Sensitive data protection during user interface automation testing systems and methods

US 9,501,657 B2
Filed: 09/21/2015
Issued: 11/22/2016
Est. Priority Date: 12/03/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, from a client device, data entered to a field of a test website user interface (UI) by a user of the test website UI;

encrypting at least a portion of the data using an encryption algorithm to generate cipher text of the data;

entering the cipher text in a test data file for a test session by the user using the test website UI;

generating a cipher mapping file for the cipher text in the test data file; and

storing the cipher mapping file with the encryption algorithm.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided systems and method for sensitive data protection during user interface automation testing. A user may transmit sensitive data to the test website framework, where the sensitive data is encrypted as a data key. The encrypted data key is set by an administrator of the test website and given to the user. The user may enter the key, where the test website framework application utilizes a conversion kit to decrypt the encrypted data key for use in the website user interface automation test. However, the encrypted data key is pulled into a version control system and/or viewed in test results so that the sensitive data remains hidden from view. In various embodiments, the encrypted data key may be entered into a web element, such as a password field, where the password field displays only the encrypted data key during test results.

5 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, from a client device, data entered to a field of a test website user interface (UI) by a user of the test website UI;
  
  encrypting at least a portion of the data using an encryption algorithm to generate cipher text of the data;
  
  entering the cipher text in a test data file for a test session by the user using the test website UI;
  
  generating a cipher mapping file for the cipher text in the test data file; and
  
  storing the cipher mapping file with the encryption algorithm.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the cipher text is visible in the data file.
  - 3. The method of claim 1, wherein the data is entered into a web element prior to entering the cipher text in the test data file.
  - 4. The method of claim 1, wherein the test data file is stored by a version control system.
  - 5. The method of claim 1, wherein the cipher mapping file includes a key-value pair list corresponding to a plurality of data keys and a plurality of matching cipher text.
  - 6. The method of claim 5, wherein the cipher mapping file is used to determine the cipher text in the test data file by a system administrator or test executor during testing of the test website UI.
  - 7. The method of claim 1, wherein the at least the portion of the data comprises one of a user name, a password, and a user sensitive data.
  - 8. The method of claim 1, wherein the encryption algorithm corresponds to an RSA algorithm.
  - 9. The method of claim 1, wherein the test data file is used for a website user interface automation test.

10. A method comprising:
- receiving a data file for a website user interface (UI) automation test, wherein the data file includes cipher text corresponding to data entered to a field of the website UI during a test session and encrypted on entry to the field;
  
  determining the cipher text using a cipher mapping file for the data file, wherein an encryption algorithm corresponding to the cipher text is stored with the cipher mapping file;
  
  decrypt the cipher text using the encryption algorithm to obtain the data; and
  
  execute the website UI automation test using the data.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein the cipher text is readable in the data file, and wherein the data is obscured in the data file by the cipher text.
  - 12. The method of claim 10, wherein the field comprises a web element of the website UI.
  - 13. The method of claim 10, wherein the data file is stored by a version control system.
  - 14. The method of claim 10, wherein the cipher mapping file include a key-value pair list corresponding to a plurality of data keys and a plurality of matching cipher text.
  - 15. The method of claim 14, wherein the cipher mapping file is used to determine the cipher text in the data file by a system administrator or test executor during testing of the test website UI.
  - 16. The method of claim 10, wherein the data comprises one of a user name, a password, and a user sensitive data.
  - 17. The method of claim 10, wherein the data is encrypted using an RSA algorithm.
  - 18. The method of claim 10, wherein the data file is used for a website user interface automation test.

19. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- receiving a data file for a website user interface (UI) automation test, wherein the data file includes cipher text corresponding to data entered to a field of the website UI during a test session and encrypted on entry to the field;
  
  determining the cipher text using a cipher mapping file for the data file, wherein an encryption algorithm corresponding to the cipher text is stored with the cipher mapping file;
  
  decrypting the cipher text using the encryption algorithm to obtain the data; and
  
  executing the website UI automation test using the data.
- View Dependent Claims (20)
- - 20. The non-transitory computer readable medium of claim 19, wherein the cipher text is visible in the data file, wherein the cipher mapping file include a key-value pair list corresponding to a plurality of data keys and a plurality of matching cipher text, and wherein the cipher mapping file is used to determine the cipher text.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Wu, Junlong, Han, Jun
Primary Examiner(s)
Dinh, Minh

Application Number

US14/860,612
Publication Number

US 20160012247A1
Time in Patent Office

428 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 11/2221   to test input/output device...

G06F 11/3684   for test design, e.g. gener...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 2221/033   Test or assess software

G06F 3/04842   Selection of displayed obje...

H04L 63/0457   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/083   using passwords cryptograph...

Sensitive data protection during user interface automation testing systems and methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

5 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Sensitive data protection during user interface automation testing systems and methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links