WO2022259037A1 - A system and method for facilitating security of confidential information - Google Patents

A system and method for facilitating security of confidential information Download PDF

Info

Publication number
WO2022259037A1
WO2022259037A1 PCT/IB2021/060442 IB2021060442W WO2022259037A1 WO 2022259037 A1 WO2022259037 A1 WO 2022259037A1 IB 2021060442 W IB2021060442 W IB 2021060442W WO 2022259037 A1 WO2022259037 A1 WO 2022259037A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
confidential information
allotropes
entity
original
Prior art date
Application number
PCT/IB2021/060442
Other languages
French (fr)
Inventor
Ved Prakash Singh
Sunil Kumar Patel
Saravanan CHANDRAN
Original Assignee
Ved Prakash Singh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ved Prakash Singh filed Critical Ved Prakash Singh
Publication of WO2022259037A1 publication Critical patent/WO2022259037A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1063Personalisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking

Definitions

  • the present disclosure relates to a system and method for facilitating enhanced and secure exchange of confidential information. More particularly, the present disclosure relates to a system and method for facilitating a secure storage and access of the confidential information.
  • Such known techniques in the art may relate to steganography, digital watermarking and data hiding that perform processing of data, analysing plural-bit identifier, encoded in the data through modification of the data. Such modification involve steganography to hide the presence of the plural-bit identifier and redundantly carrying out actions.
  • Other conventional techniques may hide the information of a file such as a digital image based on a modified quantization table to fully extract secret information to be hidden.
  • all these conventional technologies may achieve hiding of the confidential information but they do not provide fully loss-less methods (i.e. avoiding loss of information) and also do not provide a solution that can avoid distorting a carrier file, as these technologies use the digital bit-space of base image or file to hide or represent other information.
  • existing information hiding techniques of image mainly concentrates on spatial domain and the transform domain.
  • these technologies do not provide any mechanism for embedding of pre-stored/shared or confidential information through virtual or real environments / mediums without distorting or hampering the space of carrier file (such as image or video or any other file memory space).
  • existing solutions also do not provide history of information hiding, if it is added in base image by single or multiple users.
  • the present disclosure relates to a system and a method for facilitating a secure storage and an access of a confidential information pertaining to a first entity (participating entity).
  • the system includes a processor coupled with a memory.
  • the processor may include an allotrope generating engine and an allotrope embedding engine.
  • the allotrope generating engine may be configured to receive an input data including an original dataset including the confidential information.
  • the original dataset may include one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information.
  • the one or more elements may be reconstructed into an electronic form including one or more contents.
  • the allotrope generating engine may transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form.
  • the one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data.
  • the allotrope embedding engine may be configured to generate a space in the original carrier file to allow embedding the one or more allotropes.
  • the allotrope embedding engine may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file.
  • the output file may include the one or more allotropes in an embedded form to allow the secure storage (or sharing) of the confidential information pertaining to the first entity.
  • the processor may include a content generating engine that may be configured to reconstruct the one or more elements of the original dataset into the one or more contents in the electronic form selected from at least one of a storable format, a shareable format and a embeddable format.
  • the one or more contents may pertain to at least one dimension specific to a domain, wherein the at least one dimension may include multiple features pertaining to the one or more elements and corresponding values of features.
  • each of the one or more allotropes are specific to at least one of the original carrier file and the one or more contents.
  • the confidential information may pertain to a first entity.
  • the output file may be enabled to be transformed reversibly to obtain the original dataset and the one or more contents for secure access of the confidential information by a second entity.
  • the processor may include an allotrope reversing engine configured toreceive the output file including the one or more allotropes in the embedded form.
  • the allotrope reversing engine may reconstruct the output file, based on a predefined reverser function, into an output dataset including the original carrier file and the one or more contents of the original dataset.
  • the space in the original carrier file may be generated without modifying the content of the original carrier file, wherein the space may be generated by adding a redundant space in carrier image.
  • there dundant space may be generated manually or automatically.
  • the output file may be at least one of a physical file and an electronic file.
  • the output file may be enabled to be shared between the first entity and the second entity through at least one of a physical communication channel and a non-physical communication channel.
  • the system enables joining of one allotrope with another allotrope using a reference at a present level of communication based on an input including at least one of first entity information, second entity information, timeline history and details pertaining to the allotropes.
  • the at least one of the allotrope generating engine and the allotrope reversing engine may include machine learning model including Generative adversarial network (GAN), wherein the machine learning model may be trained with a training dataset.
  • GAN Generative adversarial network
  • the one or more elements may includeat least one of a textual data, an image, an audio, and a video.
  • at least one of the original dataset and the one or more elements therein may in the form of at least one of a physical form and an electronically storable form.
  • the present disclosure discloses a method for facilitating a secure storage (and/or sharing) and access of a confidential information pertaining to a first entity.
  • the method may include a step of receiving, by a processor, an input data including an original dataset including the confidential information, the original dataset including one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information.
  • the method may include a step of reconstructing, by the processor, the one or more elements into an electronic form including one or more contents; and transforming, by the processor, based on a predefined generator function, the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form.
  • the one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data.
  • the method may include a step of generating, by the processor, a space in the original carrier file to allow embedding the one or more allotropes.
  • the method may include a step of embedding, by the processor, the one or more allotropes in the generated space of the original carrier file to obtain an output file, wherein the output file includes the one or more allotropes in an embedded form to allow the secure storage of the confidential information pertaining to the first entity.
  • the method may include a step of receiving, by the processor, the output file including the one or more allotropes in the embedded form; and transforming, by the processor, the output file into an output dataset including the original carrier file and the one or more contents of the original datasetto allow the secure access of the confidential information to a second entity.
  • FIG. 1 illustrates exemplary architecture (100) in which or with which proposed system may be implemented, in accordance with an embodiment of the present disclosure.
  • FIG. 2 illustrates an exemplary representation (200) of a system (102) for facilitating a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
  • FIG. 3 illustrates a flow diagram (300) showing exemplary representation for generation of an allotrope, in accordance with an embodiment of the present disclosure.
  • FIG. 4 illustrates an exemplary representation (400) for generation of one or more allotropes using a content transformation engine, in accordance with another embodiment of the present disclosure.
  • FIG. 5 is a flow diagram (500) illustrating an exemplary generation of an output file, in accordance with an embodiment of the present disclosure.
  • FIG. 6A illustrates a flow diagram (600) illustrating an exemplary generation of decoding an out carrier file to facilitate a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
  • FIG. 6B illustrates a flow diagram (650) illustrating an exemplary overview showing functioning of a machine learning model associated with an allotrope generating engine and an allotrope reversing engine of FIG. 2, in accordance with an embodiment of the present disclosure.
  • FIGs. 7A-7B illustrate flow diagrams (700, 750) illustrating exemplary methods forfacilitating a secure storage and access to a confidential information, in accordance with an embodiment of the present disclosure.
  • FIG. 8 refers to the exemplary computer system (800) in which or with which embodiments of the present invention can be utilized in accordance with embodiments of the present disclosure.
  • Embodiments of the present invention include various steps, which will be described below. The steps may be performed by hardware components or may be embodied in machine-executable instructions, which may be used to cause a general-purpose or special-purpose processor programmed with the instructions to perform the steps. Alternatively, steps may be performed by a combination of hardware, software, and firmware and/or by human operators.
  • Light be included or have a characteristic, that particular component or feature is not required to be included or have the characteristic.
  • Embodiments of the present invention may be provided as a computer program product, which may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program the computer (or other electronic devices) to perform a process.
  • machine-readable storage medium or “computer-readable storage medium” includes, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc read-only memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware).
  • computer programming code such as software or firmware
  • a machine-readable medium may include a non-transitory medium in which data may be stored and that does not include carrier waves and/or transitory electronic signals propagating wirelessly or over wired connections.
  • Examples of a non-transitory medium may include but are not limited to, a magnetic disk or tape, optical storage media such as compact disk (CD) or digital versatile disk (DVD), flash memory, memory or memory devices.
  • a computer program product may include code and/or machine-executable instructions that may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements.
  • a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents.
  • Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
  • systems depicted in some of the figures may be provided in various configurations.
  • the systems may be configured as a distributed system where one or more components of the system are distributed across one or more networks in a cloud computing system.
  • the present disclosure relates to a system and method for facilitating enhanced and secure storage, sharing, access (or exchange) of confidential information. More particularly, the present disclosure relates to a system and method for facilitating a secure storage (and/or sharing) of the confidential information pertaining to a first entity. The system and method also facilitate a secure access of the confidential information to a second entity.
  • FIG. 1 illustrates exemplary network architecture in which or with which proposed apparatus can be implemented, in accordance with an embodiment of the present disclosure. As illustrated, the exemplary architecture (100) includes a system (102) for facilitating a secure storage and access of a confidential information pertaining to a first entity (104). The first entity (104)may be associated with a first entity device (114).
  • the system may receive an input data including an original dataset that may include the confidential information of the first entity (104).
  • the system 102 may receive the original dataset from the first entity through the first entity device 114.
  • the original dataset may include one or more elements bearing with the confidential information and an original carrier file.
  • the original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information needs.
  • the one or more elements may be reconstructed into an electronic form including one or more contents.
  • the system (102) may enable to transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form.
  • the one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data.
  • the system (102) may generate a space in the original carrier file and may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file.
  • the generated space may be as per predefined rules, automatically selected or customized.
  • the output file may include the one or more allotropes in an embedded form to allow the secure storage to the confidential information pertaining to the first entity.
  • the one or more allotropes may be specific to at least one of the original carrier file and the one or more elements.
  • the output file generation may be reversible and the system 102 may enable a second entity 106 to have a secure access of the confidential information by transforming (or reversing/decoding) the output file into the original dataset and the one or more elements.
  • the second entity 106 may be associated with a second entity device 116.
  • the first entity device 114 and the second entity device 116 may be communicably coupled with the system 102 via a network 108.
  • the system 102 may be communicably coupled with a server 112.
  • the first entity device 114 and the second entity device 116 may communicate via short-distance based communication techniques.
  • the sharing/access of the output file may through physical form/copy such as including, but not limited to, a print-out and a photograph.
  • the original carrier file may correspond to a carrier file or a base file.
  • the original carrier file may correspond to the carrier file if an allotrope needs to be embedded and shared.
  • the original carrier file may correspond to the base file if an allotrope needs to be generated using input data based on base file and the generated allotrope can be shared directly without embedding into base (i.e. optional embedding).
  • the first entity device 114 and the second entity device 116 may be accessed by applications residing on any operating system, including but not limited to, Android TM, iOS TM, and the like.
  • the first entity device 114 and the second entity device 116 may include, but not limited to, any of a smartphone, a mobile electronic device, a smart computing device a laptop, a personal computer, a personal digital assistant, a handheld device, and a workstation.
  • a smart computing device refers to a computing device that may be associated to other devices or networks via wireless protocols, and may operate interactively or independently.
  • the first entity device 114 and the second entity device 116 may be a mobile phone, hand-held device or a computer associated with one or more input devices.
  • the first entity device 114 and the second entity device 116 can include input device including, but not limited to, keyboard, mouse, touch pad, touch enabled screen and the like that can be used to receive the input data or the output file. It may be appreciated that the first entity device 114 and the second entity device 116 may not be restricted to the mentioned devices and various other devices may be used.
  • the first entity 104 and the second entity 106 may include, without limitation, one or more individual users, group of users, an organization, a group of organizations, an institution, a company, a university, a medical institution, a crime- mitigation department, a defence organization, a verification agency and the like.
  • the first entity 104 may be a sender (directly or indirectly related to the confidential information) and the second entity 106 may be recipient or an authorized person to access the confidential information.
  • the first entity 104 may be a participating entity who may need to share the confidential information with the second entity 106 or any other entities.
  • both the first entity 104 as well as the second entity 106 may be participating entities and may need to safely store respective confidential information, either independently or in collaboration.
  • the first entity 104 may be directly or indirectly related to the confidential information in the input data, either alone or in association to other users and may require secure storage of the confidential information.
  • the term “second entity” may refer to an individual, group of people or an organization that may require secure access to the confidential information of the first entity 104.
  • the first entity 104 may be an individual directly related to the confidential information.
  • the first entity may be directly related to the confidential information such as an intermediate party who may have an authorization to share the confidential information pertaining to an individual or organization.
  • Various other individuals, groups or organization may be referred to or included as entities within the scope of the present disclosure.
  • the confidential information/one or more elements may include, without limitation, one or more attributes/content pertaining to status, condition, authenticity, evidence or validity of one or more aspects associated with the first entity.
  • the confidential information/one or more elements may include at least one of a textual data, an image, an audio, and a video associated with the first entity such as including, but not limited to, an employment, education, personal information, family information, financial information, nationality, fitness or physical abilities, medical history, legal information, criminal records and other such aspects that may be related to the first entity or other individuals/organization authorizing the first entity to act on their behalf.
  • Various other attributes may be included in the confidential information/one or more elements.
  • the first entity device 114 and the second entity device are identical to each other.
  • the 116 may be communicably coupled to the system (102) through the communication network (108) that can be a wireless network, a wired network or a combination thereof.
  • the communication network can be implemented as one of the different types of networks, such as intranet, local area network (LAN), wide area network (WAN), the internet, and the like. Further, the communication network may either be a dedicated network or a shared network.
  • the shared network represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), Wireless Application Protocol (WAP), and the like, to communicate with one another.
  • the network 108 can include a variety of network devices, including routers, bridges, servers, computing devices, storage devices, and the like.
  • the network 108 can be cellular network or mobile communication network based on various technologies, including but not limited to, Global System for Mobile (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Long Term Evolution (LTE), WiMAX, and the like.
  • GSM Global System for Mobile
  • GPRS General Packet Radio Service
  • CDMA Code Division Multiple Access
  • LTE Long Term Evolution
  • WiMAX Worldwide Interoperability for Mobile
  • the network may be physical in nature, wherein the output file may be shared through physical communication.
  • One such example of the physical communication may be print-out of the output file and/or a photograph, which can be shared with the second entity.
  • the second entity may scan the physical form (print-out or photograph) for further transformation (or reversal) of the output file. It may be appreciated that the present embodiments are only exemplary and various other scenarios are also possible.
  • FIG. 2 illustrates an exemplary representation of system 102for facilitating a secure storage and access to a confidential information, in accordance with an embodiment of the present disclosure.
  • the system 102 may include one or more processor(s) 202.
  • the one or more processor(s) (202) may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, logic circuitries, and/or any devices that process data based on operational instructions.
  • the one or more processor(s) (202) may be configured to fetch and execute computer-readable instructions stored in a memory (204) of the system (102).
  • the memory (204) may be configured to store one or more computer-readable instructions or routines in a non-transitory computer readable storage medium, which may be fetched and executed to create or share data packets over a network service.
  • the memory (206) may include any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as EPROM, flash memory, and the like.
  • the system 102 may include an interface(s) 206.
  • the interface(s) 206 may include a variety of interfaces, for example, interfaces for data input and output devices, referred to as I/O devices, storage devices, and the like.
  • the interface(s) 206 may facilitate communication of the computing device or server 112.
  • the interface(s) 206 may also provide a communication pathway for one or more components of the centralized computing device 112. Examples of such components include, but are not limited to, processing engine(s) 208 and a database 230.
  • the processing engine(s) 208 may be implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processing engine(s) 208.
  • the programming for the processing engine(s) 208 may be processor executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processing engine(s) 208 may include a processing resource (for example, one or more processors), to execute such instructions.
  • the machine -readable storage medium may store instructions that, when executed by the processing resource, implement the processing engine(s) 208.
  • the system 102 may include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine -readable storage medium may be separate but accessible to the system 102 and the processing resource.
  • the processing engine(s) 208 may be implemented by electronic circuitry.
  • the processing engine 208 may include one or more engines selected from an allotrope generating engine 216, allotrope embedding engine 218, an allotrope reversal engine 220, a content generating engine 212 and other engines 222for processing one or more instructions.
  • the allotrope generating engine 216 may be configured to receive the input data including the original dataset bearing the confidential information.
  • the one or more elements may be reconstructed into an electronic form including one or more contents.
  • the content generating engine 212 may be configured to convert the one or more elements of the original dataset into the electronic form selected from at least one of a storable format, a shareable format and a embeddable format.
  • the allotrope generating engine 216 may transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form.
  • the allotrope embedding engine 218 may be configured to generate a space in the original carrier file to allow embedding the one or more allotropes.
  • the allotrope embedding engine 218 may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file.
  • the allotrope reversalengine 220 may be configured to receive the output file including the one or more allotropes in the embedded form.
  • the allotrope reversalengine 220 may reconstruct the output file into an output dataset including the original carrier file and the one or more contents of the original dataset.
  • the database 230 may include data that may be either stored or generated as a result of functionalities implemented by any of the components of the processing engine(s) 208 or the serverl 12.
  • each of the one or more allotropes may be specific to at least one of the original carrier file and the one or more elements in the original dataset.
  • FIG. 3 illustrates a flow diagram (300) showing exemplary representation for generation of an allotrope, in accordance with an embodiment of the present disclosure.
  • the term allotropes may be defined as a transformed content carrying the same information as the one or more contents of the original dataset (i.e. input to generator function), which however may differ in their look (form) and/or storage/data format and other such attributes.
  • the contents may be in form of text “xyz” that may be transformed into some image “abc.jpg” which may be a function (generator) based output for the given input of text “xyz” and the original carrier file.
  • the allotrope generating engine 216 may receive an electronic form of input data, wherein the electronic form may include one or more contents corresponding to one or more elements.
  • the allotrope generating engine 216 may generate the allotrope by modification of the one or more contents in the input data by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data.
  • content or format of content associated with the one or more elements of input data or both together may be transformed in a reversible way, depending upon requirements of first entity and/or the second entity and based on the original carrier file.
  • the allotrope generating engine 216 may generate the allotropes that can be further embedded in the original carrier file.
  • the one or more contents may pertain to at least one dimension specific to a domain, wherein the at least one dimension may include multiple features pertaining to the one or more elements and corresponding values of features.
  • FIG. 4 illustrates an exemplary representation (400) for generation of one or more allotropes, in accordance with another embodiment of the present disclosure.
  • an input data may include one or more elements (Element- 1 as 402-1, Element-2 as 402-2, .
  • Element-N as 402-N hereinafter referred to as elements 402).
  • Each element 402 may hold a set of values against dimensions (or keys) (Dimension- 1 as 404-1, Dimension-2 as 404-2,... Dimension-N as 404-N, hereinafter referred to as dimension 404), which may be applicable in the domain of interest.
  • dimensions or keys
  • a patient’s personal information may be an element in medical domain and the personal information may include features such as name, gender, age, disease, date of admit, symptoms, doctor’s name, referrer’s details, and the like, along with its corresponding values, which in overall can be considered as dimensions of personal information.
  • an element in defence and police domain, an element may be criminal/ enemy identity and this may include features such as name, gender, age, place, crime or mission information, photograph, and the like, which may be considered as dimensions of personal information.
  • the values of all such dimensions may be received in an electronic form (text, image, video, audio and the like) or physical form (such as photograph, scanned file records and the like).
  • the content generating engine 212 that may be associated with one or more content creators (408-1, 408-2,408-3,....408-N), may optionally receive elements as input and reconstruct the elements into an electronic form including one or more contents (one or more contents labelled as Content- 1, Content-2, .
  • Content-N that may in storable/ sharable or embeddable format.
  • the content creator may be a camera, scanner or any such device that may be able to reconstruct the elements into one or more contents.
  • a physical copy of photograph may be converted into soft form of image such as electronic image using camera or scanner.
  • the allotrope generating engine 216 may generate (410)one or more allotropes (412) from the one or more contents as also explained earlier in FIG. 3.
  • FIG. 5 is a flow diagram (500) illustrating an exemplary generation of an output file, in accordance with an embodiment of the present disclosure.
  • the system (102) may enable joining of one allotrope with another allotrope (generated as per FIG.3) using references 508 at a present level of communication (such as embedding user’s information, timeline history, and the like).
  • the system 102 (or the allotrope embedding engine 220) of FIG. 5 may generate a space (506) in the original carrier file to allow embedding the one or more allotropes.
  • the allotrope embedding engine 220 may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file (512) including the one or more allotropes in an embedded form to allow the secure storage to the confidential information pertaining to the first entity.
  • Thespace in the original carrier file may be generated without modifying ordistortingthe content of the original carrier file.
  • the space may be generated by adding a redundant space in the original carrier file, for example, by extra space creation by adding redundant space in carrier image, such that allotropes can be embedded or stored in this space to get embedded file (output file).
  • the original carrier or base files may be a single file or multiple files of desired format and, the output files may also be a single file or multiple files. [0051] FIG.
  • FIG. 6A is a flow diagram (600) illustrating an exemplary generation or decoding of an output file to facilitate a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
  • an output file 602 can be decoded or transformed by using a predefined reverser function (604) to obtain a output dataset (at 606).
  • the system may enable re-structuring of the embedded contents to produce desired information in original form.
  • the system may also enable timeline based history of all desired information from one or more users, who participated in sharing and embedding.
  • the decoding of the output file facilitates the second entity to get safe and secure storage and access of the embedded contents (elements and corresponding dimension- values) associated with the confidential information and content therein (shared/hidden).
  • the entire process of information transforming, hiding/ embedding and retrieving is possible in a reversible manner by the present disclosure.
  • the allotrope generating engine and the allotrope reversing engine may include at least one of a machine learning model and an auto -encoder.
  • the machine learning model may include a Generative adversarial network (GAN), wherein the machine learning model is trained with a training dataset.
  • GAN Generative adversarial network
  • the machine learning model may be associated with an algorithm generator function that generates the allotropes or the content therein in a desired format by incorporating the data of original content (input) into format of the original carrier file.
  • the machine learning model may be associated with an algorithm reversal function that decodes or reverses the embedded form of allotropes of the output file to provide access to the original content (elements/dimensions)of the original carrier file.
  • algorithm generator function and/or algorithm reversal function may be trained (independently or jointly) with more training datasets to learn how to generate/ create allotropes for the given inputs (original dataset including elements/contents and carrier file), as well as how to decode/ reduce the data to the original content back from the allotrope, whenever required in future.
  • FIG. 6B illustrates a flow diagram (650) illustrating an exemplary overview for the functioning of a machine learning model, in accordance with an embodiment of the present disclosure.
  • the overview of flow diagram 650 may correspond to at least one of theallotrope generating engine 216 and an allotrope reversing engine 220 (as covered in FIG. 2).
  • One such example may include the Generative adversarial network (GAN), wherein the machine learning model is trained with a training dataset(s).
  • GAN Generative adversarial network
  • a single or a group of carrier files (original carrier file or base files) 652 may be processed for data sampling (654) to obtain carrier/base samples (656) i.e. a first set of training data.
  • one or more contents of training files may be processed, through a generator function 658, based on the group of carrier files/base files 652, with the intention of data sampling (662) and allotrope sampling (664) to obtain a second set of training data.
  • the first set of training data and the second set of training data may be used to train the machine learning model corresponding to GAN, based on a discriminator or reverser function (666).
  • the purpose of training may be identification of the original carrier sample and allotrope samples (at 668).
  • a trained model may be obtained. The accuracy of the precision of the trained model may be checked using standard methods and based on the prediction of the contents (at 670) of the training dataset.
  • the trained model can be further used for prediction of contents of actual files (test dataset).
  • the generator function 658 and the reverser function 666 may be a part of the same or separate machines/models that may be trained and validated with training dataset and test dataset.
  • Various other embodiments pertaining to the possible functioning or implementation of machine learning model may be possible.
  • the technique as elaborated in FIG. 4 can be repeatedly used as per the requirement of the first entity and/or the second entity, with whom embedded file is to be shared in physical and/or non-physical form.
  • the output file may be at least one of a physical file and an electronic file.
  • the output file may be enabled to be shared between the first entity and the second entity through at least one of a physical communication channel and a non-physical communication channel.
  • the physical communication may be through any technique including, but not limited to, fax, print-out or photo-copying, whereas the non-physical communication channel may include, without limitation, an electronic communication such as sharing electronically through email, message, and other such communication.
  • the first entity may be able to generate the output file through a first set of instructions executable on the first entity device and the second entity may be able to access the output file as well as the reversal/decoded form of the same through a second set of instructions executable on the second entity device.
  • the generation of the output file and/or the reversal of the same to generate the original carrier file and elements may be done locally, wherein the system may be configurable in the first entity device and/or the second entity device.
  • FIGs. 7A-7B illustrate flow diagrams showing an exemplary method for facilitating a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
  • FIG. 7A illustrate flow diagram (700) showing an exemplary method for facilitating a secure storage of a confidential information.
  • the method includes a step of receiving, by a processor, an input data including an original dataset including the confidential information, wherein the original dataset includes one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file pertains to a desired format pertaining to at least one of formatting and embedding of the confidential information.
  • the method includes a step of reconstructing, by the processor, the one or more elements into an electronic form comprising one or more contents.
  • the method may include a step of transforming, by the processor, the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form, the one or more allotropes are generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data.
  • the method may include a step of generating, by the processor, a space in the original carrier file to allow embedding the one or more allotropes.
  • the method may include a step of embedding, by the processor, the one or more allotropes in the generated space of the original carrier file to obtain an output file, wherein the output file includes the one or more allotropes in an embedded form to allow the secure storage of the confidential information pertaining to the first entity.
  • the output files may be shared physically or electronically.
  • FIG. 7B illustrate flow diagram (750) showing an exemplary method for facilitating a secure access of the confidential information.
  • the method may include a step of receiving, by the processor, the output file including the one or more allotropes in the embedded form.
  • the method may include a step of transforming, by the processor, the output file into an output dataset including the original carrier file and the one or more contents of the original dataset.
  • Example 1 pertaining to Medical domain:
  • a medical professional who may to get opinion of another doctor (second entity)on a particular case of any patient.
  • the medical professional may need to share pathological data (for example, body parts scan) along with patient’s medical history and its personal information.
  • pathological data for example, body parts scan
  • patient’s medical history and its personal information are used to generate allotrope(s) using either of pathological scan images as original carrier file through implementation as described in FIGs. 3 and 4.
  • one or more such allotropes may be embedded/ hidden in original carrier file through the implementation as described in FIG. 5 to achieve the embedded file (output file).
  • These embedded file/s can be shared through any physical or non-physical communication channel.
  • printed copy of embedded file may be sent to receivers, wherein receivers can get it scanned again to get soft copy or electronic copy of the embedded file.
  • secondary users can see the confidential information shared with them via the implementation as described in FIG. 6.
  • These secondary users can further embed its opinion or diagnostic summary along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described in FIG. 5 again and send back/ share to primary user (first entity).
  • the system can enlist all the content history (contents, time and user’s or entity’s references, and the like) in structured manner separated from received embedded file.
  • any detective professional wants to share/ get information on a particular case of any crime or suspect. He / she (primary user/first entity) may need to share criminal’s data (for example, photograph, sketch) along with suspect’s crime history and its personal information.
  • criminal’s data for example, photograph, sketch
  • suspect’s crime history and its personal information are used to generate allotrope(s) using either of suspect’s photograph as carrier file through implementation as described in FIGs. 3 and 4.
  • one or more such allotropes are embedded/ hidden in original carrier file through implementation as described in FIG. 5 to achieve the embedded file (output file).
  • These embedded file/s can be shared through any physical or non-physical communication channel with a second entity.
  • printed copy of embedded file may be sent to receivers, wherein receivers can get it scanned again to get soft form of file.
  • Only such secondary users (second entity) can see the confidential information shared with them using implementation as described in FIG. 6.
  • the users can further embed its findings or suspect’s additional information (again a content at secondary user level) along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described in FIG. 5 and send back/ share to primary user.
  • the system can enlist all the content history (contents, time and user’s references) in structured manner separated from received embedded file.
  • any defence personnel wants to share/ get information on a particular case of any enemy or mission such as enemy’s data (photograph, sketch) along with suspect’s background and confidential information associated with mission.
  • any enemy or mission such as enemy’s data (photograph, sketch) along with suspect’s background and confidential information associated with mission.
  • confidential information such as its enemy’s background ⁇ element-l and other confidential details ⁇ element-2
  • these information may be used to generate allotrope/s using either of input photographs as carrier through implementation as described FIGs. 3 and 4.
  • one or more such allotropes may be embedded/ hidden in carrier file through implementation as described FIG. 4 to achieve the embedded file.
  • These embedded file/s can be shared through any physical or non-physical communication channel.
  • printed copy of embedded file may be sent to receivers (second entity), wherein receivers can get it scanned again to get soft form of file.
  • receivers second entity
  • receivers Only secondary users can see the confidential information shared with them using implementation as described FIG. 6, if they are provided access to the system.
  • the secondary users can further embed their findings or suspect’s additional information (again a content at secondary user level) along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described FIG. 5 again and send back/ share to primary user.
  • the system can enlist all the content history (contents, time and user’s references) in structured manner separated from received embedded file.
  • the system and method of the present disclosure enables targeted sharing of confidential information in public domain.
  • the confidential information can be accessed by desired users only as decided by primary users (first entity). Since, learning and training of system (allotrope generation engine/allotrope reversal engine) is done at the side of primary user, therefore no other user in public domain can decode or extract confidential information other than targeted users (second entity).
  • the technique also does not change the values of memory- space units of original carrier file, but only rearranges the space to create the space for embedding, which can be restored while decoding. Further, desired or confidential information may not be hidden in their original form but in transformed form/ format (allotropic version), so that the confidential information is not read by any general user, thus leading to a loss-less technique to conventional steganography method that hides the information by changing form / format of confidential information into carrier file without using memory space of carrier’s file values.
  • FIG. 8 illustrates an exemplary computer system in which or with which embodiments of the present invention can be utilized in accordance with embodiments of the present disclosure.
  • computer system 800 can include an external storage device 810, a bus 820, a main memory 830, a read only memory 840, a mass storage device 850, communication port 860, and a processor 870.
  • processor 870 include, but are not limited to, an Intel® Itanium® or Itanium 2 processor(s), or AMD® Opteron® or Athlon MP® processor(s), Motorola® lines of processors, FortiSOCTM system on chip processors or other future processors.
  • Communication port 860 can be any of an RS-232 port for use with a modem based dialup connection, a 10/100 Ethernet port, a Gigabit or 10 Gigabit port using copper or fiber, a serial port, a parallel port, or other existing or future ports.
  • Communication port 860 may be chosen depending on a network, such a Local Area Network (LAN), Wide Area Network (WAN), or any network to which computer system connects.
  • Memory 830 can be Random Access Memory (RAM), or any other dynamic storage device commonly known in the art.
  • Read only memory 840 can be any static storage device(s) e.g., but not limited to, a Programmable Read Only Memory (PROM) chips for storing static information e.g., start-up or BIOS instructions for processor 870.
  • Mass storage 850 may be any current or future mass storage solution, which can be used to store information and/or instructions. Exemplary mass storage solutions include, but are not limited to, Parallel Advanced Technology Attachment (PATA) or Serial Advanced Technology Attachment (SATA) hard disk drives or solid-state drives (internal or external, e.g., having Universal Serial Bus (USB) and/or Firewire interfaces), e.g.
  • PATA Parallel Advanced Technology Attachment
  • SATA Serial Advanced Technology Attachment
  • USB Universal Serial Bus
  • Firewire interfaces e.g.
  • Seagate e.g., the Seagate Barracuda 7102 family
  • Hitachi e.g., the Hitachi Deskstar 7K1000
  • one or more optical discs e.g., Redundant Array of Independent Disks (RAID) storage, e.g. an array of disks (e.g., SATA arrays), available from various vendors including Dot Hill Systems Corp., LaCie, Nexsan Technologies, Inc. and Enhance Technology, Inc.
  • RAID Redundant Array of Independent Disks
  • Bus 820 communicatively couples processor(s) 870 with the other memory, storage and communication blocks.
  • Bus 820 can be, e.g. a Peripheral Component Interconnect (PCI) / PCI Extended (PCI-X) bus, Small Computer System Interface (SCSI), USB or the like, for connecting expansion cards, drives and other subsystems as well as other buses, such a front side bus (FSB), which connects processor 870 to software system.
  • PCI Peripheral Component Interconnect
  • PCI-X PCI Extended
  • SCSI Small Computer System Interface
  • FFB front side bus
  • operator and administrative interfaces e.g. a display, keyboard, and a cursor control device
  • bus 820 may also be coupled to bus 820 to support direct operator interaction with a computer system.
  • Other operator and administrative interfaces can be provided through network connections connected through communication port 860.
  • the external storage device 810 can be any kind of external hard-drives, floppy drives, IOMEGA® Zip Drives, Compact Disc - Read Only Memory (CD-ROM), Compact Disc-Re- Writable (CD-RW), Digital Video Disk-Read Only Memory (DVD-ROM).
  • CD-ROM Compact Disc - Read Only Memory
  • CD-RW Compact Disc-Re- Writable
  • DVD-ROM Digital Video Disk-Read Only Memory
  • the present disclosure enables confidential information to be accessed by desired users only as decided by primary users (first entity).
  • the present disclosure enables to provide secure storage and access to desired or confidential information that may not be hidden in their original form but in transformed form/ format (allotropic version).
  • the present disclosure can enable to embed elements pertaining to the confidential information without distorting or hampering space of a carrier file i.e. it does not change the values of memory-space units of original carrier file, but only rearranges the space to create the space, which can be restored while decoding.
  • the present disclosure can provide history of information hiding, as well as enable the recipient of the confidential information to modify the embedded information without repeating entire steganography process or without having access to original carrier.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The present disclosure relates to a system and a method for facilitating a secure storage (or sharing) and access of a confidential information. The system may receive an input data comprising an original dataset including one or more elements bearing the confidential information and an original carrier file. The one or more elements may be reconstructed into an electronic form including one or more contents. The system may transform the one or more contents, based on a predefined generator function, to generate one or more allotropes comprising the confidential information in an undetectable form. The system may generate a space in the original carrier file and may embed the one or more allotropes in the generated space to obtain an output file. The output file may include the one or more allotropes in an embedded form that may be decoded or reversed by the system.

Description

A SYSTEM AND METHOD FOR FACILITATING SECURITY OF CONFIDENTIAL INFORMATION
TECHNICAL FIELD
[0001] The present disclosure relates to a system and method for facilitating enhanced and secure exchange of confidential information. More particularly, the present disclosure relates to a system and method for facilitating a secure storage and access of the confidential information.
BACKGROUND
[0002] The background description includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
[0003] In the recent times, data privacy and confidentiality concerns have gained a lot of attention especially in view of rise in fraudulent activities and crimes. Usually, users need to store or share data in the form of images, audio, video, textual or other such forms of electronic such as digital data, analog or physical data such as photographs, and the like. The storing and sharing of such information may demand the need for effective data protection techniques to avoid illegal and unethical misuse of such data. Conventional techniques can embed the confidential information to hide desired confidential information in single and multiple blocks in one or more data files.
[0004] Such known techniques in the art may relate to steganography, digital watermarking and data hiding that perform processing of data, analysing plural-bit identifier, encoded in the data through modification of the data. Such modification involve steganography to hide the presence of the plural-bit identifier and redundantly carrying out actions. Other conventional techniques may hide the information of a file such as a digital image based on a modified quantization table to fully extract secret information to be hidden. [0005] Though, all these conventional technologies may achieve hiding of the confidential information but they do not provide fully loss-less methods (i.e. avoiding loss of information) and also do not provide a solution that can avoid distorting a carrier file, as these technologies use the digital bit-space of base image or file to hide or represent other information. In short, existing information hiding techniques of image mainly concentrates on spatial domain and the transform domain. In overall, these technologies do not provide any mechanism for embedding of pre-stored/shared or confidential information through virtual or real environments / mediums without distorting or hampering the space of carrier file (such as image or video or any other file memory space). Moreover, existing solutions also do not provide history of information hiding, if it is added in base image by single or multiple users. In addition, there is no way for a recipient of the confidential information to modify the embedded information without repeating the entire steganography process or without having access to original carrier file.
[0006] There is therefore a need in the art to provide a system and a method to facilitate secure storage, share and access to confidential information, while overcoming the limitations as mentioned hereinabove.
OBJECTS OF THE PRESENT DISCLOSURE
[0007] Some of the objects of the present disclosure, which at least one embodiment herein satisfies are as listed herein below.
[0008] It is an object of the present disclosure to provide a system and a method for for facilitating a secure storage, share and access of confidential information.
[0009] It is another object of the present disclosure to provide a system and a method that can embed elements pertaining to the confidential information without distorting or hampering content of a carrier file.
[0010] It is another object of the present disclosure to provide a system and a method that can rebuild the confidential information (of one format) into other format.
[0011] It is another object of the present disclosure to provide a system and a method that can provide history of information hiding, as well as enable the recipient of the confidential information to modify the embedded information without repeating entire steganography process or without having access to original carrier.
SUMMARY
[0012] The present disclosure relates to a system and a method for facilitating a secure storage and an access of a confidential information pertaining to a first entity (participating entity). In an aspect, the system includes a processor coupled with a memory. The processor may include an allotrope generating engine and an allotrope embedding engine. The allotrope generating engine may be configured to receive an input data including an original dataset including the confidential information. The original dataset may include one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information. The one or more elements may be reconstructed into an electronic form including one or more contents. The allotrope generating engine may transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form. The one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data. The allotrope embedding engine may be configured to generate a space in the original carrier file to allow embedding the one or more allotropes. The allotrope embedding engine may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file. The output file may include the one or more allotropes in an embedded form to allow the secure storage (or sharing) of the confidential information pertaining to the first entity.
[0013] In an embodiment, the processor may include a content generating engine that may be configured to reconstruct the one or more elements of the original dataset into the one or more contents in the electronic form selected from at least one of a storable format, a shareable format and a embeddable format.
[0014] In an embodiment, the one or more contents (reconstructed from one or more elements) may pertain to at least one dimension specific to a domain, wherein the at least one dimension may include multiple features pertaining to the one or more elements and corresponding values of features. In an embodiment, each of the one or more allotropes are specific to at least one of the original carrier file and the one or more contents. The confidential information may pertain to a first entity. The output file may be enabled to be transformed reversibly to obtain the original dataset and the one or more contents for secure access of the confidential information by a second entity.
[0015] In an embodiment, the processor may include an allotrope reversing engine configured toreceive the output file including the one or more allotropes in the embedded form. The allotrope reversing engine may reconstruct the output file, based on a predefined reverser function, into an output dataset including the original carrier file and the one or more contents of the original dataset.
[0016] In an embodiment, the space in the original carrier file may be generated without modifying the content of the original carrier file, wherein the space may be generated by adding a redundant space in carrier image. In an embodiment, there dundant space may be generated manually or automatically.
[0017] In an embodiment, the output file may be at least one of a physical file and an electronic file. The output file may be enabled to be shared between the first entity and the second entity through at least one of a physical communication channel and a non-physical communication channel. In an embodiment, the system enables joining of one allotrope with another allotrope using a reference at a present level of communication based on an input including at least one of first entity information, second entity information, timeline history and details pertaining to the allotropes.
[0018] In an embodiment, the at least one of the allotrope generating engine and the allotrope reversing engine may include machine learning model including Generative adversarial network (GAN), wherein the machine learning model may be trained with a training dataset.
[0019] In an embodiment, the one or more elements may includeat least one of a textual data, an image, an audio, and a video. In an embodiment, at least one of the original dataset and the one or more elements therein may in the form of at least one of a physical form and an electronically storable form.
[0020] In an aspect, the present disclosure discloses a method for facilitating a secure storage (and/or sharing) and access of a confidential information pertaining to a first entity. The method may include a step of receiving, by a processor, an input data including an original dataset including the confidential information, the original dataset including one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information. The method may include a step of reconstructing, by the processor, the one or more elements into an electronic form including one or more contents; and transforming, by the processor, based on a predefined generator function, the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form. The one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data. The method may include a step of generating, by the processor, a space in the original carrier file to allow embedding the one or more allotropes. The method may include a step of embedding, by the processor, the one or more allotropes in the generated space of the original carrier file to obtain an output file, wherein the output file includes the one or more allotropes in an embedded form to allow the secure storage of the confidential information pertaining to the first entity.
[0021] In an embodiment, the method may include a step of receiving, by the processor, the output file including the one or more allotropes in the embedded form; and transforming, by the processor, the output file into an output dataset including the original carrier file and the one or more contents of the original datasetto allow the secure access of the confidential information to a second entity.
BRIEF DESCRIPTION OF THE DRAWINGS
[0022] In the figures, similar components and/or features may have the same reference label. Further, various components of the same type may be distinguished by following the reference label with a second label that distinguishes among the similar components. If only the first reference label is used in the specification, the description is applicable to any one of the similar components having the same first reference label irrespective of the second reference label.
[0023] FIG. 1 illustrates exemplary architecture (100) in which or with which proposed system may be implemented, in accordance with an embodiment of the present disclosure.
[0024] FIG. 2 illustrates an exemplary representation (200) of a system (102) for facilitating a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
[0025] FIG. 3 illustrates a flow diagram (300) showing exemplary representation for generation of an allotrope, in accordance with an embodiment of the present disclosure.
[0026] FIG. 4 illustrates an exemplary representation (400) for generation of one or more allotropes using a content transformation engine, in accordance with another embodiment of the present disclosure.
[0027] FIG. 5 is a flow diagram (500) illustrating an exemplary generation of an output file, in accordance with an embodiment of the present disclosure.
[0028] FIG. 6A illustrates a flow diagram (600) illustrating an exemplary generation of decoding an out carrier file to facilitate a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure.
[0029] FIG. 6B illustrates a flow diagram (650) illustrating an exemplary overview showing functioning of a machine learning model associated with an allotrope generating engine and an allotrope reversing engine of FIG. 2, in accordance with an embodiment of the present disclosure.
[0030] FIGs. 7A-7B illustrate flow diagrams (700, 750) illustrating exemplary methods forfacilitating a secure storage and access to a confidential information, in accordance with an embodiment of the present disclosure.
[0031] FIG. 8 refers to the exemplary computer system (800) in which or with which embodiments of the present invention can be utilized in accordance with embodiments of the present disclosure.
DETAILED DESCRIPTION
[0032] The following is a detailed description of embodiments of the disclosure depicted in the accompanying drawings. The embodiments are in such detail as to clearly communicate the disclosure. However, the amount of detail offered is not intended to limit the anticipated variations of embodiments; on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the present disclosure as defined by the appended claims.
[0033] In the following description, numerous specific details are set forth in order to provide a thorough understanding of embodiments of the present invention. It will be apparent to one skilled in the art that embodiments of the present invention may be practiced without some of these specific details. Embodiments of the present invention include various steps, which will be described below. The steps may be performed by hardware components or may be embodied in machine-executable instructions, which may be used to cause a general-purpose or special-purpose processor programmed with the instructions to perform the steps. Alternatively, steps may be performed by a combination of hardware, software, and firmware and/or by human operators.
[0034] If the specification states a component or feature “may”, “can”, “could”, or
“might” be included or have a characteristic, that particular component or feature is not required to be included or have the characteristic.
[0035] As used in the description herein and throughout the claims that follow, the meaning of “a,” “an,” and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise.
[0036] Thus, for example, it will be appreciated by those of ordinary skill in the art that the diagrams, schematics, illustrations, and the like represent conceptual views or processes illustrating systems and methods embodying this invention. The functions of the various elements shown in the figures may be provided through the use of dedicated hardware as well as hardware capable of executing associated software.
[0037] Embodiments of the present invention may be provided as a computer program product, which may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program the computer (or other electronic devices) to perform a process. The term “machine-readable storage medium” or “computer-readable storage medium” includes, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc read-only memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware). A machine-readable medium may include a non-transitory medium in which data may be stored and that does not include carrier waves and/or transitory electronic signals propagating wirelessly or over wired connections. Examples of a non-transitory medium may include but are not limited to, a magnetic disk or tape, optical storage media such as compact disk (CD) or digital versatile disk (DVD), flash memory, memory or memory devices. A computer program product may include code and/or machine-executable instructions that may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
[0038] Systems depicted in some of the figures may be provided in various configurations. In some embodiments, the systems may be configured as a distributed system where one or more components of the system are distributed across one or more networks in a cloud computing system.
[0039] All methods described herein may be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The use of any and all examples, or exemplary language (e.g., “such as”) provided with respect to certain embodiments herein is intended merely to better illuminate the invention and does not pose a limitation on the scope of the invention otherwise claimed. No language in the specification should be construed as indicating any non-claimed element essential to the practice of the invention.
[0040] The present disclosure relates to a system and method for facilitating enhanced and secure storage, sharing, access (or exchange) of confidential information. More particularly, the present disclosure relates to a system and method for facilitating a secure storage (and/or sharing) of the confidential information pertaining to a first entity. The system and method also facilitate a secure access of the confidential information to a second entity. FIG. 1 illustrates exemplary network architecture in which or with which proposed apparatus can be implemented, in accordance with an embodiment of the present disclosure. As illustrated, the exemplary architecture (100) includes a system (102) for facilitating a secure storage and access of a confidential information pertaining to a first entity (104). The first entity (104)may be associated with a first entity device (114). The system may receive an input data including an original dataset that may include the confidential information of the first entity (104). The system 102 may receive the original dataset from the first entity through the first entity device 114. The original dataset may include one or more elements bearing with the confidential information and an original carrier file. The original carrier file may pertain to a desired format pertaining to at least one of formatting and embedding of the confidential information needs. The one or more elements may be reconstructed into an electronic form including one or more contents. The system (102) may enable to transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form. The one or more allotropes may be generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data. Upon generation of the one or more allotropes, the system (102) may generate a space in the original carrier file and may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file. The generated space may be as per predefined rules, automatically selected or customized. The output file may include the one or more allotropes in an embedded form to allow the secure storage to the confidential information pertaining to the first entity. In an embodiment, the one or more allotropes may be specific to at least one of the original carrier file and the one or more elements. The output file generation may be reversible and the system 102 may enable a second entity 106 to have a secure access of the confidential information by transforming (or reversing/decoding) the output file into the original dataset and the one or more elements. The second entity 106 may be associated with a second entity device 116. The first entity device 114 and the second entity device 116 may be communicably coupled with the system 102 via a network 108. The system 102 may be communicably coupled with a server 112. In another embodiment, the first entity device 114 and the second entity device 116 may communicate via short-distance based communication techniques. In another embodiment, the sharing/access of the output file may through physical form/copy such as including, but not limited to, a print-out and a photograph. The original carrier file may correspond to a carrier file or a base file. In an example embodiment, the original carrier file may correspond to the carrier file if an allotrope needs to be embedded and shared. In another example embodiment, the original carrier file may correspond to the base file if an allotrope needs to be generated using input data based on base file and the generated allotrope can be shared directly without embedding into base (i.e. optional embedding).
[0041] In an embodiment, the first entity device 114 and the second entity device 116 may be accessed by applications residing on any operating system, including but not limited to, Android ™, iOS ™, and the like. In an embodiment, the first entity device 114 and the second entity device 116 may include, but not limited to, any of a smartphone, a mobile electronic device, a smart computing device a laptop, a personal computer, a personal digital assistant, a handheld device, and a workstation. The term “a smart computing device” refers to a computing device that may be associated to other devices or networks via wireless protocols, and may operate interactively or independently. In a preferred embodiment, the first entity device 114 and the second entity device 116 may be a mobile phone, hand-held device or a computer associated with one or more input devices. In an embodiment, the first entity device 114 and the second entity device 116 can include input device including, but not limited to, keyboard, mouse, touch pad, touch enabled screen and the like that can be used to receive the input data or the output file. It may be appreciated that the first entity device 114 and the second entity device 116 may not be restricted to the mentioned devices and various other devices may be used.
[0042] In an embodiment, the first entity 104 and the second entity 106 may include, without limitation, one or more individual users, group of users, an organization, a group of organizations, an institution, a company, a university, a medical institution, a crime- mitigation department, a defence organization, a verification agency and the like. In an embodiment, the first entity 104 may be a sender (directly or indirectly related to the confidential information) and the second entity 106 may be recipient or an authorized person to access the confidential information. In an exemplary embodiment, the first entity 104 may be a participating entity who may need to share the confidential information with the second entity 106 or any other entities. In another embodiment, both the first entity 104 as well as the second entity 106 may be participating entities and may need to safely store respective confidential information, either independently or in collaboration. In an embodiment, the first entity 104 may be directly or indirectly related to the confidential information in the input data, either alone or in association to other users and may require secure storage of the confidential information. In another exemplary embodiment, the term “second entity” may refer to an individual, group of people or an organization that may require secure access to the confidential information of the first entity 104. In an embodiment, the first entity 104 may be an individual directly related to the confidential information. In another embodiment, the first entity may be directly related to the confidential information such as an intermediate party who may have an authorization to share the confidential information pertaining to an individual or organization. Various other individuals, groups or organization may be referred to or included as entities within the scope of the present disclosure.
[0043] In an embodiment, the confidential information/one or more elements may include, without limitation, one or more attributes/content pertaining to status, condition, authenticity, evidence or validity of one or more aspects associated with the first entity. For example, the confidential information/one or more elements may include at least one of a textual data, an image, an audio, and a video associated with the first entity such as including, but not limited to, an employment, education, personal information, family information, financial information, nationality, fitness or physical abilities, medical history, legal information, criminal records and other such aspects that may be related to the first entity or other individuals/organization authorizing the first entity to act on their behalf. Various other attributes may be included in the confidential information/one or more elements.
[0044] In one implementation, the first entity device 114 and the second entity device
116 may be communicably coupled to the system (102) through the communication network (108) that can be a wireless network, a wired network or a combination thereof. The communication network can be implemented as one of the different types of networks, such as intranet, local area network (LAN), wide area network (WAN), the internet, and the like. Further, the communication network may either be a dedicated network or a shared network. The shared network represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), Wireless Application Protocol (WAP), and the like, to communicate with one another. Further the network 108 can include a variety of network devices, including routers, bridges, servers, computing devices, storage devices, and the like. In another implementation the network 108 can be cellular network or mobile communication network based on various technologies, including but not limited to, Global System for Mobile (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Long Term Evolution (LTE), WiMAX, and the like. In another embodiment, the network may be physical in nature, wherein the output file may be shared through physical communication. One such example of the physical communication may be print-out of the output file and/or a photograph, which can be shared with the second entity. The second entity may scan the physical form (print-out or photograph) for further transformation (or reversal) of the output file. It may be appreciated that the present embodiments are only exemplary and various other scenarios are also possible.
[0045] FIG. 2 with reference to FIG. 1, illustrates an exemplary representation of system 102for facilitating a secure storage and access to a confidential information, in accordance with an embodiment of the present disclosure. In an aspect, the system 102may include one or more processor(s) 202. The one or more processor(s) (202) may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, logic circuitries, and/or any devices that process data based on operational instructions. Among other capabilities, the one or more processor(s) (202) may be configured to fetch and execute computer-readable instructions stored in a memory (204) of the system (102). The memory (204) may be configured to store one or more computer-readable instructions or routines in a non-transitory computer readable storage medium, which may be fetched and executed to create or share data packets over a network service. The memory (206) may include any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as EPROM, flash memory, and the like.
[0046] In an embodiment, the system 102 may include an interface(s) 206. The interface(s) 206 may include a variety of interfaces, for example, interfaces for data input and output devices, referred to as I/O devices, storage devices, and the like. The interface(s) 206 may facilitate communication of the computing device or server 112. The interface(s) 206 may also provide a communication pathway for one or more components of the centralized computing device 112. Examples of such components include, but are not limited to, processing engine(s) 208 and a database 230. [0047] The processing engine(s) 208 may be implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processing engine(s) 208. In examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the processing engine(s) 208 may be processor executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processing engine(s) 208 may include a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the machine -readable storage medium may store instructions that, when executed by the processing resource, implement the processing engine(s) 208. In such examples, the system 102 may include the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine -readable storage medium may be separate but accessible to the system 102 and the processing resource. In other examples, the processing engine(s) 208 may be implemented by electronic circuitry. The processing engine 208 may include one or more engines selected from an allotrope generating engine 216, allotrope embedding engine 218, an allotrope reversal engine 220, a content generating engine 212 and other engines 222for processing one or more instructions. In an embodiment, the allotrope generating engine 216 may be configured to receive the input data including the original dataset bearing the confidential information. The one or more elements may be reconstructed into an electronic form including one or more contents. The content generating engine 212 may be configured to convert the one or more elements of the original dataset into the electronic form selected from at least one of a storable format, a shareable format and a embeddable format. The allotrope generating engine 216 may transform the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form. The allotrope embedding engine 218 may be configured to generate a space in the original carrier file to allow embedding the one or more allotropes. The allotrope embedding engine 218 may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file. The allotrope reversalengine 220 may be configured to receive the output file including the one or more allotropes in the embedded form. The allotrope reversalengine 220may reconstruct the output file into an output dataset including the original carrier file and the one or more contents of the original dataset. The database 230 may include data that may be either stored or generated as a result of functionalities implemented by any of the components of the processing engine(s) 208 or the serverl 12. [0048] In an embodiment, each of the one or more allotropes may be specific to at least one of the original carrier file and the one or more elements in the original dataset. FIG. 3 illustrates a flow diagram (300) showing exemplary representation for generation of an allotrope, in accordance with an embodiment of the present disclosure. The term allotropes may be defined as a transformed content carrying the same information as the one or more contents of the original dataset (i.e. input to generator function), which however may differ in their look (form) and/or storage/data format and other such attributes. For example, the contents may be in form of text “xyz” that may be transformed into some image “abc.jpg” which may be a function (generator) based output for the given input of text “xyz” and the original carrier file. In an exemplary embodiment, at 302, the allotrope generating engine 216 may receive an electronic form of input data, wherein the electronic form may include one or more contents corresponding to one or more elements. At 304, the allotrope generating engine 216 may generate the allotrope by modification of the one or more contents in the input data by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data. Thus content or format of content associated with the one or more elements of input data or both together may be transformed in a reversible way, depending upon requirements of first entity and/or the second entity and based on the original carrier file. At 306, the allotrope generating engine 216 may generate the allotropes that can be further embedded in the original carrier file.
[0049] In an embodiment, the one or more contentsmay pertain to at least one dimension specific to a domain, wherein the at least one dimension may include multiple features pertaining to the one or more elements and corresponding values of features. FIG. 4 illustrates an exemplary representation (400) for generation of one or more allotropes, in accordance with another embodiment of the present disclosure. As shown in FIG. 4, an input data may include one or more elements (Element- 1 as 402-1, Element-2 as 402-2, .
Element-N as 402-N, hereinafter referred to as elements 402). Each element 402 may hold a set of values against dimensions (or keys) (Dimension- 1 as 404-1, Dimension-2 as 404-2,... Dimension-N as 404-N, hereinafter referred to as dimension 404), which may be applicable in the domain of interest. For example, a patient’s personal information may be an element in medical domain and the personal information may include features such as name, gender, age, disease, date of admit, symptoms, doctor’s name, referrer’s details, and the like, along with its corresponding values, which in overall can be considered as dimensions of personal information. In another example, in defence and police domain, an element may be criminal/ enemy identity and this may include features such as name, gender, age, place, crime or mission information, photograph, and the like, which may be considered as dimensions of personal information. The values of all such dimensions may be received in an electronic form (text, image, video, audio and the like) or physical form (such as photograph, scanned file records and the like). In the next step, the content generating engine 212 that may be associated with one or more content creators (408-1, 408-2,408-3,....408-N), may optionally receive elements as input and reconstruct the elements into an electronic form including one or more contents (one or more contents labelled as Content- 1, Content-2, . Content-N) that may in storable/ sharable or embeddable format. In an exemplary embodiment, the content creator may be a camera, scanner or any such device that may be able to reconstruct the elements into one or more contents. For example, a physical copy of photograph may be converted into soft form of image such as electronic image using camera or scanner. Based on the output from the content generating engine 212(one or more contents labelled as
Content- 1, Content-2, . Content-N) and the original carrier file(s), the allotrope generating engine 216 may generate (410)one or more allotropes (412) from the one or more contents as also explained earlier in FIG. 3.
[0050] FIG. 5 is a flow diagram (500) illustrating an exemplary generation of an output file, in accordance with an embodiment of the present disclosure. In an example embodiment, based on the allotrope generation as explained in FIG. 3, the system (102) may enable joining of one allotrope with another allotrope (generated as per FIG.3) using references 508 at a present level of communication (such as embedding user’s information, timeline history, and the like). The system 102 (or the allotrope embedding engine 220) of FIG. 5 may generate a space (506) in the original carrier file to allow embedding the one or more allotropes. The allotrope embedding engine 220 may embed the one or more allotropes in the generated space of the original carrier file to obtain an output file (512) including the one or more allotropes in an embedded form to allow the secure storage to the confidential information pertaining to the first entity. Thespace in the original carrier file may be generated without modifying ordistortingthe content of the original carrier file. The space may be generated by adding a redundant space in the original carrier file, for example, by extra space creation by adding redundant space in carrier image, such that allotropes can be embedded or stored in this space to get embedded file (output file). The original carrier or base files may be a single file or multiple files of desired format and, the output files may also be a single file or multiple files. [0051] FIG. 6A is a flow diagram (600) illustrating an exemplary generation or decoding of an output file to facilitate a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure. As depicted in FIG. 6, an output file (602) can be decoded or transformed by using a predefined reverser function (604) to obtain a output dataset (at 606). At 608, the system may enable re-structuring of the embedded contents to produce desired information in original form. At 610, the system may also enable timeline based history of all desired information from one or more users, who participated in sharing and embedding.
[0052] The decoding of the output file facilitates the second entity to get safe and secure storage and access of the embedded contents (elements and corresponding dimension- values) associated with the confidential information and content therein (shared/hidden). Thus the entire process of information transforming, hiding/ embedding and retrieving is possible in a reversible manner by the present disclosure.
[0053] In an embodiment, the allotrope generating engine and the allotrope reversing engine may include at least one of a machine learning model and an auto -encoder. In an exemplary embodiment, the machine learning model may include a Generative adversarial network (GAN), wherein the machine learning model is trained with a training dataset. The machine learning model may be associated with an algorithm generator function that generates the allotropes or the content therein in a desired format by incorporating the data of original content (input) into format of the original carrier file. The machine learning model may be associated with an algorithm reversal function that decodes or reverses the embedded form of allotropes of the output file to provide access to the original content (elements/dimensions)of the original carrier file. Further, the algorithm generator function and/or algorithm reversal function may be trained (independently or jointly) with more training datasets to learn how to generate/ create allotropes for the given inputs (original dataset including elements/contents and carrier file), as well as how to decode/ reduce the data to the original content back from the allotrope, whenever required in future.
[0054] FIG. 6Billustrates a flow diagram (650) illustrating an exemplary overview for the functioning of a machine learning model, in accordance with an embodiment of the present disclosure. As shown in FIG. 6B, the overview of flow diagram 650 may correspond to at least one of theallotrope generating engine 216 and an allotrope reversing engine 220 (as covered in FIG. 2). One such example may include the Generative adversarial network (GAN), wherein the machine learning model is trained with a training dataset(s). For generating the training dataset(s), a single or a group of carrier files (original carrier file or base files) 652 may be processed for data sampling (654) to obtain carrier/base samples (656) i.e. a first set of training data. In addition, one or more contents of training files (bearing confidential information) may be processed, through a generator function 658, based on the group of carrier files/base files 652, with the intention of data sampling (662) and allotrope sampling (664) to obtain a second set of training data. The first set of training data and the second set of training data may be used to train the machine learning model corresponding to GAN, based on a discriminator or reverser function (666). The purpose of training may be identification of the original carrier sample and allotrope samples (at 668). Based on the training, a trained model may be obtained. The accuracy of the precision of the trained model may be checked using standard methods and based on the prediction of the contents (at 670) of the training dataset. The trained model can be further used for prediction of contents of actual files (test dataset). In another embodiment, the generator function 658 and the reverser function 666 may be a part of the same or separate machines/models that may be trained and validated with training dataset and test dataset. Various other embodiments pertaining to the possible functioning or implementation of machine learning model may be possible.
[0055] In an embodiment, the technique as elaborated in FIG. 4 can be repeatedly used as per the requirement of the first entity and/or the second entity, with whom embedded file is to be shared in physical and/or non-physical form. In an embodiment, the output file may be at least one of a physical file and an electronic file. In another embodiment, the output file may be enabled to be shared between the first entity and the second entity through at least one of a physical communication channel and a non-physical communication channel. The physical communication may be through any technique including, but not limited to, fax, print-out or photo-copying, whereas the non-physical communication channel may include, without limitation, an electronic communication such as sharing electronically through email, message, and other such communication. In an exemplary embodiment, the first entity may be able to generate the output file through a first set of instructions executable on the first entity device and the second entity may be able to access the output file as well as the reversal/decoded form of the same through a second set of instructions executable on the second entity device. In another embodiment, the generation of the output file and/or the reversal of the same to generate the original carrier file and elements, may be done locally, wherein the system may be configurable in the first entity device and/or the second entity device.
[0056] FIGs. 7A-7B illustrate flow diagrams showing an exemplary method for facilitating a secure storage and access of a confidential information, in accordance with an embodiment of the present disclosure. FIG. 7A illustrate flow diagram (700) showing an exemplary method for facilitating a secure storage of a confidential information. At 702, the method includes a step of receiving, by a processor, an input data including an original dataset including the confidential information, wherein the original dataset includes one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file pertains to a desired format pertaining to at least one of formatting and embedding of the confidential information. At 704, the method includes a step of reconstructing, by the processor, the one or more elements into an electronic form comprising one or more contents. At 706, the method may include a step of transforming, by the processor, the one or more contents, based on a predefined generator function, to generate one or more allotropes bearing the confidential information in an undetectable form, the one or more allotropes are generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data. At 708, the method may include a step of generating, by the processor, a space in the original carrier file to allow embedding the one or more allotropes. At 710, the method may include a step of embedding, by the processor, the one or more allotropes in the generated space of the original carrier file to obtain an output file, wherein the output file includes the one or more allotropes in an embedded form to allow the secure storage of the confidential information pertaining to the first entity. At 712, the output files may be shared physically or electronically.
[0057] FIG. 7B illustrate flow diagram (750) showing an exemplary method for facilitating a secure access of the confidential information. At 752, the method may include a step of receiving, by the processor, the output file including the one or more allotropes in the embedded form. At 752, the method may include a step of transforming, by the processor, the output file into an output dataset including the original carrier file and the one or more contents of the original dataset.
[0058] For better clarity and understanding of the implementation of the present invention, the above described system and method are further explained by real-world examples. It may be appreciated that the present disclosure is not limited by these examples and several other examples/embodiments are possible. Example 1 pertaining to Medical domain:
Consider, a medical professional (first entity) who may to get opinion of another doctor (second entity)on a particular case of any patient. The medical professional (first entity) may need to share pathological data (for example, body parts scan) along with patient’s medical history and its personal information. Here, to avoid revealing of patient’s confidential information (such as its medical history <element-l and personal details <element-2), these information together are used to generate allotrope(s) using either of pathological scan images as original carrier file through implementation as described in FIGs. 3 and 4. Further, one or more such allotropes (depending upon need) may be embedded/ hidden in original carrier file through the implementation as described in FIG. 5 to achieve the embedded file (output file). These embedded file/s can be shared through any physical or non-physical communication channel. In case of an example of the physical medium, printed copy of embedded file may be sent to receivers, wherein receivers can get it scanned again to get soft copy or electronic copy of the embedded file. Only secondary users (second entity) can see the confidential information shared with them via the implementation as described in FIG. 6. These secondary users can further embed its opinion or diagnostic summary along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described in FIG. 5 again and send back/ share to primary user (first entity). Using implementation as described in FIG. 6, the system can enlist all the content history (contents, time and user’s or entity’s references, and the like) in structured manner separated from received embedded file.
Example 2 pertaining to Crime domain:
Consider, any detective professional wants to share/ get information on a particular case of any crime or suspect. He / she (primary user/first entity) may need to share criminal’s data (for example, photograph, sketch) along with suspect’s crime history and its personal information. Here, to avoid revealing of suspect’s confidential information (such as its crime history <element-l and personal details <element-2), these information together are used to generate allotrope(s) using either of suspect’s photograph as carrier file through implementation as described in FIGs. 3 and 4. Further, one or more such allotropes (depending upon need) are embedded/ hidden in original carrier file through implementation as described in FIG. 5 to achieve the embedded file (output file). These embedded file/s can be shared through any physical or non-physical communication channel with a second entity. In case of physical medium, printed copy of embedded file may be sent to receivers, wherein receivers can get it scanned again to get soft form of file. Only such secondary users (second entity) can see the confidential information shared with them using implementation as described in FIG. 6. The users can further embed its findings or suspect’s additional information (again a content at secondary user level) along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described in FIG. 5 and send back/ share to primary user. Using implementation as described in FIG. 6, the system can enlist all the content history (contents, time and user’s references) in structured manner separated from received embedded file. Example 3 pertaining to Defence domain:
Consider, if any defence personnel (first entity) wants to share/ get information on a particular case of any enemy or mission such as enemy’s data (photograph, sketch) along with suspect’s background and confidential information associated with mission. To avoid revealing of confidential information (such as its enemy’s background <element-l and other confidential details <element-2), these information together may be used to generate allotrope/s using either of input photographs as carrier through implementation as described FIGs. 3 and 4. Further, one or more such allotropes (depending upon need) may be embedded/ hidden in carrier file through implementation as described FIG. 4 to achieve the embedded file. These embedded file/s can be shared through any physical or non-physical communication channel. In case of physical medium, printed copy of embedded file may be sent to receivers (second entity), wherein receivers can get it scanned again to get soft form of file. Only secondary users can see the confidential information shared with them using implementation as described FIG. 6, if they are provided access to the system. The secondary users can further embed their findings or suspect’s additional information (again a content at secondary user level) along with the timeline information and / or reference of secondary user (optional) into the received embedded file using implementation as described FIG. 5 again and send back/ share to primary user. Using implementation as described FIG. 6, the system can enlist all the content history (contents, time and user’s references) in structured manner separated from received embedded file. This way, embedded file can be shared in public/ private domain without need of encryption, though it is carrying confidential information. Since, only the primary or specific secondary users control trained / learned generator and reducer system, therefore, none other than desired users can decode the embedded content (confidential information) into it. For other users who may not be authorized to access, the output file may be inaccessible or unidentifiable. [0059] Thus the system and method of the present disclosure enables targeted sharing of confidential information in public domain. The confidential information can be accessed by desired users only as decided by primary users (first entity). Since, learning and training of system (allotrope generation engine/allotrope reversal engine) is done at the side of primary user, therefore no other user in public domain can decode or extract confidential information other than targeted users (second entity). The technique also does not change the values of memory- space units of original carrier file, but only rearranges the space to create the space for embedding, which can be restored while decoding. Further, desired or confidential information may not be hidden in their original form but in transformed form/ format (allotropic version), so that the confidential information is not read by any general user, thus leading to a loss-less technique to conventional steganography method that hides the information by changing form / format of confidential information into carrier file without using memory space of carrier’s file values. Several other advantages may be realized by the implementation of the system or method of the present disclosure described herein.
[0060] FIG. 8 illustrates an exemplary computer system in which or with which embodiments of the present invention can be utilized in accordance with embodiments of the present disclosure. As shown in FIG. 8, computer system 800 can include an external storage device 810, a bus 820, a main memory 830, a read only memory 840, a mass storage device 850, communication port 860, and a processor 870. A person skilled in the art will appreciate that the computer system may include more than one processor and communication ports. Examples of processor 870 include, but are not limited to, an Intel® Itanium® or Itanium 2 processor(s), or AMD® Opteron® or Athlon MP® processor(s), Motorola® lines of processors, FortiSOC™ system on chip processors or other future processors. Processor 870 may include various engines associated with embodiments of the present invention. Communication port 860 can be any of an RS-232 port for use with a modem based dialup connection, a 10/100 Ethernet port, a Gigabit or 10 Gigabit port using copper or fiber, a serial port, a parallel port, or other existing or future ports. Communication port 860may be chosen depending on a network, such a Local Area Network (LAN), Wide Area Network (WAN), or any network to which computer system connects. Memory 830 can be Random Access Memory (RAM), or any other dynamic storage device commonly known in the art. Read only memory 840 can be any static storage device(s) e.g., but not limited to, a Programmable Read Only Memory (PROM) chips for storing static information e.g., start-up or BIOS instructions for processor 870. Mass storage 850 may be any current or future mass storage solution, which can be used to store information and/or instructions. Exemplary mass storage solutions include, but are not limited to, Parallel Advanced Technology Attachment (PATA) or Serial Advanced Technology Attachment (SATA) hard disk drives or solid-state drives (internal or external, e.g., having Universal Serial Bus (USB) and/or Firewire interfaces), e.g. those available from Seagate (e.g., the Seagate Barracuda 7102 family) or Hitachi (e.g., the Hitachi Deskstar 7K1000), one or more optical discs, Redundant Array of Independent Disks (RAID) storage, e.g. an array of disks (e.g., SATA arrays), available from various vendors including Dot Hill Systems Corp., LaCie, Nexsan Technologies, Inc. and Enhance Technology, Inc.
[0061] Bus 820 communicatively couples processor(s) 870 with the other memory, storage and communication blocks. Bus 820 can be, e.g. a Peripheral Component Interconnect (PCI) / PCI Extended (PCI-X) bus, Small Computer System Interface (SCSI), USB or the like, for connecting expansion cards, drives and other subsystems as well as other buses, such a front side bus (FSB), which connects processor 870 to software system.
[0062] Optionally, operator and administrative interfaces, e.g. a display, keyboard, and a cursor control device, may also be coupled to bus 820 to support direct operator interaction with a computer system. Other operator and administrative interfaces can be provided through network connections connected through communication port 860. The external storage device 810 can be any kind of external hard-drives, floppy drives, IOMEGA® Zip Drives, Compact Disc - Read Only Memory (CD-ROM), Compact Disc-Re- Writable (CD-RW), Digital Video Disk-Read Only Memory (DVD-ROM). Components described above are meant only to exemplify various possibilities. In no way should the aforementioned exemplary computer system limit the scope of the present disclosure.
[0063] While the foregoing describes various embodiments of the invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof. The scope of the invention is determined by the claims that follow. The invention is not limited to the described embodiments, versions or examples, which are included to enable a person having ordinary skill in the art to make and use the invention when combined with information and knowledge available to the person having ordinary skill in the art. ADVANTAGES OF THE PRESENT DISCLOSURE
[0064] The present disclosure enables confidential information to be accessed by desired users only as decided by primary users (first entity).
[0065] The present disclosure enables to provide secure storage and access to desired or confidential information that may not be hidden in their original form but in transformed form/ format (allotropic version). [0066] The present disclosure can enable to embed elements pertaining to the confidential information without distorting or hampering space of a carrier file i.e. it does not change the values of memory-space units of original carrier file, but only rearranges the space to create the space, which can be restored while decoding. [0067] The present disclosure can provide history of information hiding, as well as enable the recipient of the confidential information to modify the embedded information without repeating entire steganography process or without having access to original carrier.

Claims

laim:
1. A system for facilitating a secure storage and access of a confidential information, the system comprising: a processor coupled with a memory, said processor comprising: an alio trope generating engine configured to: receive an input data comprising an original dataset comprising the confidential information, wherein the original dataset comprises one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file pertains to a requisite format pertaining to at least one of formatting and embedding of the confidential information, wherein the one or more elements are reconstructed into an electronic form comprising one or more contents; and transform the one or more contents, based on a predefined generator function, to generate one or more allotropes comprising the confidential information in an undetectable form, the one or more allotropes are generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data; and an alio trope embedding engine configured to: generate a space in the originalcarrier file to allow embedding the one or more allotropes; and embed the one or more allotropes in the generated space of the originalcarrier file to obtain an output file, wherein the output file comprises the one or more allotropes in an embedded form to allow the secure storage of the confidential information.
2. The system as claimed in claim 1, the processor comprises a content generating engine configured to reconstruct the one or more elements of the original dataset into the one or more contents in the electronic form selected from at least one of a storable format, a shareable format and an embeddable format.
3. The system as claimed in claim 1, wherein the confidential information pertains to a first entity, wherein each of the one or more allotropes are specific to at least one of the original carrier file and the one or more contents, wherein the output file is enabled to be transformed reversibly to obtain the original dataset and the one or more contents for secure access of the confidential information by a second entity.
4. The system as claimed in claim 1, the processor comprises an allotrope reversing engine configured to: receive the output file comprising the one or more allotropes in the embedded form; and transform, based on a predefined reverser function, the output file to obtain an output dataset comprising the original carrier file and the one or more contents of the original dataset.
5. The system as claimed in claim 4, wherein the space in the original carrier file is generated without modifying the content of the original carrier file, wherein the space is generated by adding a redundant space in the original carrier file, wherein the redundant space is generated manually or automatically.
6. The system as claimed in claim 4, wherein the output file is at least one of a physical file and an electronic file, wherein the output file is enabled to be shared between the first entity and the second entity through at least one of a physical communication channel and a non-physical communication channel, wherein the system enables joining of one allotrope with another allotrope using a reference at a present level of communication based on an input including at least one of first entity information, second entity information, timeline history and details pertaining to the allotropes.
7. The system as claimed in claim 4, wherein at least one of the allotrope generating engine and the allotrope reversing engine include machine learning model including Generative adversarial network (GAN) and an auto-encoder, wherein the machine learning model includes a Generative adversarial network (GAN), wherein the machine learning model is trained with a training dataset.
8. The system as claimed in claim 1, wherein the one or more contents pertain to at least one dimension specific to a domain, wherein the at least one dimension comprises multiple features pertaining to the one or more elements and corresponding values of features, wherein the one or more elements comprise at least one of a textual data, an image, an audio, and a video, wherein the system enables re-structuring of the embedded form to provide the confidential information in an original form, wherein the system enables timeline based history of all desired information from at least one of the first entity and the second entity participating in at least one of sharing and embedding the confidential information.
9. A method for facilitating a secure storage and access of a confidential information pertaining to a first entity, the method comprising the steps of: receiving, by a processor, an input data comprising an original dataset comprising the confidential information, wherein the original dataset comprises one or more elements bearing the confidential information and an original carrier file, wherein the original carrier file pertains to a requisite format pertaining to at least one of formatting and embedding of the confidential information; reconstructing, by the processor, the one or more elements into an electronic form comprising one or more contents; transforming, by the processor, the one or more contents, based on a predefined generator function, to generate one or more allotropes comprising the confidential information in an undetectable form, the one or more allotropes are generated by modification of the one or more contents by performing at least one of masking the confidential information in the one or more elements into an unidentifiable form and modifying the format of the input data; generating, by the processor, a space in the original carrier file to allow embedding the one or more allotropes; and embedding, by the processor, the one or more allotropes in the generated space of the original carrier file to obtain an output file, wherein the output file comprises the one or more allotropes in an embedded form to allow the secure storage of the confidential information pertaining to the first entity.
10. The method as claimed in claim 9, wherein the method comprises: receiving, by the processor, the output file comprising the one or more allotropes in the embedded form; and reconstructing, by the processor, based on a predefined reverser function, the output file into an output dataset comprising theoriginal carrier file and the one or more contents of the original dataset to allow the secure access of the confidential information to a second entity.
PCT/IB2021/060442 2021-06-12 2021-11-11 A system and method for facilitating security of confidential information WO2022259037A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN202121026251 2021-06-12
IN202121026251 2021-06-12

Publications (1)

Publication Number Publication Date
WO2022259037A1 true WO2022259037A1 (en) 2022-12-15

Family

ID=84424790

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2021/060442 WO2022259037A1 (en) 2021-06-12 2021-11-11 A system and method for facilitating security of confidential information

Country Status (1)

Country Link
WO (1) WO2022259037A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070016794A1 (en) * 2005-06-16 2007-01-18 Harrison Keith A Method and device using one-time pad data
US20160062918A1 (en) * 2014-08-27 2016-03-03 International Business Machines Corporation Receipt, Data Reduction, and Storage of Encrypted Data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070016794A1 (en) * 2005-06-16 2007-01-18 Harrison Keith A Method and device using one-time pad data
US20160062918A1 (en) * 2014-08-27 2016-03-03 International Business Machines Corporation Receipt, Data Reduction, and Storage of Encrypted Data

Similar Documents

Publication Publication Date Title
US11403746B2 (en) Methods for requesting and authenticating photographic image data
US10361866B1 (en) Proof of image authentication on a blockchain
Meyers et al. Computer forensics: The need for standardization and certification
US20170061153A1 (en) Selective Policy Based Content Element Obfuscation
Wheeler et al. Cloud storage security: A practical guide
KR20230036100A (en) Image distribution using synthetic re-encrypted images
CN109583229A (en) A kind of privacy information is traced to the source evidence collecting method, apparatus and system
JP2023101763A (en) Data management system and data management method
Krishnan et al. Interplay of digital forensics in ediscovery
Steinebach et al. Channel steganalysis
WO2022259037A1 (en) A system and method for facilitating security of confidential information
WO2019200105A1 (en) System and method of correlating multiple data points to create a new single data point
Liu et al. Subverting privacy-preserving gans: Hiding secrets in sanitized images
US20220335154A1 (en) Predictive response-generation systems to facilitate timely compliance with information-disclosure laws
Nyeem A digital watermarking framework with application to medical image security
Kaushik et al. Unleashing the Art of Digital Forensics
Casey et al. Using standardization and ontology to enhance data protection and intelligent analysis of electronic evidence
Snijder Biometrics, surveillance and privacy
Shchegoleva et al. New Technologies for Storing and Transferring Personal Data
Rodriguez et al. A Cycle-GAN Based Image Encoding Scheme for Privacy Enhanced Deep Neural Networks
Mutharasan et al. Ethereum-Based Certificate Creation and Verification Using Blockchain
Lu Investigating steganography in audio stream for network forensic investigations: detection & extraction
Roychowdhury et al. A Hybrid and Multi-objective Approach for Data Leak and Tamper Detection in Healthcare Cloud Data
JP7187283B2 (en) data management system
Murdoch et al. The sources and characteristics of electronic evidence and artificial intelligence

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21944960

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE