System and method of analyzing encrypted data in a database in near real-time
First Claim
Patent Images
1. A computer-implemented method of anonymizing a database and querying it comprising:
- (a) anonymizing a database on a server computer,(b) hosting said database on a server computer,(c) generating a query on a client computer,(d) encrypting the query on the client computer to form an encrypted query,(e) transmitting the encrypted query to the server computer,(f) operating on the encrypted query at the server computer to produce an encrypted result,(g) returning the encrypted result to the client computer,(h) post processing the encrypted result on the client computer, without decryption, to produce a post processed encrypted result,(i) decrypting the post processed encrypted result at the client computer to produce a decrypted result and presenting the decrypted result to the user;
wherein anonymizing the database is accomplished by forming two or more groups within at least one table, wherein each group is associated with an anonymization key and wherein at least two of said two or more groups overlap.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates generally to a system and method of querying an anonymized database. More particularly, the invention provides a method and system for querying an anonymized database without the need to decrypt queried data while it'"'"'s processed. Even more specifically, the invention provides a method and system of anonymizing a database such that it may be queried efficiently in near real time while still retaining the ability to not decrypt requested data while it'"'"'s being processed.
-
Citations
27 Claims
-
1. A computer-implemented method of anonymizing a database and querying it comprising:
-
(a) anonymizing a database on a server computer, (b) hosting said database on a server computer, (c) generating a query on a client computer, (d) encrypting the query on the client computer to form an encrypted query, (e) transmitting the encrypted query to the server computer, (f) operating on the encrypted query at the server computer to produce an encrypted result, (g) returning the encrypted result to the client computer, (h) post processing the encrypted result on the client computer, without decryption, to produce a post processed encrypted result, (i) decrypting the post processed encrypted result at the client computer to produce a decrypted result and presenting the decrypted result to the user; wherein anonymizing the database is accomplished by forming two or more groups within at least one table, wherein each group is associated with an anonymization key and wherein at least two of said two or more groups overlap. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented method of anonymizing a database and querying it comprising the steps of:
-
(a) anonymizing a database on a server computer, (b) hosting said database on a server computer, (c) generating a query on a client computer, (d) encrypting the query on the client computer to form an encrypted query, (e) transmitting the encrypted query to the server computer, (f) operating on the encrypted query at the server computer to produce an encrypted result, (g) returning the encrypted result to the client computer, (h) decrypting the encrypted result at the client computer to produce a decrypted result, and (i) post processing the decrypted result at the client computer to produce a result and presenting the result to a user; wherein anonymizing the database is accomplished by forming two or more groups within at least one table and wherein each group is associated with an anonymization key and wherein at least two of said two or more groups overlap. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer-implemented apparatus for performing computations on encrypted data and querying encrypted data, comprising:
- (1) a computer system;
(2) logic, performed by the computer system, for (a) anonymizing a database on a server computer, (b) hosting said database on a server computer, (c) generating a query on a client computer, (d) encrypting the query on the client computer to form an encrypted query, (e) transmitting the encrypted query to the server computer, (f) operating on the encrypted query at the server computer to produce an encrypted result, (g) returning the encrypted result to the client computer, (h) post processing the encrypted result on the client computer, without decryption, to produce a post processed encrypted result, (i) decrypting the post processed encrypted result at the client computer to produce a decrypted result and presenting the decrypted result to the user;
wherein anonymizing the database is accomplished by forming two or more groups within at least one table, wherein each group is associated with an anonymization key and wherein at least two of said two or more groups overlap.
- (1) a computer system;
-
17. An article of manufacture comprising a program storage device embodying instructions for a computer-implemented method for performing computations on encrypted data and querying encrypted data, the logic comprising:
- (a) anonymizing a database on a server computer, (b) generating a query on a client computer, (c) encrypting the query on the client computer to form an encrypted query, (d) transmitting the encrypted query to the server computer, (e) operating on the encrypted query at the server computer to produce an encrypted result, (f) returning the encrypted result to the client computer, (g) decrypting the encrypted result at the client computer to produce a decrypted result, and (h) post processing the decrypted result at the client computer to produce a result and presenting the result to a user;
wherein anonymizing the database is accomplished by forming two or more groups within at least one table and wherein each group is associated with an anonymization key; and
wherein at least two of said two or more groups overlap.
- (a) anonymizing a database on a server computer, (b) generating a query on a client computer, (c) encrypting the query on the client computer to form an encrypted query, (d) transmitting the encrypted query to the server computer, (e) operating on the encrypted query at the server computer to produce an encrypted result, (f) returning the encrypted result to the client computer, (g) decrypting the encrypted result at the client computer to produce a decrypted result, and (h) post processing the decrypted result at the client computer to produce a result and presenting the result to a user;
-
18. A client-server database system comprising:
-
(a) at least one client computer, (b) at least one server computer, and (c) a network connecting the client computer and the server computer, (d) wherein the server computer hosts an anonymized database, the anonymized database is operated upon by the server computer to produce an encrypted results set in response to an encrypted query from the client computer, the encrypted results set is sent from the server to the client computer, the encrypted result is post processed on the client computer, without decryption, to produce a post processed encrypted results set, and the post processed encrypted results set is decrypted by the client computer to produce a decrypted result to be presented to a user, wherein the anonymized database is anonymized by forming two or more groups within at least one table and wherein each group is associated with an anonymization key; and
wherein at least two of said two or more groups overlap. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification