System, method and apparatus for electronically protecting data and digital content
First Claim
1. A system for protecting sensitive data comprising:
- one or more clients, each client having a data storage and a processor, wherein two or more items of sensitive data within a file have been replaced with a pointer for each item of sensitive data, wherein the pointer indicates where the item of sensitive data item has been stored in a secure storage by a server;
the server communicably coupled to the one or more clients; and
wherein the processor and the server protect the sensitive data items within the file by restricting subsequent access to and use of the sensitive data items via the pointers by;
receiving a first request for data stored in the file on the data storage,determining whether the requested data includes at least one of the pointers,providing the requested data whenever the requested data does not include any of the pointers, andperforming the following steps whenever the requested data includes at least one of the pointers;
sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request,denying the first request whenever the authentication fails, andreceiving and providing the extracted sensitive data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods and apparatus for protecting sensitive data in a file that has been replaced with pointer(s) for each sensitive data. The sensitive data items are protected by restricting subsequent access to and use of the sensitive data items via the pointers by: receiving a first request for data stored in a file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers: sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds.
-
Citations
33 Claims
-
1. A system for protecting sensitive data comprising:
-
one or more clients, each client having a data storage and a processor, wherein two or more items of sensitive data within a file have been replaced with a pointer for each item of sensitive data, wherein the pointer indicates where the item of sensitive data item has been stored in a secure storage by a server; the server communicably coupled to the one or more clients; and wherein the processor and the server protect the sensitive data items within the file by restricting subsequent access to and use of the sensitive data items via the pointers by; receiving a first request for data stored in the file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers; sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted sensitive data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for protecting sensitive data comprising:
-
a data storage comprising a file stored therein having two or more items of sensitive data that have been replaced with a pointer for each item of sensitive data, wherein the pointer indicates where the item of sensitive data item has been stored in a secure storage by a server; a communications interface to the server having the secure storage; a processor communicably coupled to the data storage and the communications interface, wherein the processor controls access to the data storage; and wherein the processor and the server protect the sensitive data items within the file by restricting subsequent access to and use of the sensitive data items via the pointers by; receiving a first request for data stored in the file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers; sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted sensitive data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for protecting sensitive data comprising the steps of:
-
providing a file on a data storage having two or more items of sensitive data that have been replaced with a pointer for each item of sensitive data, wherein the pointer indicates where the item of sensitive data item has been stored in a secure storage by a server; and protecting the sensitive data items by restricting subsequent access to and use of the sensitive data items via the pointers by; receiving a first request for data stored in a file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers; sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer readable storage medium for protecting sensitive data comprising program instructions when executed by a client causes the client to perform the steps of:
-
providing a file on a data storage having two or more items of sensitive data that have been replaced with a pointer for each item of sensitive data, wherein the pointer indicates where the item of sensitive data item has been stored in a secure storage by a server; and protecting the sensitive data items by restricting subsequent access to and use of the sensitive data items via the pointers by; receiving a first request for data stored in the file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers; sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds. - View Dependent Claims (28, 29, 30, 31, 32, 33)
-
Specification