Data protection hub
First Claim
Patent Images
1. A data protection hub, comprising:
- a hardware random number generator configured to generate random numbers;
a cryptoprocessor configured to perform cryptographic operations;
a processor coupled to the hardware random number generator and the cryptoprocessor and configured for executing code;
networking apparatus configured to receive from a client computer, a data protection request message comprising unprotected data, a data protection policy file and one or more policy parameters;
a non-transitory computer-readable storage medium, comprising code executable by the processor for;
determining a data protection transformation by parsing the data protection policy file, wherein the data protection policy file is used to determine the data protection transformation based on the one or more policy parameters;
selecting one or more of the hardware random number generator or the cryptoprocessor based on the determined data protection transformation;
performing, using the selected one or more of the hardware random number generator or the cryptoprocessor, the data protection transformation on the unprotected data to generate protected data, wherein the data protection transformation comprises;
hashing the unprotected data using one of a plurality of hashing algorithms, based on the determined data protection transformation; and
masking sensitive data fields of the unprotected data based on further determining that the sensitive data fields includes unprotected data; and
the networking apparatus further configured to send the protected data, to the client computer.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention broadly described, introduce systems and methods for protecting data at a data protection hub using a data protection policy. One embodiment of the invention discloses a method for protecting unprotected data. The method comprises receiving a data protection request message comprising unprotected data and one or more policy parameters, determining a data protection transformation using the policy parameters, performing the data protection transformation on the unprotected data to generate protected data, and sending the protected data.
-
Citations
10 Claims
-
1. A data protection hub, comprising:
-
a hardware random number generator configured to generate random numbers; a cryptoprocessor configured to perform cryptographic operations; a processor coupled to the hardware random number generator and the cryptoprocessor and configured for executing code; networking apparatus configured to receive from a client computer, a data protection request message comprising unprotected data, a data protection policy file and one or more policy parameters; a non-transitory computer-readable storage medium, comprising code executable by the processor for; determining a data protection transformation by parsing the data protection policy file, wherein the data protection policy file is used to determine the data protection transformation based on the one or more policy parameters; selecting one or more of the hardware random number generator or the cryptoprocessor based on the determined data protection transformation; performing, using the selected one or more of the hardware random number generator or the cryptoprocessor, the data protection transformation on the unprotected data to generate protected data, wherein the data protection transformation comprises; hashing the unprotected data using one of a plurality of hashing algorithms, based on the determined data protection transformation; and masking sensitive data fields of the unprotected data based on further determining that the sensitive data fields includes unprotected data; and the networking apparatus further configured to send the protected data, to the client computer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented method comprising:
-
receiving, by a processor, a data protection request message from a client computer, the message comprising unprotected data, a data protection file and one or more policy parameters; determining, by the processor, a data protection transformation by parsing the data protection policy file, wherein the data protection policy file is used to determine the data protection transformation based on the one or more policy parameters; selecting one or more of a hardware random number generator or a cryptoprocessor based on the determined data protection transformation, wherein; the hardware random number generator generates random numbers, and the cryptoprocessor performs cryptographic operations; performing, using the selected one or more of the hardware random number generator or the cryptoprocessor, the data protection transformation on the unprotected data to generate protected data, wherein the data protection transformation comprises; hashing the unprotected data using one of a plurality of hashing algorithms, based on the determined data protection transformation; and masking sensitive data fields of the unprotected data based on further determining that the sensitive data fields includes unprotected data; and sending, by the processor, the protected data to the client computer. - View Dependent Claims (7, 8, 9, 10)
-
Specification