System and method to anonymize data transmitted to a destination computing device

US 9,292,696 B1
Filed: 03/15/2013
Issued: 03/22/2016
Est. Priority Date: 03/08/2011
Status: Active Grant

First Claim

Patent Images

1. A method for anonymizing data to be transmitted to a destination computing device, comprising:

receiving data to be stored in a destination computing device from a user computer, the received data including a plurality of fields of data;

determining a format for the received data by a transmit data parser;

based on the determined format of the received data by the transmit data parser, identifying one or more fields of data for anonymization;

determining a value of a field of data in the received data, value indicative of a selective group of users;

determining anonymization strategy for the identified one or more fields of data for anonymization, based on the value indicative of the selective group of users;

anonymizing the identified one or more fields of data using an anonymization module executed on a computing device, based on determined anonymization strategy stored in a data store;

transmitting received data with anonymized one or more fields of data, to the destination computing device over a network, for storage in the destination computing device;

receiving a request to retrieve data from the destination computing device, request including a field with a value indicative of a selective group the user requesting the retrieval belongs to;

receiving data with anonymized one or more fields of data from the destination computing device;

determining a format for the received data by a receive data parser;

based on the determined format of the received data by the receive data parser, identifying one or more anonymized fields of received data for de-anonymization; and

selectively de-anonymizing the one or more anonymized fields of data to derive de-anonymized one or more fields of data, based on the selective group the user belongs to.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Data to be transmitted is received from a user computer. The data includes a plurality of fields of data. One or more fields of data are selected for anonymization. The selected one or more fields are anonymized. The data with one or more fields anonymized is transmitted to the destination computing device.

59 Citations

View as Search Results

17 Claims

1. A method for anonymizing data to be transmitted to a destination computing device, comprising:
- receiving data to be stored in a destination computing device from a user computer, the received data including a plurality of fields of data;
  
  determining a format for the received data by a transmit data parser;
  
  based on the determined format of the received data by the transmit data parser, identifying one or more fields of data for anonymization;
  
  determining a value of a field of data in the received data, value indicative of a selective group of users;
  
  determining anonymization strategy for the identified one or more fields of data for anonymization, based on the value indicative of the selective group of users;
  
  anonymizing the identified one or more fields of data using an anonymization module executed on a computing device, based on determined anonymization strategy stored in a data store;
  
  transmitting received data with anonymized one or more fields of data, to the destination computing device over a network, for storage in the destination computing device;
  
  receiving a request to retrieve data from the destination computing device, request including a field with a value indicative of a selective group the user requesting the retrieval belongs to;
  
  receiving data with anonymized one or more fields of data from the destination computing device;
  
  determining a format for the received data by a receive data parser;
  
  based on the determined format of the received data by the receive data parser, identifying one or more anonymized fields of received data for de-anonymization; and
  
  selectively de-anonymizing the one or more anonymized fields of data to derive de-anonymized one or more fields of data, based on the selective group the user belongs to.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein transmitting received data further includes assembling the received data in the determined format with anonymized one or more fields of data.
  - 3. The method of claim 1, wherein the format for the received data indicates a message to a database.
  - 4. The method of claim 1, wherein the format for the received data indicates an email message.
  - 5. The method of claim 1, further including:
    - determining a type of the identified field of data to be stored, type including at least both of a structured data and unstructured data; and
      
      determining a type of anonymization for the identified field of data, based on the type of the identified field of data.
  - 6. The method of claim 1, further including scanning the data in the identified field of data to be stored, for malware, based on the value of the field of data indicative of the selective group of users.
  - 7. The method of claim 5, further including scanning the data in the field of data to be stored for malware, based on the type of the identified field of data.
  - 8. The method of claim 5, wherein determining the type of anonymization further including selecting a different destination computing device for storing a portion of the received data.
  - 9. The method of claim 1, wherein the anonymized field of data is searchable using an anonymized keyword.

10. An anonymization system to anonymize data transmitted to a destination computing device, comprising:
- a transmit data parser executed on a computing device to receive data to be stored in the destination computing device from a user computer, the data including a plurality of fields of data, wherein a format for the received data is determined by the transmit data parser;
  
  an anonymization strategy module executed on a computing device to store anonymization strategy for data anonymization for the plurality of fields of data, anonymization strategy for the plurality of fields of data stored in a data store;
  
  an anonymization module executed on the computing device toidentify one or more fields of data for anonymization, based on the determined format for the received data;
  
  determine a value of a field of data in the received data, value indicative of a selective group of users;
  
  determine anonymization strategy for the identified one or more fields of data for anonymization, based on the value indicative of the selective group of users;
  
  anonymize the identified one or more fields of data based on determined anonymization strategy for the identified one or more fields of data; and
  
  transmit received data with anonymized one or more fields of data, to the destination computing device over a network, for storage in the destination computing device;
  
  a receive data parser executed on a computing device to receive data stored in the destination computing device in response to a request to retrieve data from the destination computing device, request including a field with a value indicative of a selective group the user requesting the retrieval belongs to, the received data including one or more fields of anonymized data, the receive data parser determines the format of the received data; and
  
  a de-anonymization module executed on the computing device toidentifies one or more anonymized fields of received data based on the determined format of the received data;
  
  selectively de-anonymize the identified one or more fields of anonymized data, based on the selective group the user belongs to and derive de-anonymized one or more fields of data; and
  
  return the received data with de-anonymized one or more fields of data, in response to the request.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10, wherein the anonymization module is configured to assemble the received data in the determined format with anonymized one or more fields of data.
  - 12. The system of claim 10, wherein the anonymization module is configured to determine a type of the identified field of data to be stored, type including at least both of a structured data and unstructured data;
    - andthe anonymization strategy module is configured to determine a type of anonymization for the identified field of data, based on the type of the identified field of data.
  - 13. The system of claim 10, wherein, based on the value of the field of data indicative of the selective group of users, the data in the identified field of data is selectively scanned for malware by a malware detection program.
  - 14. The system of claim 12, wherein the anonymization strategy module selects a different destination computing device to store a portion of the received data, based on the type of the field of data to be stored.
  - 15. The system of claim 10, wherein the anonymized field of data is configured to be searchable using an anonymized keyword.
  - 16. The system of claim 10, wherein the format for the received data indicates a message to a database.
  - 17. The system of claim 10, wherein the format for the received data indicates an email message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookout Incorporated
Original Assignee
Ciphercloud Incorporated
Inventors
Kothari, Pravin, Soubramanien, Viswa, Dash, Debabrata
Primary Examiner(s)
Le, Chau
Assistant Examiner(s)
Chaudhry, Muhammad

Application Number

US13/843,925
Time in Patent Office

1,103 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/60   Protecting data

H04L 63/0227   Filtering policies mail mes...

H04L 63/0435   wherein the sending and rec...

System and method to anonymize data transmitted to a destination computing device

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

59 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to anonymize data transmitted to a destination computing device

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links