Method and system for on-the-fly anonymization on in-memory databases
US-2015007249-A1 · Jan 1, 2015 · US
Dynamic data masking of post-output database data
US9911003B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9911003-B2 |
| Application number | US-201514929349-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 1, 2015 |
| Priority date | Nov 1, 2015 |
| Publication date | Mar 6, 2018 |
| Grant date | Mar 6, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Dynamic data masking by intercepting data derived from a database, creating a tabular representation of the data, and masking any of the data in accordance with a masking policy that specifies which of the data are to be masked if a masking condition is met, where the masking condition references the tabular representation of the data using a tabular positional reference.
First claim
Opening claim text (preview).
What is claimed is: 1. A dynamic data masking method comprising: intercepting data derived by a computer-hosted database management system from a database, wherein the data are intercepted when the data are found within a data stream created by the database management system for delivery to a computer-hosted application, and wherein the intercepted data are in a non-tabular format; creating a tabular representation of the intercepted data; and masking any of the data in accordance with a masking policy that specifies which of the data in the tabular representation of the intercepted data are to be masked if a masking condition is met, wherein the masking condition references the tabular representation of the intercepted data using a tabular positional reference that refers to any of a row and a column of the tabular representation of the intercepted data. 2. The method according to claim 1 wherein the intercepting comprises intercepting a) after the data are derived from the database and b) before the data are provided to a recipient. 3. The method according to claim 2 wherein the intercepting comprises intercepting the data on a computer that derives the data from the database. 4. The method according to claim 2 wherein the intercepting comprises intercepting wherein the data are derived from the database in response to a query. 5. The method of claim 1 wherein the intercepting, creating, and masking are implemented in any of a) computer hardware, and b) computer software embodied in a non-transitory, computer-readable medium. 6. A dynamic data masking system comprising: a database monitoring agent configured to intercept data derived by a computer-hosted database management system from a database, wherein the data are intercepted when the data are found within a data stream created by the database management system for delivery to a computer-hosted application, and wherein the intercepted data are in a non-tabular format; and a masking engine configured to create a tabular representation of the intercepted data, and mask any of the data in accordance with a masking policy that specifies which of the data in the tabular representation of the intercepted data are to be masked if a masking condition is met, wherein the masking condition references the tabular representation of the intercepted data using a tabular positional reference that refers to any of a row and a column of the tabular representation of the intercepted data. 7. The system according to claim 6 wherein the database monitoring agent configured to intercept the data a) after the data are derived from the database and b) before the data are provided to a recipient. 8. The system according to claim 7 wherein the database monitoring agent configured to intercept the data on a computer that derives the data from the database. 9. The system according to claim 7 wherein the data are derived from the database in response to a query. 10. The system of claim 6 wherein the database monitoring agent and the masking engine are implemented in any of a) computer hardware, and b) computer software embodied in a non-transitory, computer-readable medium. 11. A computer program product for dynamic data masking, the computer program product comprising: a non-transitory, computer-readable storage medium; and computer-readable program code embodied in the storage medium, wherein the computer-readable program code is configured to intercept data derived by a computer-hosted database management system from a database, wherein the data are intercepted when the data are found within a data stream created by the database management system for delivery to a computer-hosted application, and wherein the intercepted data are in a non-tabular format; and create a tabular representation of the intercepted data, and mask any of the data in accordance with a masking policy that specifies which of the data in the tabular representation of the intercepted data are to be masked if a masking condition is met, wherein the masking condition references the tabular representation of the intercepted data using a tabular positional reference that refers to any of a row and a column of the tabular representation of the intercepted data. 12. The computer program product according to claim 11 wherein the computer-readable program code is configured to intercept the data a) after the data are derived from the database and b) before the data are provided to a recipient. 13. The computer program product according to claim 12 wherein the computer-readable program code is configured to intercept the data on a computer that derives the data from the database. 14. The computer program product according to claim 12 wherein the data are derived from the database in response to a query.
Assignees
Inventors
Classifications
- G06F21/6254Primary
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
Physics · mapped topic
- G06F21/6227Primary
where protection concerns the structure of data, e.g. records, types, queries · CPC title
Data format conversion from or to a database · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9911003B2 cover?
- Dynamic data masking by intercepting data derived from a database, creating a tabular representation of the data, and masking any of the data in accordance with a masking policy that specifies which of the data are to be masked if a masking condition is met, where the masking condition references the tabular representation of the data using a tabular positional reference.
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6254. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 06 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).