Secure wildcard searchable database

US 8,549,653 B2
Filed: 09/14/2011
Issued: 10/01/2013
Est. Priority Date: 09/14/2011
Status: Active Grant

First Claim

Patent Images

1. A method for providing access to data stored in encrypted form in a physically non-secure database without compromising security of the data in the physically non-secure database, the non-secure database residing in non-volatile storage, the method comprising:

in a server,maintaining a representation of at least some of the data from the database in unencrypted form in volatile memory associated with the server;

receiving a request to search the data from an authorized user, the request containing a wildcard character;

executing the request containing the wildcard character by conducting a wildcard search on the representation in the volatile memory of the server;

displaying search results to the user sufficient to allow the user to select database contents to be retrieved from the non-volatile storage;

receiving a selection from the user;

retrieving from the database, specific encrypted data associated with the user'"'"'s selection;

decrypting the specific encrypted data using a key retrieved from a keystore that is accessible by the server but is stored remote from the server, and is inaccessible to both the physically non-secure database and the user, so as to obtain unencrypted selection results, wherein the server is one of multiple servers, wherein an other of the multiple servers contains a separate representation of the at least some of the data in volatile memory of the other server in unencrypted form;

providing the unencrypted selection results to the user; and

using a publish/subscribe messaging mechanism to maintain consistency between the unencrypted representation in the volatile memory of the server and the unencrypted separate representation in the volatile memory of the other server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing access to data stored in encrypted form in a physically non-secure database without compromising security of the data in the physically non-secure database is disclosed. A representation of at least some of the data from the database in unencrypted form is stored in volatile memory associated with the server. The wildcard search is performed on the representation. Search results are displayed to the user to allow the user to select database contents to be retrieved. The user'"'"'s selection is retrieved from the database and decrypted. Finally, the unencrypted selection results are provided to the user.

10 Citations

View as Search Results

16 Claims

1. A method for providing access to data stored in encrypted form in a physically non-secure database without compromising security of the data in the physically non-secure database, the non-secure database residing in non-volatile storage, the method comprising:
- in a server,maintaining a representation of at least some of the data from the database in unencrypted form in volatile memory associated with the server;
  
  receiving a request to search the data from an authorized user, the request containing a wildcard character;
  
  executing the request containing the wildcard character by conducting a wildcard search on the representation in the volatile memory of the server;
  
  displaying search results to the user sufficient to allow the user to select database contents to be retrieved from the non-volatile storage;
  
  receiving a selection from the user;
  
  retrieving from the database, specific encrypted data associated with the user'"'"'s selection;
  
  decrypting the specific encrypted data using a key retrieved from a keystore that is accessible by the server but is stored remote from the server, and is inaccessible to both the physically non-secure database and the user, so as to obtain unencrypted selection results, wherein the server is one of multiple servers, wherein an other of the multiple servers contains a separate representation of the at least some of the data in volatile memory of the other server in unencrypted form;
  
  providing the unencrypted selection results to the user; and
  
  using a publish/subscribe messaging mechanism to maintain consistency between the unencrypted representation in the volatile memory of the server and the unencrypted separate representation in the volatile memory of the other server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1,wherein, when contents of the data stored in encrypted form in the physically non-secure database is changed and the change affects information that must be included in the representation,the method further comprises:
    - in the server,retrieving the affected information in encrypted form from the database;
      
      decrypting the affected information; and
      
      updating the representation to reflect the affected information.
  - 3. The method of claim 1, wherein, when contents of the data stored in encrypted form in the physically non-secure database is changed and the change affect information that must be included in the representation, the method further comprises:
    - in the server,retrieving the affected information in encrypted form from the database;
      
      decrypting the affected information; and
      
      updating the representation to reflect the affected information.
  - 4. The method of claim 1, wherein the receiving the request comprises:
    - receiving the request over an encrypted connection.
  - 5. The method of claim 1, wherein the retrieving from the database comprises:
    - retrieving the specific encrypted data over an unencrypted connection.
  - 6. The method of claim 1, wherein the providing comprises:
    - providing the unencrypted selection results to the user over an unencrypted connection.
  - 7. The method of claim 1, wherein the maintaining the representation of the at least some of the data in volatile memory associated with the server comprises:
    - maintaining the representation in unencrypted form in cache memory.
  - 8. The method of claim 1, further comprising:
    - retrieving encrypted database content from the physically non-secure database;
      
      decrypting the retrieved encrypted content; and
      
      storing the decrypted content as the representation in the volatile memory associated with the server.

9. A computer apparatus comprising:
- a server including a processor and volatile memory associated with, and accessible by, the processor, the server being configured for connection to a remote, physically non-secure database containing, in non-volatile storage therein, content stored in encrypted form, the volatile memory associated with the server having stored therein an unencrypted representation of a portion of the content obtained from the database;
  
  application programming running on the server, configured toa) in response to receipt of a database query containing a wildcard character, conduct a wildcard search of the unencrypted representation of the portion of the content stored in the volatile memory and output a result of the wildcard search,b) receive an input from a user in response to the result,c) retrieve from the non-secure database discrete encrypted data from the database in non-volatile storage based upon the user input;
  
  d) decrypt the discrete encrypted data using a key retrieved from a keystore that is accessible by the server but is stored remote from the server, and is inaccessible to both the physically non-secure database and the user; and
  
  e) provide an unencrypted version of the discrete encrypted data to the user;
  
  a publish/subscribe mechanism, coupled to both the server and a second server, configured to maintain coherency between the unencrypted representation of the portion of the content in the volatile memory associated with the server and an unencrypted representation of the portion of the content stored in a volatile memory associated with the second server.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer apparatus of claim 9, wherein the volatile memory comprises a cache memory.
  - 11. The computer apparatus of claim 9, whereinthe volatile memory associated with the second server is accessible by a processor, the second server being configured for connection to the physically non-secure database to obtain the unencrypted representation of the portion of the content, the computer apparatus further comprising:
    - second application programming running on the server, configured toa) in response to receipt of a database query containing a wildcard character, conduct a wildcard search of the representation of the portion stored in the volatile memory of the second server and output a result of the wildcard search,b) receive an input from a user in response to the result,c) retrieve from the non-secure database discrete encrypted data from the database based upon the user input;
      
      d) decrypt the discrete encrypted data using the key retrieved from the keystore; and
      
      e) provide an unencrypted version of the discrete encrypted data to the user.
  - 12. The computer apparatus of claim 11 wherein the application programming running on the server is further configured to, in response to an indication from the publish/subscribe mechanism that the representation is stale, retrieve from the non-secure database updated information in encrypted form, decrypt the updated information and update the representation with the unencrypted updated information.
  - 13. The computer apparatus of claim 11wherein the key store is located remote from, but accessible to the second server and is usable to decrypt encrypted information received by the second server from the remote, physically non-secure database and store a result of the decrypting of the encrypted information in the volatile memory as at least part of the representation of the portion of the content obtained from the database.
  - 14. The computer apparatus of claim 9, wherein the server is a first server, the computer apparatus further comprising:
    - multiple other servers each having volatile memory containing unencrypted representations of the portion of the content; and
      
      application programming running on each of the multiple other servers configured to perform a) through e).
  - 15. The computer apparatus of claim 14 further comprising:
    - a publish/subscribe subsystem, coupled to the first server and the multiple other servers, configured to maintain coherency among the unencrypted representations of the portion of the content in each of the volatile memories.
  - 16. The computer apparatus of claim 9, further comprising,an encrypted connection to the server over which the database query is received.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Morgan Stanley Services Group Inc. (Morgan Stanley)
Original Assignee
Morgan Stanley
Inventors
Kunde, Raghu Ram, Andrade, Ernesto Jr.
Primary Examiner(s)
Zee, Edward
Assistant Examiner(s)
NGUY, CHI D

Application Number

US13/232,055
Publication Number

US 20130067226A1
Time in Patent Office

748 Days
Field of Search

713/168, 713/193, 726/26, 726/27
US Class Current

726/26
CPC Class Codes

G06F 21/6227 where protection concerns t...

H04L 9/0894 Escrow, recovery or storing...

Secure wildcard searchable database

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Secure wildcard searchable database

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others