Data security system and method adjunct to a browser, telecom or encryption program

US 7,958,268 B2
Filed: 03/07/2007
Issued: 06/07/2011
Est. Priority Date: 11/13/2000
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. In a computer network which processes digital data, a method of securing digital input data having security sensitive digital content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, comprising:

extracting said security sensitive digital content from said input data to obtain a plurality of extract data grouped into different security levels;

encrypting said extracted data for each said security level and one of digitally appending, adding or inserting said encrypted extracted data with remainder input data to form a composite;

responsive to a data request, digitally reconstructing fully or partially said input data from said composite with decryption of said extracted data only in the presence of a respective predetermined security clearance, required for each said security level.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

Data security for processing data or securing browser-input data operates on security sensitive content which is extracted, then either encrypted or stored in remote extract stores, and processed separate from remainder data. Extracted data, in one system, is remotely stored. Other methods attach, append, add or insert an encrypted version of the extract content to the document. The browser system operates with an extract store. Remainder data is sent to the addressee or designated client by the web server. The addressee is permitted to retrieve the extracted data from said extract store only with a security clearance and hence, reconstruct the source input data with the extract data. In other systems, the addressee reconstructs the input by decryption and integration. The browser method extracts data, facilitates the storage, forwards the remainder data to a target. Financial data or credit card scrubber may use pop-up windows for enablement.

69 Citations

View as Search Results

44 Claims

1. In a computer network which processes digital data, a method of securing digital input data having security sensitive digital content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, comprising:
- extracting said security sensitive digital content from said input data to obtain a plurality of extract data grouped into different security levels;
  
  encrypting said extracted data for each said security level and one of digitally appending, adding or inserting said encrypted extracted data with remainder input data to form a composite;
  
  responsive to a data request, digitally reconstructing fully or partially said input data from said composite with decryption of said extracted data only in the presence of a respective predetermined security clearance, required for each said security level.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method as claimed in claim 1 including displaying said security sensitive content in a distinguishing manner prior to extracting.
  - 3. A method as claimed in claim 2 including permitting one of user selection and user confirmation of said security sensitive digital content.
  - 4. A method as claimed in claim 1 including providing multiple levels of encryption and corresponding multiple levels of security clearance.
  - 5. A method as claimed in claim 4 including providing multiple levels of encryption with different encryption keys corresponding to said multiple levels of security clearance.
  - 6. A method as claimed in claim 4 wherein said remainder data is encrypted with said multiple levels of encryption.
  - 7. A method as claimed in claim 6 wherein the step of digital reconstruction includes decrypting one or both of said extracted data and remainder data with respect to one of more of said multiple levels of encryption based upon one or more of said multiple levels of security clearance.

8. A method of securing input data having security sensitive content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, the method of securing data deployed in a client-server computer system with at least one server computer operatively coupled to at least one client computer over a communications network, said client computer having a decryption routine, the method comprising:
- extracting said security sensitive content from said input data to obtain a plurality of extract data grouped into different security levels;
  
  encrypting said extracted data for each said security level and one of appending, adding or inserting said encrypted extracted data with remainder input data to form a composite; and
  
  transmitting said composite to said at least one client computer.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. A method as claimed in claim 8 wherein said one client computer is one of a plurality of client computers and the method includes, at one of said client computers, displaying said security sensitive content in a distinguishing manner prior to extracting.
  - 10. A method as claimed in claim 9 including, at one of said client computers, permitting one of user selection and user confirmation of said security sensitive content prior to extracting.
  - 11. A method as claimed in claim 8 including providing multiple levels of encryption and corresponding multiple levels of security clearance.
  - 12. A method as claimed in claim 8 including providing multiple levels, types or keys for encryption for said different levels of security clearance.
  - 13. A method as claimed in claim 11 wherein said remainder data is encrypted with said multiple levels of encryption.
  - 14. A method as claimed in claim 8 wherein said extracting said security sensitive content and encrypting said extracted data and transmitting said composite to said at least one client computer occurs at said server computer.
  - 15. A method as claimed in claim 8 wherein said one client computer is one of a plurality of client computers and the method includes said extracting said security sensitive content and encrypting said extracted data occurs at one of said client computers, and transmitting said composite to another client computer occurs via said server computer.

16. A non-transitory computer readable medium containing programming instructions for a method of securing input data having security sensitive content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, comprising:
- extracting said security sensitive content from said input data to obtain a plurality of extract data grouped into different security levels;
  
  encrypting said extracted data for each said security level and one of appending, adding or inserting said encrypted extracted data with remainder input data to form a composite;
  
  responsive to a data request, reconstructing fully or partially said input data from said composite with decryption of said extracted data only in the presence of a respective predetermined security clearance, required for each said security level.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. A computer readable medium containing programming instructions for the method as claimed in claim 16 including displaying said security sensitive content in a distinguishing manner prior to extracting.
  - 18. A computer readable medium containing programming instructions for the method as claimed in claim 17 including permitting one of user selection and user confirmation of said security sensitive content.
  - 19. A computer readable medium containing programming instructions for the method as claimed in claim 16 including providing multiple levels of encryption and corresponding multiple levels of security clearance.
  - 20. A computer readable medium containing programming instructions for the method as claimed in claim 19 including providing multiple levels of encryption with different encryption keys corresponding to said multiple levels of security clearance.
  - 21. A computer readable medium containing programming instructions for the method as claimed in claim 19 wherein said remainder data is encrypted with said multiple levels of encryption.
  - 22. A computer readable medium containing programming instructions for the method as claimed in claim 21 wherein the step of reconstruction includes decrypting one or both of said extracted data and remainder data with respect to one of more of said multiple levels of encryption based upon one or more of said multiple levels of security clearance.

23. A non-transitory computer readable medium containing programming instructions for a method of securing input data having security sensitive content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, the method of securing data deployed in a client-server computer system with at least one server computer operatively coupled to at least one client computer over a communications network, said client computer having a decryption routine, the programming instructions comprising:
- extracting said security sensitive content from said input data to obtain a plurality of extract data grouped into different security levels;
  
  encrypting said extracted data for each said security level and one of appending, adding or inserting said encrypted extracted data with remainder input data to form a composite; and
  
  transmitting said composite to said at least one client computer.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
- - 24. A computer readable medium containing programming instructions for a method as claimed in claim 23 wherein said one client computer is one of a plurality of client computers and the programming instructions include, at one of said client computers, displaying said security sensitive content in a distinguishing manner prior to extracting.
  - 25. A computer readable medium containing programming instructions for a method as claimed in claim 24 wherein, at one of said client computers, permitting one of user selection and user confirmation of said security sensitive content prior to extracting.
  - 26. A computer readable medium containing programming instructions for a method as claimed in claim 23 including providing multiple levels of encryption and corresponding multiple levels of security clearance.
  - 27. A computer readable medium containing programming instructions for a method as claimed in claim 23 including providing multiple levels, types or keys for encryption for said different levels of security clearance.
  - 28. A computer readable medium containing programming instructions for a method as claimed in claim 26 wherein said remainder data is encrypted with said multiple levels of encryption.
  - 29. A computer readable medium containing programming instructions for a method as claimed in claim 23 wherein said extracting said security sensitive content and encrypting said extracted data and transmitting said composite to said at least one client computer occurs at said server computer.
  - 30. A computer readable medium containing programming instructions for a method as claimed in claim 23 wherein said one client computer is one of a plurality of client computers and the programming instructions include extracting said security sensitive content and encrypting said extracted data at one of said client computers, and transmitting said composite to another client computer occurs via said server computer.

31. A method of securing input data passing through a browser, said input data having security sensitive content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, the method deployed in a distributed computer system with a plurality of extract stores, each having a security level and a clearance therefor, comprising:
- extracting said security sensitive content from said input data to obtain extracted data for respective security levels;
  
  facilitating the storage of said extracted data in respective ones of said extract stores; and
  
  forwarding any remainder input data to a target destination in said distributed computer system and requiring predetermined security clearances to access said extract stores.
- View Dependent Claims (32, 33, 34, 35)
- - 32. A method as claimed in claim 31 including filtering said data while extracting.
  - 33. A method as claimed in claim 32 including defining the filter with a group of security sensitive content and the method includes one of storing said filter or destroying said filter after storing said extracted data.
  - 34. A method as claimed in claim 33 including encrypting one or both of said extracted data and said remainder data.
  - 35. A method as claimed in claim 31 wherein the extracting step operates on credit data, financial data or account data.

36. A non-transitory computer readable medium containing programming instructions for securing input data passing through a browser, said input data having security sensitive content, represented by one or more security sensitive words, characters, images, data elements or data objects therein, the programming instructions operably deployed in a distributed computer system with a plurality of extract stores, each having a security level and a clearance therefor, comprising:
- extracting said security sensitive content from said input data to obtain extracted data for respective security levels;
  
  facilitating the storage of said extracted data in respective ones of said extract stores; and
  
  forwarding any remainder input data to a target destination in said distributed computer system and requiring predetermined security clearances to access said extract stores.
- View Dependent Claims (37, 38, 39, 40)
- - 37. A computer readable medium containing programming instructions for securing input data as claimed in claim 36 including filtering said data while extracting.
  - 38. A computer readable medium containing programming instructions for securing input data as claimed in claim 37 including defining the filter with a group of security sensitive content and the programming instructions include one of storing said filter or destroying said filter after storing said extracted data.
  - 39. A computer readable medium containing programming instructions for securing input data as claimed in claim 38 including encrypting one or both of said extracted data and said remainder data.
  - 40. A computer readable medium containing programming instructions for securing input data as claimed in claim 36 wherein the extracting step operates on credit data, financial data or account data.

41. A non-transitory computer readable medium containing programming instructions for securing data passing through a browser, said data having one or more security sensitive words, characters or icons, used in conjunction with a distributed computer system with a plurality of remote memories respectively designated as corresponding extract stores, each having a respective security level and clearance, comprising:
- extracting said security sensitive words, characters or icons from said data to obtain extracted data for respective security levels and remainder data therefrom;
  
  facilitating the storage of said extracted data in respective ones of said extract stores; and
  
  forwarding said remainder data to a targeted destination in said distributed computer system and requiring a respective predetermined security clearance for access to corresponding extract stores.
- View Dependent Claims (42, 43, 44)
- - 42. A medium with programming instructions as claimed in claim 41 including filtering said data while extracting.
  - 43. A medium with programming instructions as claimed in claim 42 including defining the filter with a group of security sensitive words, characters or icons and the method includes one of storing said filter or destroying said filter after storing said extracted data.
  - 44. A medium with programming instructions as claimed in claim 43 including encrypting one or both of said extracted data and said remainder data.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
DigitalDoors, Inc.
Original Assignee
DigitalDoors, Inc.
Inventors
Redlich, Ron M., Nemzow, Martin A.
Primary Examiner(s)
Dalencourt, Yves

Application Number

US11/682,941
Publication Number

US 20070150965A1
Time in Patent Office

1,553 Days
Field of Search

709/206, 709/218, 709/219, 709/244, 709/246, 726/26, 726/27, 713/166, 713/189
US Class Current

709/246
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 2221/2107   File encryption

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2119   Authenticating web pages, e...

G06Q 10/10   Office automation; Time man...

H04L 63/0428   wherein the data content is...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Data security system and method adjunct to a browser, telecom or encryption program

First Claim

2 Assignments

Litigations

1 Petition

Accused Products

Abstract

69 Citations

44 Claims

Specification

Solutions

Use Cases

Quick Links

Data security system and method adjunct to a browser, telecom or encryption program

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

44 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links