公开(公告)号：WO2018208787A1

公开(公告)日：2018-11-15

申请号：PCT/US2018/031615

申请日：2018-05-08

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane Scott ,  NUǸEZ, David ,  AGUDO, Isaac

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L67/2809 ,  H04L63/0442 ,  H04L63/0464 ,  H04L67/2842

Abstract: Provided is a computer system and method that enables delegated access to encrypted information for distributed messaging and queuing frameworks, or in general, to publish/subscribe architectures. In said frameworks and architectures, data is published by data producers and organized in channels or queues, which consumer applications can subscribe to, and that are managed by one or multiple broker entities.

公开(公告)号：WO2018102382A1

公开(公告)日：2018-06-07

申请号：PCT/US2017/063658

申请日：2017-11-29

Applicant: ZERODB, INC.

Inventor： NUÑEZ, David ,  AGUDO, Isaac ,  EGOROV, Mikhail ,  WILKISON, MacLane Scott

IPC: G06F21/62 ,  H04L29/06 ,  H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  H04L9/16

CPC classification number: G06F21/62 ,  G06F21/602 ,  H04L9/0841 ,  H04L9/088

Abstract: Provided is a process, including: obtaining a first ciphertext; obtaining the field size with which the first ciphertext was encrypted; obtaining a first private encryption key of the first encryption key pair; receiving a request to delegate access to the first ciphertext to a second recipient; obtaining a second private encryption key; determining a key-switching key based on the field size, the first private encryption key, and the second private encryption key; in response to the request, delegating access by forming a second ciphertext from which the plaintext is accessible with the second private encryption key; and storing the second ciphertext in memory.

公开(公告)号：WO2018208786A1

公开(公告)日：2018-11-15

申请号：PCT/US2018/031614

申请日：2018-05-08

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane Scott ,  NUǸEZ, David ,  AGUDO, Isaac

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/14

CPC classification number: H04L9/14 ,  H04L9/0825 ,  H04L2209/76

Abstract: Provided is a process including: encrypting each of a plurality of data encryption keys with a first public cryptographic key to form encrypted data encryption keys; obtaining a second public cryptographic key; generating a transformation key based on the first public-private cryptographic key pair and the second public cryptographic key; and transforming the encrypted data encryption keys with proxy re-encryption based on the transformation key; and obtaining the second private cryptographic key and the transformed encrypted data encryption keys.

公开(公告)号：WO2017193108A3

公开(公告)日：2017-11-09

申请号：PCT/US2017/031479

申请日：2017-05-06

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane, Scott ,  NUNEZ, David ,  AGUDO, Isaac

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/30 ,  H04L9/08

Abstract: Provided is a process of securing data in a distributed storage and processing application, the process including: obtaining a cluster of computing nodes, wherein: the cluster stores a plurality of ciphertexts; accessing a transformation key with a first computing node; transforming the ciphertext with the first computing node based on the transformation key into a transformed ciphertext configured to be decrypted with a temporary access key; decrypting the transformed ciphertext with the second computing node based on the temporary access key to obtain plaintext data.

公开(公告)号：WO2017193108A2

公开(公告)日：2017-11-09

申请号：PCT/US2017/031479

申请日：2017-05-06

Applicant: ZERODB, INC.

Inventor： EGOROV, Mikhail ,  WILKISON, MacLane, Scott ,  NUNEZ, David ,  AGUDO, Isaac

IPC: G06F21/62 ,  G06F21/60 ,  H04L9/30 ,  H04L9/08

Abstract: Provided is a process of securing data in a distributed storage and processing application, the process including: obtaining a cluster of computing nodes, wherein: the cluster stores a plurality of ciphertexts; accessing a transformation key with a first computing node; transforming the ciphertext with the first computing node based on the transformation key into a transformed ciphertext configured to be decrypted with a temporary access key; decrypting the transformed ciphertext with the second computing node based on the temporary access key to obtain plaintext data.

Abstract translation: 提供了一种在分布式存储和处理应用程序中保护数据的过程，所述过程包括：获得计算节点的集群，其中：所述集群存储多个密文; 用第一计算节点访问变换密钥; 利用所述第一计算节点基于所述变换密钥将所述密文变换成被配置为利用临时访问密钥来解​​密的变换后的密文; 利用第二计算节点基于临时访问密钥解密变换的密文以获得明文数据。