Query optimization in encrypted database systems
First Claim
1. A client-server relational database system, comprising:
- a client computer;
a server computer; and
a network connecting the client computer and the server computer;
wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer where it is operated upon by the client computer and then returned to the server computer where it is further operated upon by the server computer before being sent again from the server computer to the client computer in order to produce actual results.
1 Assignment
0 Petitions
Accused Products
Abstract
A client-server relational database system having a client computer connected to a server computer via a network, wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer where it is operated upon by the client computer and then returned to the server computer where it is further operated upon by the server computer before being sent again from the server computer to the client computer in order to produce actual results.
-
Citations
44 Claims
-
1. A client-server relational database system, comprising:
-
a client computer;
a server computer; and
a network connecting the client computer and the server computer;
wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer where it is operated upon by the client computer and then returned to the server computer where it is further operated upon by the server computer before being sent again from the server computer to the client computer in order to produce actual results. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A client-server relational database system, comprising:
a client computer connected to a server computer, wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer where it is operated upon by the client computer and then returned to the server computer where it is further operated upon by the server computer before being sent again from the server computer to the client computer in order to produce actual results.
-
16. A client-server relational database system, comprising:
a server computer connected to a client computer, wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer where it is operated upon by the client computer and then returned to the server computer where it is further operated upon by the server computer before being sent again from the server computer to the client computer in order to produce actual results.
-
17. A method of performing computations on encrypted data stored on a computer system, comprising:
-
encrypting data at client computer;
hosting the encrypted data on a server computer;
operating upon the encrypted data at the server computer to produce an intermediate results set;
transferring the intermediate results set from the server computer to the client computer;
operating upon the transferred intermediate results set at the client computer to generate an updated intermediate results set;
re-encrypting the updated intermediate results set at the client computer;
transferring the re-encrypted intermediate results set to the server computer;
operating upon the transferred intermediate results set at the server computer to generate a new intermediate results set;
transferring the new intermediate results set from the server computer to the client computer; and
producing actual results from the transferred new intermediate results set at the client computer. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. An article of manufacture embodying logic for performing computations on encrypted data stored on a computer system, the logic comprising:
-
encrypting data at client computer;
hosting the encrypted data on a server computer;
operating upon the encrypted data at the server computer to produce an intermediate results set;
transferring the intermediate results set from the server computer to the client computer;
operating upon the transferred intermediate results set at the client computer to generate an updated intermediate results set;
re-encrypting the updated intermediate results set at the client computer;
transferring the re-encrypted intermediate results set to the server computer;
operating upon the transferred intermediate results set at the server computer to generate a new intermediate results set;
transferring the new intermediate results set from the server computer to the client computer; and
producing actual results from the transferred new intermediate results set at the client computer. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
Specification