摘要:
The invention relates to a client computer (10) for querying a database (30) stored on a server (22) via a network (48), the server (22) being coupled to the client computer (10) via the network (48), wherein the database (30) comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database (30) assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database (30), wherein each first data item is encrypted with a first cryptographic key in the database (30), wherein the client computer (10) has installed thereon an application program (17), the application program (17) being operational to: - receiving a search request, the search request specifying a postfix search on a search criterion (19), - determining the suffix item matching the search criterion (19), - providing to the database (30) a request for providing the one or more encrypted first data items being assigned via the first referential connection to the determined suffix item matching the search criterion (19), - receiving from the database (30) the requested encrypted first data items and decrypting said received first data items.
摘要:
The invention relates to a computer implemented method for analyzing data of a first user, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key (118) and a private key (116), the data being stored pseudonymously in a database (138) with the data being assigned to an identifier, wherein the identifier comprises the public key (118), the method comprising: - receiving a set of rules, the set of rules describing data processing steps, - receiving the identifier, - retrieving the data assigned to the identifier from the database (138), - analyzing the retrieved data by applying the set of rules, - providing a result of the analysis.
摘要:
The invention relates to a computer implemented method for sending a message to a recipient user, wherein a recipient asymmetric cryptographic key pair is associated with the recipient user, said key pair comprising a public recipient key (118) and a private recipient key (116), the method comprising sending the message to said recipient user with the recipient address to which the message is sent comprising the public recipient key (118).
摘要:
The invention relates to a client computer (10) for querying a database (30) stored on a server (22) via a network, the server (22) being coupled to the client computer (10) via the network, wherein the database (30) comprises a first relation (32), wherein the first relation (32) comprises first data items, wherein the first data items are encrypted with a first cryptographic key (18) in the first relation (32), wherein the first data items form a partially ordered set in the first relation (32), the partial order being formed with respect to the first data items in non-encrypted form, wherein the client computer (10) has installed thereon an application program, the application program being operational to perform the steps of receiving a search request specifying a search interval and determining the first data item forming an interval boundary of the search interval.
摘要:
The present invention relates to a computer system comprising: - multiple sets (S1, S2,...,Si,...,Sl-1, Sl) of client computers (Ci1, Ci2,...,Cij,...CiJ), each client computer having installed thereon an application program (104), the application program comprising client computer specific log-in information (Lij), - a database system (112) being coupled to the set of client computers via a network (114), the database system having a log-in component (118) for logging-in the client computers, the database system being partitioned into multiple relational databases (DB1, DB2, ...DBi,...DBl), each one of the databases being assigned to one set of the sets of client computers, each database storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items, the log-in component comprising assignment information (118) indicative of the assignment of the databases to the set of client computers.
摘要翻译:本发明涉及一种计算机系统,包括: - 多组(S1,S2,...,硅,...,S1,S)的客户端计算机(α1,CI2,...的,C IJ,.. .CiJ),具有安装在每个客户端计算机在其上,所述应用程序包括客户计算机专用的登录信息(LIJ)应用程序(104) - 在数据库系统(112),经由网络被耦合到该组的客户端计算机的 (114),具有用于登录部件(118)的数据库系统测井在客户端计算机,数据库系统被划分成多个关系数据库(DB1,DB2,... DB I ... DBI),每个 数据库中的一个被分配给一个组的组的客户端计算机中的,每一个数据库存储加密的数据项,每个数据项与所述用户或用户组特定的密码密钥中的一个,利用该加密密钥的密钥标识符加密 所述dataItems之一被加密被存储在作为属性加密的数据项中的一个的,在该数据库 登录在组分,其包含分配信息(118)指示所述数据库到设定客户端计算机的分配的。
摘要:
The present invention relates to a computer system comprising: - multiple sets (S1, S2,...,Si,...,Sl-1, Sl) of client computers (Ci1, Ci2,...,Cij,...CiJ), each client computer having installed thereon an application program (104), the application program comprising client computer specific log-in information (Lij), - a database system (112) being coupled to the set of client computers via a network (114), the database system having a log-in component (118) for logging-in the client computers, the database system being partitioned into multiple relational databases (DB1, DB2, ...DBi,...DBI), each one of the databases being assigned to one set of the sets of client computers, each database storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items, the log-in component comprising assignment information (118) indicative of the assignment of the databases to the set of client computers.
摘要翻译:本发明涉及一种计算机系统,包括: - 多组(S1,S2,...,硅,...,S1,S)的客户端计算机(α1,CI2,...的,C IJ,.. .CiJ),具有安装在每个客户端计算机在其上,所述应用程序包括客户计算机专用的登录信息(LIJ)应用程序(104) - 在数据库系统(112),经由网络被耦合到该组的客户端计算机的 (114),具有用于登录部件(118)的数据库系统测井在客户端计算机,数据库系统被划分成多个关系数据库(DB1,DB2,... DB I ... DBI),每个 数据库中的一个被分配给一个组的组的客户端计算机中的,每一个数据库存储加密的数据项,每个数据项与所述用户或用户组特定的密码密钥中的一个,利用该加密密钥的密钥标识符加密 所述dataItems之一被加密被存储在作为属性加密的数据项中的一个的,在该数据库 登录在组分,其包含分配信息(118)指示所述数据库到设定客户端计算机的分配的。
摘要:
The invention relates to a client computer (10) for querying a database stored on a server (22) via a network (48), the server (22) being coupled to the client computer (10) via the network (48), wherein the database comprises a set of first relations (32; 34; 36), wherein each first relation (32; 34; 36) in the set of the first relations (32; 34; 36) comprises first data items, wherein for each first relation (32; 34; 36) the first data items are encrypted with a respective first cryptographic key (18) in the first relation, wherein the first data items form a partially ordered set in each first relation, in each first relation (32; 34; 36) the partial order being formed with respect to the first data items of said first relation (32; 34; 36) in non-encrypted form.
摘要:
Die Erfindung betrifft ein Computerprogrammprodukt (114; 116; 218; 220; 222) mit von einem Prozessor ausführbaren Instruktionen zur Durchführung von Verfahrensschritten zur Erzeugung eines asymmetrischen kryptografischen Schlüsselpaares, wobei das Verfahren die folgenden Schritte umfasst: - Empfang einer beliebig wählbaren Benutzerkennung, - Berechnen eines ersten Datenobjektschlüssels, wobei in die Berechnung ein Zufallswert (128) und die Benutzerkennung eingeht, und - Berechnen eines zweiten Datenobjektschlüssels aus dem ersten Datenobjektschlüssel, wobei der erste und der zweite Datenobjektschlüssel das asymmetrische kryptografische Schlüsselpaar bilden.