System and method for real-time transactional data obfuscation
First Claim
1. A system, implemented on a computer comprising one or more processors, for providing transactional data privacy while maintaining data usability, comprising:
- a capture process, executing on the one or more processors, thatmonitors a first or source system, andcaptures a transaction containing one or more changes to data while the transaction is being received and committed at the first or source system; and
an obfuscation process thatreceives a signal from the capture process when the capture process detects that the transaction is being committed,wherein meta-data associated with the data contained in the transaction includes a data structure describing a distribution of data values that is incrementally maintained,obfuscates the transaction using an obfuscation technique to create an obfuscated transaction,wherein the obfuscation technique includes a nearest neighbor data substitution process combined with anonymization wherebya distance between the data and an origin point is calculated,a nearest neighbor point in the data structure is determined, anda geometric transformation is applied to the nearest neighbor point, generating an obfuscated value,wherein at least some of the data contained in the transaction cannot be determined from the obfuscated transaction, andsends the obfuscated transaction back to the capture process for use in generating a trail file or other information to be sent to a target or second system, wherein the trail file or other information reflects the obfuscated transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing transactional data privacy while maintaining data usability, including the use of different obfuscation functions for different data types to securely obfuscate the data, in real-time, while maintaining its statistical characteristics. In accordance with an embodiment, the system comprises an obfuscation process that captures data while it is being received in the form of data changes at a first or source system, selects one or more obfuscation techniques to be used with the data according to the type of data captured, and obfuscates the data, using the selected one or more obfuscation techniques, to create an obfuscated data, for use in generating a trail file containing the obfuscated data, or applying the data changes to a target or second system.
69 Citations
12 Claims
-
1. A system, implemented on a computer comprising one or more processors, for providing transactional data privacy while maintaining data usability, comprising:
-
a capture process, executing on the one or more processors, that monitors a first or source system, and captures a transaction containing one or more changes to data while the transaction is being received and committed at the first or source system; and an obfuscation process that receives a signal from the capture process when the capture process detects that the transaction is being committed, wherein meta-data associated with the data contained in the transaction includes a data structure describing a distribution of data values that is incrementally maintained, obfuscates the transaction using an obfuscation technique to create an obfuscated transaction, wherein the obfuscation technique includes a nearest neighbor data substitution process combined with anonymization whereby a distance between the data and an origin point is calculated, a nearest neighbor point in the data structure is determined, and a geometric transformation is applied to the nearest neighbor point, generating an obfuscated value, wherein at least some of the data contained in the transaction cannot be determined from the obfuscated transaction, and sends the obfuscated transaction back to the capture process for use in generating a trail file or other information to be sent to a target or second system, wherein the trail file or other information reflects the obfuscated transaction. - View Dependent Claims (2, 3, 4)
-
-
5. A method for providing transactional data privacy while maintaining data usability, comprising the steps of:
-
monitoring a first or source system with a capture process; capturing a transaction containing one or more changes to data while the transaction is being received and committed at the first or source system; sending a signal, from the capture process to an obfuscation process, when the capture process detects that the transaction is being committed; wherein meta-data associated with the data contained in the transaction includes a data type and a data structure describing a distribution of data values that is incrementally maintained; obfuscating the transaction, using an obfuscation technique, to create an obfuscated transaction; wherein the obfuscation technique includes a nearest neighbor data substitution process combined with anonymization whereby a distance between the data and an origin point is calculated, a nearest neighbor point in the data structure is determined, and a geometric transformation is applied to the nearest neighbor point, generating an obfuscated value; wherein at least some of the data contained in the transaction cannot be determined from the obfuscated transaction; sending the obfuscated transaction back to the capture process; and generating a trail file or other information to be sent to a target or second system, wherein the trail file or other information reflects the obfuscated transaction. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer readable storage medium, including instructions stored thereon which when read and executed by a computer cause the computer to perform the steps comprising:
-
monitoring a first or source system with a capture process; capturing a transaction containing one or more changes to data while the transaction is being received and committed at the first or source system; sending a signal, from the capture process to an obfuscation process, when the capture process detects that the transaction is being committed; wherein meta-data associated with the data contained in the transaction includes a data structure describing a distribution of data values that is incrementally maintained; obfuscating the transaction, using an obfuscation technique, to create an obfuscated transaction; wherein the obfuscation technique includes a nearest neighbor data substitution process combined with anonymization whereby a distance between the data and an origin point is calculated, a nearest neighbor point in the data structure is determined, and a geometric transformation is applied to the nearest neighbor point, generating an obfuscated value; wherein at least some of the data contained in the transaction cannot be determined from the obfuscated transaction; sending the obfuscated transaction back to the capture process; and generating a trail file or other information to be sent to a target or second system, wherein the trail file or other information reflects the obfuscated transaction. - View Dependent Claims (10, 11, 12)
-
Specification