US 11,790,106 B1
Methods for protecting data
Jeff J. Stapleton, Arlington, TX (US)
Assigned to Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed by Wells Fargo Bank, N.A., San Francisco, CA (US)
Filed on Apr. 18, 2022, as Appl. No. 17/723,276.
Application 17/723,276 is a continuation of application No. 16/838,149, filed on Apr. 2, 2020, granted, now 11,308,234.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); G06F 21/62 (2013.01); G06F 21/64 (2013.01); G06F 21/60 (2013.01); H04L 9/08 (2006.01); H04L 9/00 (2022.01)
CPC G06F 21/6227 (2013.01) [G06F 21/602 (2013.01); G06F 21/64 (2013.01); H04L 9/008 (2013.01); G06F 2221/2141 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method of protecting data, the method comprising:
maintaining, by a first processing circuit in a production database of a production environment system, ciphertext data associated with a cryptographic function, wherein the production environment system corresponds to a first access level;
masking, by a second processing circuit in a middle environment system, the ciphertext data using a masking function to generate alternate ciphertext data, wherein the middle environment system is a proxy and communicably coupled with the production environment system over a secure network, wherein the ciphertext data is encrypted using the cryptographic function in the production environment system;
decrypting, by the second processing circuit in the middle environment system, the alternate ciphertext data utilizing a symmetric key to generate masked cleartext data; and
storing, by the second processing circuit in a lower environment system, the masked cleartext data in a lower database, wherein the lower environment system correspond to a second access level, wherein the first access level restricts access to the ciphertext data and the symmetric key to parties with the second access level having control over the lower environment system.