Filtering Network Traffic Using Protected Filtering Mechanisms
US-2015121525-A1 · Apr 30, 2015 · US
Semantic obfuscation of data in real time
US9646143B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9646143-B2 |
| Application number | US-201514935157-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 6, 2015 |
| Priority date | Dec 10, 2013 |
| Publication date | May 9, 2017 |
| Grant date | May 9, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for automatically maintaining the anonymity or privacy of a stream of data as it is transmitted over a network or provided for other use, by receiving a data stream in real-time from an original source and identifying a data subset of interest within the original data stream. The data subset of interest is segregated from the data stream for either obfuscating at least a portion of the data subset in accordance with certain criteria or encrypting it. The data subset is obfuscated or encrypted for purpose of transmission over the network or for testing and reunited at a target source with the remainder of the data stream.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: identifying, using one or more processors, sensitive data within a stream of data, the stream of data associated with a data set in the process of being transferred from an originating source to a target source, the data set including sensitive and non-sensitive information; segregating, using the one or more processors, the sensitive data from the stream of data as the data set is in the process of being transferred from the originating source to the target source to obfuscate the sensitive data before the sensitive data is transferred to the target source; retrieving, using the one or more processors, obfuscation criteria; determining, using the one or more processors, based on the obfuscation criteria, to obfuscate the sensitive data; obfuscating, using the one or more processors, the sensitive data based on the determination; and reuniting, using the one or more processors, the obfuscated sensitive data with un-obfuscated non-sensitive data in the stream of data associated with the data set in the process of being transferred from the originating source, the target source receiving a partially obfuscated version of the data set, the partially obfuscated version of the data set including obfuscated sensitive data, wherein a portion of content of the sensitive data, which is obfuscated, in the partially obfuscated version of the data set received by the target source, remains obfuscated and inaccessible to the target source. 2. The method of claim 1 , wherein the data is test data. 3. The method of claim 1 , wherein the stream of data is a continuous stream of data. 4. The method of claim 3 , wherein the sensitive data is unencrypted at the target source and the obfuscated, sensitive data remains obfuscated at the target source. 5. The method of claim 1 , comprising encrypting at least a portion of the sensitive data. 6. The method of claim 1 , wherein obfuscating the sensitive data based on the determination includes using one or more specified rules for obfuscating the sensitive data to maintain anonymity of individuals associated with the data. 7. The method of claim 1 , wherein the stream includes encrypted, sensitive information and unencrypted, non-sensitive information and is transmitted from the originating source to the target source via an intermediary source. 8. The method of claim 1 , wherein the network is the Internet. 9. The method of claim 1 , wherein operations of the method are executed by a platform-independent driver at the originating source. 10. A non-transitory computer-readable storage medium storing computer-executable program code for automatically maintaining privacy of a stream of data as it is transmitted over a network, the computer-executable program code comprising instructions to: identify sensitive data within a stream of data, the stream of data associated with a data set in the process of being transferred from an originating source to a target source, the data set including sensitive and non-sensitive information; segregate the sensitive data from the stream of data as the data set is in the process of being transferred from the originating source to the target source to obfuscate the sensitive data before the sensitive data is transferred to the target source; retrieve obfuscation criteria; determine, based on the obfuscation criteria, to obfuscate the sensitive data; obfuscate the sensitive data based on the determination; and reunite the obfuscated sensitive data with un-obfuscated non-sensitive data in the stream of data associated with the data set in the process of being transferred from the originating source, the target source receiving a partially obfuscated version of the data set, the partially obfuscated version of the data set including obfuscated sensitive data, wherein a portion of content of the sensitive data, which is obfuscated, in the partially obfuscated version of the data set received by the target source, remains obfuscated and inaccessible to the target source. 11. A system comprising: one or more processors; and a memory including instructions that, when executed by the one or more processors cause the system to: identify sensitive data within a stream of data, the stream of data associated with a data set in the process of being transferred from an originating source to a target source, the data set including sensitive and non-sensitive information; segregate the sensitive data from the stream of data as the data set is in the process of being transferred from the originating source to the target source to obfuscate the sensitive data before the sensitive data is transferred to the target source; retrieve obfuscation criteria; determine, based on the obfuscation criteria, to obfuscate the sensitive data; obfuscate the sensitive data based on the determination; and reunite the obfuscated sensitive data with un-obfuscated non-sensitive data in the stream of data associated with the data set in the process of being transferred from the originating source, the target source receiving a partially obfuscated version of the data set, the partially obfuscated version of the data set including obfuscated sensitive data, wherein a portion of content of the sensitive data, which is obfuscated, in the partially obfuscated version of the data set received by the target source, remains obfuscated and inaccessible to the target source. 12. The system of claim 11 , wherein the data is test data. 13. The system of claim 11 , wherein the stream of data is a continuous stream of data. 14. The system of claim 11 comprising encrypting at least a portion of the sensitive data. 15. The system of claim 14 , wherein the sensitive data is unencrypted at the target source and the obfuscated, sensitive data remains obfuscated at the target source. 16. The system of claim 11 , wherein obfuscating the sensitive data based on the determination includes using one or more specified rules for obfuscating the sensitive data to maintain anonymity of individuals associated with the data. 17. The system of claim 11 , wherein the stream includes encrypted, sensitive information and unencrypted, non-sensitive information is transmitted from the originating source to the target source via an intermediary source. 18. The system of claim 11 , wherein operations of the method are executed by a platform-independent driver at the originating source.
Assignees
Inventors
Classifications
- G06F21/6254Primary
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer · CPC title
Protecting distributed programs or content, e.g. vending or licensing of copyrighted material (protection in video systems or pay television H04N7/16) {; Digital rights management [DRM]} · CPC title
by securing the transmission between two devices or processes · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9646143B2 cover?
- Systems and methods for automatically maintaining the anonymity or privacy of a stream of data as it is transmitted over a network or provided for other use, by receiving a data stream in real-time from an original source and identifying a data subset of interest within the original data stream. The data subset of interest is segregated from the data stream for either obfuscating at least a por…
- Who is the assignee on this patent?
- Progress Software Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6254. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 09 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).