Method, apparatus, and program product for flexible redaction of content
First Claim
1. A computer controlled method for generating a selectively encrypted data unit from an unencrypted data unit comprising:
- accessing a list of attributes related to said unencrypted data unit;
accessing said unencrypted data unit, said unencrypted data unit comprising a sequence of data;
identifying sensitive information within said sequence of data associated with one or more of said list of attributes;
selecting a protection key, said protection key responsive to a random number;
computing a plurality of auxiliary values directly using said list of attributes and said random number;
encrypting said sensitive information with said protection key to create an encrypted version of said sensitive information, said encrypted version associated with said plurality of auxiliary values;
linking an attribute vector with said encrypted version, said attribute vector responsive to said sensitive information associated with one or more of said list of attributes associated with said encrypted version; and
storing, as said selectively encrypted data unit, data from said unencrypted data unit and said encrypted version of said sensitive information.
2 Assignments
0 Petitions
Accused Products
Abstract
A selectively encrypted data unit is generated from an unencrypted data unit. This is accomplished by accessing a list of attributes related to the unencrypted data unit that identify classifications of sensitive information within the unencrypted data unit. In addition, a protection key that is responsive to a random number is selected and auxiliary values computed from the attributes of the sensitive information and the random number are produced. The sensitive information is encrypted with the protection key to create an encrypted version of the sensitive information. The encrypted version is associated with the auxiliary values and linked to an attribute vector that classifies the sensitive information in the encrypted version. Data from the unencrypted data unit and the encrypted version of the sensitive information is stored as the selectively encrypted data unit.
-
Citations
33 Claims
-
1. A computer controlled method for generating a selectively encrypted data unit from an unencrypted data unit comprising:
-
accessing a list of attributes related to said unencrypted data unit; accessing said unencrypted data unit, said unencrypted data unit comprising a sequence of data; identifying sensitive information within said sequence of data associated with one or more of said list of attributes; selecting a protection key, said protection key responsive to a random number; computing a plurality of auxiliary values directly using said list of attributes and said random number; encrypting said sensitive information with said protection key to create an encrypted version of said sensitive information, said encrypted version associated with said plurality of auxiliary values; linking an attribute vector with said encrypted version, said attribute vector responsive to said sensitive information associated with one or more of said list of attributes associated with said encrypted version; and storing, as said selectively encrypted data unit, data from said unencrypted data unit and said encrypted version of said sensitive information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 33)
-
-
14. An apparatus comprising:
-
a central processing unit (CPU), a memory coupled to said CPU, an attribute access logic configured to access a list of attributes related to said unencrypted data unit; a data access logic configured to access said unencrypted data unit, said unencrypted data unit comprising a sequence of data; a data selection logic configured to identify sensitive information within said sequence of data associated with one or more of said list of attributes accessed by the data access logic and the attribute access logic; a key selection logic configured to select a protection key, said protection key responsive to a random number; a first value generation logic configured to compute a plurality of auxiliary values directly using said list of attributes accessed by the attribute access logic and said random number used by the key selection logic; an encryption logic configured to encrypt said sensitive information identified by the data selection logic with said protection key selected by the key selection logic to create an encrypted version of said sensitive information, said encrypted version associated with said plurality of auxiliary values; a vector association logic configured to link an attribute vector with said encrypted version responsive to the encryption logic, said attribute vector responsive to said-sensitive information associated with one or more of said list of attributes associated with said encrypted version; and a storage logic configured to store, as said selectively encrypted data unit, data from said unencrypted data unit and said encrypted version of said sensitive information. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer program product comprising:
-
a non-transitory computer-usable data carder providing instructions that, when executed by a computer, cause said computer to perform a method to generate a selectively encrypted data unit from an unencrypted data unit, said method comprising; accessing a list of attributes related to said unencrypted data unit; accessing said unencrypted data unit, said unencrypted data unit comprising a sequence of data; identifying sensitive information within said sequence of data associated with one or more of said list of attributes; selecting a protection key, said protection key responsive to a random number; computing a plurality of auxiliary values directly using said list of attributes and said random number; encrypting said sensitive information with said protection key to create an encrypted version of said sensitive information, said encrypted version associated with said plurality of auxiliary values; linking an attribute vector with said encrypted version, said attribute vector responsive to-s˜
sensitive information associated with one or more of said list of attributes associated with said encrypted version; andstoring, as said selectively encrypted data unit, data from said unencrypted data unit and said encrypted version of said sensitive information. - View Dependent Claims (28, 29, 30, 31, 32)
-
Specification