-
公开(公告)号:US20230081795A1
公开(公告)日:2023-03-16
申请号:US17992681
申请日:2022-11-22
发明人: Yigal Rozenberg , Pierre Burlin , Jan Boberg
摘要: Access to a shared library API is restricted for a customer application by a security system. A profile for each of a plurality of trusted applications is generated and stored in a security database. When a customer application attempts to access the shared library API, the customer application is verified by extracting a customer application profile for the customer application, comparing the customer application profile with each stored trusted application profile, and verifying that the customer application can access the shared library API based on the comparison. Based on the verification, the customer application may be allowed to or access to the shared library API or may be prevented from accessing the shared library API.
-
公开(公告)号:US20220255746A1
公开(公告)日:2022-08-11
申请号:US17733839
申请日:2022-04-29
发明人: David Clyde Williamson , George Curran , Raul Ortega , Jan Boberg , Rajnish Jain , Yigal Rozenberg
摘要: Data can be protected in a centralized tokenization environment. A security value is received by a central server from a client device. The central server accesses a token table corresponding to the client device and generates a reshuffled static token table from the accessed token table based on the received security value. When the client device subsequently provides data to be protected to the central server, the central server tokenizes the provided data using the reshuffled static token table and stores the tokenized data in a multi-tenant database. By reshuffling token tables using security values unique to client devices, the central server can protect and store data for each of multiple tenants such that if the data of one tenant is compromised, the data of each other tenant is not compromised.
-
公开(公告)号:US20220078166A1
公开(公告)日:2022-03-10
申请号:US17529621
申请日:2021-11-18
发明人: Rajnish Jain , Vichai Levy , Ulf Mattsson , Yigal Rozenberg
摘要: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
-
公开(公告)号:US20220030089A1
公开(公告)日:2022-01-27
申请号:US17492589
申请日:2021-10-02
发明人: Vichai Levy , Yigal Rozenberg , Rajnish Jain , Ulf Mattsson
摘要: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.
-
公开(公告)号:US11206256B2
公开(公告)日:2021-12-21
申请号:US16732048
申请日:2019-12-31
发明人: Ulf Mattsson , Yigal Rozenberg , Vichai Levy
摘要: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
-
公开(公告)号:US10242216B2
公开(公告)日:2019-03-26
申请号:US15697031
申请日:2017-09-06
发明人: Yigal Rozenberg , Ulf Mattsson
IPC分类号: G06F21/62
摘要: Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.
-
公开(公告)号:US10212155B2
公开(公告)日:2019-02-19
申请号:US15872511
申请日:2018-01-16
发明人: Ulf Mattsson , Yigal Rozenberg , Vichai Levy
摘要: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.
-
公开(公告)号:US20190018981A1
公开(公告)日:2019-01-17
申请号:US16117983
申请日:2018-08-30
发明人: Yigal Rozenberg , Ulf Mattsson
摘要: New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.
-
公开(公告)号:US20180144343A1
公开(公告)日:2018-05-24
申请号:US15872517
申请日:2018-01-16
发明人: Ulf Mattsson , Yigal Rozenberg
CPC分类号: G06Q20/405 , G06F21/606 , G06F21/6245 , G06Q20/20 , G06Q20/32 , G06Q20/322 , G06Q20/3223 , G06Q20/34 , G06Q20/367 , G06Q20/382 , G06Q20/3821 , G06Q20/3823 , G06Q20/3829 , G06Q20/385 , G06Q20/4014 , G06Q2220/00 , H04L63/0428 , H04L2209/56 , H04W12/02
摘要: Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
-
公开(公告)号:US09904923B2
公开(公告)日:2018-02-27
申请号:US15632690
申请日:2017-06-26
发明人: Ulf Mattsson , Yigal Rozenberg
IPC分类号: H04L29/06 , G06Q20/40 , G06Q20/32 , G06Q20/36 , G06F21/62 , G06F21/60 , G06Q20/38 , G06Q20/34
CPC分类号: G06Q20/405 , G06F21/606 , G06F21/6245 , G06Q20/20 , G06Q20/32 , G06Q20/322 , G06Q20/3223 , G06Q20/34 , G06Q20/367 , G06Q20/382 , G06Q20/3821 , G06Q20/3823 , G06Q20/3829 , G06Q20/385 , G06Q20/4014 , G06Q2220/00 , H04L63/0428 , H04L2209/56 , H04W12/02
摘要: Data can be protected in mobile and payment environments through various tokenization operations. A mobile device can tokenize communication data based on device information and session information associated with the mobile device. A payment terminal can tokenize payment information received at the payment terminal during a transaction based on transaction information associated with the transaction. Payment data tokenized first a first set of token tables and according to a first set of tokenization parameters by a first payment entity can be detokenized or re-tokenized with a second set of token tables and according to a second set of tokenization parameters. Payment information can be tokenized and sent to a mobile device as a token card based on one or more selected use rules, and a user can request a transaction based on the token card. The transaction can be authorized if the transaction satisfies the selected use rules.
-
-
-
-
-
-
-
-
-
搜索结果
116 条记录 (耗时 0.027 秒)
