Anti-identity-theft method and hardware database device

US 9,311,504 B2
Filed: 11/24/2014
Issued: 04/12/2016
Est. Priority Date: 06/23/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus for securing a database accessed through an Internet-facing server computer, comprising:

(a) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer,(b) a database retained in said at least one memory, said database containing a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values;

(c) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet such that requests for data from said database are received, from across the Internet via said unprivileged communication channel/port, by said controller device; and

(d) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of the database, said privileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet in such a way that said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer;

(e) wherein said programming executable on said processor is configured for performing steps comprising;

(i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port;

(ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and

(iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hardware device (TCK) for securing data in a database accessed through an Internet server is presented. The TCK controls access to its internal database through two physically separate access channels. Through at least one “unprivileged channel (port)” the TCK provides access to its individual records, one at a time, subject to stringent security provisions. Through at least one physically separate “privileged channel” not reachable by the Internet server through the unprivileged channel, the TCK provides access to administrative operations, and facilitates more complete access to the database, thus allowing, for example, retrieval or listings of stored keys and values, multi-record access, and/or the ability to run other computer programs. Thus, the TCK system can provide extra security protection for data needed by Internet servers that are utilized by multiple known and/or anonymous users.

127 Citations

22 Claims

1. An apparatus for securing a database accessed through an Internet-facing server computer, comprising:
- (a) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer,(b) a database retained in said at least one memory, said database containing a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values;
  
  (c) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet such that requests for data from said database are received, from across the Internet via said unprivileged communication channel/port, by said controller device; and
  
  (d) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of the database, said privileged communication channel/port configured for connection to said Internet-facing server computer, said Internet-facing server computer connected to the Internet in such a way that said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer;
  
  (e) wherein said programming executable on said processor is configured for performing steps comprising;
  
  (i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port;
  
  (ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and
  
  (iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The apparatus recited in claim 1:
    - wherein said controller device cannot be connected to the Internet; and
      
      wherein the apparatus cannot comprise a software-only implementation on an Internet connected server.
  - 3. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for said serving of single-record information while preventing browsing of database information, including preventing browsing of keys and performing wildcard retrievals for said unprivileged communication channel.
  - 4. The apparatus recited in claim 1, wherein said programming executable on said processor is further configured so that a correct key for a record must be presented, and is verified by the programming, before a single record request is serviced for said unprivileged communication channel.
  - 5. The apparatus recited in claim 4, wherein said programming executable on said processor is configured to service single-record requests without allowing a requesting device to obtain a listing of stored database keys for said unprivileged communication channel.
  - 6. The apparatus recited in claim 4, wherein said programming executable on said processor is configured to service single-record requests without direct or indirect read access to more than one record at a time for said unprivileged communication channel.
  - 7. The apparatus recited in claim 4, wherein said programming executable on said processor is configured to service single-record requests without allowing requests from said Internet-facing server computer, or another Internet facing server, to log into the apparatus for executing computer programs.
  - 8. The apparatus recited in claim 1, wherein said unprivileged communication channel/port comprises a high-availability, high-speed communication channel.
  - 9. The apparatus recited in claim 1, wherein said unprivileged communication channel/port comprises USB, Ethernet, Intel Thunderbolt, or PCI, connectivity configured for connection to said Internet-facing server computer.
  - 10. The apparatus recited in claim 1, wherein said privileged communication channel/port is configured for being physically connected to a computer device that is not connected to the Internet, and said controller device is able to be removed from said Internet-facing server computer and plugged into the computer device, said computer device configured for accessing said database.
  - 11. The apparatus recited in claim 1, wherein said privileged communication channel/port comprises a wired connection to a private network that has no Internet communication.
  - 12. The apparatus recited in claim 11, wherein said wired connection comprises an Ethernet connection or a USB connection.
  - 13. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for performing extended accesses through said privileged communication channel/port selected from a group of access requests consisting of retrieval and/or listings of stored keys and values, multiple-record accesses, wild card requests, and an ability to execute other computer programs besides controller device programming.
  - 14. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for recognizing a command line protocol.
  - 15. The apparatus recited in claim 14, wherein said command line protocol comprises at least five commands.
  - 16. The apparatus recited in claim 1, wherein said memory associated with said processor, is selected from a group of memory devices consisting of fixed memory, removable memory, non-volatile memory, solid state disks, memory sticks, memory cards, removable media, and combinations thereof.
  - 17. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for accessing said database without utilizing encryption keys that are susceptible to interception and loss, thereafter rendering data in said database unusable.
  - 18. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for gaining back complete access to database keys and values by an administrator through said privileged communication channel.
  - 19. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for switching said database into a read-only mode or a write-only mode by requests performed through said privileged communication channel.
  - 20. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for detecting that a limit in number of failed access attempts for a specific record has been reached, and responding to these failed access attempts by generating an alert and/or locking the specific record from further access attempts.
  - 21. The apparatus recited in claim 1, wherein said programming executable on said processor is configured for detecting that a limit in number of failed access attempts across multiple records, including global accesses across said database, has been reached, and responding by generating an alert and locking said database to prevent further access attempts until an administrator services said database over said privileged communication channel.

22. A system for securing a database accessed through an Internet-facing server computer, comprising:
- (a) at least one Internet-facing server computer configured for receiving database access requests from the Internet;
  
  (b) a controller device having at least one processor, at least one memory associated with said processor, and programming retained in said memory and configured for execution on said processor, said controller device being plugged into said Internet-facing server computer;
  
  (c) a database retained in said at least one memory, said database having a plurality of separate records, wherein each record is identified by a unique key and wherein each key is associated with one or more non-unique values;
  
  (d) one unprivileged communication channel/port on said controller device, said unprivileged communication channel/port configured for connection to said Internet-facing server via which requests are received, from across the Internet by said controller device, for data from said database; and
  
  (e) one separate privileged communication channel/port on said controller device, said privileged communication channel/port providing local control of said database and connected to said Internet-facing server computer, wherein said privileged communication channel/port is not connected to the Internet and is not reachable from across the Internet via said Internet-facing server computer;
  
  (f) wherein said programming executable on said processor is configured for performing steps comprising;
  
  (i) distinguishing between database access requests received via said unprivileged communication channel/port and said privileged communication channel/port, and preventing access to said privileged communication channel/port from across the Internet via said Internet-facing server computer connected to said unprivileged communication channel/port;
  
  (ii) serving only single-record information from said database over said unprivileged communication channel/port, thereby preventing access to multiple record reads, writes, deletions, additions, or other multiple record activity; and
  
  (iii) allowing extended accesses through said privileged communication channel/port which encompass an ability to perform multiple-record operations, and operations required for maintenance of said database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Welch, Ivo
Original Assignee
Welch, Ivo
Inventors
Welch, Ivo
Primary Examiner(s)
LESNIEWSKI, VICTOR D

Application Number

US14/551,851
Publication Number

US 20150371053A1
Time in Patent Office

505 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 21/6227   where protection concerns t...

G06F 21/74   operating in dual or compar...

H04L 63/107   wherein the security polici...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

Anti-identity-theft method and hardware database device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

127 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Anti-identity-theft method and hardware database device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

127 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links