| Patent application number | Description | Published |
|---|
| 20080215842 | DISTANCE-PRESERVING ANONYMIZATION OF DATA - An embodiment includes a system with a processing unit and a communication unit. The processing unit is configured: to compute a first reference point of a data point that represents a private data item and has a first distance value to the data point, wherein the first distance value is less than a threshold value, to compute a second reference point of the data point different from the first reference point with a second distance value to the data point, wherein the second distance value is less than the threshold value, and to generate hidden reference points from the reference points. The communication unit is configured to send the hidden reference points and distance values to a system. | 09-04-2008 |
| 20080263650 | ENHANCED CROSS-SITE ATTACK PREVENTION - Efficient cross-site attack prevention, in which web pages are stored on a site, the web pages being organized into entry pages that do not accept input, and protected pages that are not entry pages. A request is received from a user application to receive a requested web page, the request including a referrer string indicative of a referring web page, and identification data. It is determined whether the requested web page is an entry page or a protected page, and it is further determined, if the requested web page is determined to be a protected page, if the user application is authorized based upon the identification data, and if the referring web page is stored on the site based upon the referrer string. The requested web page is transmitted to the user application if the user application is determined to be authorized and if the referring web page is determined to be stored on the site, and the request is redirected to an entry page if the user application is determined to be not authorized or if the referring web page is determined to be not stored on the site. | 10-23-2008 |
| 20090055382 | Automatic Peer Group Formation for Benchmarking - A method of automatically generating peer groups of entities includes receiving data for a plurality of characteristic parameters about a number of entities and defining a number of peer groups, k, to be generated. A minimum number of entities, m, to be assigned to each peer group is defined, and k initial cluster values are defined around which to group the entities according to the data for the entity's characteristic parameters. Each entity is assigned to a peer group associated with a particular initial cluster center value, and it is ensured that the number of entities assigned to each peer group is greater than the minimum number, m. | 02-26-2009 |
| 20090187757 | METHOD AND SYSTEM FOR MEDIATED SECURE COMPUTATION - Techniques are described for mediated secure computation. A unique identifier value may be assigned to each one of a plurality of nodes included in a network. An encrypted portion of a logical circuit may be received at a server from each of the nodes, the logical circuit including one or more gates, each gate associated with one or more logical input wires and one or more logical output wires, the logical circuit associated with a function, wherein each encrypted portion is encrypted based on a random number value that is common to the plurality of nodes and unknown at the server. A result may be obtained based on executing the logical circuit, based on combining the encrypted portions of the logical circuit received at the server. | 07-23-2009 |
| 20090323928 | ITEM TRACING WITH SUPPLY CHAIN SECRECY USING RFID TAGS AND AN IDENTITY-BASED ENCRYPTION SCHEME - A method for tracing an item may include encrypting item information using an identity-based encryption scheme with a batch number for an item as an encryption key and communicating the encrypted item information for storage on a radio frequency identification (RFID) tag for attachment to the item. | 12-31-2009 |
| 20100014657 | PRIVACY PRESERVING SOCIAL NETWORK ANALYSIS - A method and a system for privacy-preserving SNA. A plurality of vertices of a first subgraph of a graph is encrypted with a first key of a commutatively encryption scheme. A plurality of vertices of a second subgraph encrypted with a second key of the commutatively encryption scheme are received and encrypted commutatively with the first key. A plurality of commutatively encrypted vertices of the first subgraph and a plurality of commutatively encrypted vertices of the second subgraph are used for computing centrality metrics preserving the privacy of the graph and its structure. | 01-21-2010 |
| 20100091984 | SECURE LOGICAL VECTOR CLOCKS - Embodiments include a system for processing logical clock values according to a secure maximum operation. The system may include a communication unit and a processing unit. The communication unit may be configured to receive an encrypted first value of a logical clock, send an encrypted blinded difference, receive an encrypted blinded maximum value, and receive a maximum value. The processing unit may be configured to access an encrypted second value of the logical clock, generate the encrypted blinded difference between the first value and the second value, provide an encrypted blinded first value and an encrypted blinded second value in an oblivious transfer protocol, and generate an encrypted maximum value from the encrypted blinded maximum value. | 04-15-2010 |
| 20100106980 | SEARCHABLE ENCRYPTION FOR OUTSOURCING DATA ANALYTICS - A method for performing data analytics on outsourced data may include receiving, at a data analyst, cipher text representing data from a data owner such that the data remains hidden from the data analyst, generating a query token using a constant provided by the data analyst such that the constant remains hidden from the data owner, and analyzing the cipher text using the query token. | 04-29-2010 |
| 20100114964 | SEARCHABLE ENCRYPTION FOR OUTSOURCING DATA ANALYTICS - A method for performing data analytics on outsourced data may include generating, by a data owner, a binary tree representing data from the data owner, where each node of the binary tree is associated with an identity that represents a data element or an interval of data elements, computing, by the data owner, an identity token and encrypting the identity token for each of the identities in the binary tree, generating a range query token using an identity selected by a data analyst and a secret key input by the data owner and computing a decryption key for the selected identity, and analyzing the data, by the data analyst, by comparing the computed decryption key for the selected identity with each of the encrypted identities. | 05-06-2010 |
| 20100235627 | SECURING COMMUNICATIONS SENT BY A FIRST USER TO A SECOND USER - A computer-implemented method of securing communications sent by a first user to a second user may include receiving, by a first user from a trusted third party, at least one public cryptographic value corresponding to the first user and at least one private cryptographic value corresponding to the first user, providing, by the first user to a second user, a plurality of values corresponding to an identification device identified by an identifier, deriving, by the first user, a shared key, using the at least one private cryptographic value of the first user, and at least one of the plurality of values corresponding to the identification device identified by the identifier and protecting communications sent by the first user to the second user with the shared key. | 09-16-2010 |
| 20100329464 | SYSTEMS AND METHODS FOR IMPLEMENTING SUPPLY CHAIN VISIBILITY POLICIES - Methods, storage medium and systems for implementing visibility policies within a supply chain include storing event data on a computer-readable storage medium of a first partner, the event data corresponding to at least one event associated with an item while the item was in possession of the first partner, the item having traveled through the supply chain, transferring evidence of possession between the plurality of partners as the item travels through the supply chain, and requesting access to the event data by a second partner. Implementations further include determining that the item traveled through a portion of the supply chain based on the evidence, authenticating an identity of the second partner, and authorizing the second partner to access the first event data, when it is determined that the item traveled through the portion of the supply chain and when the identity of the second party is authenticated. | 12-30-2010 |
| 20110075846 | SECURE COMPUTATION OF PRIVATE VALUES - An embodiment may include a system having a communication unit and a processing unit. The communication unit may be configured to receive an encrypted private value of a party, the encrypted private value being generated from a private value with a public-key encryption system and a public key, to send an encrypted blinded result to the party, and to receive a blinded result generated from the encrypted blinded result. The processing unit may be configured to compute a result of a function, the function having as input the private value, to blind the result of the function to generate the encrypted blinded result, and to compute the result by unblinding the blinded result. | 03-31-2011 |
| 20110085658 | System and Method for Comparison of Private Values - An embodiment includes a first system for computing a contribution to a greater-than comparison of a first private value and a second private value. The first system includes: an accessing unit configured to access the first private value; a processor unit configured to compute a first encrypted value by encrypting the first private value, compute a decrypted value by decrypting a third encrypted value, and compute a contribution to a result of the greater-than comparison by checking a relation between the decrypted value and a modulus value; and a communication unit configured to send the first encrypted value to a second system and to receive the third encrypted value. | 04-14-2011 |
| 20110137800 | PRIVACY PRESERVING ARTIFICIAL IMMUNE SYSTEM - Identifying anomalous products in a supply chain includes maintaining a set of anomalous patterns of events products in the supply chain. At least one of the anomalous patterns of events is transmitted to nodes of the supply chain. Messages are received from nodes at a third party and indicate whether an event of the product in the supply chain at the node matches an event in the anomalous pattern of events that has been transmitted to the node. Messages indicating that an event at the node matches an event in the anomalous pattern of events are securely encrypted, based on a key that is unknown to the third party, prior to transmission to the third party. A determination is made whether the product is an anomalous product, based on the messages from nodes indicating that a sequence of events occurring at one or more nodes matches a sequence of events in the anomalous pattern of events. | 06-09-2011 |
