WO2022073624A1 - Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données - Google Patents

Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données Download PDF

Info

Publication number
WO2022073624A1
WO2022073624A1 PCT/EP2020/078524 EP2020078524W WO2022073624A1 WO 2022073624 A1 WO2022073624 A1 WO 2022073624A1 EP 2020078524 W EP2020078524 W EP 2020078524W WO 2022073624 A1 WO2022073624 A1 WO 2022073624A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
anonymized
data storage
stored
copy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2020/078524
Other languages
English (en)
Inventor
Assaf Natanzon
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN202080106019.8A priority Critical patent/CN116348875A/zh
Priority to PCT/EP2020/078524 priority patent/WO2022073624A1/fr
Publication of WO2022073624A1 publication Critical patent/WO2022073624A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • the controller is further configured to parse for the data to be anonymized.
  • the method enables efficient and secure data storage by storing the modified data element having the anonymized content and the encrypted copy in the data storage, whilst storing the encryption key in the local memory.
  • generating the modified data element efficiently employs selective anonymization to anonymize only sensitive data in the data element.
  • encrypting the one or more data portions of the data element comprising the sensitive data provides security and protects privacy of a given entity to which the sensitive data pertains.
  • the modified data element and the encrypted copy are stored at the data storage which is separate from the local memory at which the encryption key is stored, there is provided secure and reliable protection against unauthorized access to sensitive data as only authorized entities will have access to both the data storage and the local memory.
  • the present disclosure provides a data storage arrangement comprising a local memory being configured to store one or more data elements.
  • the data storage arrangement further comprises a storing software module for storing at least one of the one or more data elements.
  • the data storage arrangement further comprises: a receiving software module for receiving the data element to be stored; a copying software module for generating a copy of one or more data portions to be anonymized; an encrypting software module for encrypting the copy of the one or more data portions to be anonymized utilizing an encryption key; a masking software module for masking the one or more data portions to be anonymized, by replacing the one or more data portions to be anonymized with anonymous content thereby generating a modified data element to be stored; and a software module for storing the modified data element to be stored in a data storage and for storing the encrypted copy of the one or more data portions to be anonymized in the data storage and for storing the encryption key in the local memory.
  • the controller 104 is configured to execute instructions stored in the local memory 102.
  • the controller 104 may be a general-purpose processor.
  • Examples of the controller 104 may include, but are not limited to, a microprocessor, a microcontroller, a complex instruction set computing (CISC) processor, an application-specific integrated circuit (ASIC) processor, a reduced instruction set (RISC) processor, a very long instruction word (VLIW) processor, a central processing unit (CPU), a state machine, a data processing unit, and other processors or control circuitry.
  • the controller 104 may refer to one or more individual processors, processing devices, a processing unit that is part of a machine, such as the data storage arrangement 100A.
  • the data storage 108 is a remote data storage.
  • the remote data storage is an off-site storage that is arranged remotely from the location of the data storage arrangement 100A.
  • the remote data storage may be a cloud-based data storage, wherein data is stored at a cloud server (namely, a virtual server).
  • the cloud-based data storage the data to be stored is transferred via the internet to the cloud server and can be retrieved as per requirement via an interface (for example, a web-based interface).
  • the modified data element would include the anonymous content "1111222233334444" instead of the original credit card number.
  • the masking content is represented as NIL (namely, empty).
  • the one or more data portions to be anonymized are replaced with NIL.
  • NIL corresponds to bit 'O'.
  • the controller 104 for selective anonymization, the one or more data portions to be anonymized are replaced with the bit 'O' while the other portions which are not to be anonymized remain unchanged.
  • masking the data to be anonymized by replacing with the masking content which is NIL also enables in reducing a data storage space required for storing the modified data element.
  • the write-with-mask command comprises an indicator to whether the data to be anonymized is present, and the controller 104 is configured to determine if the data to be anonymized is present prior to masking the one or more data portions to be anonymized.
  • “bool isSensitive’ is the indicator to whether the data to be anonymized is present. A value of this indicator indicates whether the data element has the one or more data portions which comprise the data (namely, the sensitive data) to be anonymized.

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

Un agencement de mémoire de données comprend une mémoire locale et un dispositif de commande. La mémoire locale est conçue pour stocker un ou plusieurs éléments de données. L'agencement de mémoire de données est connecté à une mémoire de données et un dispositif de commande de données est conçu pour stocker au moins un élément de données parmi un ou plusieurs éléments de données. Le dispositif de commande est en outre conçu pour recevoir un élément de données à stocker, générer une copie de parties de données devant être anonymisées, chiffrer la copie de parties de données devant être anonymisées à l'aide d'une clé de chiffrement. Le dispositif de commande est en outre conçu pour masquer des parties de données devant être anonymisées par remplacement de parties de données par un contenu anonyme, générant ainsi un élément de données modifié. Le dispositif de commande est en outre conçu pour stocker l'élément de données modifié et la copie chiffrée de parties de données devant être anonymisées dans la mémoire de données. Le dispositif de commande est de plus conçu pour recevoir la clé de chiffrement dans la mémoire locale.
PCT/EP2020/078524 2020-10-11 2020-10-11 Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données Ceased WO2022073624A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202080106019.8A CN116348875A (zh) 2020-10-11 2020-10-11 使用本地存储器和数据存储器的数据存储装置和方法
PCT/EP2020/078524 WO2022073624A1 (fr) 2020-10-11 2020-10-11 Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2020/078524 WO2022073624A1 (fr) 2020-10-11 2020-10-11 Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données

Publications (1)

Publication Number Publication Date
WO2022073624A1 true WO2022073624A1 (fr) 2022-04-14

Family

ID=72895930

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2020/078524 Ceased WO2022073624A1 (fr) 2020-10-11 2020-10-11 Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données

Country Status (2)

Country Link
CN (1) CN116348875A (fr)
WO (1) WO2022073624A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6760711B1 (en) * 1999-01-11 2004-07-06 Microsoft Corporation Merchant owned, ISP-hosted online stores with secure data store
US20050165623A1 (en) * 2003-03-12 2005-07-28 Landi William A. Systems and methods for encryption-based de-identification of protected health information
US20150169886A1 (en) * 2013-12-17 2015-06-18 International Business Machines Corporation Multi-part encrypted messages for support of sensitive systems
EP3156932A1 (fr) * 2015-10-16 2017-04-19 Deutsche Telekom AG Procede et systeme de protection de donnees electroniques confidentielles

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6760711B1 (en) * 1999-01-11 2004-07-06 Microsoft Corporation Merchant owned, ISP-hosted online stores with secure data store
US20050165623A1 (en) * 2003-03-12 2005-07-28 Landi William A. Systems and methods for encryption-based de-identification of protected health information
US20150169886A1 (en) * 2013-12-17 2015-06-18 International Business Machines Corporation Multi-part encrypted messages for support of sensitive systems
EP3156932A1 (fr) * 2015-10-16 2017-04-19 Deutsche Telekom AG Procede et systeme de protection de donnees electroniques confidentielles

Also Published As

Publication number Publication date
CN116348875A (zh) 2023-06-27

Similar Documents

Publication Publication Date Title
US8204213B2 (en) System and method for performing a similarity measure of anonymized data
US9081978B1 (en) Storing tokenized information in untrusted environments
US11907199B2 (en) Blockchain based distributed file systems
CN104680076B (zh) 用于使受保护健康信息匿名化和聚集的系统
US12182305B2 (en) Batch tokenization service
CN111919216A (zh) 计算机存储系统中的数据的按需去标识
CN115238286A (zh) 一种数据防护方法、装置、计算机设备及存储介质
US7818586B2 (en) System and method for data encryption keys and indicators
CN106169013A (zh) 用于使受保护信息匿名化和聚集的系统
CN113094756B (zh) 一种数据加密方法及计算设备
US12216790B2 (en) De-tokenization patterns and solutions
US11868339B2 (en) Blockchain based distributed file systems
EP4227838B1 (fr) Procédé et appareil de désensibilisation de fichier et support de stockage
CN111209585B (zh) 一种基于电力交易的数据处理方法及系统
US20230259280A1 (en) Methods and system of preventing duplication of encrypted data
CN111881480A (zh) 隐私数据加密方法、装置、计算机设备及存储介质
CN107832021A (zh) 一种电子证据固定方法、终端设备及存储介质
CN121029862A (zh) 一种基于多源数据的转化方法及系统
CN119227120B (zh) 一种基于可信空间的可信数据交换方法、装置及存储介质
CN111291001B (zh) 计算机文件的读取方法、装置、计算机系统及存储介质
WO2022073624A1 (fr) Agencement de mémoire de données et procédé utilisant une mémoire locale et une mémoire de données
CN118278957A (zh) 基于nft的多账户支付管理方法、装置、设备及存储介质
CN113627938B (zh) 一种区块链的数据删除方法、装置、设备及存储介质
CN116490854A (zh) 用于匿名化感知差分压缩的数据存储装置和方法
WO2022069042A1 (fr) Agencement de stockage de données et procédé de déduplication sensible à l'anonymisation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20792581

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20792581

Country of ref document: EP

Kind code of ref document: A1