Secure Database
First Claim
1. A system, comprising:
- a secure hardware unit; and
a database system comprising;
one or more processors; and
a computer-readable medium having stored thereon instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
receiving a client request to perform a database operation using first encrypted data as an encrypted value of a field to be operated on by the database operation, wherein the first encrypted data has been encrypted by a database client using a first encryption key;
providing, to the secure hardware unit, a system request for performing one or more data processing operations, the system request including (i) the first encrypted data and (ii) data identifying the first encryption key; and
receiving, from the secure hardware unit and by the database system, output data representing an output of the one or more data processing operations.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including a system that includes a secure hardware unit; and a database system including one or more processors; and a computer-readable medium having stored instructions that, when executed by the one or more processors, cause the one or more processors to perform operations including: receiving a client request to perform a database operation using first encrypted data as an encrypted value of a field to be operated on by the database operation, where the first encrypted data has been encrypted by a database client using a first encryption key; providing, to the secure hardware unit, a system request for performing one or more data processing operations, the system request including (i) the first encrypted data and (ii) data identifying the first encryption key; and receiving, from the secure hardware unit, output data representing an output of the one or more data processing operations.
6 Citations
20 Claims
-
1. A system, comprising:
-
a secure hardware unit; and a database system comprising; one or more processors; and a computer-readable medium having stored thereon instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising; receiving a client request to perform a database operation using first encrypted data as an encrypted value of a field to be operated on by the database operation, wherein the first encrypted data has been encrypted by a database client using a first encryption key; providing, to the secure hardware unit, a system request for performing one or more data processing operations, the system request including (i) the first encrypted data and (ii) data identifying the first encryption key; and receiving, from the secure hardware unit and by the database system, output data representing an output of the one or more data processing operations. - View Dependent Claims (2, 3, 4, 5, 6, 8, 9, 10)
-
-
11. A computer-implemented method, comprising:
-
receiving, by a database system, a client request to perform a database operation using first encrypted data as an encrypted value of a field to be operated on by the database operation, wherein the first encrypted data has been encrypted by a database client using a first encryption key; providing, by the database system and to a secure hardware unit, a system request for performing one or more data processing operations, the system request including (i) the first encrypted data and (ii) data identifying the first encryption key; and receiving, from the secure hardware unit and by the database system, output data representing an output of the one or more data processing operations. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer-readable medium having stored thereon instructions that, when executed by the one or more computers, cause the one or more computers to perform operations comprising:
-
receiving, by a database system, a client request to perform a database operation using first encrypted data as an encrypted value of a field to be operated on by the database operation, wherein the first encrypted data has been encrypted by a database client using a first encryption key; providing, by the database system to a secure hardware unit, a system request for performing one or more data processing operations, the system request including (i) the first encrypted data and (ii) data identifying the first encryption key; and receiving, from the secure hardware unit and by the database system, output data representing an output of the one or more data processing operations. - View Dependent Claims (20)
-
Specification