Method and system for transmitting sensitive information over a network
First Claim
1. A method of transmitting sensitive information over a network including the steps of:
- splitting sensitive information into a plurality of basic elements;
generating control information indicative of how to use the basic elements for reconstructing the sensitive information;
sending each basic element and the control information from a source computer to at least one corresponding interface computer through an insecure network,forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, andreconstructing the sensitive information in the target computer using the basic elements according to the control information;
generating a masked block of information for a basic element of the plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to a position within a corresponding data frame;
inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and
inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information.
1 Assignment
0 Petitions
Accused Products
Abstract
A method (300) and system for transmitting sensitive information from a client computer to a service provider operating in the INTERNET. The sensitive information (for example a credit card number for carrying out an e-commerce transaction) is split (318) into several chunks, which are meaningless when taken alone. Each chuck is inserted (339) into a corresponding data frame, adding noise information. Information about how to extract each chunk from the corresponding data frame and how to use the chunks to reconstruct the original sensitive information is inserted (336) into a control frame. The data and control frames are distributed (354, 363) to different interface computers of the INTERNET; the frames are then forwarded (366) to the server computer, which is not connected to the INTERNET directly but communicates through a secure private network with the interface computers. The server computer extracts (369–384) the chunks from the data frames and recombines them into the original information according to the content of the control frame.
12 Citations
20 Claims
-
1. A method of transmitting sensitive information over a network including the steps of:
-
splitting sensitive information into a plurality of basic elements; generating control information indicative of how to use the basic elements for reconstructing the sensitive information; sending each basic element and the control information from a source computer to at least one corresponding interface computer through an insecure network, forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and reconstructing the sensitive information in the target computer using the basic elements according to the control information; generating a masked block of information for a basic element of the plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to a position within a corresponding data frame; inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 12, 13, 14, 15, 17, 18, 19, 20)
-
-
9. A computer program application embodied in a computer readable medium directly loadable into a working memory of data processing system for performing a method of transmitting sensitive information over a network when the program application is run on the data processing system, the method including the steps of:
-
splitting the sensitive information into a plurality of basics elements, generating control information indicative of how to use the basic elements for reconstructing the sensitive information, sending each basic element and the control information from a source computer to at least one corresponding interface computer through an insecure network, forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and reconstructing the sensitive information in the target computer using the basic elements according to the control information; generating a masked block of information for a basic element of plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to position within a corresponding data frame; inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information.
-
-
10. A data processing system for transmitting sensitive information over a network including means for splitting the sensitive information into a plurality of basic elements comprising:
- means for generating control information indicative of how to use the basic elements for reconstructing the sensitive information, means for sending each basic element and the control information from a source computer to a at least one corresponding interface computer through an insecure network, means for forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and means for reconstructing the sensitive information in the target computer using the basic elements according to the control information;
generating a masked block of information for a basic element of the plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to a position within a corresponding data frame; inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information.
- means for generating control information indicative of how to use the basic elements for reconstructing the sensitive information, means for sending each basic element and the control information from a source computer to a at least one corresponding interface computer through an insecure network, means for forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and means for reconstructing the sensitive information in the target computer using the basic elements according to the control information;
-
11. A data processing system for transmitting sensitive information over a network comprising:
- a software module for splitting the sensitive information into a plurality of basic elements and for generating control information indicative of how to use the basic elements for reconstructing the sensitive information, a software module for sending each basic element and the control information from a source computer to at least one corresponding interface computer through an insecure network, a software module for forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and a software module for reconstructing the sensitive information in the target computer using the basic elements according to the control information;
generating a masked block of information for a basic element of the plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to a position within a corresponding data frame; inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information.
- a software module for splitting the sensitive information into a plurality of basic elements and for generating control information indicative of how to use the basic elements for reconstructing the sensitive information, a software module for sending each basic element and the control information from a source computer to at least one corresponding interface computer through an insecure network, a software module for forwarding each basic element and the control information from the corresponding at least one interface computer to a target computer through a secure network, and a software module for reconstructing the sensitive information in the target computer using the basic elements according to the control information;
-
16. A method of transmitting sensitive information over multiple computer networks including the steps of:
-
splitting sensitive information into a plurality of basic elements; encrypting the plurality of basic elements; generating control information indicative of how to use the plurality of basic elements for reconstructing the sensitive information; sending the plurality of basic elements, in encrypted form, and the control information, through an insecure network from a source computer to a plurality of interface computers disposed within the insecure network; forwarding the plurality of basic elements and the corresponding control information from the plurality of interface computers in the insecure network through a secure network to a target computer disposed within the secure network; and reconstructing the sensitive information in the target computer using the plurality of basic elements according to the control information; generating a masked block of information for a basic element of the plurality of basic elements, wherein the step of generating a masked block includes the step of assigning the basic element to a position within a corresponding data frame; inserting noise into the data frame except for the basic element, the noise inserted according to a predetermined algorithm; and inserting the masked block of information and the control information into a corresponding transmission structure for sending the corresponding transmission structure through the insecure network and the secure network, the control information being further indicative of how to extract the basic element from the corresponding masked block of information.
-
Specification