Methods and systems for proxying data
First Claim
1. A method of storing data with an application server that preserves privacy of one or more data fields, the method including:
- receiving, at a privacy proxy server, data representing a user input with first fields to be stored with an application server and at least one second field determined by the privacy proxy server to be encrypted based upon a rule indicating a type of data to encrypt and then stored by the application server;
forwarding the first fields, the second field encrypted, and a second field mark that indicates encryption of the second field to the application server to store;
the privacy proxy server querying the application server for a report that includes the second field encrypted and at least one of the first fields that has not been encrypted;
receiving from the application server the report comprising the at least one of the first fields in a report format and the second field encrypted with a report format placeholder;
distinguishing the second field in the report as having been stored by the application server based on an encoding authentication protocol established between the privacy proxy server and the application server;
wherein the report is marked with identification information that uniquely identifies the application server as storing at least the second field;
decrypting the second field and replacing the report format placeholder with the second field decrypted; and
causing display of the report with at least the second field decrypted;
and wherein the privacy proxy server determines whether the application server resides outside a jurisdiction of the privacy proxy server.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems are provided for proxying data between an application server and a client device. One exemplary application system includes an application server to generate a virtual application and a proxy server coupled to the application server over a network to provide the virtual application to a client device. The proxy server receives input data from the client device and provides the input data to the application server, wherein the application server encodes the input data for an action in response to authenticating the proxy server and provides the data encoded for the action to the proxy server. The proxy server performs the action on the data and provides the result to the client device.
208 Citations
17 Claims
-
1. A method of storing data with an application server that preserves privacy of one or more data fields, the method including:
-
receiving, at a privacy proxy server, data representing a user input with first fields to be stored with an application server and at least one second field determined by the privacy proxy server to be encrypted based upon a rule indicating a type of data to encrypt and then stored by the application server; forwarding the first fields, the second field encrypted, and a second field mark that indicates encryption of the second field to the application server to store; the privacy proxy server querying the application server for a report that includes the second field encrypted and at least one of the first fields that has not been encrypted; receiving from the application server the report comprising the at least one of the first fields in a report format and the second field encrypted with a report format placeholder; distinguishing the second field in the report as having been stored by the application server based on an encoding authentication protocol established between the privacy proxy server and the application server;
wherein the report is marked with identification information that uniquely identifies the application server as storing at least the second field;decrypting the second field and replacing the report format placeholder with the second field decrypted; and causing display of the report with at least the second field decrypted; and wherein the privacy proxy server determines whether the application server resides outside a jurisdiction of the privacy proxy server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory, computer-readable medium storing computer executable instructions configured to cause a processor to perform operations including:
-
receiving, at a privacy proxy server, data representing a user input with first fields to be stored with an application server and at least one second field determined by the privacy proxy server to be encrypted based upon a rule indicating a type of data to encrypt and then stored by the application server; forwarding the first fields, the second field encrypted, and a second field mark that indicates encryption of the second field to the application server to store; querying the application server for a report that includes the second field encrypted and at least one of the first fields that has not been encrypted; receiving from the application server the report comprising the at least one of the first fields in a report format and the second field encrypted with a report format placeholder; distinguishing the second field in the report as having been stored by the application server based on an encoding authentication protocol established between the privacy proxy server and the application server;
wherein the report is marked with identification information that uniquely identifies the application server as storing at least the second field;decrypting the second field and replacing the report format placeholder with the second field decrypted; and causing display of the report with at least the second field decrypted; and wherein the privacy proxy server determines whether the application server resides outside a jurisdiction of the privacy proxy server. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A method of processing data stored with an application server that preserves privacy of one or more data fields, the method including:
-
receiving, from a privacy proxy server, data representing a user input with first fields and at least one encrypted second field to be stored at an application server, wherein the data includes a second field mark that indicates, to the application server, encryption of the encrypted second field; storing, at the application server, the first fields and the at least one encrypted second field by the privacy proxy server based on a rule indicating a type of data to encrypt appropriate to an organization; receiving, from the privacy proxy server, a query for a report that includes the encrypted second field and at least one of the first fields that has not been encrypted; retrieving the at least one of the first fields and the encrypted second field responsive to the query; using the application server to format the at least one of the first fields in a report format and to format the encrypted second field with a report format placeholder and to mark the report with identification information that uniquely identifies the application server as storing at least the encrypted second field; and forwarding the report for further computer-implemented processing. - View Dependent Claims (14, 15, 16, 17)
-
Specification