | 2007-04-12 | Ulf Mattsson | Data security and intrusion detection |
US20070083467A1 (en) * | 2005-10-10 | 2007-04-12 | Apple Computer, Inc. | Partial encryption techniques for media data |
US7212635B2 (en) * | 2002-06-04 | 2007-05-01 | Canon Kabushiki Kaisha | Image processing apparatus, control method thereof, and image processing system |
US7221756B2 (en) * | 2002-03-28 | 2007-05-22 | Lucent Technologies Inc. | Constructions of variable input length cryptographic primitives for high efficiency and high security |
US7222231B2 (en) * | 2001-04-19 | 2007-05-22 | Hewlett-Packard Development Company, L.P. | Data security for distributed file systems |
US20080066144A1 (en) * | 2006-09-07 | 2008-03-13 | International Business Machines Corporation | Encryption policy based on data context recognition |
US7376680B1 (en) * | 2003-04-07 | 2008-05-20 | Charles Loren Kettler | System and method for cleansing, linking and appending data records of a database |
US7418098B1 (en) * | 2000-11-27 | 2008-08-26 | Protegrity Corporation | Data type preserving encryption |
US7428636B1 (en) * | 2001-04-26 | 2008-09-23 | Vmware, Inc. | Selective encryption system and method for I/O operations |
US7484092B2 (en) * | 2001-03-12 | 2009-01-27 | Arcot Systems, Inc. | Techniques for searching encrypted files |
US7536549B2 (en) * | 2000-08-10 | 2009-05-19 | Toshikazu Ishizaki | Methods for generating a partially encrypted and compressed database and decrypting and decompressing the database |
US7536558B2 (en) * | 2003-08-29 | 2009-05-19 | Tgbw Inc. | Flash memory distribution of digital content |
US7558968B2 (en) * | 2002-12-24 | 2009-07-07 | Sony Corporation | Information processing apparatus and method |
US7669225B2 (en) * | 2003-05-06 | 2010-02-23 | Portauthority Technologies Inc. | Apparatus and method for assuring compliance with distribution and usage policy |
US20100074441A1 (en) * | 2006-06-28 | 2010-03-25 | Pauker Matthew J | Data processing systems with format-preserving encryption and decryption engines |
US7814316B1 (en) * | 2006-04-14 | 2010-10-12 | Oracle America, Inc. | System, method and data storage device for encrypting data |
US7890459B1 (en) * | 2008-03-25 | 2011-02-15 | Emc Corporation | Non-disruptive modification of data in-place |
US7934105B1 (en) * | 2005-10-11 | 2011-04-26 | Hewlett-Packard Development Company, L.P. | Data transfer device |
US8045714B2 (en) * | 2005-02-07 | 2011-10-25 | Microsoft Corporation | Systems and methods for managing multiple keys for file encryption and decryption |
US8135948B2 (en) * | 2006-01-27 | 2012-03-13 | Imperva, Inc. | Method and system for transparently encrypting sensitive information |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4827508A (en) * | 1986-10-14 | 1989-05-02 | Personal Library Software, Inc. | Database usage metering and protection system and method |
US6151675A (en) | 1998-07-23 | 2000-11-21 | Tumbleweed Software Corporation | Method and apparatus for effecting secure document format conversion |
KR100320183B1 (en) | 1999-03-17 | 2002-01-10 | 구자홍 | File encryption apparatus for digital data player |
US7085927B1 (en) * | 2000-07-20 | 2006-08-01 | Ge Medical Systems, Inc. | Secure data report preparation and delivery |
SE518166C2 (en) * | 2000-11-27 | 2002-09-03 | Protegrity Res & Dev | Data type encryption |
US7757278B2 (en) * | 2001-01-04 | 2010-07-13 | Safenet, Inc. | Method and apparatus for transparent encryption |
CA2358980A1 (en) * | 2001-10-12 | 2003-04-12 | Karthika Technologies Inc. | Distributed security architecture for storage area networks (san) |
US8204929B2 (en) * | 2001-10-25 | 2012-06-19 | International Business Machines Corporation | Hiding sensitive information |
US7475242B2 (en) * | 2001-12-18 | 2009-01-06 | Hewlett-Packard Development Company, L.P. | Controlling the distribution of information |
US7191463B2 (en) * | 2002-05-15 | 2007-03-13 | Verisma Systems, Inc. | Managing data in compliance with regulated privacy, security, and electronic transaction standards |
US10339336B2 (en) * | 2003-06-11 | 2019-07-02 | Oracle International Corporation | Method and apparatus for encrypting database columns |
US7657756B2 (en) * | 2004-10-08 | 2010-02-02 | International Business Machines Corporaiton | Secure memory caching structures for data, integrity and version values |
US20060206923A1 (en) * | 2005-03-09 | 2006-09-14 | Macrovision Corporation | Method and system for self-encrypting key identification |
US20070079117A1 (en) * | 2005-10-04 | 2007-04-05 | Bhogal Kulvir S | Method for passing selectively encrypted attributes of specific versions of objects in a distributed system |
US7689547B2 (en) * | 2006-09-06 | 2010-03-30 | Microsoft Corporation | Encrypted data search |
US8661263B2 (en) * | 2006-09-29 | 2014-02-25 | Protegrity Corporation | Meta-complete data storage |
WO2012127322A1 (en) * | 2011-03-22 | 2012-09-27 | Active-Base Ltd. | System and method for data masking |
PT2648170E (en) * | 2012-04-06 | 2015-02-20 | Kapsch Trafficcom Ag | A method for detecting a speed violation of a vehicle |
-
2007
- 2007-09-27 US US11/904,791 patent/US8661263B2/en active Active
- 2007-09-27 US US11/904,684 patent/US20080082837A1/en not_active Abandoned
- 2007-10-01 EP EP07117668.9A patent/EP1909212B1/en active Active
- 2007-10-01 EP EP20070117665 patent/EP1906336A3/en not_active Withdrawn
-
2014
- 2014-01-27 US US14/164,823 patent/US9152579B2/en active Active
-
2015
- 2015-05-22 US US14/720,303 patent/US9971906B2/en active Active
- 2015-09-01 US US14/841,952 patent/US9514330B2/en active Active
Patent Citations (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6122378A (en) * | 1995-09-13 | 2000-09-19 | Hitachi, Ltd. | Data compression/encryption method and system |
US6249866B1 (en) * | 1997-09-16 | 2001-06-19 | Microsoft Corporation | Encrypting file system and method |
US6154542A (en) * | 1997-12-17 | 2000-11-28 | Apple Computer, Inc. | Method and apparatus for simultaneously encrypting and compressing data |
US7269564B1 (en) * | 1998-08-13 | 2007-09-11 | International Business Machines Corporation | Method and apparatus to indicate an encoding status for digital content |
US6418421B1 (en) * | 1998-08-13 | 2002-07-09 | International Business Machines Corporation | Multimedia player for an electronic content delivery system |
US6957330B1 (en) * | 1999-03-01 | 2005-10-18 | Storage Technology Corporation | Method and system for secure information handling |
US6886102B1 (en) * | 1999-07-14 | 2005-04-26 | Symantec Corporation | System and method for protecting a computer network against denial of service attacks |
US20030016821A1 (en) * | 2000-03-29 | 2003-01-23 | Vadium Technology, Inc. | One-time-pad encryption with keyable characters |
US20030026431A1 (en) * | 2000-03-29 | 2003-02-06 | Vadium Technology, Inc. | One-time-pad encryption with central key service and key management |
US20030026429A1 (en) * | 2000-03-29 | 2003-02-06 | Vadium Technology, Inc. | One-time-pad encryption with key ID and offset for starting point |
US7536549B2 (en) * | 2000-08-10 | 2009-05-19 | Toshikazu Ishizaki | Methods for generating a partially encrypted and compressed database and decrypting and decompressing the database |
US7149722B1 (en) * | 2000-09-28 | 2006-12-12 | Microsoft Corporation | Retail transactions involving distributed and super-distributed digital content in a digital rights management (DRM) system |
US6671687B1 (en) * | 2000-09-29 | 2003-12-30 | Ncr Corporation | Method and apparatus for protecting data retrieved from a database |
US7111005B1 (en) * | 2000-10-06 | 2006-09-19 | Oracle International Corporation | Method and apparatus for automatic database encryption |
US20070079119A1 (en) * | 2000-11-16 | 2007-04-05 | Ulf Mattsson | Encryption key rotation |
US7418098B1 (en) * | 2000-11-27 | 2008-08-26 | Protegrity Corporation | Data type preserving encryption |
US7484092B2 (en) * | 2001-03-12 | 2009-01-27 | Arcot Systems, Inc. | Techniques for searching encrypted files |
US7222231B2 (en) * | 2001-04-19 | 2007-05-22 | Hewlett-Packard Development Company, L.P. | Data security for distributed file systems |
US7428636B1 (en) * | 2001-04-26 | 2008-09-23 | Vmware, Inc. | Selective encryption system and method for I/O operations |
US20030091186A1 (en) * | 2001-10-12 | 2003-05-15 | Fontijn Wilhelmus Fransiscus Johannes | Apparatus and method for reading or writing user data |
US20070083928A1 (en) * | 2001-11-23 | 2007-04-12 | Ulf Mattsson | Data security and intrusion detection |
US7221756B2 (en) * | 2002-03-28 | 2007-05-22 | Lucent Technologies Inc. | Constructions of variable input length cryptographic primitives for high efficiency and high security |
US20050190920A1 (en) * | 2002-04-23 | 2005-09-01 | Petri Ahonen | System in a digital wireless data communication network for arranging end-to-end encryption and corresponding terminal equipment |
US7212635B2 (en) * | 2002-06-04 | 2007-05-01 | Canon Kabushiki Kaisha | Image processing apparatus, control method thereof, and image processing system |
US20040003251A1 (en) * | 2002-06-28 | 2004-01-01 | Attilla Narin | Domain-based trust models for rights management of content |
US20040022390A1 (en) * | 2002-08-02 | 2004-02-05 | Mcdonald Jeremy D. | System and method for data protection and secure sharing of information over a computer network |
US7558968B2 (en) * | 2002-12-24 | 2009-07-07 | Sony Corporation | Information processing apparatus and method |
US7376680B1 (en) * | 2003-04-07 | 2008-05-20 | Charles Loren Kettler | System and method for cleansing, linking and appending data records of a database |
US7669225B2 (en) * | 2003-05-06 | 2010-02-23 | Portauthority Technologies Inc. | Apparatus and method for assuring compliance with distribution and usage policy |
US7536558B2 (en) * | 2003-08-29 | 2009-05-19 | Tgbw Inc. | Flash memory distribution of digital content |
US20050169473A1 (en) * | 2004-02-03 | 2005-08-04 | Candelore Brant L. | Multiple selective encryption with DRM |
US20060002559A1 (en) * | 2004-06-30 | 2006-01-05 | Nec Corporation | Method for preventing eavesdropping in wireless communication system |
US20060047977A1 (en) * | 2004-08-26 | 2006-03-02 | Mitsubishi Denki Kabushiki Kaisha | Key management apparatus, document security and editing system, and key management method |
US8045714B2 (en) * | 2005-02-07 | 2011-10-25 | Microsoft Corporation | Systems and methods for managing multiple keys for file encryption and decryption |
US20060218647A1 (en) * | 2005-03-22 | 2006-09-28 | Seagate Technology Llc | Data transcription in a data storage device |
US20060265330A1 (en) * | 2005-05-17 | 2006-11-23 | Canon Kabushiki Kaisha | Document management apparatus, method of controlling same, computer program and storage medium |
US20070055891A1 (en) * | 2005-09-08 | 2007-03-08 | Serge Plotkin | Protocol translation |
US20070074047A1 (en) * | 2005-09-26 | 2007-03-29 | Brian Metzger | Key rotation |
US20070083467A1 (en) * | 2005-10-10 | 2007-04-12 | Apple Computer, Inc. | Partial encryption techniques for media data |
US7934105B1 (en) * | 2005-10-11 | 2011-04-26 | Hewlett-Packard Development Company, L.P. | Data transfer device |
US8135948B2 (en) * | 2006-01-27 | 2012-03-13 | Imperva, Inc. | Method and system for transparently encrypting sensitive information |
US7814316B1 (en) * | 2006-04-14 | 2010-10-12 | Oracle America, Inc. | System, method and data storage device for encrypting data |
US20100074441A1 (en) * | 2006-06-28 | 2010-03-25 | Pauker Matthew J | Data processing systems with format-preserving encryption and decryption engines |
US7864952B2 (en) * | 2006-06-28 | 2011-01-04 | Voltage Security, Inc. | Data processing systems with format-preserving encryption and decryption engines |
US20080066144A1 (en) * | 2006-09-07 | 2008-03-13 | International Business Machines Corporation | Encryption policy based on data context recognition |
US7890459B1 (en) * | 2008-03-25 | 2011-02-15 | Emc Corporation | Non-disruptive modification of data in-place |
Cited By (44)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7725726B2 (en) | 1996-02-15 | 2010-05-25 | Semtek Innovative Solutions Corporation | Method and apparatus for securing and authenticating encoded data and documents containing such data |
US8249993B2 (en) | 2004-09-07 | 2012-08-21 | Verifone, Inc. | Transparently securing data for transmission on financial networks |
US7740173B2 (en) | 2004-09-07 | 2010-06-22 | Semtek Innovative Solutions Corporation | Transparently securing transactional data |
US9971906B2 (en) * | 2006-09-29 | 2018-05-15 | Protegrity Corporation | Apparatus and method for continuous data protection in a distributed computing network |
US9141953B2 (en) | 2006-10-17 | 2015-09-22 | Verifone, Inc. | Personal token read system and method |
US20080091944A1 (en) * | 2006-10-17 | 2008-04-17 | Von Mueller Clay W | Batch settlement transactions system and method |
US20080189214A1 (en) * | 2006-10-17 | 2008-08-07 | Clay Von Mueller | Pin block replacement |
US8595490B2 (en) | 2006-10-17 | 2013-11-26 | Verifone, Inc. | System and method for secure transaction |
US9123042B2 (en) | 2006-10-17 | 2015-09-01 | Verifone, Inc. | Pin block replacement |
US9818108B2 (en) | 2006-10-17 | 2017-11-14 | Verifone, Inc. | System and method for updating a transactional device |
US8769275B2 (en) | 2006-10-17 | 2014-07-01 | Verifone, Inc. | Batch settlement transactions system and method |
US20080097954A1 (en) * | 2006-10-20 | 2008-04-24 | Microsoft Corporation | Ranged lookups |
US20080288403A1 (en) * | 2007-05-18 | 2008-11-20 | Clay Von Mueller | Pin encryption device security |
US8423789B1 (en) | 2007-05-22 | 2013-04-16 | Marvell International Ltd. | Key generation techniques |
US9037875B1 (en) | 2007-05-22 | 2015-05-19 | Marvell International Ltd. | Key generation techniques |
US8355982B2 (en) | 2007-08-16 | 2013-01-15 | Verifone, Inc. | Metrics systems and methods for token transactions |
US9361617B2 (en) | 2008-06-17 | 2016-06-07 | Verifone, Inc. | Variable-length cipher system and method |
US8144940B2 (en) | 2008-08-07 | 2012-03-27 | Clay Von Mueller | System and method for authentication of data |
US9769653B1 (en) | 2008-08-20 | 2017-09-19 | Marvell International Ltd. | Efficient key establishment for wireless networks |
US9652249B1 (en) | 2008-09-18 | 2017-05-16 | Marvell World Trade Ltd. | Preloading an application while an operating system loads |
US8251283B1 (en) | 2009-05-08 | 2012-08-28 | Oberon Labs, LLC | Token authentication using spatial characteristics |
US8655787B1 (en) | 2010-06-29 | 2014-02-18 | Emc Corporation | Automated detection of defined input values and transformation to tokens |
US8452965B1 (en) * | 2010-06-29 | 2013-05-28 | Emc Corporation | Self-identification of tokens |
US8645716B1 (en) | 2010-10-08 | 2014-02-04 | Marvell International Ltd. | Method and apparatus for overwriting an encryption key of a media drive |
US9098696B2 (en) * | 2011-10-25 | 2015-08-04 | Raytheon Company | Appliqué providing a secure deployment environment (SDE) for a wireless communications device |
US20130104232A1 (en) * | 2011-10-25 | 2013-04-25 | Raytheon Company | Appliqué providing a secure deployment environment (sde) for a wireless communications device |
US10275377B2 (en) | 2011-11-15 | 2019-04-30 | Marvell World Trade Ltd. | Dynamic boot image streaming |
US9575768B1 (en) | 2013-01-08 | 2017-02-21 | Marvell International Ltd. | Loading boot code from multiple memories |
US9736801B1 (en) | 2013-05-20 | 2017-08-15 | Marvell International Ltd. | Methods and apparatus for synchronizing devices in a wireless data communication system |
US9860862B1 (en) | 2013-05-21 | 2018-01-02 | Marvell International Ltd. | Methods and apparatus for selecting a device to perform shared functionality in a deterministic and fair manner in a wireless data communication system |
US9836306B2 (en) | 2013-07-31 | 2017-12-05 | Marvell World Trade Ltd. | Parallelizing boot operations |
US10904226B2 (en) | 2013-09-12 | 2021-01-26 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US10298545B2 (en) | 2013-09-12 | 2019-05-21 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US10547596B2 (en) | 2013-09-12 | 2020-01-28 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US10523640B2 (en) | 2013-09-12 | 2019-12-31 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US10158607B2 (en) | 2013-09-12 | 2018-12-18 | International Business Machines Corporation | Secure processing environment for protecting sensitive information |
US9531689B1 (en) * | 2014-11-10 | 2016-12-27 | The United States Of America As Represented By The Secretary Of The Navy | System and method for encryption of network data |
US20160359916A1 (en) * | 2015-06-03 | 2016-12-08 | Samsung Electronics Co., Ltd. | Electronic device and method for encrypting content |
US10027715B2 (en) * | 2015-06-03 | 2018-07-17 | Samsung Electronics Co., Ltd. | Electronic device and method for encrypting content |
US10333905B2 (en) * | 2015-10-16 | 2019-06-25 | Orock Technologies, Inc. | System for providing end-to-end protection against network-based attacks |
US10601790B2 (en) | 2015-10-16 | 2020-03-24 | Orock Technologies, Inc. | System for providing end-to-end protection against network-based attacks |
WO2017066644A1 (en) * | 2015-10-16 | 2017-04-20 | ORock Holdings, LLC | System for providing end-to-end protection against network-based attacks |
US10979412B2 (en) | 2016-03-08 | 2021-04-13 | Nxp Usa, Inc. | Methods and apparatus for secure device authentication |
US20180198949A1 (en) * | 2017-01-06 | 2018-07-12 | Toshiba Tec Kabushiki Kaisha | Recording apparatus and method for making characters on credit card unreadable |
Also Published As
Publication number | Publication date |
---|---|
US20150278536A1 (en) | 2015-10-01 |
EP1906336A2 (en) | 2008-04-02 |
US9971906B2 (en) | 2018-05-15 |
US20150371058A1 (en) | 2015-12-24 |
US8661263B2 (en) | 2014-02-25 |
EP1909212A3 (en) | 2014-07-16 |
US9514330B2 (en) | 2016-12-06 |
US20080082834A1 (en) | 2008-04-03 |
US9152579B2 (en) | 2015-10-06 |
EP1909212A2 (en) | 2008-04-09 |
EP1906336A3 (en) | 2012-10-31 |
EP1909212B1 (en) | 2018-12-19 |
US20140143556A1 (en) | 2014-05-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9971906B2 (en) | Apparatus and method for continuous data protection in a distributed computing network | |
US11451392B2 (en) | Token-based secure data management | |
US20170220818A1 (en) | Privacy firewall | |
JP5754655B2 (en) | Non-container data for trusted computing and data services | |
US6931532B1 (en) | Selective data encryption using style sheet processing | |
US6978367B1 (en) | Selective data encryption using style sheet processing for decryption by a client proxy | |
US6941459B1 (en) | Selective data encryption using style sheet processing for decryption by a key recovery agent | |
US20070028098A1 (en) | Encrypting units of work based on a trust level | |
CN108520183A (en) | A kind of date storage method and device | |
CN108170753B (en) | Key-Value database encryption and security query method in common cloud | |
US11379611B1 (en) | Method and system for privacy-protected execution of a workflow in a software application using encrypted inputs | |
Gattoju et al. | An efficient approach for bigdata security based on Hadoop system using cryptographic techniques | |
Razaque et al. | Secure data sharing in multi-clouds | |
Jung et al. | Provenance security guarantee from origin up to now in the e-science environment | |
CN114978664A (en) | Data sharing method and device and electronic equipment | |
Gopinath et al. | Side Channel Attack Free Quantum Key Distribution Using Entangled Fuzzy Logic | |
Dunnett et al. | A Blockchain-Based Framework for Scalable and Trustless Delegation of Cyber Threat Intelligence | |
Mondal et al. | A Systematic Literature Survey on Data Security Techniques in a Cloud Environment | |
Bhadoria et al. | Secure and traceable QR code using blockchain-enabled certificates | |
Smilarubavathy et al. | Paillier homomorphic encryption with K-means clustering algorithm (phekc) for data mining security in cloud | |
Wadhwa et al. | Security and Privacy Challenges in Big Data | |
Lu et al. | Data Security Encryption Method Based on Improved AES Algorithm | |
Hussien et al. | STRUCTUREAL DEASIGN OF SECURE E-COMMERCE WEBSITES EMPLOYING MULTI-AGENT SYSTEM | |
Kumar et al. | Secured data storage in the cloud using logical Pk-Anonymization with Map Reduce methods and key generation in cloud computing | |
Gangawane et al. | Big data security issues and challenges in cloud computing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: PROTEGRITY CORPORATION, CONNECTICUT Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MATTSSON, ULF;REEL/FRAME:027767/0317 Effective date: 20120227 |
|
AS | Assignment |
Owner name: PROTEGRITY CORPORATION, CAYMAN ISLANDS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MATTSSON, ULF;REEL/FRAME:030536/0173 Effective date: 20130531 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |