Method for reencryption of a database

US 20100153748A1
Filed: 02/09/2009
Published: 06/17/2010
Est. Priority Date: 11/12/1999
Status: Active Grant

First Claim

Patent Images

1. A method for encryption of the content in a 7 days by 24 hours operational database, comprising the steps of:

deciding the length of a time period to be used by the encryption method;

for each time period generating at least one encryption key to be used when entering new database items to the database;

storing information about the encryption key used for entering new items in the database in association with the item;

associating each encryption key with a life time value, indicating the number of time periods during which the key will be valid;

after entering a new time period, scanning the database to discover items with no longer valid encryption keys; and

replacing such discovered invalid keys with keys assigned to the current time period.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method for encryption of the content in a database, for accomplishing increased protection against unauthorised access to the data. The method assures that every row and item is re-encrypted with a valid key. More specifically this process, the so-called KeyLife process, is executed every time a row is inserted, updated or retrieved after a scanning operation. The key life value, defining the number of days a key is valid for each item, could differ for the items, and could typically be between 30 and 90 days. The scanning operation, checking the validity of the presently used keys, the so-called KeyLife checking, is executed each time a new key generation is created.

32 Citations

View as Search Results

11 Claims

1. A method for encryption of the content in a 7 days by 24 hours operational database, comprising the steps of:
- deciding the length of a time period to be used by the encryption method;
  
  for each time period generating at least one encryption key to be used when entering new database items to the database;
  
  storing information about the encryption key used for entering new items in the database in association with the item;
  
  associating each encryption key with a life time value, indicating the number of time periods during which the key will be valid;
  
  after entering a new time period, scanning the database to discover items with no longer valid encryption keys; and
  
  replacing such discovered invalid keys with keys assigned to the current time period.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method according to claim 1, wherein the items comprises rows in the database, each row comprising a column with information about the associated encryption key.
  - 3. A method according to claim 1 or 2, wherein a specific lifetime value is associated with each item.
  - 4. A method according to any one of the preceding claims, comprising the additional step of storing the replaced keys.
  - 5. A method according to any one of the preceding claims, whereby the scanning of the database is performed as a background process.
  - 6. A method according to any one of the preceding claims, whereby the scanning of the database is commenced and performed automatically after entering a new time period.
  - 7. A method according to any one of the preceding claims, comprising the additional step of associating the items in the database with a timestamp indicating when it was last updated.
  - 8. A method according to any one of the preceding claims, comprising the additional step of replacing the encryption key for an database item with a key generated for the present time period when the database item is updated.
  - 9. A method according to any one of the preceding claims, wherein the keys are valid between 30 and 90 days.
  - 10. A method according to any one of the preceding claims, wherein information about the encryption key used is stored as a hash value of the encryption key used, together with the encrypted data, in the database item.
  - 11. A method according to any one of the preceding claims, wherein a value indicating the generation of the encryption key used for encrypting the database item is stored together with the encrypted data in the database item.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Protegrity USA, Inc. (Xcelera Inc.)
Original Assignee
Protegrity USA, Inc. (Xcelera Inc.)
Inventors
Valfridsson, Thomas, Mattsson, Ulf

Granted Patent

US 7,984,025 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/6227   where protection concerns t...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2107   File encryption

Method for reencryption of a database

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

32 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method for reencryption of a database

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links