Data obfuscation system, method, and computer implementation of data obfuscation for secret databases

US 9,305,180 B2
Filed: 05/12/2009
Issued: 04/05/2016
Est. Priority Date: 05/12/2008
Status: Active Grant

First Claim

Patent Images

1. A method of obfuscating data in which output values of a data query are obfuscated in a repeatable manner, via the use of an Obfuscating Function (OF) while maintaining an amount of obfuscation within a range in which the obfuscated output values provide to a user information of a first level of granularity, the repeatable manner comprising generating a same value of obfuscated data for each data query having a same value of input data, wherein the OF uses a transformation based upon a method of weighted regression, including perturbing values to obtain a dependent variable for the weighted regression and based upon addition of random errors to the output values of the data query to form a dependent variable y for the weighted regression, and using a non-obfuscated data value as an independent variable.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data obfuscation system, method, and computer implementation via software or hardware allows a legitimate user to gain access via a query to data of sufficient granularity to be useful while maintaining the confidentiality of sensitive information about individual records. Output values of a data request are obfuscated in a repeatable manner, via the use of an Obfuscating Function (OF), while maintaining the amount of obfuscation within a range so that the transformed values provide to a user information of a prescribed level of granularity. The data obfuscating system and method is particularly applicable to databases. The data obfuscation engine may be implemented in hardware and/or software within a stand alone or distributed environment.

33 Citations

View as Search Results

28 Claims

1. A method of obfuscating data in which output values of a data query are obfuscated in a repeatable manner, via the use of an Obfuscating Function (OF) while maintaining an amount of obfuscation within a range in which the obfuscated output values provide to a user information of a first level of granularity, the repeatable manner comprising generating a same value of obfuscated data for each data query having a same value of input data, wherein the OF uses a transformation based upon a method of weighted regression, including perturbing values to obtain a dependent variable for the weighted regression and based upon addition of random errors to the output values of the data query to form a dependent variable y for the weighted regression, and using a non-obfuscated data value as an independent variable.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of obfuscating data as claimed in claim 1 based upon minimizing a Total Weighted Error.
  - 3. The method of obfuscating data as claimed in claim 2 in which the Total Weighted Error is defined to be a Sum of Squared Errors.
  - 4. The method of obfuscating data of claim 1, in which frequency data having a first level of granularity is shown to the user at a second level of granularity, coarser than the first level of granularity, wherein the data is converted from the first level of granularity to the second level of granularity according to a rule other than a simple proximity of the data to a nearest value at the second level of granularity.
  - 5. The method of obfuscating data, as claimed in claim 4, that is a mapping based method based on a last digit of the data.
  - 6. The method of obfuscating data, as claimed in claim 4, using random rounding based upon an odd number being rounded up and an even number being rounded down.
  - 7. The method of obfuscating data, as claimed in claim 4, using random rounding based upon an even number being rounded up and an odd number being rounded down.
  - 8. The method of obfuscating data, as claimed in claim 4, using a pseudo random number seeding function which seeds a random number generator with input values, the output of the random number generator either rounded up or rounded down, or results shifted by a rounded amount up or down.
  - 9. The method of obfuscating data, as claimed in claim 4, using a pseudo random number seeding function which seeds a random number generator with input values, the output of the random number generator either shifted up or down a number of granularity factors.
  - 10. The method of obfuscating data as claimed in claim 1 in which a high frequency filter is configured to hamper attempts to determine non-obfuscated values from obfuscated values.
  - 11. The method of obfuscating data as claimed in claim 1 in which the obfuscated values are anticipated and pre-calculated.
  - 12. The method of obfuscating data as claimed in claim 1 wherein the data request consists of multiple logical components, each being applied separately.
  - 13. The method of obfuscating data as claimed in claim 12 in which restrictions are applied to the data relating to the granularity of the frequency data.
  - 14. The method of obfuscating data as claimed in claim 1 in which the amount of obfuscation is altered in response to an algorithm.
  - 15. The method of obfuscating data as claimed in claim 14 where the alteration of the amount of obfuscation is made in response to different use access rights.
  - 16. The method of obfuscating data as claimed in claim 15 where the alteration of the amount of obfuscation is made in response to different levels of frequency of output aggregation allowing the data to be of a quality to make business decisions.
  - 17. The method of obfuscating data as claimed in claim 1 wherein the frequency of each output value is determined at a first level of granularity and converted to a second level of granularity, coarser than the first level of granularity, wherein the data is converted from the first level of granularity to the second level of granularity according to a rule using a pseudo random number seeding function.

18. A method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity, wherein the data is converted from the first level of granularity to the second level of granularity according to a rule using a pseudo random number seeding function which seeds a random number generator with input values, the output of the random number generator either rounded up or rounded down, or results shifted by a rounded amount up or down.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity, as claimed in claim 18, wherein the output of the random number generator is either shifted up or down a number of granularity factors.
  - 20. The method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity as claimed in claim 18 in which the values of the data at the second level of granularity are anticipated and pre-calculated.
  - 21. The method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity as claimed in claim 18 in which the coarseness of the second level of granularity is altered in response to an algorithm.
  - 22. The method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity as claimed in claim 21 where the coarseness of the second level of granularity is made in response to different use access rights.
  - 23. The method of representing data having a first level of granularity and a second level of granularity, coarser than the first level of granularity as claimed in claim 22 where the coarseness of the second level of granularity is made in response to different levels of frequency of output aggregation allowing the data to be of a quality to make business decisions.

24. A computer implemented obfuscation system comprising:
- at least one processor; and
  
  memory storing data instructions that when executed by the at least one processor cause the at least one processor to;
  
  run a query on data in a secret database to produce output data; and
  
  obfuscate the output data using a repeatable obfuscation function to return obfuscated data in response to the query, wherein the repeatable obfuscation function uses a transformation used in mathematical modeling, based upon the method of weighted regression including perturbing values to obtain a dependent variable for the weighted regression and based upon addition of random errors to true values to form a dependent variable y for weighted regression, and using a non-obfuscated data value as an independent variable.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The system as claimed in claim 24 wherein the obfuscated values are anticipated and pre-calculated.
  - 26. The system as claimed in claim 24 in which the amount of obfuscation is altered in response to an algorithm.
  - 27. The system as claimed in claim 26 where the alteration of the amount of obfuscation is made in response to different use access rights.
  - 28. The system as claimed in claim 27 where the alteration of the amount of obfuscation is made in response to different levels of frequency of output aggregation allowing the data to be of a quality to make business decisions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
New BIS Safe Luxco S.A R.L
Original Assignee
New BIS Safe Luxco S.A R.L
Inventors
Cardno, Andrew John, Singh, Ashok Kumar
Primary Examiner(s)
KUDDUS, DANIEL A

Application Number

US12/992,513
Publication Number

US 20110179011A1
Time in Patent Office

2,520 Days
Field of Search

707/758, 707/769, 707/999.003
US Class Current

1/1
CPC Class Codes

G06F 16/90   Details of database functio...

G06F 21/6227   where protection concerns t...

G06F 21/6254   by anonymising data, e.g. d...

G06F 30/00   Computer-aided design [CAD]

H04L 9/0662   with particular pseudorando...

H04L 9/0822   using key encryption key

Data obfuscation system, method, and computer implementation of data obfuscation for secret databases

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Data obfuscation system, method, and computer implementation of data obfuscation for secret databases

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others