Sensitive data aliasing
First Claim
Patent Images
1. A computerized method of encrypting data sets containing data elements and generating aliases to represent the data elements, the method including the steps of:
- by operating at least one computer,encrypting the data elements using a first encryption method;
generating aliases independent from the data elements;
generating an association between the aliases and the data elements;
restricting access to the data elements to a set of authorized users; and
by providing a circuit interface communicatively coupled to the at least one using the aliases in place of the data elements for a set of standard users, where at least some of the standard users are not included in the set of authorized users;
computer, permitting qualified access to the aliases and the data elements; and
maintaining data, accessible by a data-processing circuit, of data elements corresponding to one or more aliases as indicated by request information from the data-processing circuit.
6 Assignments
0 Petitions
Accused Products
Abstract
Database management and security is implemented in a variety of embodiments. In one such embodiment, data sets containing sensitive data elements are analyzed using aliases representing sensitive data elements. In another embodiment, the sensitive data elements are stored in an encrypted form for use from a secure access, while the alias is available for standard access.
18 Citations
32 Claims
-
1. A computerized method of encrypting data sets containing data elements and generating aliases to represent the data elements, the method including the steps of:
by operating at least one computer, encrypting the data elements using a first encryption method; generating aliases independent from the data elements; generating an association between the aliases and the data elements; restricting access to the data elements to a set of authorized users; and by providing a circuit interface communicatively coupled to the at least one using the aliases in place of the data elements for a set of standard users, where at least some of the standard users are not included in the set of authorized users; computer, permitting qualified access to the aliases and the data elements; and maintaining data, accessible by a data-processing circuit, of data elements corresponding to one or more aliases as indicated by request information from the data-processing circuit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A computerized method of managing a database receiving encrypted data sets containing data elements and generating aliases to represent the data elements, the method including the steps of:
by operating at least one computer, determining if the data elements are encrypted; decrypting the data elements in response to a determination that the data is encrypted; encrypting the data elements using a first encryption method resulting in encrypted data; generating aliases independent from the data elements; generating an association between the aliases and the data elements; restricting access to the data elements to a set of authorized users; and using the aliases in place of the data elements for a set of standard users, where at least some of the standard users are not included in the set of authorized users; and by providing a circuit interface communicatively coupled to the at least one computer, permitting qualified access to the aliases and the data elements. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
21. A database processing system for using data sets associated with data elements, the system comprising:
-
a database for storing the data sets and wherein the data sets include data elements that are accessible to a set of authorized users; an encryption arrangement, having at least one computer circuit, for encrypting the data elements using a first encryption scheme; an alias generator, implemented in the computer circuit, for generating aliases and associating the aliases to the data elements; and an interface circuit for accessing the database, and for using the aliases in place of the data elements for a set of standard users, where at least some of the standard users are not included in the set of authorized users, and wherein the interface circuit is communicatively coupled to at least one computer, and permits qualified access to the aliases and the data elements. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
Specification