-
公开(公告)号:US08874930B2
公开(公告)日:2014-10-28
申请号:US12633867
申请日:2009-12-09
申请人: Melissa E. Chase , Seny F. Kamara
发明人: Melissa E. Chase , Seny F. Kamara
CPC分类号: G06F21/6227 , H04L9/06 , H04L9/0631 , H04L9/0656 , H04L9/0894 , H04L9/321 , H04L2209/043
摘要: A storage system stores information about a graph in an encrypted form. A query module can submit a token to the storage system to retrieve specified information about the graph, e.g., to determine the neighbors of an entity in the graph, or to determine whether a first entity is connected to a second entity, etc. The storage system formulates its reply to the token in a lookup result. Through this process, the storage system gives selective access to information about the graph to authorized agents, yet otherwise maintains the general secrecy of the graph from the perspective of unauthorized agents, including the storage system itself. A graph processing module can produce encrypted graph information by encrypting any representation of the graph, such as an adjacency matrix, an index, etc.
摘要翻译: 存储系统以加密形式存储关于图形的信息。 查询模块可以向存储系统提交令牌以检索关于图的指定信息,例如确定图中的实体的邻居,或者确定第一实体是否连接到第二实体等。存储 系统在查询结果中对令牌进行回复。 通过这个过程,存储系统可以选择性地访问有关图形的信息给授权代理,否则从未授权代理(包括存储系统本身)的角度维护图形的一般保密性。 图形处理模块可以通过加密图形的任何表示来生成加密图形信息,例如邻接矩阵,索引等。
-
公开(公告)号:US20120331283A1
公开(公告)日:2012-12-27
申请号:US13168610
申请日:2011-06-24
IPC分类号: H04L9/00
CPC分类号: H04L9/088 , G06F11/3447 , H04L9/3013 , H04L9/3073 , H04L41/0896 , H04L41/145 , H04L67/1008 , H04L2209/16 , H04L2209/76 , H04L2209/88
摘要: An obfuscated policy data encryption system and method for re-encrypting data to maintain the confidentiality and integrity of data about a user when the data is stored in a public cloud computing environment. The system and method allow a user to specify in a data-sharing policy who can obtain the data and how much of the data is available to them. This policy is obfuscated such that it is unintelligible to the cloud operator and others processing and storing the data. In some embodiments, a patient species with whom his health care data should be shared with and the encrypted health care data is stored in the cloud in an electronic medical records system. The obfuscated policy allows the electronic medial records system to dispense the health care data of the patient to those requesting the data without disclosing the details of the policy itself.
摘要翻译: 一种模糊的策略数据加密系统和方法,用于在数据存储在公共云计算环境中时重新加密数据以维护用户数据的机密性和完整性。 系统和方法允许用户在数据共享策略中指定谁可以获得数据,并且可以使用多少数据。 这种策略被模糊化,这对云处理器和其他处理和存储数据是不可理解的。 在一些实施例中,与医疗保健数据共享的患者物种和加密的医疗保健数据被存储在云中的电子医疗记录系统中。 混淆的政策允许电子内部记录系统将患者的医疗保健数据分配给请求数据的医疗保健数据,而不会公开政策本身的细节。
-
公开(公告)号:US20120029938A1
公开(公告)日:2012-02-02
申请号:US12844532
申请日:2010-07-27
CPC分类号: G06Q50/22 , G06F19/328 , G06F21/6254 , G06Q50/24 , G16H10/60 , H04L63/0407 , H04L67/12
摘要: Described herein is using cryptographic techniques (anonymous proof systems) to ensure the anonymity of health records when processing payment claims related to insurers and pharmacies. A patient receives a patient token from an insurer, which the patient delegates to a healthcare provider. The delegated token is processed into an anonymized token that identifies the healthcare provider and the medical service provided, without including information by which the patient is directly identifiable. The anonymized token includes data by which the insurer validates the token. For prescriptions, an anonymized token may be generated as an endorsement for the patient (e.g., a printed barcode) and an unendorsed token transmitted to the pharmacy. The pharmacy combines data of the endorsement and the unendorsed token into an anonymous combined token that is transmitted to the insurer for payment.
摘要翻译: 这里描述的是使用加密技术(匿名证明系统)来确保在处理与保险公司和药房相关的付款申索时对健康记录的匿名性。 患者从保险公司接收患者令牌,病人委托给医护人员。 委托令牌被处理为匿名令牌,其标识医疗保健提供者和提供的医疗服务,而不包括患者可直接识别的信息。 匿名令牌包括保险人通过其验证令牌的数据。 对于处方,可以生成匿名令牌作为患者的背书(例如,打印的条形码)和向药房传送的未发送的令牌。 药店将认可和未授权令牌的数据合并到匿名组合令牌中,并传送给保险人进行付款。
-
公开(公告)号:US20110138190A1
公开(公告)日:2011-06-09
申请号:US12633867
申请日:2009-12-09
申请人: Melissa E. Chase , Seny F. Kamara
发明人: Melissa E. Chase , Seny F. Kamara
IPC分类号: G06F12/14
CPC分类号: G06F21/6227 , H04L9/06 , H04L9/0631 , H04L9/0656 , H04L9/0894 , H04L9/321 , H04L2209/043
摘要: A storage system stores information about a graph in an encrypted form. A query module can submit a token to the storage system to retrieve specified information about the graph, e.g., to determine the neighbors of an entity in the graph, or to determine whether a first entity is connected to a second entity, etc. The storage system formulates its reply to the token in a lookup result. Through this process, the storage system gives selective access to information about the graph to authorized agents, yet otherwise maintains the general secrecy of the graph from the perspective of unauthorized agents, including the storage system itself. A graph processing module can produce encrypted graph information by encrypting any representation of the graph, such as an adjacency matrix, an index, etc.
摘要翻译: 存储系统以加密形式存储关于图形的信息。 查询模块可以向存储系统提交令牌以检索关于图的指定信息,例如确定图中的实体的邻居,或者确定第一实体是否连接到第二实体等。存储 系统在查询结果中对令牌进行回复。 通过这个过程,存储系统可以选择性地访问有关图形的信息给授权代理,否则从未授权代理(包括存储系统本身)的角度维护图形的一般保密性。 图形处理模块可以通过加密图形的任何表示来生成加密图形信息,例如邻接矩阵,索引等。
-
公开(公告)号:US09077525B2
公开(公告)日:2015-07-07
申请号:US13168610
申请日:2011-06-24
CPC分类号: H04L9/088 , G06F11/3447 , H04L9/3013 , H04L9/3073 , H04L41/0896 , H04L41/145 , H04L67/1008 , H04L2209/16 , H04L2209/76 , H04L2209/88
摘要: An obfuscated policy data encryption system and method for re-encrypting data to maintain the confidentiality and integrity of data about a user when the data is stored in a public cloud computing environment. The system and method allow a user to specify in a data-sharing policy who can obtain the data and how much of the data is available to them. This policy is obfuscated such that it is unintelligible to the cloud operator and others processing and storing the data. In some embodiments, a patient species with whom his health care data should be shared with and the encrypted health care data is stored in the cloud in an electronic medical records system. The obfuscated policy allows the electronic medial records system to dispense the health care data of the patient to those requesting the data without disclosing the details of the policy itself.
摘要翻译: 一种模糊的策略数据加密系统和方法,用于在数据存储在公共云计算环境中时重新加密数据以维护用户数据的机密性和完整性。 系统和方法允许用户在数据共享策略中指定谁可以获得数据,并且可以使用多少数据。 这种策略被模糊化,这对云处理器和其他处理和存储数据是不可理解的。 在一些实施例中,与医疗保健数据共享的患者物种和加密的医疗保健数据被存储在云中的电子医疗记录系统中。 混淆的政策允许电子内部记录系统将患者的医疗保健数据分配给请求数据的医疗保健数据,而不会公开政策本身的细节。
-
6.发明授权User-specified sharing of data via policy and/or inference from a hierarchical cryptographic store 有权用户通过策略和/或推论从分层加密存储中指定数据共享公开(公告)号:US08837718B2
公开(公告)日:2014-09-16
申请号:US12413445
申请日:2009-03-27
申请人: Kristin Estella Lauter , Mihir Bellare , Josh Benaloh , Melissa E. Chase , Erik J. Horvitz , Chris Demetrios Karkanias
发明人: Kristin Estella Lauter , Mihir Bellare , Josh Benaloh , Melissa E. Chase , Erik J. Horvitz , Chris Demetrios Karkanias
CPC分类号: H04L9/3073 , G06F21/6209 , H04L9/0836 , H04L2209/88
摘要: The claimed subject matter relates to architectures that can construct a hierarchical set of decryption keys for facilitating user-controlled encrypted data storage with diverse accessibility and hosting of that encrypted data. In particular, a root key can be employed to derive a hierarchical set of decryption keys and a corresponding hierarchical set of encryption keys. Each key derived can conform to a hierarchy associated with encrypted data of the user, and the decryption capabilities of the decryption keys can be configured based upon a location or assignment of the decryption key within the hierarchy. The cryptographic methods can be joined with a policy language that specifies sets of keys for capturing preferences about patterns of sharing. These policies about sharing can themselves require keys for access and the policies can provide additional keys for other aspects of policy and or base-level accesses.
摘要翻译: 所要求保护的主题涉及可以构建分层的解密密钥集的体系结构,以便利用不同的可访问性和托管该加密数据来促进用户控制的加密数据存储。 特别地,可以使用根密钥来导出分层的解密密钥集合和对应的分层加密密钥集合。 导出的每个密钥可以符合与用户的加密数据相关联的层次,并且可以基于层次结构内的解密密钥的位置或分配来配置解密密钥的解密能力。 加密方法可以与指定用于捕获关于共享模式的偏好的键的集合的策略语言相结合。 这些关于共享的策略本身可以要求访问密钥,并且策略可以为策略和/或基本级别访问的其他方面提供附加的密钥。
-
公开(公告)号:US08762741B2
公开(公告)日:2014-06-24
申请号:US12362120
申请日:2009-01-29
IPC分类号: H04L29/06
CPC分类号: H04L9/0838 , G06F21/6254 , H04L9/0869 , H04L9/321 , H04L9/3218 , H04L63/062 , H04L63/0823 , H04L2209/42
摘要: Anonymous information sharing systems and methods enable communication of information to parties in a privacy-preserving manner such that no one other than the designated parties can know the source, recipient, and content of the information. Furthermore, the communication can be accomplished without requiring trial decryption, and protection can be provided against of sharing of privileges.
摘要翻译: 匿名信息共享系统和方法可以以隐私保护的方式将信息传达给各方,使得指定方以外的任何人都不能知道信息的来源,接收者和内容。 此外,可以在不需要试用解密的情况下完成通信,并且可以提供对共享特权的保护。
-
公开(公告)号:US08527766B2
公开(公告)日:2013-09-03
申请号:US12649342
申请日:2009-12-30
申请人: Melissa E. Chase , Adam M. O'Neill
发明人: Melissa E. Chase , Adam M. O'Neill
IPC分类号: H04L9/30
CPC分类号: H04L9/3013 , H04L9/002 , H04L2209/04
摘要: A system is described for reducing leakage of meaningful information from cryptographic operations. The system uses a pairwise independent hash function to generate a modified secret key SK′ having individual components. The system forms a modified secret key collection that includes SK′ and its individual components. The system then uses the modified secret key collection to decrypt a message. The decryption involves providing multiple partial operation results in separate respective steps. Leakage of meaningful information is reduced due to difficulty in piecing together meaningful information from information leaked by the separate partial operations. In one example, the hash function has the form HK(r)=ar+b, where a, b, and r are selected values, such as random numbers. In another example, the hash function has the form HK(r)=Ar*B, where A, B, and r are selected values.
摘要翻译: 描述了一种用于减少加密操作中有意义的信息泄露的系统。 系统使用成对独立的散列函数来生成具有各个组件的经修改的秘密密钥SK'。 系统形成一个修改后的秘密密钥集合,其中包含SK'及其各个组件。 系统然后使用修改的密钥集合来解密消息。 解密涉及在分开的相应步骤中提供多个部分操作结果。 有意义的信息的泄漏由于难以将由分开的部分操作泄露的信息中的有意义的信息拼接在一起而减少。 在一个示例中,散列函数具有形式HK(r)= ar + b,其中a,b和r是选择的值,例如随机数。 在另一示例中,散列函数具有形式HK(r)= Ar * B,其中A,B和r是选择的值。
-
公开(公告)号:US20120159180A1
公开(公告)日:2012-06-21
申请号:US12972285
申请日:2010-12-17
申请人: Melissa E. Chase , Emily H. Shen
发明人: Melissa E. Chase , Emily H. Shen
IPC分类号: G06F21/00
CPC分类号: G06F17/30997 , G06F21/6227 , H04L9/0869 , H04L2209/046
摘要: Server-side encrypted pattern matching may minimize the risk of data theft due to server breach and/or unauthorized data access. In various implementations, a server for performing the server-side encrypted pattern matching may include an interface component to receive an encrypted query token. The server may further include a query component to find a match for the encrypted query token in the encrypted data string. The query component may find such a match without decrypting the encrypted data string and the encrypted query token by using an encrypted dictionary that includes information on the edges of the encrypted suffix tree.
摘要翻译: 服务器端加密模式匹配可能会最小化由于服务器违规和/或未经授权的数据访问而导致的数据窃取风险。 在各种实现中,用于执行服务器端加密模式匹配的服务器可以包括用于接收加密的查询令牌的接口组件。 服务器还可以包括查询组件以在加密的数据串中查找加密的查询令牌的匹配。 查询组件可以通过使用包括加密后缀树的边缘上的信息的加密字典来解密加密数据字符串和加密查询令牌。
-
公开(公告)号:US20100185861A1
公开(公告)日:2010-07-22
申请号:US12355862
申请日:2009-01-19
申请人: Melissa E. Chase , Sze Ming Chow
发明人: Melissa E. Chase , Sze Ming Chow
IPC分类号: H04L9/00
CPC分类号: H04L9/083 , H04L9/088 , H04L2209/42
摘要: The claimed subject matter provides systems and/or methods that establish a decryption key for use with an attribute authority. The system can include components that identify a pseudonym based a global identifier (GID) associated with a user, initiates communication with the attribute authority, and selects a first random value utilized to determine a first value. The system also includes components that select a second random value, employs the first value and the second random value to generate a second value and a third value, receives the second value and the third value, identifies a third random value, and employs the second value, the third value, the first random value, and the third random value to determine a fourth value which is employed to determine a fifth value. The fifth value is employed to derive the decryption key for use with the attribute authority.
摘要翻译: 所要求保护的主题提供建立用于属性权限的解密密钥的系统和/或方法。 系统可以包括基于与用户相关联的全局标识符(GID)识别假名的组件,发起与属性权限的通信,并且选择用于确定第一值的第一随机值。 该系统还包括选择第二随机值的组件,采用第一值和第二随机值来产生第二值和第三值,接收第二值和第三值,识别第三随机值,并采用第二值 值,第三值,第一随机值和第三随机值,以确定用于确定第五值的第四值。 第五个值用于导出与属性权限一起使用的解密密钥。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.022 秒)
