US 11,882,220 B2
Multi-tenant data protection in a centralized network environment
David Clyde Williamson, Great Missenden (GB); George Curran, Northport, NY (US); Raul Ortega, Westport, CT (US); Jan Boberg, Skelleftea (SE); Rajnish Jain, Fairfield, CT (US); and Yigal Rozenberg, Wilton, CT (US)
Assigned to PROTEGRITY CORPORATION, Grand Cayman (KY)
Filed by Protegrity Corporation, Grand Cayman (KY)
Filed on Apr. 29, 2022, as Appl. No. 17/733,839.
Application 17/733,839 is a continuation of application No. 17/027,365, filed on Sep. 21, 2020, granted, now 11,349,661.
Application 17/027,365 is a continuation of application No. 16/188,295, filed on Nov. 13, 2018, granted, now 10,819,519, issued on Oct. 27, 2020.
Claims priority of provisional application 62/588,920, filed on Nov. 21, 2017.
Prior Publication US 2022/0255746 A1, Aug. 11, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); G06F 3/06 (2006.01); H04L 9/40 (2022.01); G06F 21/62 (2013.01); H04L 9/08 (2006.01); G06F 16/245 (2019.01)
CPC H04L 9/3213 (2013.01) [G06F 3/067 (2013.01); G06F 3/0622 (2013.01); G06F 3/0659 (2013.01); G06F 16/245 (2019.01); G06F 21/6218 (2013.01); G06F 21/6254 (2013.01); H04L 9/0869 (2013.01); H04L 9/0894 (2013.01); H04L 63/0853 (2013.01); H04L 63/102 (2013.01); H04L 2209/08 (2013.01)] 20 Claims
OG exemplary drawing
1. A method for securing data in a centralized environment comprising:
in response to receiving a request to protect data from the client device, providing, by the central server, an encrypted security value previously encrypted and provided by the client device and stored by the central server before receiving the request to protect data from the client device to the client device for decryption and receiving a decrypted security value from the client device in response;
accessing, by the central server, a token table mapping each of a plurality of input values to a different token value;
tokenizing, by the central server, the data using the token table by querying the token table with a value of a portion of the data to identify a token value mapped to the value of the portion of the data and replacing the portion of the data with the identified token value; and
providing, by the server, the tokenized data to a database for storage in conjunction with tokenized data corresponding to other user accounts such that an unauthorized access to tokenized data corresponding to a first user account does not compromise tokenized data corresponding to a second user account.