专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09342707B1 Searchable encryption for infrequent queries in adjustable encrypted databases 有权
标题翻译：可调整加密数据库中的不常见查询的可搜索加密
公开(公告)号：US09342707B1
公开(公告)日：2016-05-17
申请号：US14534851
申请日：2014-11-06
申请人： Florian Kerschbaum , Martin Haerterich , Isabelle Hang , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Florian Kerschbaum , Martin Haerterich , Isabelle Hang , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F7/00 , G06F21/62 , G06F17/30
CPC分类号： G06F21/6227 , G06F17/30477
摘要： Methods, systems, and computer-readable storage media for selecting columns for selecting encryption to perform an operator during execution of a database query. Implementations include actions of determining a current encryption type of a column that is to be acted on during execution of the database query, the column storing encrypted data, determining a minimum encryption type for performance of the operator on the column, selecting a selected encryption type based on the current encryption type, the minimum encryption type, and a budget associated with the column, and performing the operator based on the selected encryption type.
摘要翻译：用于在执行数据库查询期间选择用于选择加密以执行操作者的列的方法，系统和计算机可读存储介质。实现包括确定在数据库查询的执行期间要执行的列的当前加密类型的动作，存储加密数据的列，确定用于在该列上执行操作者的最小加密类型，选择所选择的加密类型基于当前加密类型，最小加密类型和与该列相关联的预算，以及基于所选择的加密类型来执行操作者。

2. 发明申请

US20160132692A1 SEARCHABLE ENCRYPTION FOR INFREQUENT QUERIES IN ADJUSTABLE ENCRYPTED DATABASES 有权
标题翻译：可调节加密数据库中的可疑加密搜索加密
公开(公告)号：US20160132692A1
公开(公告)日：2016-05-12
申请号：US14534851
申请日：2014-11-06
申请人： Florian Kerschbaum , Martin Haerterich , Isabelle Hang , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Florian Kerschbaum , Martin Haerterich , Isabelle Hang , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F21/62 , G06F17/30
CPC分类号： G06F21/6227 , G06F17/30477
摘要： Methods, systems, and computer-readable storage media for selecting columns for selecting encryption to perform an operator during execution of a database query. Implementations include actions of determining a current encryption type of a column that is to be acted on during execution of the database query, the column storing encrypted data, determining a minimum encryption type for performance of the operator on the column, selecting a selected encryption type based on the current encryption type, the minimum encryption type, and a budget associated with the column, and performing the operator based on the selected encryption type.
摘要翻译：用于在执行数据库查询期间选择用于选择加密以执行操作者的列的方法，系统和计算机可读存储介质。实现包括确定在数据库查询的执行期间要执行的列的当前加密类型的动作，存储加密数据的列，确定用于在该列上执行操作者的最小加密类型，选择所选择的加密类型基于当前加密类型，最小加密类型和与该列相关联的预算，以及基于所选择的加密类型来执行操作者。

3. 发明授权

US09037860B1 Average-complexity ideal-security order-preserving encryption 有权
标题翻译：平均复杂度理想的安全订单保存加密
公开(公告)号：US09037860B1
公开(公告)日：2015-05-19
申请号：US14088123
申请日：2013-11-22
申请人： Florian Kerschbaum , Axel Schroepfer , Patrick Grofig , Isabelle Hang , Martin Haerterich , Mathias Kohler , Andreas Schaad , Walter Tighzert
发明人： Florian Kerschbaum , Axel Schroepfer , Patrick Grofig , Isabelle Hang , Martin Haerterich , Mathias Kohler , Andreas Schaad , Walter Tighzert
IPC分类号： H04L29/06
CPC分类号： H04L63/0428 , G06F21/6227 , H04L9/008 , H04L9/0637 , H04L9/14 , H04L2209/76
摘要： Embodiments provide ideal security, order-preserving encryption (OPE) of data of average complexity, thereby allowing processing of the encrypted data (e.g. at a database server in response to received queries). Particular embodiments achieve high encryption efficiency by processing plaintext in the order preserved by an existing compression dictionary already available to a database. Encryption is based upon use of a binary search tree of n nodes, to construct an order-preserving encryption scheme having Ω(n) complexity and even O(n), in the average case. A probability of computationally intensive updating (which renders conventional OPE impractical for ideal security) is substantially reduced by leveraging the demonstrated tendency of a height of the binary search tree to be tightly centered around O(log n). An embodiment utilizing such an encryption scheme is described in the context of a column-store, in-memory database architecture comprising n elements. OPE according to embodiments is compatible with adjustable encryption approaches.
摘要翻译：实施例提供平均复杂度的数据的理想的安全性，订单保留加密（OPE），从而允许加密数据的处理（例如在数据库服务器响应于接收到的查询）。特定实施例通过以数据库已经可用的现有压缩字典保存的顺序处理明文来实现高加密效率。加密是基于使用n个节点的二叉搜索树来构造在平均情况下具有＆OHgr（n）复杂度甚至O（n）的订单保留加密方案。通过利用二叉搜索树的高度以O（log n）为中心的显示趋势，大大减少了计算密集型更新的概率（这使得传统OPE对理想安全性不切实际）。在包含n个元素的列存储器内存数据库架构的上下文中描述了利用这种加密方案的实施例。根据实施例的OPE与可调整的加密方法兼容。

4. 发明授权

US09547720B2 Access control for encrypted query processing 有权
标题翻译：加密查询处理的访问控制
公开(公告)号：US09547720B2
公开(公告)日：2017-01-17
申请号：US14582471
申请日：2014-12-24
申请人： Isabelle Hang , Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Isabelle Hang , Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F21/00 , G06F17/30 , H04L29/06
CPC分类号： G06F17/30867 , G06F17/30433 , G06F17/30528 , G06F17/30554 , H04L63/0428 , H04L63/104
摘要： Methods, systems, and computer-readable storage media for enforcing access control in encrypted query processing. Implementations include actions of obtaining a set of user groups based on the user credential and a user group mapping, obtaining a set of relations based on the query, obtaining a set of virtual relations based on the set of user groups and the set of relations, receiving a first rewritten query based on the set of virtual relations and a query rewriting operation, encrypting the first rewritten query to provide an encrypted query, and transmitting the encrypted query to at least one server computing device over a network for execution of the encrypted query over access controlled, encrypted data.
摘要翻译：用于在加密查询处理中执行访问控制的方法，系统和计算机可读存储介质。实现包括基于用户凭证和用户组映射获取一组用户组的动作，基于查询获得一组关系，基于该组用户组和该组关系获得一组虚拟关系，基于所述一组虚拟关系和查询重写操作接收第一重写查询，对所述第一重写查询进行加密以提供加密查询，以及通过网络将加密查询发送到至少一个服务器计算设备以执行加密查询通过访问控制，加密数据。

5. 发明授权

US09537838B2 Adjustable proxy re-encryption 有权
标题翻译：可调代理重新加密
公开(公告)号：US09537838B2
公开(公告)日：2017-01-03
申请号：US14579317
申请日：2014-12-22
申请人： Isabelle Hang , Florian Kerschbaum , Mathias Kohler , Martin Haerterich , Florian Hahn , Axel Schroepfer , Walter Tighzert , Andreas Schaad
发明人： Isabelle Hang , Florian Kerschbaum , Mathias Kohler , Martin Haerterich , Florian Hahn , Axel Schroepfer , Walter Tighzert , Andreas Schaad
IPC分类号： H04L29/06
CPC分类号： H04L63/0464 , H04L63/0471 , H04L63/0807
摘要： Methods, systems, and computer-readable storage media for proxy re-encryption of encrypted data stored in a first database of a first server and a second database of a second server. Implementations include actions of receiving a first token at the first server from a client-side computing device, providing a first intermediate re-encrypted value based on a first encrypted value and the first token, transmitting the first intermediate re-encrypted value to the second server, receiving a second intermediate re-encrypted value from the second server, the second intermediate re-encrypted value having been provided by encrypting the first encrypted value at the second server based on a second token, providing the first encrypted value as a first re-encrypted value based on the first intermediate re-encrypted value and the second intermediate re-encrypted value, and storing the first re-encrypted value in the first database.
摘要翻译：用于对存储在第一服务器的第一数据库和第二服务器的第二数据库中的加密数据进行代理重新加密的方法，系统和计算机可读存储介质。实现包括从客户端计算设备在第一服务器处接收第一令牌的动作，基于第一加密值和第一令牌提供第一中间重新加密的值，将第一中间重新加密值发送到第二中继重新加密值服务器，从第二服务器接收第二中间重新加密的值，第二中间重新加密值是通过基于第二令牌加密第二服务器处的第一加密值而提供的，提供第一加密值作为第一重新基于所述第一中间重新加密值和所述第二中间重新加密值的加密值，并将所述第一重新加密值存储在所述第一数据库中。

6. 发明申请

US20160357869A1 ACCESS CONTROL FOR ENCRYPTED QUERY PROCESSING 有权
标题翻译：加密查询处理的访问控制
公开(公告)号：US20160357869A1
公开(公告)日：2016-12-08
申请号：US14582471
申请日：2014-12-24
申请人： Isabelle Hang , Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Isabelle Hang , Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F17/30 , H04L29/06
CPC分类号： G06F17/30867 , G06F17/30433 , G06F17/30528 , G06F17/30554 , H04L63/0428 , H04L63/104
摘要： Methods, systems, and computer-readable storage media for enforcing access control in encrypted query processing. Implementations include actions of obtaining a set of user groups based on the user credential and a user group mapping, obtaining a set of relations based on the query, obtaining a set of virtual relations based on the set of user groups and the set of relations, receiving a first rewritten query based on the set of virtual relations and a query rewriting operation, encrypting the first rewritten query to provide an encrypted query, and transmitting the encrypted query to at least one server computing device over a network for execution of the encrypted query over access controlled, encrypted data.
摘要翻译：用于在加密查询处理中执行访问控制的方法，系统和计算机可读存储介质。实现包括基于用户凭证和用户组映射获取一组用户组的动作，基于查询获得一组关系，基于该组用户组和该组关系获得一组虚拟关系，基于所述一组虚拟关系和查询重写操作接收第一重写查询，对所述第一重写查询进行加密以提供加密查询，以及通过网络将加密查询发送到至少一个服务器计算设备以执行加密查询通过访问控制，加密数据。

7. 发明申请

US20160182467A1 ADJUSTABLE PROXY RE-ENCRYPTION 有权
标题翻译：可调节代码重新加密
公开(公告)号：US20160182467A1
公开(公告)日：2016-06-23
申请号：US14579317
申请日：2014-12-22
申请人： Isabelle Hang , Florian Kerschbaum , Mathias Kohler , Martin Haerterich , Florian Hahn , Axel Schroepfer , Walter Tighzert , Andreas Schaad
发明人： Isabelle Hang , Florian Kerschbaum , Mathias Kohler , Martin Haerterich , Florian Hahn , Axel Schroepfer , Walter Tighzert , Andreas Schaad
IPC分类号： H04L29/06
CPC分类号： H04L63/0464 , H04L63/0471 , H04L63/0807
摘要： Methods, systems, and computer-readable storage media for proxy re-encryption of encrypted data stored in a first database of a first server and a second database of a second server. Implementations include actions of receiving a first token at the first server from a client-side computing device, providing a first intermediate re-encrypted value based on a first encrypted value and the first token, transmitting the first intermediate re-encrypted value to the second server, receiving a second intermediate re-encrypted value from the second server, the second intermediate re-encrypted value having been provided by encrypting the first encrypted value at the second server based on a second token, providing the first encrypted value as a first re-encrypted value based on the first intermediate re-encrypted value and the second intermediate re-encrypted value, and storing the first re-encrypted value in the first database.
摘要翻译：用于对存储在第一服务器的第一数据库和第二服务器的第二数据库中的加密数据进行代理重新加密的方法，系统和计算机可读存储介质。实现包括从客户端计算设备在第一服务器处接收第一令牌的动作，基于第一加密值和第一令牌提供第一中间重新加密的值，将第一中间重新加密值发送到第二中继重新加密值服务器，从第二服务器接收第二中间重新加密的值，第二中间重新加密值是通过基于第二令牌加密第二服务器处的第一加密值而提供的，提供第一加密值作为第一重新基于所述第一中间重新加密值和所述第二中间重新加密值的加密值，并将所述第一重新加密值存储在所述第一数据库中。

8. 发明授权

US09213764B2 Encrypted in-memory column-store 有权
标题翻译：加密内存中的列存储
公开(公告)号：US09213764B2
公开(公告)日：2015-12-15
申请号：US14088051
申请日：2013-11-22
申请人： Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Isabelle Hang , Andreas Schaad , Axel Schroepfer , Walter Tighzert , Patrick Grofig
发明人： Florian Kerschbaum , Martin Haerterich , Mathias Kohler , Isabelle Hang , Andreas Schaad , Axel Schroepfer , Walter Tighzert , Patrick Grofig
IPC分类号： G06F17/30 , G06F21/62
CPC分类号： G06F17/30864 , G06F21/6227
摘要： Embodiments relate to processing encrypted data, and in particular to identifying an appropriate layer of encryption useful for processing a query. Such identification (also known as the onion selection problem) is achieved utilizing an adjustable onion encryption procedure. Based upon defined requirements of policy configuration, alternative resolution, and conflict resolution, the adjustable onion encryption procedure entails translating a query comprising an expression in a database language (e.g. SQL) into an equivalent query on encrypted data. The onion may be configured in almost arbitrary ways directing the onion selection. An execution function introduces an execution split to allow local (e.g. client-side) query fulfillment that may otherwise not be possible in a secure manner on the server-side. A searchable encryption function may also be employed, and embodiments accommodate aggregation via homomorphic encryption. Embodiments may be implemented as an in-memory column store database system.
摘要翻译：实施例涉及处理加密数据，特别是涉及识别适用于处理查询的适当加密层。利用可调节的洋葱加密程序实现了这种识别（也称为洋葱选择问题）。根据策略配置，替代解决方案和冲突解决的定义要求，可调节洋葱加密过程需要将包含数据库语言（例如SQL）中的表达式的查询转换为对加密数据的等效查询。洋葱可以以几乎任意方式配置，以指导洋葱选择。执行功能引入执行分割以允许在服务器端以安全的方式可能不可能的本地（例如客户端）查询执行。还可以采用可搜索的加密功能，并且实施例通过同态加密适应聚合。实施例可以被实现为内存中列存储数据库系统。

9. 发明授权

US09607161B2 Optimal re-encryption strategy for joins in encrypted databases 有权
公开(公告)号：US09607161B2
公开(公告)日：2017-03-28
申请号：US14631593
申请日：2015-02-25
申请人： Martin Haerterich , Florian Kerschbaum , Patrick Grofig , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Martin Haerterich , Florian Kerschbaum , Patrick Grofig , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F21/60 , G06F21/62 , G06F17/30
CPC分类号： G06F21/602 , G06F17/30345 , G06F21/6218 , G06F21/6227 , G06F2221/2107
摘要： Methods, systems, and computer-readable storage media for selecting columns for re-encryption in join operations. In some implementations, actions include determining a first column and a second column to be joined, receiving a first key corresponding to the first column and a second key corresponding to the second column, receiving a first rank associated with the first key and a second rank associated with the second key, selecting the second column for re-encryption based on the first rank and the second rank, and providing the first column, the second column, and the first key for performing a join operation, the second column being re-encrypted based on the first key.

10. 发明申请

US20150039586A1 Local Versus Remote Optimization in Encrypted Query Processing 审中-公开
标题翻译：本地与加密查询处理中的远程优化
公开(公告)号：US20150039586A1
公开(公告)日：2015-02-05
申请号：US13955691
申请日：2013-07-31
申请人： Florian Kerschbaum , Patrick Grofig , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
发明人： Florian Kerschbaum , Patrick Grofig , Martin Haerterich , Mathias Kohler , Andreas Schaad , Axel Schroepfer , Walter Tighzert
IPC分类号： G06F17/30
CPC分类号： G06F17/30463
摘要： Methods, systems, and computer-readable storage media for optimizing query processing in encrypted databases. In some implementations, actions include receiving a query that is to be used to query an encrypted database, generating a plurality of query plans based on the query, each query plan including a local query and one or more remote queries, the local query being executable at a client-side and the one or more remote queries being executable at a server-side, selecting an optimal query plan from the plurality of query plans, providing one or more remote queries of the optimal query plan to the server-side for execution, receiving one or more remote results, and processing a local query of the optimal query plan and the one or more remote results to provide a final query result.
摘要翻译：用于优化加密数据库中查询处理的方法，系统和计算机可读存储介质。在一些实现中，动作包括接收用于查询加密数据库的查询，基于查询生成多个查询计划，每个查询计划包括本地查询和一个或多个远程查询，本地查询是可执行的在客户端，并且所述一个或多个远程查询可在服务器端执行，从所述多个查询计划中选择最佳查询计划，向所述服务器端提供所述最佳查询计划的一个或多个远程查询用于执行接收一个或多个远程结果，以及处理最佳查询计划的本地查询和一个或多个远程结果以提供最终查询结果。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式