What technology area does this patent fall under?

Primary CPC classification H04L63/0421. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 26 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Partition-based prefix preserving anonymization approach for network traces containing IP addresses

US11316831B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11316831-B2
Application number	US-201816477428-A
Country	US
Kind code	B2
Filing date	Feb 28, 2018
Priority date	Feb 28, 2017
Publication date	Apr 26, 2022
Grant date	Apr 26, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A node including processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data, calculate a coordination vector, generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, transmit the initialized data, the random vector, a security policy and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key, and receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key. The analysis of an m iteration of the n iterations correspond to an analysis of the initialized data with prefix preservation where the analysis of the remaining iterations of the n iterations fail to be prefixed preserved.

First claim

Opening claim text (preview).

What is claimed is: 1. A node for anonymizing network data for analysis by another node, the node comprising: processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data; calculate a coordination vector based at least in part on a random vector; generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, the second cryptographic key being independent from the first cryptographic key; transmit the initialized data, the random vector, a security policy, the second cryptographic key and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; and the analysis of an m iteration of the n iterations corresponding to an analysis of the initialized data with prefix preservation, the analysis of the remaining iterations of the n iterations failing to be prefixed preserved, where n and m are integers and n is greater than m. 2. The node of claim 1 , wherein the processing circuitry is further configured to partition the network data into a plurality of non-overlapping partitions, the generating of the initialized data includes applying at least one cryptographically based anonymization function to each one of the plurality of non-overlapping partitions. 3. The node of claim 1 , wherein the coordination vector is calculated based at least in part on the random vector and a key combination vector, the key combination vector allowing for the m iteration to be prefix preserved. 4. The node of claim 1 , wherein if m times the random vector is added to the coordination vector, a resulting vector of this addition operation providing prefix preservation of the initialized data with respect to the network data during the analysis. 5. The node of claim 1 , wherein the network data includes a plurality of destination internet protocol addresses and a plurality of source internet protocol addresses. 6. The node of claim 1 , wherein the security policy includes at least one rule to be applied during the analysis. 7. The node of claim 1 , wherein the anonymized data is generated by applying at least one cryptographic operation to the network data using the first cryptographic key; and the initialized data is generated by applying the at least one cryptographic operation to the anonymized data using the second cryptographic key and the coordination vector. 8. The node of claim 1 , wherein the instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key includes instructions to apply at least one cryptographic operation to the initialized data using the second cryptographic key and the random vector. 9. The node of claim 1 , wherein the processing circuitry ( 18 ) is further configured to transmit the second cryptographic key. 10. A method for a node for anonymizing network data for analysis by another node, the method comprising: generating anonymized data based at least in part on a first cryptographic key and network data; calculating a coordination vector based at least in part on a random vector; generating initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, the second cryptographic key being independent from the first cryptographic key; transmitting the initialized data, the random vector, a security policy, the second cryptographic key and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; receiving results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; and the analysis of an m iteration of the n iterations corresponding to an analysis of the initialized data with prefix preservation, the analysis of the remaining iterations of the n iterations failing to be prefixed preserved, where n and m are integers and n is greater than m. 11. The method of claim 10 , further comprising partitioning the network data into a plurality of non-overlapping partitions, the generating of the initialized data includes applying at least one cryptographically based anonymization function to each one of the plurality of non-overlapping partitions. 12. The method of claim 10 , wherein the coordination vector is calculated based at least in part on the random vector and a key combination vector, the key combination vector allowing for the m iteration to be prefix preserved. 13. The method of claim 10 , wherein if m times the random vector is added to the coordination vector, a resulting vector of this addition operation providing prefix preservation of the initialized data with respect to the network data during the analysis. 14. The method of claim 10 , wherein the network data includes a plurality of destination internet protocol addresses and a plurality of source internet protocol addresses. 15. The method of claim 10 , wherein the security policy includes at least one rule to be applied during the analysis. 16. The method of claim 10 , wherein the anonymized data is generated by applying at least one cryptographic operation to the network data using the first cryptographic key; and the initialized data is generated by applying the at least one cryptographic operation to the anonymized data using the second cryptographic key and the coordination vector. 17. The method of claim 10 , wherein the instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key includes instructions to apply at least one cryptographic operation to the initialized data using the second cryptographic key and the random vector. 18. The method of claim 10 , further comprising transmitting the second cryptographic key. 19. A node for anonymizing network data for analysis by another node, the node comprising: an anonymization module configured to: generate anonymized data based at least in part on a first cryptographic key and network data; calculate a coordination vector based at least in part on a random vector; generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, the second cryptographic key being independent from the first cryptographic key; transmit the initialized data, the random vector, a security policy and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key; and the analysis of an m iteration of the n iterations corresponding to an analysis of the initialized data with prefix preservation, the analysis of the remaining iterations of the n iterations failing to be prefixed preserved, where n and m are integers and n is greater than m. 20. The node of claim 19 , wherein the anonymization module is further configured to partition the network data into a plurality of non-overlapping partitions, the generating of the initialized data includes applying at le

Assignees

Ericsson Telefon Ab L M

Inventors

Classifications

H04L63/0421Primary
Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer · CPC title
H04W12/02
Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII] · CPC title
H04L63/0407Primary
wherein the identity of one or more communicating identities is hidden (cryptographic mechanisms or cryptographic arrangements for anonymous credentials or for identity based cryptographic systems H04L9/00) · CPC title
H04L9/088
Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms (network architectures or network communication protocols for using time-dependent keys in a packet data network H04L63/068) · CPC title
H04L63/164
at the network layer · CPC title

Patent family

Related publications grouped by family.

View patent family 61656080

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11316831B2 cover?: A node including processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data, calculate a coordination vector, generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, transmit the initialized data, the random vector, a security policy and instructions to…
Who is the assignee on this patent?: Ericsson Telefon Ab L M
What technology area does this patent fall under?: Primary CPC classification H04L63/0421. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 26 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).