Method and computer program product for order preserving symbol based encryption

US 9,734,350 B2
Filed: 06/15/2015
Issued: 08/15/2017
Est. Priority Date: 02/23/2010
Status: Active Grant

First Claim

Patent Images

1. A system to provide sorting of encrypted data within a software as a service (SaaS) environment, the system comprising:

symbol based encryption module to encrypt data on a per symbol basis and to provide sort and search preserving encryption that allows other modules to sort tokens and to search for tokens, the symbol based encryption module to replace data elements with a random tokens and maintain a lexicographic order between the random tokens and the plaintext data elements they represent;

a database system coupled with the symbol based encryption module to store encrypted tokens that have been encrypted by the symbol based encryption module, the database system to allow access to the encrypted tokens through the SaaS environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for sorting encrypted data within a software as a service (SaaS) environment. Data is encrypted on a per symbol basis with a symbol based encryption module. Sort and search functionality preserving encryption that allows other modules to sort tokens and to search for tokens is provided. Encrypted tokens that have been encrypted by the symbol based encryption module are stored in a database. Access to the encrypted tokens is provided through the SaaS environment.

Citations

18 Claims

1. A system to provide sorting of encrypted data within a software as a service (SaaS) environment, the system comprising:
- symbol based encryption module to encrypt data on a per symbol basis and to provide sort and search preserving encryption that allows other modules to sort tokens and to search for tokens, the symbol based encryption module to replace data elements with a random tokens and maintain a lexicographic order between the random tokens and the plaintext data elements they represent;
  
  a database system coupled with the symbol based encryption module to store encrypted tokens that have been encrypted by the symbol based encryption module, the database system to allow access to the encrypted tokens through the SaaS environment.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1 wherein the SaaS environment comprises a customer relationship management (CRM) environment.
  - 3. The system of claim 1 further comprising a decryption module that to reverse the operation of an encryption module in response to detecting encrypted element(s) in a web page returned by a web-application.
  - 4. The system of claim 3 wherein the web-application comprises a SaaS application.
  - 5. The system of claim 3 wherein the web page comprises a non-encrypted/plain-text response page with information to be presented in plaintext.
  - 6. The system of claim 1 wherein the symbol based encryption module replaces each symbol a random token, wherein a lexicographic order between the random tokens and the symbols they replace is preserved.

7. A non-transitory computer-readable medium having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
- encrypt data on a per symbol basis, with a symbol based encryption module, the symbol based encryption module to replace data elements with a random tokens and maintain a lexicographic order between the random tokens and the plaintext data elements they represent;
  
  provide sort and search preserving encryption, with the symbol based encryption module, that allows other modules to sort tokens and to search for tokens;
  
  store, in a database system coupled with the symbol based encryption module, encrypted tokens that have been encrypted by the symbol based encryption module;
  
  allow access to the encrypted tokens through a software as a service (SaaS) environment.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The non-transitory computer-readable medium of claim 7 wherein the SaaS environment comprises a customer relationship management (CRM) environment.
  - 9. The non-transitory computer-readable medium of claim 7 further comprising instructions that, when executed by the one or more processors, cause a decryption module to reverse the operation of an encryption module in response to detecting encrypted element(s) in a web page returned by a web-application.
  - 10. The non-transitory computer-readable medium of claim 9 wherein the web-application comprises a SaaS application.
  - 11. The non-transitory computer-readable medium of claim 9 wherein the web page comprises a non-encrypted/plain-text response page with information to be presented in plaintext.
  - 12. The non-transitory computer-readable medium of claim 7 wherein the symbol based encryption module replaces each symbol a random token, wherein a lexicographic order between the random tokens and the symbols they replace is preserved.

13. A method for sorting encrypted data within a software as a service (SaaS) environment, the method comprising:
- encrypting data on a per symbol basis, with a symbol based encryption module, the symbol based encryption module to replace data elements with a random tokens and maintain a lexicographic order between the random tokens and the plaintext data elements they represent;
  
  providing sort and search preserving encryption, with the symbol based encryption module, that allows other modules to sort tokens and to search for tokens;
  
  storing, in a database system coupled with the symbol based encryption module, encrypted tokens that have been encrypted by the symbol based encryption module;
  
  allowing access to the encrypted tokens through the SaaS environment.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13 wherein the SaaS environment comprises a customer relationship management (CRM) environment.
  - 15. The method of claim 13 further comprising instructions that, when executed by the one or more processors, cause a decryption module to reverse the operation of an encryption module in response to detecting encrypted element(s) in a web page returned by a web-application.
  - 16. The method of claim 15 wherein the web-application comprises a SaaS application.
  - 17. The method of claim 15 wherein the web page comprises a non-encrypted/plain-text response page with information to be presented in plaintext.
  - 18. The method of claim 13 wherein the symbol based encryption module replaces each symbol a random token, wherein a lexicographic order between the random tokens and the symbols they replace is preserved.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Movshovitz, David
Primary Examiner(s)
Hoffman, Brandon

Application Number

US14/740,124
Publication Number

US 20150278544A1
Time in Patent Office

792 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/6227   where protection concerns t...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/0618   Block ciphers, i.e. encrypt...

H04L 9/0662   with particular pseudorando...

H04L 9/0891   Revocation or update of sec...

H04L 9/3213   using tickets or tokens, e....

Method and computer program product for order preserving symbol based encryption

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and computer program product for order preserving symbol based encryption

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links