Anti-identity-theft method and hardware database device
First Claim
1. An apparatus for securing a database accessed through an Internet-facing server computer, comprising:
- (a) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer,(b) a database retained in said at least one memory, said database containing a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values;
(c) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet such that requests for data from said database are received, from across the Internet via said unprivileged communication channel/port, by said controller device; and
(d) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of the database, said privileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet in such a way that said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer;
(e) wherein said programming executable on said processor is configured for performing steps comprising;
(i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port;
(ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and
(iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database.
0 Assignments
0 Petitions
Accused Products
Abstract
A hardware device (TCK) for securing data in a database accessed through an Internet server is presented. The TCK controls access to its internal database through two physically separate access channels. Through at least one “unprivileged channel (port)” the TCK provides access to its individual records, one at a time, subject to stringent security provisions. Through at least one physically separate “privileged channel” not reachable by the Internet server through the unprivileged channel, the TCK provides access to administrative operations, and facilitates more complete access to the database, thus allowing, for example, retrieval or listings of stored keys and values, multi-record access, and/or the ability to run other computer programs. Thus, the TCK system can provide extra security protection for data needed by Internet servers that are utilized by multiple known and/or anonymous users.
127 Citations
22 Claims
-
1. An apparatus for securing a database accessed through an Internet-facing server computer, comprising:
-
(a) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer, (b) a database retained in said at least one memory, said database containing a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values; (c) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet such that requests for data from said database are received, from across the Internet via said unprivileged communication channel/port, by said controller device; and (d) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of the database, said privileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet in such a way that said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer; (e) wherein said programming executable on said processor is configured for performing steps comprising; (i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port; (ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and (iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for securing a database accessed through an Internet-facing server computer, comprising:
-
(a) at least one Internet-facing server computer configured for receiving database access requests from the Internet; (b) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer; (c) a database retained in said at least one memory, said database having a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values; (d) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server via which requests are received, from across the Internet by said controller device, for data from said database; and (e) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of said database and connected to said Internet-facing server computer, wherein said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer; (f) wherein said programming executable on said processor is configured for performing steps comprising; (i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port; (ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and (iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database.
-
Specification