| 发明名称 | System and method for real-time transactional data obfuscation | ||
| 摘要 | A system and method for providing transactional data privacy while maintaining data usability, including the use of different obfuscation functions for different data types to securely obfuscate the data, in real-time, while maintaining its statistical characteristics. In accordance with an embodiment, the system comprises an obfuscation process that captures data while it is being received in the form of data changes at a first or source system, selects one or more obfuscation techniques to be used with the data according to the type of data captured, and obfuscates the data, using the selected one or more obfuscation techniques, to create an obfuscated data, for use in generating a trail file containing the obfuscated data, or applying the data changes to a target or second system. | ||
| 申请公布号 | US9298878(B2) | 申请公布日期 | 2016.03.29 |
| 申请号 | US201113077800 | 申请日期 | 2011.03.31 |
| 申请人 | ORACLE INTERNATIONAL CORPORATION | 发明人 | Guirguis Shenoda;Pareek Alok;Wilkes Stephen |
| 分类号 | G06F19/00;G06F21/62;G06F17/30 | 主分类号 | G06F19/00 |
| 代理机构 | Tucker Ellis LLP | 代理人 | Tucker Ellis LLP |
| 主权项 | 1. A system, implemented on a computer comprising one or more processors, for providing transactional data privacy while maintaining data usability, comprising: a capture process, executing on the one or more processors, that monitors a first or source system, andcaptures a transaction containing one or more changes to data while the transaction is being received and committed at the first or source system; and an obfuscation process that receives a signal from the capture process when the capture process detects that the transaction is being committed,wherein meta-data associated with the data contained in the transaction includes a data structure describing a distribution of data values that is incrementally maintained,obfuscates the transaction using an obfuscation technique to create an obfuscated transaction,wherein the obfuscation technique includes a nearest neighbor data substitution process combined with anonymization whereby a distance between the data and an origin point is calculated,a nearest neighbor point in the data structure is determined, anda geometric transformation is applied to the nearest neighbor point, generating an obfuscated value,wherein at least some of the data contained in the transaction cannot be determined from the obfuscated transaction, andsends the obfuscated transaction back to the capture process for use in generating a trail file or other information to be sent to a target or second system, wherein the trail file or other information reflects the obfuscated transaction. | ||
| 地址 | Redwood Shores CA US | ||