Sensitive data protection during user interface automation testing systems and methods

US 9,152,812 B2
Filed: 12/03/2013
Issued: 10/06/2015
Est. Priority Date: 12/03/2013
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a non-transitory memory storing user account information, wherein the user account information comprises encrypted user information; and

one or more hardware processors in communication with the non-transitory memory and configured to;

receive a data file including a first encrypted data key, wherein the first encrypted data key is logged in the data file, and wherein the data file is a test data file for a website user interface automation test;

determine a first cipher text corresponding to the first encrypted data key using a conversion kit, wherein the conversion kit includes a cipher mapping file and an encryption algorithm; and

decrypt the first cipher text using the encryption algorithm to obtain a first data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided systems and method for sensitive data protection during user interface automation testing. A user may transmit sensitive data to the test website framework, where the sensitive data is encrypted as a data key. The encrypted data key is set by an administrator of the test website and given to the user. The user may enter the key, where the test website framework application utilizes a conversion kit to decrypt the encrypted data key for use in the website user interface automation test. However, the encrypted data key is pulled into a version control system and/or viewed in test results so that the sensitive data remains hidden from view. In various embodiments, the encrypted data key may be entered into a web element, such as a password field, where the password field displays only the encrypted data key during test results.

Citations

18 Claims

1. A system comprising:
- a non-transitory memory storing user account information, wherein the user account information comprises encrypted user information; and
  
  one or more hardware processors in communication with the non-transitory memory and configured to;
  
  receive a data file including a first encrypted data key, wherein the first encrypted data key is logged in the data file, and wherein the data file is a test data file for a website user interface automation test;
  
  determine a first cipher text corresponding to the first encrypted data key using a conversion kit, wherein the conversion kit includes a cipher mapping file and an encryption algorithm; and
  
  decrypt the first cipher text using the encryption algorithm to obtain a first data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the first encrypted data key is visible in the data file.
  - 3. The system of claim 1, wherein the first encrypted data key is entered into a web element prior to logging the first encrypted data key in the data file.
  - 4. The system of claim 1, wherein the data file is stored by a version control system.
  - 5. The system of claim 1, wherein the cipher mapping file include a key-value pair list corresponding to a plurality of encrypted data keys and a plurality of matching cipher text.
  - 6. The system of claim 5, wherein the cipher mapping file determines the first cipher text.
  - 7. The system of claim 1, wherein the first data corresponds to one of a user name, a password, and a user sensitive data.
  - 8. The system of claim 1, wherein the encryption algorithm corresponds to an RSA algorithm.

9. A method comprising:
- receiving a data file including a first encrypted data key, wherein the first encrypted data key is logged in the data file, and wherein the data file is a test data file for a website user interface automation test;
  
  determining a first cipher text corresponding to the first encrypted data key using a conversion kit, wherein the conversion kit includes a cipher mapping file and an encryption algorithm; and
  
  decrypting, using one or more hardware processors of a website server, the first cipher text using the encryption algorithm to obtain a first data.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein the first encrypted data key is visible in the data file.
  - 11. The method of claim 9, wherein the first encrypted data key is entered into a web element prior to logging the first encrypted data key in the data file.
  - 12. The method of claim 9, wherein the test data file is stored by a version control system.
  - 13. The method of claim 9, wherein the cipher mapping file include a key-value pair list corresponding to a plurality of encrypted data keys and a plurality of matching cipher text.
  - 14. The method of claim 13, wherein the cipher mapping file determines the first cipher text.
  - 15. The method of claim 9, wherein the first data corresponds to one of a user name, a password, and a user sensitive data.
  - 16. The method of claim 9, wherein the encryption algorithm corresponds to an RSA algorithm.

17. A non-transitory computer readable medium comprising a plurality of machine-readable instructions which when executed by one or more processors of a server are adapted to cause the server to perform a method comprising:
- receiving a data file including a first encrypted data key, wherein the first encrypted data key is logged in the data file, and wherein the data file is a test data file for a website user interface automation test;
  
  determining a first cipher text corresponding to the first encrypted data key using a conversion kit, wherein the conversion kit includes a cipher mapping file and an encryption algorithm; and
  
  decrypting the first cipher text using the encryption algorithm to obtain a first data.
- View Dependent Claims (18)
- - 18. The non-transitory computer readable medium of claim 17, wherein the first encrypted data key is visible in the data file, and wherein the cipher mapping file include a key-value pair list corresponding to a plurality of encrypted data keys and a plurality of matching cipher text, and wherein the cipher mapping file determines the first cipher text.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Wu, Junlong, Han, Jun
Primary Examiner(s)
Dinh, Minh

Application Number

US14/095,297
Publication Number

US 20150154415A1
Time in Patent Office

672 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 11/2221   to test input/output device...

G06F 11/3684   for test design, e.g. gener...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 2221/033   Test or assess software

G06F 3/04842   Selection of displayed obje...

H04L 63/0457   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/083   using passwords cryptograph...

Sensitive data protection during user interface automation testing systems and methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Sensitive data protection during user interface automation testing systems and methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links