Method and apparatus for management of encrypted data through role separation
US7315859B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 15, 2000 |
| Grant date | Jan 1, 2008 |
| Priority date | — |
| Expiry date | Nov 25, 2021 |
Classification
- Technology area (CPC Y)Emerging Cross-Sectional Technologies
- CPC primaryY10S707/99939
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system is provided for managing a database that stores sensitive information. Upon receiving a command to perform a function involving a database object, the system determines if the object is a sensitive object. If the object is not a sensitive object, the system allows the function to proceed. If the object is a sensitive object and the command is received from a normal system administrator, the system disallows the function. Upon receiving a request to perform an operation on sensitive data in the database system received from a user with access rights to the data item and empowered to access sensitive data, the system allows the operation to proceed. If the request is received from a normal user for a sensitive data item, the system disallows the operation. If the operation involves retrieval of a sensitive data item, the system decrypts the data item using an encryption key.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.