Secure generation and inversion of tokens

Title: Secure generation and inversion of tokens

Abstract

Described herein are various technologies related to secure generation of tokens and secure inversion of tokens. A tokenization system executes in a secure execution environment, and is configured to receive a string and an encrypted tokenization function. The tokenization system decrypts the encrypted tokenization function, and executes the tokenization function over the string to generate a token. The token is transmitted to a logically separate computing environment, and the tokenization system deletes the tokenization function and the string.

Inventors:: Solis, John Hector

Issue Date:: 2019-09-10

Research Org.:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1576346

Patent Number(s):: 10,410,210

Application Number:: 14/676,637

Assignee:: National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)

DOE Contract Number:: AC04-94AL85000

Resource Type:: Patent

Resource Relation:: Patent File Date: 2015 Apr 01

Country of Publication:: United States

Language:: English

Citation Formats


                    Solis, John Hector. Secure generation and inversion of tokens.  United States: N. p., 2019. 
        Web.

Copy to clipboard


                    Solis, John Hector. Secure generation and inversion of tokens.  United States.

Copy to clipboard


                    Solis, John Hector. Tue .  
        "Secure generation and inversion of tokens".  United States.  https://www.osti.gov/servlets/purl/1576346.

Copy to clipboard


                    
@article{osti_1576346,

  title        = {Secure generation and inversion of tokens},

  author       = {Solis, John Hector},

  abstractNote = {Described herein are various technologies related to secure generation of tokens and secure inversion of tokens. A tokenization system executes in a secure execution environment, and is configured to receive a string and an encrypted tokenization function. The tokenization system decrypts the encrypted tokenization function, and executes the tokenization function over the string to generate a token. The token is transmitted to a logically separate computing environment, and the tokenization system deletes the tokenization function and the string.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2019},

  month        = {9}

}

Copy to clipboard

Patent:

View Patent

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Controlling a soft token running within an electronic apparatus
patent, October 2014

van Dijk, Marten; Bowers, Kevin D.; Brainard, John
US Patent Document 8,875,263
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=8875263

Method and device for generating a single-use financial account number
patent, December 2000

Walker, Jay S.; Schneier, Bruce; Jindal, Sanjay K.
US Patent Document 6,163,771
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=6163771

Data privacy
patent, September 2016

Roskind, James; Emigh, Aaron T.
US Patent Document 9,450,754
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9450754

Method, apparatus, and system for secure data transport
patent, December 2003

Barron, Robert H.
US Patent Document 6,665,709
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=6665709

Seamless data masking for PaaS based applications
patent, January 2018

Farkash, Ariel; Gokhman, Igor; Goldsteen, Abigail
US Patent Document 9,858,431
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9858431

Payment system clearing for transactions
patent, November 2010

Mascavage, III, John Joseph
US Patent Document 7,827,101
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=7827101

Encryption algorithm management system
patent, July 2006

Tochikubo, Kouya; Okada, Koji; Endo, Naoki
US Patent Document 7,079,655
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=7079655

Use rule-based tokenization data protection
patent, August 2016

Mattsson, Ulf; Rozenberg, Yigal
US Patent Document 9,430,652
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9430652

Secure transaction management
patent, July 2014

Tieken, Craig A.
US Patent Document 8,788,429
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=8788429

Similar records in DOE Patents and OSTI.GOV collections:

System and method for key generation in security tokens

Patent Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; ...

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).
Full Text Available
Secure true random number generation using 1.5-T transistor flash memory

Patent Clark, Lawrence T.; Adams, James; Holbert, Keith E.

This disclosure relates generally to physically unclonable function (PUF) circuitry along with methods of generating numbers. In one embodiment, the PUF circuitry includes a memory, a memory control circuitry, and whitening circuitry. To reduce or eliminate the systematic bias from the array, whitening circuitry is configured to generate a random number comprising random number bits in response to the memory control circuit implementing at least one sequence of memory cycles on the array of the memory cells in the memory. The whitening circuitry is configured to provide the random number bits of the random number based on the variable bitmore »« less
Full Text Available
Apparatus and method for managing digital resources by passing digital resource tokens between queues

Patent Crawford, Henry J. (Berkeley, CA); Lindenstruth, Volker (El Cerrito, CA)

A method of managing digital resources of a digital system includes the step of reserving token values for certain digital resources in the digital system. A selected token value in a free-buffer-queue is then matched to an incoming digital resource request. The selected token value is then moved to a valid-request-queue. The selected token is subsequently removed from the valid-request-queue to allow a digital agent in the digital system to process the incoming digital resource request associated with the selected token. Thereafter, the selected token is returned to the free-buffer-queue.
Full Text Available
Secure video communications system

Patent Smith, Robert L. (Idaho Falls, ID)

A secure video communications system having at least one command network formed by a combination of subsystems. The combination of subsystems to include a video subsystem, an audio subsystem, a communications subsystem, and a control subsystem. The video communications system to be window driven and mouse operated, and having the ability to allow for secure point-to-point real-time teleconferencing.
Full Text Available
Secure distance ranging by electronic means

Patent Gritton, Dale G. (Pleasanton, CA)

A system for secure distance ranging between a reader 11 and a tag 12 wherein the distance between the two is determined by the time it takes to propagate a signal from the reader to the tag and for a responsive signal to return, and in which such time is random and unpredictable, except to the reader, even though the distance between the reader and tag remains the same. A random number (19) is sent from the reader and encrypted (26) by the tag into a number having 16 segments of 4 bits each (28). A first tag signal (31)more »« less
Full Text Available

Similar Records

Title: Secure generation and inversion of tokens

Abstract

Citation Formats

Controlling a soft token running within an electronic apparatus patent, October 2014

Method and device for generating a single-use financial account number patent, December 2000

Data privacy patent, September 2016

Method, apparatus, and system for secure data transport patent, December 2003

Seamless data masking for PaaS based applications patent, January 2018

Payment system clearing for transactions patent, November 2010

Encryption algorithm management system patent, July 2006

Use rule-based tokenization data protection patent, August 2016

Secure transaction management patent, July 2014

Controlling a soft token running within an electronic apparatus
patent, October 2014

Method and device for generating a single-use financial account number
patent, December 2000

Data privacy
patent, September 2016

Method, apparatus, and system for secure data transport
patent, December 2003

Seamless data masking for PaaS based applications
patent, January 2018

Payment system clearing for transactions
patent, November 2010

Encryption algorithm management system
patent, July 2006

Use rule-based tokenization data protection
patent, August 2016

Secure transaction management
patent, July 2014