System and method to anonymize data transmitted to a destination computing device
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/62
G06F-021/60
출원번호
US-0229956
(2014-03-30)
등록번호
US-9852311
(2017-12-26)
발명자
/ 주소
Kothari, Pravin
Dash, Debabrata
Kaganovich, Yevgeniy
Liu, Jing
출원인 / 주소
Ciphercloud, Inc.
대리인 / 주소
Minisandram Law Firm
인용정보
피인용 횟수 :
0인용 특허 :
19
초록▼
A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. Selective anonymization of the data is performed, based on the anonymization
A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. Selective anonymization of the data is performed, based on the anonymization strategy, using an anonymization module. The data includes a plurality of characters and defines a clear data. A modified clear data with number of characters greater than the clear data is formed using the clear data, a delimiter data and a pad data. The modified clear data is anonymized to derive an anonymized data. The anonymized data is transmitted to the destination computer over a network. In one embodiment, a portion of the pad data is selected as a seed value to generate an initialization vector to anonymize the clear data.
대표청구항▼
1. A method for anonymizing data to be transmitted to a destination computing device, comprising: receiving data to be transmitted to the destination from a user computer, the data including a plurality of characters and defining a clear data;generating a modified clear data with a predefined number
1. A method for anonymizing data to be transmitted to a destination computing device, comprising: receiving data to be transmitted to the destination from a user computer, the data including a plurality of characters and defining a clear data;generating a modified clear data with a predefined number of characters greater than the number of characters in the clear data, wherein the modified clear data is created by appending a delimiter data of at least one character to the clear data; andappending a pad data of one or more characters so that total number of characters in the modified clear data is equal to the predefined number of characters of the modified clear data;anonymizing the modified clear data using an anonymization module to derive an anomymized modified clear data; andtransmitting the anonymized modified clear data to the destination computing device over a network for storage in the destination computing device, wherein generating the modified clear data further including:generating a first initialization vector using a selective portion of the pad data as a first seed value;anonymizing the clear data using the first initialization vector to generate a transformed clear data; andsubstituting the clear data with transformed clear data so that modified clear data includes the transformed clear data, the delimiter data and the pad data. 2. The method of claim 1, further including assigning at least one character from a set of characters as the delimiter data and assigning one or more characters from the set of characters other than the delimiter data to form the pad data. 3. The method of claim 1, wherein the anonymized data has the same number of characters as the modified clear data. 4. The method of claim 1 wherein anonymizing the modified clear data further including: generating an initialization vector using a seed value; andanonymizing the modified clear data using the generated initialization vector. 5. The method of claim 4 wherein transmitting the anonymized modified clear data further including transmitting a seed value identifier that corresponds to the seed value, to the destination computing device over a network for storage in the destination computing device. 6. The method of claim 4, wherein generating an initialization vector further including: selecting one of a plurality of seed values;designating the selected one of the plurality of seed values as a fixed seed value; andgenerating the initialization vector using the fixed seed value. 7. The method of claim 4, further including: retrieving the anonymized modified clear data;regenerating the initialization vector using the seed value; de-anonymizing the anonymized data using the regenerated initialization vector to derive the modified clear data with transformed clear data, delimiter data and pad data; andextracting the clear data from the modified clear data. 8. The method of claim 4, further including generating an order indicator data indicative of the order of the clear data based on a value of the clear data and transmitting the order indicator data along with the anonymized data to the destination computing device over the network. 9. The method of claim 8, further including: receiving a request to sort the anonymized modified clear data stored at the destination computing device; andsorting the anonymized modified clear data based on the corresponding order indicator data. 10. An anonymization system to anonymize data transmitted to a destination computing device, comprising: an anonymization strategy module to store anonymization strategy for data anonymization;a logic to receive data to be transmitted to the destination computing device, from a user computer, the data including a plurality of characters and defines a clear data;a logic to generate a modified clear data with a predefined number of characters greater than the number of characters in the clear data, wherein the logic appends a delimiter data of at least one character to the clear data; andappends a pad data of one or more characters to the delimiter data to generate the modified clear data so that total number of characters in the modified clear data is equal to the predefined number of characters of the modified clear data; andan anonymization module to anonymize the modified clear data based on an anonymization strategy; andtransmit the anonymized modified clear data to the destination computing device over a network for storage in the destination computing device,wherein a selective portion of the pad data is used as a seed value to generate a first initialization vector;the clear data is anonymized using the first initialization vector to generate a transformed clear data; andthe clear data is substituted with the transformed clear data to form the modified clear data so that modified clear data includes the transformed clear data, the delimiter data and the pad data. 11. The system of claim 10, wherein at least one character from a set of characters is assigned as the delimiter data and one or more characters from the set of characters other than the delimiter data is assigned for the pad data. 12. The system of claim 10, wherein the anonymized modified clear data has the same number of characters as the modified clear data. 13. The system of claim 10, further including an initialization vector generator to generate an initialization vector using a seed value; and the anonymization module anonymizes the modified clear data using the generated initialization vector. 14. The system of claim 13, wherein the seed value has a corresponding seed value identifier, and the anonymization module transmits the seed value identifier along with the anonymized modified clear data to the destination computing device. 15. The system of claim 13, wherein a plurality of seed values are provided;one of a plurality of seed values is selected;the initialization vector is generated using selected one of the plurality of seed values. 16. The system of claim 15, further including: the anonymized data is retrieved from the destination computing device;the initialization vector is generated using the selected seed value;the anonymized data is de-anonymized using the regenerated initialization vector to derive the modified clear data with transformed clear data, delimiter data and pad data; andthe clear data is extracted from the transformed clear data. 17. The system of claim 13, further including an order indicator generator to generate an order indicator data indicative of the order of the clear data based on a value of the clear data; and the order indicator data is transmitted along with the anonymized data to the destination computing device over the network. 18. The system of claim 17, further including: a logic to receive a request to sort the anonymized modified clear data stored at the destination computing device; andthe anonymized clear data is sorted based on the corresponding order indicator data. 19. The method of claim 1, wherein anonymizing the modified clear data further including using a second initialization vector to anonymize the modified clear data with transformed clear data, the delimiter data and the pad data. 20. The method of claim 19, further including generating the second initialization vector using a second seed value. 21. The method of claim 20 wherein transmitting the anonymized modified clear data further including transmitting a seed value identifier that corresponds to the second seed value to the destination computing device over a network. 22. The method of claim 20, wherein generating the second initialization vector further including: selecting one of a plurality of seed values as the second seed value; andgenerating the second initialization vector using selected one of the plurality of seed values. 23. The method of claim 21, further including: retrieving the anonymized modified clear data;regenerating the second initialization vector using the second seed value; de-anonymizing the anonymized modified clear data using the regenerated second initialization vector to derive the modified clear data with transformed clear data, the delimiter data and the pad data;extracting the transformed clear data from the modified clear data;regenerating the first initialization vector using the selective portion of the retrieved pad data as the seed value; andde-anonymizing the transformed clear data using the first initialization vector to derive the clear data. 24. The method of claim 1, further including generating an order indicator data indicative of the order of the clear data and transmitting the order indicator data along with the anonymized modified clear data to the destination computing device over the network. 25. The method of claim 24, further including: receiving a request to sort the anonymized data stored at the destination computing device; andsorting the anonymized modified clear data based on the corresponding order indicator data. 26. The system of claim 10, wherein the modified clear data with the transformed clear data, the delimiter data and the pad data is anonymized using a second initialization vector. 27. The system of claim 26, wherein the second initialization vector is generated using a second seed value. 28. The system of claim 27, wherein a seed value identifier that corresponds to the second seed value is transmitted along with the anonymized modified clear data, to the destination computing device. 29. The system of claim 26, wherein one of a plurality of seed values are selected as a second seed value, each of the seed values having a corresponding seed value identifier; and the second initialization vector is generated using the selected one of the plurality of seed values. 30. The system of claim 28, further including: the anonymized modified clear data is retrieved;the second initialization vector is regenerated using the second seed value;the anonymized modified clear data is de-anonymized using the regenerated second initialization vector to derive the modified clear data with the transformed clear data, the delimiter data and the pad data;the transformed clear data is extracted from the modified clear data;the selective portion of the retrieved pad data is used as the seed value to regenerate the first initialization vector; andthe transformed clear data is de-anonymized using the regenerated first initialization vector to derive clear data. 31. The system of claim 10, wherein the system further including an order indicator generator to generate an order indicator data indicative of the order of the clear data; and The order indicator data is transmitted along with the anonymized modified clear data to the destination computing device over the network. 32. The system of claim 31, further including: a logic to receive a request to sort the anonymized modified clear data stored at the destination computing device; and the anonymized modified clear data is sorted based on the corresponding order indicator data.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (19)
Barker, Paul Andrew; Marson, Philip John, Apparatus and method for generating reports with masked confidential data.
Duane, William M.; Griffin, Robert W.; Harwood, John S.; Lazar, Gregory W.; Linnell, Thomas E., Apparatus for controlling embedded security on a storage platform.
Kollmyer,Brad; Baker,Brian; Shapiro,Eric; Kollmyer,Aric; Rutman,Mike; MacLean,Duncan; Robertson,Dan; Taylor,Neal; Hunsche,Dick; Walker,Amanda, Apparatus, system and method for selectively encrypting different portions of data sent over a network.
Farber David A. ; Lachman Ronald D., Data processing system using substantially unique identifiers to identify data items, whereby identical data items hav.
Chang Chung-Chia (San Jose CA) Davoll Gregory L. (Los Gatos CA) El-Ruby Mohamed H. (San Jose CA) Friske Craig A. (San Jose CA) Iyer Balakrishna R. (San Jose CA) Lazarus John P. (San Jose CA) Wilhite , Method and system for adaptively building a static Ziv-Lempel dictionary for database compression.
Kollmyer,Brad; Baker,Brian A.; Shapiro,Eric Bradley; Kollmyer,Aric; Rutman,Mike; MacLean,Charles Duncan; Robertson,Dan; Taylor,Neal; Hunsche,Dick; Walker,Amanda, Selectively encrypting different portions of data sent over a network.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.