Systems and methods for decryption as a service via a hardware security module
First Claim
Patent Images
1. A system for decryption of one or more payloads, the system comprising:
- a hardware security module for decrypting encrypted elements of received payloads, the hardware security module operatively connected to at least one decryption server;
at least one read-only database operatively connected to a frontend server, the at least one read-only database configured to store authentication data for payloads;
a master read-only database operatively connected to the at least one read-only database, the master read-only database configured for refreshing the authentication data stored at the at least one read-only database;
the at least one decryption server, wherein the at least one decryption server is configured to;
receive a particular payload, the particular payload comprising at least one encrypted element;
transmit the particular payload to the hardware security module for decryption of the at least one encrypted element;
upon receiving the particular payload from the hardware security module, parse the particular payload to determine whether the at least one encrypted element has been decrypted by the hardware security module; and
upon determining that the at least one encrypted element has not been decrypted by the hardware security module, transmit an error message to a read/write database operatively coupled to the frontend server; and
the frontend server, the frontend server configured to;
1) retrieve authentication data associated with the particular payload;
2) compare the authentication data to the particular payload to authenticate the particular payload before the particular payload is transmitted to the hardware security module.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for decryption of payloads are disclosed herein. In various embodiments, systems and methods herein are configured for decrypting thousands of transactions per second. Further, in particular embodiments, the systems and methods herein are scalable, such that many thousands of transactions can be processed per second upon replicating particular architectural components.
36 Citations
6 Claims
-
1. A system for decryption of one or more payloads, the system comprising:
-
a hardware security module for decrypting encrypted elements of received payloads, the hardware security module operatively connected to at least one decryption server; at least one read-only database operatively connected to a frontend server, the at least one read-only database configured to store authentication data for payloads; a master read-only database operatively connected to the at least one read-only database, the master read-only database configured for refreshing the authentication data stored at the at least one read-only database; the at least one decryption server, wherein the at least one decryption server is configured to; receive a particular payload, the particular payload comprising at least one encrypted element; transmit the particular payload to the hardware security module for decryption of the at least one encrypted element; upon receiving the particular payload from the hardware security module, parse the particular payload to determine whether the at least one encrypted element has been decrypted by the hardware security module; and upon determining that the at least one encrypted element has not been decrypted by the hardware security module, transmit an error message to a read/write database operatively coupled to the frontend server; and the frontend server, the frontend server configured to;
1) retrieve authentication data associated with the particular payload;
2) compare the authentication data to the particular payload to authenticate the particular payload before the particular payload is transmitted to the hardware security module. - View Dependent Claims (2, 3)
-
-
4. A computer-implemented method for decryption of one or more payloads, the method comprising:
-
providing a hardware security module for decrypting encrypted elements of received payloads, the hardware security module operatively connected to at least one decryption server; providing the at least one decryption server; providing at least one read-only database operatively connected to a frontend server, the at least one read-only database configured to store authentication data for payloads; providing the frontend server, the frontend server configured to;
1) retrieve authentication data associated with the payloads;
2) compare the authentication data to the payloads to authenticate the payloads before the payloads are transmitted to the hardware security module;providing a master read-only database operatively connected to the at least one read-only database, the master read-only database configured for refreshing the authentication data stored at the at least one read-only database; receiving a particular payload, the particular payload comprising at least one encrypted element; retrieving authentication data associated with the particular payload; comparing the particular payload authentication data to the particular payload to authenticate the particular payload; transmitting the particular payload to the hardware security module for decryption of the at least one encrypted element; upon receiving the particular payload from the hardware security module, parsing the particular payload to determine whether the at least one encrypted element has been decrypted by the hardware security module; and upon determining that the at least one encrypted element has not been decrypted by the hardware security module, transmitting an error message to a read/write database operatively coupled to the frontend server. - View Dependent Claims (5, 6)
-
Specification