What do Arby’s, InterContinental Hotels Group, Verifone, Saks Fifth Avenue, Dun & Bradstreet, the IRS, Chipotle, Brooks Brothers and DocuSign all have in common? They were all victims of data breaches in 2017. Or, to be more specific, these organizations’ customers, employees and taxpayers were victims of data breaches. And the reputation of each of these organizations was seriously tarnished.
Electric utilities hold an amazing quantity of data about the citizens and businesses in their service areas. In fact, electric utilities hold data about just about every citizen and business in its service area. Unless someone is able to live totally off the grid, he or she or it is a customer of the utility. The U.S. electric utility industry collectively holds sensitive data on every citizen in the U.S.–except for children, the homeless and the incarcerated—and every business in the U.S. except the few that rent a facility in which the landlord pays the electric bill.
Keeping all that data secure is an ongoing challenge. As new technologies are developed to protect customer data, hackers get more ingenious and find ways to defeat whatever data security methods and systems have been put in place. Many of the newest technologies use two databases that must be verified against each other, creating an encryption for the primary data base that can only be cracked with access to the second database. Encryption aficionados will likely compare cracking a double database code to the challenge the British cryptographers faced in breaking the Enigma code in World War II.
In this month’s Follow the Patent, we take a look at five new data security technologies.
U.S. Patent No. 8,402,281 for a “Data Security System for a Database“ specifically addresses storing large databases as encrypted data (a common practice), but each value in the first database is linked to a corresponding data element type. This patent is assigned to Protegrity Corporation, a company that provides enterprise and cloud data security software for data-centric encryption and tokenization. Published in 2013, the U.S. Patent is part of a multi-national portfolio that includes European and Chinese Patents.
With a whopping 60 Claims, this is a particularly robust patent. The patented technology divides the database into data portions, and then uses a separate data protection table for each data portion. A set of data processing rules is associated with each data portion, and each rule must be satisfied before a data portion can be accessed. These rules can include limited access to any set of data portions by a pre-defined user or set of users and/or by a specific program or programs.
This schematic from U.S. Patent No. 8,402,281 illustrates the use of a data element type to verify data in the encrypted database.
U.S. Patent No. 8,595,495 for a “System and Method for Secure Communications“ focuses on receiving confirmation of a network communication without having to rely on a website, enabling a sender to prove that a message was sent at a specific time and data and verifying the content, and for the receiver to know that the message was actually sent from the purported sender. The inventor of this patent is the prolific Yarin Mayer, and it is currently part of the Barhon patent portfolio.
Also published in 2013, but with just 10 Claims, this patented has a simpler technology. It first registers a user as a subscriber, and then avoids messages from malicious sources by authenticating the IP address of the sender, and refusing to relay the message until its source is authenticated. The system looks at various pieces of data — the subscriber’s phone number, e”‘mail address and IP address — to triple verify who the sender is.
U.S. Patent No. 9,042,608 for a “Data Security System“ uses biometrics at multiple locations to authenticate each user before responding to a request for access to the data. This patent is assigned to Pen-One, Inc., a privately held biometrics company. Remote handheld devices are used to capture biometric data from those seeking to access the database. The user must continue to verify his or herself through biometrics while he or she is using the system and accessing data.
Published in 2015, this is a newer patent with 22 Claims. The patent uses a handheld device–a laptop, tablet, PDA, cell phone or other smart device–that captures the fingerprint of the user. The fingerprint of the user is used to both login to the system, and then used repeatedly–but in a seamless manner–for the entire time the user is logged in and accessing data. This prevents the situation that a user logs in, uses the system, but fails to log out, and someone else picks up his or her smart device and has access to the data.
U.S. Patent No. 9,608,999 for “Smart Beacon Data Security“ introduces the use of “dynamic beacon identifiers” to validate the authenticity of a person or computer attempting to access secure data. This patent is assigned to Accenture Global Services Limited, the multi-national management consulting and professional services firm that was spun off from the Arthur Andersen accounting firm before it folded in 2002.
Published in 2017, this is an even newer patent with 17 Claims. The patent uses several beacons (low-powered transmitters that broadcast unique identifiers) that can be received by app-enabled devices that use the beacon to determine the current location of the party attempting to access the data. One of the current problems with data security is knowing exactly where the person attempting to access the data is, and this patent specifically addresses that. A separate data stream–parallel to and separate from the hard-wired or Wi-Fi connection–in the form of a radio signal verifies each user by verifying and re-verifying his or her physical location.
This drawing from U.S. Patent No. 9,608,999 shows the use of a beacon to verify the location–and, therefore, the authenticity–of a person accessing the database.
U.S. Patent No. 9,813,416 for a “Data Security System with Encryption“ employs a “electronic authentication subsystem” to verify a user’s identify via an authentication key that retrieves an encryption key that resides in the separate subsystem. This patent is assigned to Clevx, LLC, a provider of not just data encryption services, but also cloud storage solutions and innovative chargers and boosters for smartphones.
Also published in 2017, this is the newest of the five featured patents, and it has 18 Claims. The patented technology uses an outside data security system to verify each user by requesting an authentication key. The user identification is supplied from the outside, while the data for the authentication key is stored in a totally separate database. A wireless communication module is coupled to an authentication controller, and it uses the authentication controller to hide the authentication code from outsiders. It employs an encryption key that permits communication between the host computer and the storage media for the database.
Next time: Electric utilities are some of the largest users of drones. The next Follow the Patents will look at emerging technologies in the unmanned aerial vehicle (UAV) sector.
About the author: Alec Schibanoff is Vice President of IPOfferings LLC, a leading patent broker and IP consulting services firm. He can be reached at alec@IPOfferings.com.