System and method to anonymize data transmitted to a destination computing device
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
H04L-029/08
H04L-009/32
출원번호
US-0844770
(2013-03-15)
등록번호
US-9338220
(2016-05-10)
발명자
/ 주소
Kothari, Pravin
Dash, Debabrata
출원인 / 주소
CIPHERCLOUD, INC.
대리인 / 주소
Minisandram Law Firm
인용정보
피인용 횟수 :
2인용 특허 :
19
초록▼
A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. The data includes a plurality of fields. One or more fields are selectively e
A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. The data includes a plurality of fields. One or more fields are selectively extracted. A hash using the extracted fields is computed. The computed hash is stored. Anonymization of the data is performed, using an anonymization module. Anonymized data is transmitted to the destination computing device over a network.
대표청구항▼
1. A method for anonymizing data to be stored in a destination computing device, comprising: receiving data to be transmitted from a user computer to the destination computing device over a network for storage, the data including an object with a plurality of data fields;selectively extracting one o
1. A method for anonymizing data to be stored in a destination computing device, comprising: receiving data to be transmitted from a user computer to the destination computing device over a network for storage, the data including an object with a plurality of data fields;selectively extracting one or more data fields of the object, to be transmitted to the destination computing device, by a record extractor;computing a hash value using the extracted one or more data fields by a hash builder;storing the computed hash value for the extracted one or more data fields of the object in a remote hash database;anonymizing the received data using an anonymization module to derive an anomymized data, based on an anonymization strategy stored in an anonymization strategy module; andtransmitting anonymized received data to the destination computing device for storage, over a network;generating a hash value of the one or more received anonymized data fields of the object retrieved from the destination computing device; andverifying the generated hash value for each of the data fields of the object by comparing the generated hash value with corresponding stored hash value in the remote hash database, by a hash verifier. 2. The method of claim 1, wherein selectively extracting further including: analyzing the received data for a type of communication, wherein the type of communication includes at least one or more of creating, updating or deleting the object;based on the type of communication, selecting one or more data fields of the object for extraction. 3. The method of claim 2, further including: computing a new hash value using the extracted one or more data fields of the object, if the type of communication indicates an update to the object; andreplacing the stored computed hash value with the computed new hash value. 4. The method of claim 1, wherein generating a hash value further including: retrieving the stored anonymized received data from the destination computing device;de-anonymizing the anonymized received data to derive de-anonymized received data, de-anonymized received data including the object;retrieving the selective one or more data fields from the object;computing a hash value using the retrieved selective one or more data fields from the object. 5. The method of claim 4, further including: flagging a mismatch between computed hash for the retrieved selective one or more data fields and the corresponding stored hash for the selective one or more data fields. 6. The method of claim 5, wherein the mismatch indicates a malicious modification of the selective one or more data fields at the destination computing device. 7. The method of claim 1, wherein the anonymized data field is searchable using an anonymized keyword. 8. The method of claim 1, further including: flagging a mismatch between computed hash for the retrieved selective one or more data fields and the corresponding stored hash for the selective one or more data fields. 9. The method of claim 8, wherein the mismatch indicates a malicious modification of the selective one or more data fields at the destination computing device. 10. An anonymization system to anonymize data stored in a destination computing device, comprising: an anonymization strategy module to store anonymization strategy for data anonymization;a logic to receive data to be stored in the destination computing device received over a network from a user computer, the data including an object with a plurality of data fields;a record extractor configured to selectively extract one or more data fields of the object to be transmitted to the destination computing device;a hash builder to compute a hash using the extracted one or more data fields of the object;a remote hash database to store the computed hash for the extracted one or more data fields;an anonymization module to selectively anonymize received data based on the anonymization strategy to generate an anonymized received data; andtransmit the anonymized received data to the destination computing device for storage, over a network; anda hash verifier to generate a hash value of the one or more received anonymized data fields of the object retrieved from the destination computing device; andverify the generated hash value of each of the data fields by comparing the generated hash value with corresponding stored hash value in the remote hash database. 11. The system of claim 10, wherein, the record extractor analyzes the received data for a type of communication, wherein the type of communication includes at least one or more of creating, updating or deleting the object; andbased on the type of communication, selects one or more data fields for extraction. 12. The system of claim 11, wherein if the record extractor determines that the type of communication indicates an update to the object, the hash builder computes a new hash value using the extracted one or more fields of data, based on the type of communication; andreplaces the stored computed hash value with the computed new hash. 13. The system of claim 10, wherein: the anonymization system is configured to retrieve stored anonymized received data from the destination computing device;de-anonymize the anonymized received data to derive the de-anonymized data, de-anonymized received data including the object;the selective one or more data fields from the object are retrieved; andthe hash verifier computes a hash value for the retrieved selective one or more data fields; andcompares the computed hash for the retrieved selective one or more data fields with corresponding stored hash for the selective one or more data fields for a match. 14. The system of claim 13, wherein the hash verifier flags a mismatch between computed hash for the retrieved selective one or more data fields and the corresponding stored hash for the selective one or more data fields. 15. The system of claim 14, wherein the mismatch indicates a malicious modification of the selective one or more data fields at the destination computing device. 16. The system of claim 10, wherein the anonymized data field is searchable using an anonymized keyword. 17. The system of claim 10, wherein the hash verifier flags a mismatch between computed hash value for the retrieved selective one or more data fields and the corresponding stored hash value for the selective one or more data fields. 18. The system of claim 17, wherein the mismatch indicates a malicious modification of the selective one or more data fields at the destination computing device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (19)
Barker, Paul Andrew; Marson, Philip John, Apparatus and method for generating reports with masked confidential data.
Duane, William M.; Griffin, Robert W.; Harwood, John S.; Lazar, Gregory W.; Linnell, Thomas E., Apparatus for controlling embedded security on a storage platform.
Kollmyer,Brad; Baker,Brian; Shapiro,Eric; Kollmyer,Aric; Rutman,Mike; MacLean,Duncan; Robertson,Dan; Taylor,Neal; Hunsche,Dick; Walker,Amanda, Apparatus, system and method for selectively encrypting different portions of data sent over a network.
Farber David A. ; Lachman Ronald D., Data processing system using substantially unique identifiers to identify data items, whereby identical data items hav.
Chang Chung-Chia (San Jose CA) Davoll Gregory L. (Los Gatos CA) El-Ruby Mohamed H. (San Jose CA) Friske Craig A. (San Jose CA) Iyer Balakrishna R. (San Jose CA) Lazarus John P. (San Jose CA) Wilhite , Method and system for adaptively building a static Ziv-Lempel dictionary for database compression.
Kollmyer,Brad; Baker,Brian A.; Shapiro,Eric Bradley; Kollmyer,Aric; Rutman,Mike; MacLean,Charles Duncan; Robertson,Dan; Taylor,Neal; Hunsche,Dick; Walker,Amanda, Selectively encrypting different portions of data sent over a network.
York, Sean A.; Hellman, Scott A.; Wyatt, James; Rodriguez, Marko; Hill, Steven H., Methods and systems for network-based analysis, intervention, and anonymization.
York, Sean A.; Hellman, Scott A.; Wyatt, James; Rodriguez, Marko; Hill, Steven H., Methods and systems for network-based analysis, intervention, and anonymization.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.