Method and apparatus for transparent encryption
First Claim
1. A system for protecting sensitive information residing in server environments, comprising at least one processing device coupled among at least one network and at least one client computer, wherein the at least one processing device:
- receives at least one electronic transaction query from the at least one client computer via at least one secure channel;
evaluates the at least one electronic transaction query for sensitive data;
encrypts the sensitive data;
transfers the encrypted sensitive data among components of the server environment;
receives at least one electronic information query for the encrypted sensitive data from at least one third-party system via the at least one secure channel;
decrypts the encrypted sensitive data in response to the at least one electronic information query; and
provides the decrypted sensitive data to the at least one third-party system via the at least one secure coupling.
12 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus are provided for protecting sensitive information within server or other computing environments. Numerous electronic requests addressed to a server system are received over network couplings and evaluated. The evaluation scans for sensitive information including credit card information and private user information. Upon detecting sensitive data, cryptographic operations are applied to the sensitive data. When the sensitive data is being transferred to the server system, the cryptographic operations encrypt the sensitive data prior to transfer among components of the server system. When sensitive data is being transferred from the server system, the cryptographic operations decrypt the sensitive data prior to transfer among the network couplings. The cryptographic operations also include hash, and keyed hash operations.
186 Citations
28 Claims
-
1. A system for protecting sensitive information residing in server environments, comprising at least one processing device coupled among at least one network and at least one client computer, wherein the at least one processing device:
-
receives at least one electronic transaction query from the at least one client computer via at least one secure channel;
evaluates the at least one electronic transaction query for sensitive data;
encrypts the sensitive data;
transfers the encrypted sensitive data among components of the server environment;
receives at least one electronic information query for the encrypted sensitive data from at least one third-party system via the at least one secure channel;
decrypts the encrypted sensitive data in response to the at least one electronic information query; and
provides the decrypted sensitive data to the at least one third-party system via the at least one secure coupling.
-
-
2. A method for protecting sensitive information within server environments, comprising:
-
evaluating at least one electronic request received over at least one secure Internet channel; and
applying at least one cryptographic operation to sensitive data in response to the at least one electronic request, wherein sensitive data of the at least one electronic request is encrypted before transfer among components of the server environment, wherein encrypted sensitive data of the server environment is decrypted before transfer from the server environment. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 19, 20, 21, 22, 24)
-
-
14. A method for securing sensitive information within server systems, comprising:
-
parsing at least one electronic request received via at least one Internet coupling;
determining that the at least one electronic request includes sensitive data;
encrypting the sensitive data; and
storing the encrypted sensitive data in at least one component of the server system.
-
-
17. A method for securing sensitive information within server systems, comprising:
-
evaluating at least one electronic request received from at least one third-party system via at least one proprietary channel;
determining the at least one electronic request includes a request for encrypted sensitive data and retrieving the encrypted sensitive data;
decrypting the encrypted sensitive data; and
providing the decrypted sensitive data to the at least one third-party system.
-
-
18. A system for protecting sensitive information within server systems, comprising at least one processing device coupled among at least one server site and at least one client computer and at least one network, wherein the at least one processing device evaluates at least one electronic request received via the at least one network, wherein the at least one processing device applies at least one cryptographic operation to sensitive data in response to the at least one electronic request, wherein sensitive data of the at least one electronic request is encrypted prior to transfer among components of the at least one server system, wherein encrypted sensitive data of the at least one server system is decrypted prior to transfer among the at least one network.
-
23. A cryptographic appliance for securing sensitive information within a server system, comprising:
at least one processing device coupled among at least one server system and at least one Internet coupling to evaluate at least one received electronic request, wherein the at least one processing device;
determines when the at least one received electronic request includes sensitive data;
encrypts the sensitive data; and
transfers the encrypted sensitive data among at least one component of the at least one server system.
-
25. A cryptographic appliance for securing sensitive information within a server system, comprising:
at least one processing device coupled among at least one server system and at least one third-party system, wherein the at least one processing device;
receives at least one electronic request for encrypted sensitive information;
retrieves the encrypted sensitive information decrypts the encrypted sensitive information; and
provides the decrypted sensitive data to the at least one third-party system.
-
26. A computer readable medium containing executable instructions which, when executed in a processing system, protects sensitive information within server environments by:
-
evaluating at least one electronic request received over at least one network coupling; and
applying at least one cryptographic operation to sensitive data in response to the at least one electronic request, wherein sensitive data of the at least one electronic request is encrypted prior to transfer among components of the server environments, wherein encrypted sensitive data of the server environments is decrypted prior to transfer among the at least one network coupling.
-
-
27. An electromagnetic medium containing executable instructions which, when executed in a processing system, protects sensitive information within server environments by:
-
evaluating at least one electronic request received over at least one network coupling; and
applying at least one cryptographic operation to sensitive data in response to the at least one electronic request, wherein sensitive data of the at least one electronic request is encrypted prior to transfer among components of the server environments, wherein encrypted sensitive data of the server environments is decrypted prior to transfer among the at least one network coupling.
-
-
28. A device for protecting sensitive information within server environments, comprising:
-
means for receiving at least one electronic transaction query from the at least one client computer via at least one secure coupling;
means for evaluating the at least one electronic transaction query for sensitive data;
means for encrypting detected sensitive data;
means for transferring the encrypted sensitive data among components of the server environment;
means for receiving at least one electronic information query for the encrypted sensitive data from at least one third-party system via the at least one secure coupling;
means for decrypting the encrypted sensitive data in response to the at least one electronic information query; and
means for transferring the decrypted sensitive data to the at least one third-party system via the at least one secure coupling.
-
Specification