Data in a database can be protected, for instance by tokenizing the entries of the database using one or more token tables. To enable searching data within the database without first detokenizing the tokenized database entries, bigrams of each data entry can also be tokenized and stored in association with the tokenized data entry. When a query term is received, the query term can be parsed into bigrams, and each bigram can be tokenized. The tokenized query bigrams can be used to query the database, and tokenized database entries corresponding to tokenized bigrams that match the tokenized query bigrams can be identified and returned as search results.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.
Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.
Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
10.
Parallel tokenization of floating point information in a distributed network environment
Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
11.
Data tokenization and search in a distributed network
Data in a database can be protected, for instance by tokenizing the entries of the database using one or more token tables. To enable searching data within the database without first detokenizing the tokenized database entries, bigrams of each data entry can also be tokenized and stored in association with the tokenized data entry. When a query term is received, the query term can be parsed into bigrams, and each bigram can be tokenized. The tokenized query bigrams can be used to query the database, and tokenized database entries corresponding to tokenized bigrams that match the tokenized query bigrams can be identified and returned as search results.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 16/22 - IndexationStructures de données à cet effetStructures de stockage
Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first sub string of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first sub string of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second sub string of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.
Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 3/06 - Entrée numérique à partir de, ou sortie numérique vers des supports d'enregistrement
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04N 7/16 - Systèmes à secret analogiquesSystèmes à abonnement analogiques
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04N 7/16 - Systèmes à secret analogiquesSystèmes à abonnement analogiques
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
A database security system protects a data table at both the column level and the individual data record level. Access to data records within the data table is governed by categories assigned to data records, by user roles assigned to users, and by a set of security access tables. A first access table maps data record identifiers to data record categories, data record protection schemes, and corresponding scheme keys. A second access table maps user roles to data record categories. A third access table maps column identifiers to column protection schemes and corresponding scheme keys. A fourth access table maps user roles to column identifiers. If a user requests access to a data record, the security access tables are queried using the data record identifier, the associated column identifier, and the user roles associated with the user to determine if the user can access the requested data record.
A tokenization system includes a vector table and one or more token tables. The tokenization system accesses sensitive data and a vector from a vector table column, and modifies the sensitive data based on the accessed vector. The tokenization system then queries the one or more token tables using a portion of the modified data to identify a token mapped to the portion of the modified data. The portion of the modified data is replaced with the token to create tokenized data. The vector table can be updated by replacing a vector table column with an updated vector table column. The tokenization system can modify subsequent data using the updated vector column prior to tokenization.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
42.
Collision avoidance in a distributed tokenization environment
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p. ex. protection des informations personnellement identifiables [PII]
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
Systems and methods are provided for the detection and prevention of intrusions in data at rest systems such as file systems and web servers. The systems and methods regulate access to sensitive data with minimal dependency on a communications network. Data access is quantitatively limited to minimize the data breaches resulting from, e.g., a stolen laptop or hard drive.
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
Applications usually require users to present passwords as a form of identification in order to access user accounts. To improve the security and convenience for accessing such accounts, tokenized passwords may be used in place of or in addition to traditional passwords. Client devices retrieve password rules from an application associated with the user account, and retrieve token tables based on the password rules. The client device receives information from the user for use as a password seed. Using the password seed as an input to the token tables, the client device generates a tokenized password. The tokenized password is transmitted to the application for association with the user account. The tokenized password is not saved at the client device but is re-generated each time the user accesses the account, improving the security of the token-driven password generation system.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
49.
Tokenization in a centralized tokenization environment
Data can be protected in a centralized tokenization environment. A request to tokenize sensitive data is received by an endpoint. A token for use in tokenizing the sensitive data is identified. A token certificate store is queried for a token certificate associated with the identified token. The token certificate can include a token status and use rules describing a permitted use of the token. Responsive to the token certificate store storing the queried token certificate, the endpoint tokenizes the sensitive data using the identified token if the token status indicates the token is available, and subject to the use rules included in the token certificate being satisfied. The token certificate is updated based on the tokenization of the sensitive data with the identified token and stored at the token certificate store.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
G06F 19/00 - Équipement ou méthodes de traitement de données ou de calcul numérique, spécialement adaptés à des applications spécifiques (spécialement adaptés à des fonctions spécifiques G06F 17/00;systèmes ou méthodes de traitement de données spécialement adaptés à des fins administratives, commerciales, financières, de gestion, de surveillance ou de prévision G06Q;informatique médicale G16H)
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p. ex. protection des informations personnellement identifiables [PII]
Shuffling data stored in columnar tables improves data storage security, particularly when used in conjunction with other security operations, such as tokenization and cryptography. A data table is accessed, and pointer values of at least one column of the accessed table are shuffled, generating a protected table. An index table mapping index values to the shuffled pointer values is generated, allowing a user with access to both the protected table and the index table to generate the original table. Without both tables, users are only able to see either the shuffled data or the index values. Example shuffling methods include, but are not limited to, random shuffling, grouped shuffling, sorting by column value, and sorting by index value.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p. ex. protection des informations personnellement identifiables [PII]
Structured data, such as email addresses, social security numbers, and the like is accessed for encoding. A set of encoding rules including one or more encoding actions and/or encoding components corresponding to each of one or more structured data components is accessed. The set of encoding rules can include one or more encoding actions and/or one or more encoding components corresponding to each of one or more structured data components. Encoding actions can include tokenization, encryption, data masking, data modification, and the like. The one or more components of the structured data are encoded based on the accessed set of encoding rules. The encoded structured data is stored, processed, or outputted to an external entity.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test.
A database security system protects a data table at both the column level and the individual data record level. Access to data records within the data table is governed by categories assigned to data records, by user roles assigned to users, and by a set of security access tables. A first access table maps data record identifiers to data record categories, data record protection schemes, and corresponding scheme keys. A second access table maps user roles to data record categories. A third access table maps column identifiers to column protection schemes and corresponding scheme keys. A fourth access table maps user roles to column identifiers. If a user requests access to a data record, the security access tables are queried using the data record identifier, the associated column identifier, and the user roles associated with the user to determine if the user can access the requested data record.
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
A tokenization environment includes a first tokenization system in a first token domain and a second tokenization system in a second token domain. A token mapper accesses a first token from the first tokenization system and maps it to a second token from the second tokenization system. The first token can be a single-use or SLT token mapped to a clear text value within a single-use token table in the first tokenization system. The token mapper can identify the clear text value, and can query a multi-use token table in the second tokenization system with the clear text value to identify a multi-use token (the second token) mapped to the same clear text value. The token mapper can store the association between the first token and the second token in a token map.
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
G06F 7/00 - Procédés ou dispositions pour le traitement de données en agissant sur l'ordre ou le contenu des données maniées
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A tokenization system includes a vector table and one or more token tables. The tokenization system accesses sensitive data and a vector from a vector table column, and modifies the sensitive data based on the accessed vector. The tokenization system then queries the one or more token tables using a portion of the modified data to identify a token mapped to the portion of the modified data. The portion of the modified data is replaced with the token to create tokenized data. The vector table can be updated by replacing a vector table column with an updated vector table column. The tokenization system can modify subsequent data using the updated vector column prior to tokenization.
A system and method are provided for restricting various operations in a file system based on security contexts. An object security context including permissible roles and defining a set of access permissions associated with each of the permissible roles is assigned to a file system object. A user security context is assigned to a user based on authentication information from the user, and the user security context identifies a user role for the user. An executable security context is assigned to an executable program. When the user has launched the executable program, a process is created and assigned the user security context and the executable security context. Responsive to the process attempting to access the file system object, at least one of the user security context and executable security context is verified against the object security context to determine if the attempted access should be allowed.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 21/52 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04N 7/16 - Systèmes à secret analogiquesSystèmes à abonnement analogiques
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
65.
Distributed tokenization using several substitution steps
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
Structured data, such as email addresses, social security numbers, and the like is accessed for encoding. A set of encoding rules including one or more encoding actions and/or encoding components corresponding to each of one or more structured data components is accessed. The set of encoding rules can include one or more encoding actions and/or one or more encoding components corresponding to each of one or more structured data components. Encoding actions can include tokenization, encryption, data masking, data modification, and the like. The one or more components of the structured data are encoded based on the accessed set of encoding rules. The encoded structured data is stored, processed, or outputted to an external entity.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
The invention described herein generally relates to systems and methods of securely storing data so that the data contains information about the data and/or the encryption of the data, systems and methods of providing secure access to real world data through data transformations, and systems and methods of managing security parameters for data.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 12/14 - Protection contre l'utilisation non autorisée de mémoire
Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test.
Data can be protected in a centralized tokenization environment. A request to tokenize sensitive data is received by an endpoint. A token for use in tokenizing the sensitive data is identified. A token certificate store is queried for a token certificate associated with the identified token. The token certificate can include a token status and use rules describing a permitted use of the token. Responsive to the token certificate store storing the queried token certificate, the endpoint tokenizes the sensitive data using the identified token if the token status indicates the token is available, and subject to the use rules included in the token certificate being satisfied. The token certificate is updated based on the tokenization of the sensitive data with the identified token and stored at the token certificate store.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 19/00 - Équipement ou méthodes de traitement de données ou de calcul numérique, spécialement adaptés à des applications spécifiques (spécialement adaptés à des fonctions spécifiques G06F 17/00;systèmes ou méthodes de traitement de données spécialement adaptés à des fins administratives, commerciales, financières, de gestion, de surveillance ou de prévision G06Q;informatique médicale G16H)
72.
Collision avoidance in a distributed tokenization environment
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
73.
Tokenization in a centralized tokenization environment
Data can be protected in a centralized tokenization environment. A request to tokenize sensitive data is received by an endpoint. A token for use in tokenizing the sensitive data is identified. A token certificate store is queried for a token certificate associated with the identified token. The token certificate can include a token status and use rules describing a permitted use of the token. Responsive to the token certificate store storing the queried token certificate, the endpoint tokenizes the sensitive data using the identified token if the token status indicates the token is available, and subject to the use rules included in the token certificate being satisfied. The token certificate is updated based on the tokenization of the sensitive data with the identified token and stored at the token certificate store.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 19/00 - Équipement ou méthodes de traitement de données ou de calcul numérique, spécialement adaptés à des applications spécifiques (spécialement adaptés à des fonctions spécifiques G06F 17/00;systèmes ou méthodes de traitement de données spécialement adaptés à des fins administratives, commerciales, financières, de gestion, de surveillance ou de prévision G06Q;informatique médicale G16H)
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
A system for secure data storage and transmission is provided. The system comprises a first security module for protecting data in a first data at rest system and a second security module for protecting data in a second data at rest system. At least one encryption parameter for the second data at rest system differs from at least one encryption parameter for the first data at rest system so that a datum is reencrypted when the datum is transferred from the first data at rest system to the second data at rest system.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 12/14 - Protection contre l'utilisation non autorisée de mémoire
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table.
A tokenization system includes a vector table and one or more token tables. The tokenization system accesses sensitive data and a vector from a vector table column, and modifies the sensitive data based on the accessed vector. The tokenization system then queries the one or more token tables using a portion of the modified data to identify a token mapped to the portion of the modified data. The portion of the modified data is replaced with the token to create tokenized data. The vector table can be updated by replacing a vector table column with an updated vector table column. The tokenization system can modify subsequent data using the updated vector column prior to tokenization.
A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
G06Q 50/26 - Services gouvernementaux ou services publics
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
A tokenization environment includes a first tokenization system in a first token domain and a second tokenization system in a second token domain. A token mapper accesses a first token from the first tokenization system and maps it to a second token from the second tokenization system. The first token can be a single-use or SLT token mapped to a clear text value within a single-use token table in the first tokenization system. The token mapper can identify the clear text value, and can query a multi-use token table in the second tokenization system with the clear text value to identify a multi-use token (the second token) mapped to the same clear text value. The token mapper can store the association between the first token and the second token in a token map.
A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system, introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy.
Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test.
Shuffling data stored in columnar tables improves data storage security, particularly when used in conjunction with other security operations, such as tokenization and cryptography. A data table is accessed, and pointer values of at least one column of the accessed table are shuffled, generating a protected table. An index table mapping index values to the shuffled pointer values is generated, allowing a user with access to both the protected table and the index table to generate the original table. Without both tables, users are only able to see either the shuffled data or the index values. Example shuffling methods include, but are not limited to, random shuffling, grouped shuffling, sorting by column value, and sorting by index value.
New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06Q 20/36 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des portefeuilles électroniques ou coffres-forts électroniques
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test.
Systems and methods are provided for the detection and prevention of intrusions in data at rest systems such as file systems and web servers. The systems and methods regulate access to sensitive data with minimal dependency on a communications network. Data access is quantitatively limited to minimize the data breaches resulting from, e.g., a stolen laptop or hard drive.
A system and method are provided for restricting various operations in a file system based on security contexts. An object security context including permissible roles and defining a set of access permissions associated with each of the permissible roles is assigned to a file system object. A user security context is assigned to a user based on authentication information from the user, and the user security context identifies a user role for the user. An executable security context is assigned to an executable program. When the user has launched the executable program, a process is created and assigned the user security context and the executable security context. Responsive to the process attempting to access the file system object, at least one of the user security context and executable security context is verified against the object security context to determine if the attempted access should be allowed.
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G06F 21/52 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
88.
Distributed tokenization using several substitution steps
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
G07F 7/08 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system, introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy.
The invention described herein generally relates to systems and methods of securely storing data so that the data contains information about the data and/or the encryption of the data, systems and methods of providing secure access to real world data through data transformations, and systems and methods of managing security parameters for data.
G06F 12/14 - Protection contre l'utilisation non autorisée de mémoire
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 9/06 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité l'appareil de chiffrement utilisant des registres à décalage ou des mémoires pour le codage par blocs, p. ex. système DES
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
A method for database access control includes receiving an access request from a requesting user, the access request identifying one or more data entries stored in a base table storing a plurality a data entries each associated with a data category. The identified one or more data entries from the base table are retrieved and a security table including one or more data categories to which the requesting user is authorized to access is generated based on an identity of the requesting user. The data entries associated with a data category included in the security table are outputted as a result table.
A method for controlling access to a database is disclosed, as well as a corresponding database system. The method comprises: receiving, from a user, a request for a data post in said database; determining that said user should be allowed access to said requested data post based on a security context associated with said data post and said user; providing said user with access to said data post; and validating, by an external security system, at least one of the user and the data post, said validation being based on a validation field, controlled by the external security system and being associated with said user and/or data post. Hereby, the database can be operated with its native operational procedures, thereby enabling a very fast and efficient performance. At the same time, the validation by the external security system provides a high degree of security.
A system and method for preventing an administrator impersonating a user from accessing sensitive resources on a target system is provided. The method comprises receiving a first request from a user to change the user's password on a target system to be changed, sending a “change password” request for the user to the target system, storing the user's new password, receiving a second request from the target system on behalf of the user for access to a sensitive resource, wherein the second request contains information about the user's password, and denying the second request if the information about the user's password is not consistent with the user's stored new password.
Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06Q 20/20 - Systèmes de réseaux présents sur les points de vente
G06Q 20/38 - Protocoles de paiementArchitectures, schémas ou protocoles de paiement leurs détails
G06Q 20/40 - Autorisation, p. ex. identification du payeur ou du bénéficiaire, vérification des références du client ou du magasinExamen et approbation des payeurs, p. ex. contrôle des lignes de crédit ou des listes négatives
G06Q 20/32 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des dispositifs sans fil
A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system (for instance, at an application layer and a file layer), introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy.
Systems and methods are provided for data protection across connected, disconnected, attended, and unattended environments. Embodiments of the inventions may include differential encryption based on network connectivity, attended/unattended status, or a combination thereof. Additional embodiments of the invention incorporate “trust windows” that provide granular and flexible data access as function of the parameters under which sensitive data is accessed. Further embodiments refine the trust windows concept by incorporating dynamic intrusion detection techniques.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
98.
Database and method for controlling access to a database
A method for controlling access to a database is disclosed, as well as a corresponding database system. The method comprises: receiving, from a user, a request for a data post in said database; determining that said user should be allowed access to said requested data post based on a security context associated with said data post and said user; providing said user with access to said data post; and validating, by an external security system, at least one of the user and the data post, said validation being based on a validation field, controlled by the external security system and being associated with said user and/or data post. Hereby, the database can be operated with its native operational procedures, thereby enabling a very fast and efficient performance. At the same time, the validation by the external security system provides a high degree of security.
A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first substring of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first substring of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second substring of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.
Systems and methods are provided for data protection across connected, disconnected, attended, and unattended environments. Embodiments of the inventions may include differential encryption based on network connectivity, attended/unattended status, or a combination thereof. Additional embodiments of the invention incorporate “trust windows” that provide granular and flexible data access as function of the parameters under which sensitive data is accessed. Further embodiments refine the trust windows concept by incorporating dynamic intrusion detection techniques.
brevets