Patent Issued for Managing queries with data processing permits (USPTO 11983286): Ketch Kloud Inc.
2024 JUN 03 (NewsRx) -- By a
The assignee for this patent, patent number 11983286, is
Reporters obtained the following quote from the background information supplied by the inventors: “Database systems may be subject to a number of data regulations. Data regulations may specify how a database system may store data and how the database system may support access to the data. Examples of such regulations may include the European Union’s General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA) for health-related data privacy, and the Federal Trade Commission’s (FTC’s) data and privacy regulations for financial institutions, among other such regulations. In some cases, implementing a system that handles legitimizing reasons for accessing data separate from data processing may fail to ensure technically that the system uses the data in the proper manner, resulting in a great deal of risk for the organization running the database system. That is, simply claiming to follow the rules may not meet the high standards of some data protection regulations, leaving an organization liable or facing prohibitive cost if the system uses any user data incorrectly (e.g., without the proper consent or legitimizing reason). Additionally, in some cases, following data regulations at a database system may result in a number of processing inefficiencies, potential security risks, or both. For example, decrypting data at query time in a database (e.g., to support checking legitimizing reasons) may result in insecure storage of data (e.g., at least temporarily while executing a query).”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Data regulations may set rules and/or restrictions for how a data management system may collect, store, and process user data. To handle such data regulations, a system may implement data processing permits and cryptographic techniques to tie legitimizing reasons for using data (e.g., user consent) to data handling. For example, by tying user consent to data handling at a technical level, the system may automatically comply with data regulations and efficiently update to handle changing data regulations and/or regulations across different jurisdictions. However, data regulations may further specify security criteria for handling data in a database system. For example, the database system may secure user information by storing the user data as encrypted at rest in a database. The user data may be encrypted to ensure that the data is accessed by specific users or systems with the proper credentials and is used for specific purposes supported by legitimizing reasons (e.g., user consent or other regulations). The database may restrict other users or systems from accessing the data and may restrict requests for unauthorized usages of the data by withholding an encryption key corresponding to the encrypted data. Many applications may send queries, such as structured query language (SQL) queries, to the database system requesting access to data records. However, such applications may not be aware of how the database system is securely storing the data at rest. As such, the queries may request data using plaintext values, fields, and operators, which may not accurately represent the format of data in a database. Temporarily decrypting data to run such queries may expose private user data (e.g., for potential security breaches by malicious users). If the plaintext data is directly accessed in any way (e.g., within a database management system (DBMS)) to support querying, the DBMS may fail to uphold one or more data regulations associated with user privacy.
“To maintain data security in a database system while supporting robust query functionality, the database system may implement a database proxy for managing queries. Furthermore, the database proxy, the underlying database, or both may integrate data processing permits into query transformation, query execution, query results processing, or some combination thereof to support privacy-by-design. For example, a database system may implement data processing permits to manage data access using one or more encryption schemes to tie permits to data (e.g., cryptographically ensuring that the system follows data regulations). To support queries for a database implementing such encryption schemes, the database may implement a database proxy (e.g., a server or shim). When the system receives a query, the database proxy may intercept and transform the query based on the encryption schema of the database. Transforming the query may involve transforming plaintext values to ciphertext values, indicating one or more user-defined functions (UDFs) in place of query operations to perform equivalent operations on encrypted data (e.g., homomorphically encrypted data), determining relevant data processing permits, or any combination of these processes. The database proxy may execute the transformed query at the database. Based on the query transformation and one or more UDFs supported by the DBMS, the database may execute the query directly on encrypted data (e.g., without decrypting the data even temporarily in the database). Such a process may maintain data security throughout query execution. Additionally or alternatively, the DBMS may implement policies and/or roles to support filtering data at execution time according to data processing permits. For example, one or more hidden columns in the database may support indications of user consent statuses for particular data fields, rows, or columns. The DBMS may filter out query results that are not consented to by an appropriate user.
“The database may return encrypted query results to the database proxy in response to the transformed query, and the database proxy may decrypt the results for use by a querying application. In some cases, the database proxy may perform further processing of the query results (e.g., based on one or more data processing permits). For example, the database proxy may filter out information from the query results based on querying limits set by a data processing permit. The database proxy may send the resulting plaintext query results to an application in response to the query.
“By implementing one or more of the techniques described herein, a database system may integrate a DBMS storing secure, encrypted data with a privacy-by-design technical framework. The database proxy may manage any types of queries entering the database system, such that a secure, encrypted database may accurately and efficiently run the queries (e.g., based on one or more query transformations). Using homomorphic encryption, UDFs, and data processing permits, the database system may maintain a high standard of data security at rest and at query time, comply with data privacy regulations (e.g., with technical guarantees), support robust querying functionality, and support consumer rights, such as private user data deletion.
“Aspects of the disclosure are initially described in the context of systems supporting query management for a database. Additional aspects are described with reference to a database schema and a process flow. Aspects of the disclosure are further illustrated by and described with reference to apparatus diagrams, system diagrams, and flowcharts that relate to managing queries with data processing permits.”
The claims supplied by the inventors are:
“1. A method for data processing at a database system comprising a database proxy and a database, the method comprising: receiving, at the database proxy, a query associated with a user and comprising an indication of data associated with the database, wherein the query further comprises privacy metadata indicating a data processing activity for using the data; identifying a data processing permit stored for the database system that supports both the query and at least a subset of the data indicated by the query based at least in part on the data processing permit indicating a legitimizing reason for the user to access at least the subset of the data for use in the data processing activity; transforming, at the database proxy, the query based at least in part on an encryption schema of the database; and executing, at the database, the transformed query based at least in part on identifying the data processing permit, wherein executing the transformed query comprises: filtering out a first subset of data fields from a data column of the database based at least in part on a hidden column of the database indicating row-level consent for the data column, the hidden column failing to support direct querying of values stored in the hidden column; and determining a query result for the transformed query based at least in part on the filtering.
“2. The method of claim 1, wherein the query comprises a request for the data stored in the database and a user identifier corresponding to the user and associated with the request for the data, the transforming further comprising: encrypting the user identifier with a permit key associated with the identified data processing permit, wherein the transformed query comprises a select statement indicating the encrypted user identifier.
“3. The method of claim 2, further comprising: receiving the legitimizing reason for the user to access at least the subset of the data for use in the data processing activity; generating the data processing permit applicable to the data processing activity and the user identifier based at least in part on receiving the legitimizing reason; encrypting the user identifier with the permit key associated with the data processing permit based at least in part on receiving the legitimizing reason; and storing, in the database, the encrypted user identifier with a relation to at least the subset of the data stored in the database.
“4. The method of claim 3, wherein: the encrypted user identifier is stored in a column in the database; the column supports executing the select statement for the query in the database; and the encrypted user identifier provides access to a row in the database comprising at least the subset of the data.
“5. The method of claim 1, further comprising: receiving, at the database proxy, a second query associated with a second user and comprising a second indication of the data associated with the database, wherein the second query further comprises second privacy metadata indicating a second data processing activity for using the data; failing to identify a second data processing permit stored for the database system that is applicable to both the second data processing activity and the second user; and refraining from retrieving the data in response to the second query based at least in part on failing to identify the second data processing permit.
“6. The method of claim 1, wherein the query comprises a request for the data stored in the database, and the executing the transformed query further comprises: identifying, in the database, a consent status for a data field based at least in part on the data processing activity, wherein the consent status is based at least in part on the data processing permit; and retrieving at least the subset of the data from the database based at least in part on the identified consent status.
“7. The method of claim 6, further comprising: accessing a table in the database based at least in part on a reference stored with the data, wherein the consent status is identified based at least in part on a value stored in the table, the data processing activity, the data processing permit, or a combination thereof.
“8. The method of claim 1, wherein executing the transformed query further comprises: receiving, at the database proxy, the query result based at least in part on executing the transformed query at the database; and modifying, at the database proxy, the query result based at least in part on the data processing permit applicable to the data processing activity.
“9. The method of claim 8, wherein the modifying further comprises: filtering the query result based at least in part on the data processing permit.
“10. The method of claim 1, wherein the query result comprises a ciphertext query result, the method further comprising: receiving, at the database proxy, the ciphertext query result based at least in part on executing the transformed query at the database; and decrypting, at the database proxy, the ciphertext query result to obtain a plaintext query result based at least in part on the encryption schema of the database.
“11. The method of claim 10, wherein the query is received from a user device, the method further comprising: transmitting, to the user device, the plaintext query result in response to the query.
“12. The method of claim 10, wherein: the data is encrypted at rest in the database; and the data is encrypted in the database during execution of the transformed query.
“13. The method of claim 1, wherein transforming the query further comprises: performing one or more calls to one or more user-defined functions for the database system based at least in part on a clause in the query, an operator in the query, the encryption schema of the database, or a combination thereof.
“14. The method of claim 1, wherein: the data is stored in the database in a plurality of columns using a plurality of respective encryption schemes; and the database executes the transformed query on the data column of the plurality of columns based at least in part on a query function for the transformed query supported by the data column according to a respective encryption scheme for the data column.
“15. The method of claim 1, wherein: the data is stored in the database in a single column using a plurality of layered encryption schemes; the database decrypts one or more layers of the plurality of layered encryption schemes based at least in part on a query function for the transformed query; and the database executes the transformed query on the single column based at least in part on the decrypted one or more layers of the plurality of layered encryption schemes, wherein the single column is the data column.
“16. The method of claim 1, further comprising: installing the database proxy for the database system; determining, at the database proxy, an initial schema of the database; and updating the initial schema of the database to the encryption schema of the database based at least in part on the initial schema of the database and a plurality of data processing permits associated with installing the database proxy.
“17. An apparatus for data processing at a database system comprising a database proxy and a database, the apparatus comprising: a processor; memory coupled with the processor; and instructions stored in the memory and executable by the processor to cause the apparatus to: receive, at the database proxy, a query associated with a user and comprising an indication of data associated with the database, wherein the query further comprises privacy metadata indicating a data processing activity for using the data; identify a data processing permit stored for the database system that supports both the query and at least a subset of the data indicated by the query based at least in part on the data processing permit indicating a legitimizing reason for the user to access at least the subset of the data for use in the data processing activity; transform, at the database proxy, the query based at least in part on an encryption schema of the database; and execute, at the database, the transformed query based at least in part on identifying the data processing permit, wherein the instructions executable by the processor to cause the apparatus to execute the transformed query are executable by the processor to cause the apparatus to: filter out a first subset of data fields from a data column of the database based at least in part on a hidden column of the database indicating row-level consent for the data column, the hidden column failing to support direct querying of values stored in the hidden column; and determine a query result for the transformed query based at least in part on the filtering.”
There are additional claims. Please visit full patent to read further.
For more information, see this patent: Alexander, Samuel. Managing queries with data processing permits.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Authentication of a remote customer using probabilistic locations of WiFi signals (USPTO 11983695): United Services Automobile Association
Patent Application Titled “Hardware-Accelerated Homomorphic Encryption In Marketplace Platforms” Published Online (USPTO 20240160771): Patent Application
Advisor News
- Principal builds momentum for 2026 after a strong Q4
- Planning for a retirement that could last to age 100
- Tax filing season is a good time to open a Trump Account
- Why aligning wealth and protection strategies will define 2026 planning
- Finseca and IAQFP announce merger
More Advisor NewsAnnuity News
- Half of retirees fear running out of money, MetLife finds
- Planning for a retirement that could last to age 100
- Annuity check fraud: What advisors should tell clients
- Allianz Life Launches Fixed Index Annuity Content on Interactive Tool
- Great-West Life & Annuity Insurance Company Trademark Application for “SMART WEIGHTING” Filed: Great-West Life & Annuity Insurance Company
More Annuity NewsHealth/Employee Benefits News
- Blue Cross Blue Shield settlement to start payouts from $2.67 billion class-action suit
- Why the Cost of Health Care in the US is Soaring
- WARREN, HAWLEY INTRODUCE BIPARTISAN BILL TO BREAK UP BIG MEDICINE
- Proposed ACA regulations are a win for brokers, consumers
- CVS Health CEO David Joyner fires back at AOC’s monopoly criticism
More Health/Employee Benefits NewsLife Insurance News