Systems and methods for decryption as a service
First Claim
Patent Images
1. A system for decryption of payloads, the system comprising:
- a frontend server operatively connected to a first, second, and third read-only database, the frontend server configured for;
a) receiving a plurality of payloads from one or more third parties, wherein each of the payloads includes at least one encrypted element;
b) retrieving authentication data from the first, second and third read-only databases;
c) comparing the authentication data with each of the plurality of payloads to determine whether one or more of the payloads of the plurality of payloads has been compromised;
d) upon determining that one or more of the payloads of the plurality of payloads has not been compromised, transmitting the one or more payloads of the plurality of payloads to a hardware security module for decryption of the at least one encrypted element;
the first, second, and third read-only databases operatively connected to the frontend server and configured for storing read-only authentication data for use in determining whether payloads have been compromised;
a master read-only database operatively connected to the first, second, and third read-only databases and a read/write backend database, the master read-only database configured for receiving the authentication data from the read/write backend database and refreshing the authentication data at each of the first, second, and third read-only databases; and
the hardware security module operatively connected to the frontend server, the hardware security module configured for decrypting the one or more payloads of the plurality of encrypted payloads based on an encryption key and transmitting the decrypted one or more payloads to the one or more third parties.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for decryption of payloads are disclosed herein. In various embodiments, systems and methods herein are configured for decrypting thousands of transactions per second. Further, in particular embodiments, the systems and methods herein are scalable, such that many thousands of transactions can be processed per second upon replicating particular architectural components.
-
Citations
41 Claims
-
1. A system for decryption of payloads, the system comprising:
-
a frontend server operatively connected to a first, second, and third read-only database, the frontend server configured for;
a) receiving a plurality of payloads from one or more third parties, wherein each of the payloads includes at least one encrypted element;
b) retrieving authentication data from the first, second and third read-only databases;
c) comparing the authentication data with each of the plurality of payloads to determine whether one or more of the payloads of the plurality of payloads has been compromised;
d) upon determining that one or more of the payloads of the plurality of payloads has not been compromised, transmitting the one or more payloads of the plurality of payloads to a hardware security module for decryption of the at least one encrypted element;the first, second, and third read-only databases operatively connected to the frontend server and configured for storing read-only authentication data for use in determining whether payloads have been compromised; a master read-only database operatively connected to the first, second, and third read-only databases and a read/write backend database, the master read-only database configured for receiving the authentication data from the read/write backend database and refreshing the authentication data at each of the first, second, and third read-only databases; and the hardware security module operatively connected to the frontend server, the hardware security module configured for decrypting the one or more payloads of the plurality of encrypted payloads based on an encryption key and transmitting the decrypted one or more payloads to the one or more third parties. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for decryption of payloads, the method comprising:
-
providing a frontend server operatively connected to a first, second, and third read-only database, the frontend server configured for;
a) receiving a plurality of payloads from one or more third parties, wherein each of the payloads includes at least one encrypted element;
b) retrieving authentication data from at least one of the first, second, and third read-only databases;
c) comparing the authentication data with each of the plurality of payloads to determine whether one or more of the payloads of the plurality of payloads has been compromised;
d) upon determining that one or more of the payloads of the plurality of payloads has not been compromised, transmitting the one or more payloads of the plurality of payloads to a hardware security module for decryption of the at least one encrypted element;providing the first, second, and third read-only databases operatively connected to the frontend server and configured for storing read-only authentication data for use in determining whether payloads have been compromised; providing a master read-only database operatively connected to the first, second, and third read-only databases and a read/write backend database, the master read-only database configured for receiving the authentication data from the read/write backend database and refreshing the authentication data at each of the first, second, and third read-only databases; and providing the hardware security module operatively connected to the frontend server, the hardware security module configured for decrypting the one or more payloads of the plurality of encrypted payloads based on an encryption key and transmitting the decrypted one or more payloads to the one or more third parties. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A scalable system for fast decryption of payloads, the system comprising:
-
at least one hardware security module operatively connected to one or more frontend servers and configured for decrypting encrypted elements of payloads; the one or more frontend servers configured to receive and authenticate payloads based at least in part upon retrieving authentication data from a particular read-only database of at least three read-only databases; the at least three read-only databases operatively connected to the one or more frontend servers, wherein the at least three read-only databases comprise the authentication data for authenticating payloads; a read-only master database operatively connected to the at least three read-only databases, the read-only master database configured to receive the authentication data from the backend read/write database and refresh the authentication data stored at the at least three read-only databases; and a backend read/write database for logging decryptions and authentications, the backend read/write database operatively connected to the at least one hardware security module and the read-only master database. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A system for fast decryption of one or more payloads, the system comprising:
-
a message queuing protocol operatively connected to a first read-only database and a read/write database, the message queuing protocol configured for; receiving event notifications from the first read-only database, wherein the event notifications each comprise one or more notifications regarding the authentication of one or more received payloads; queuing the event notifications received from the first read-only database; and transmitting the event notifications to the read/write database upon determining that the read/write database is configured to accept event notifications; second and third read-only databases operatively connected to the frontend server and configured for storing authentication data for use in determining whether a payload has been compromised; and a master read-only database operatively connected to the first, second, and third read-only databases and the read/write database, the master read-only database configured for receiving the authentication data from the read/write database and refreshing the authentication data at each of the first, second, and third read-only databases. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
Specification