Secure generation and inversion of tokens

Title: Secure generation and inversion of tokens

Abstract

Described herein are various technologies related to secure generation of tokens and secure inversion of tokens. A tokenization system executes in a secure execution environment, and is configured to receive a string and an encrypted tokenization function. The tokenization system decrypts the encrypted tokenization function, and executes the tokenization function over the string to generate a token. The token is transmitted to a logically separate computing environment, and the tokenization system deletes the tokenization function and the string.

Inventors:: Solis, John Hector

Issue Date:: 2019-09-10

Research Org.:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1576346

Patent Number(s):: 10410210

Application Number:: 14/676,637

Assignee:: National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)

Patent Classifications (CPCs):: G - PHYSICS G06 - COMPUTING G06Q - DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES

Show more

G - PHYSICS G06 - COMPUTING G06Q - DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES
G06Q20/3821 - {Electronic credentials}
G06Q2220/00 - Business processing using cryptography
G06Q20/382 - {insuring higher security of transaction}
G06Q20/38215 - {Use of certificates or encrypted proofs of transaction rights}
G06Q20/367 - {involving intelligent token, e.g. electronic purse}
G06Q20/20 - Point-of-sale [POS] network systems {

Show less

DOE Contract Number:: AC04-94AL85000

Resource Type:: Patent

Resource Relation:: Patent File Date: 2015 Apr 01

Country of Publication:: United States

Language:: English

Citation Formats


                    Solis, John Hector. Secure generation and inversion of tokens.  United States: N. p., 2019. 
        Web.

Copy to clipboard


                    Solis, John Hector. Secure generation and inversion of tokens.  United States.

Copy to clipboard


                    Solis, John Hector. Tue .  
        "Secure generation and inversion of tokens".  United States.  https://www.osti.gov/servlets/purl/1576346.

Copy to clipboard


                    
@article{osti_1576346,

  title        = {Secure generation and inversion of tokens},

  author       = {Solis, John Hector},

  abstractNote = {Described herein are various technologies related to secure generation of tokens and secure inversion of tokens. A tokenization system executes in a secure execution environment, and is configured to receive a string and an encrypted tokenization function. The tokenization system decrypts the encrypted tokenization function, and executes the tokenization function over the string to generate a token. The token is transmitted to a logically separate computing environment, and the tokenization system deletes the tokenization function and the string.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2019},

  month        = {9}

}

Copy to clipboard

Patent:

View Patent

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Controlling a soft token running within an electronic apparatus
patent, October 2014

van Dijk, Marten; Bowers, Kevin D.; Brainard, John
US Patent Document 8,875,263
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=8875263

Method and device for generating a single-use financial account number
patent, December 2000

Walker, Jay S.; Schneier, Bruce; Jindal, Sanjay K.
US Patent Document 6,163,771
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=6163771

Data privacy
patent, September 2016

Roskind, James; Emigh, Aaron T.
US Patent Document 9,450,754
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9450754

Method, apparatus, and system for secure data transport
patent, December 2003

Barron, Robert H.
US Patent Document 6,665,709
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=6665709

Seamless data masking for PaaS based applications
patent, January 2018

Farkash, Ariel; Gokhman, Igor; Goldsteen, Abigail
US Patent Document 9,858,431
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9858431

Payment system clearing for transactions
patent, November 2010

Mascavage, III, John Joseph
US Patent Document 7,827,101
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=7827101

Encryption algorithm management system
patent, July 2006

Tochikubo, Kouya; Okada, Koji; Endo, Naoki
US Patent Document 7,079,655
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=7079655

Use rule-based tokenization data protection
patent, August 2016

Mattsson, Ulf; Rozenberg, Yigal
US Patent Document 9,430,652
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=9430652

Transactional Services
patent-application, August 2007

Pitroda, Satyan G.; Desai, Mehul
US Patent Application 11/539024; 20070198432
URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220070198432%22.PGNR.&OS=DN/20070198432&RS=DN/20070198432

Secure transaction management
patent, July 2014

Tieken, Craig A.
US Patent Document 8,788,429
URL: http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=8788429

Similar Records in DOE Patents and OSTI.GOV collections:

System and method for key generation in security tokens

Patent Evans, Philip G.; Humble, Travis S.; Paul, Nathanael R.; ...

Functional randomness in security tokens (FRIST) may achieve improved security in two-factor authentication hardware tokens by improving on the algorithms used to securely generate random data. A system and method in one embodiment according to the present invention may allow for security of a token based on storage cost and computational security. This approach may enable communication where security is no longer based solely on onetime pads (OTPs) generated from a single cryptographic function (e.g., SHA-256).
Full Text Available
Apparatus and method for managing digital resources by passing digital resource tokens between queues

Patent Crawford, Henry J [Berkeley, CA]; Lindenstruth, Volker [El Cerrito, CA]

A method of managing digital resources of a digital system includes the step of reserving token values for certain digital resources in the digital system. A selected token value in a free-buffer-queue is then matched to an incoming digital resource request. The selected token value is then moved to a valid-request-queue. The selected token is subsequently removed from the valid-request-queue to allow a digital agent in the digital system to process the incoming digital resource request associated with the selected token. Thereafter, the selected token is returned to the free-buffer-queue.
Full Text Available
Cache utilization and eviction based on allocated priority tokens

Patent Johnson, Daniel Robert; Rhu, Minsoo; O'Connor, James M.; ...

A system, method, and computer program product are provided for providing prioritized access for multithreaded processing. The method includes the steps of allocating threads to process a workload and assigning a set of priority tokens to at least a portion of the threads. Access to a resource, by each one of the threads, is based on the priority token assigned to the thread and the threads are executed by a multithreaded processor to process the workload.
Full Text Available
Secure true random number generation using 1.5-T transistor flash memory

Patent Clark, Lawrence T.; Adams, James; Holbert, Keith E.

This disclosure relates generally to physically unclonable function (PUF) circuitry along with methods of generating numbers. In one embodiment, the PUF circuitry includes a memory, a memory control circuitry, and whitening circuitry. To reduce or eliminate the systematic bias from the array, whitening circuitry is configured to generate a random number comprising random number bits in response to the memory control circuit implementing at least one sequence of memory cycles on the array of the memory cells in the memory. The whitening circuitry is configured to provide the random number bits of the random number based on the variable bitmore »« less
Full Text Available
Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Patent Muller, George; Perkins, Casey J.; Lancaster, Mary J.; ...

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversingmore »« less
Full Text Available

Similar Records

Title: Secure generation and inversion of tokens

Abstract

Citation Formats

Controlling a soft token running within an electronic apparatus patent, October 2014

Method and device for generating a single-use financial account number patent, December 2000

Data privacy patent, September 2016

Method, apparatus, and system for secure data transport patent, December 2003

Seamless data masking for PaaS based applications patent, January 2018

Payment system clearing for transactions patent, November 2010

Encryption algorithm management system patent, July 2006

Use rule-based tokenization data protection patent, August 2016

Transactional Services patent-application, August 2007

Secure transaction management patent, July 2014

Controlling a soft token running within an electronic apparatus
patent, October 2014

Method and device for generating a single-use financial account number
patent, December 2000

Data privacy
patent, September 2016

Method, apparatus, and system for secure data transport
patent, December 2003

Seamless data masking for PaaS based applications
patent, January 2018

Payment system clearing for transactions
patent, November 2010

Encryption algorithm management system
patent, July 2006

Use rule-based tokenization data protection
patent, August 2016

Transactional Services
patent-application, August 2007

Secure transaction management
patent, July 2014