| US 7,500,111 B2 | ||
| Querying encrypted data in a relational database system | ||
| Vahit Hakan Hacigumus, San Jose, Calif. (US); Balakrishna Raghavendra Iyer, San Jose, Calif. (US); and Sharad Mehrotra, Irvine, Calif. (US) | ||
| Assigned to International Business Machines Corporation, Armonk, N.Y. (US) | ||
| Filed on May 30, 2003, as Appl. No. 10/449,421. | ||
| Prior Publication US 2004/0243816 A1, Dec. 02, 2004 | ||
| Int. Cl. H04K 1/00 (2006.01); H04L 9/00 (2006.01); G06F 11/30 (2006.01); G06F 17/00 (2006.01); G06F 9/44 (2006.01); G06F 17/30 (2006.01) | ||
| U.S. Cl. 713—193 [713/189; 713/190; 380/279] | 40 Claims |
| 1. A client-server relational database system, comprising:
a client computer;
a server computer; and
a network connecting the client computer and the server computer;
wherein data from the client computer is encrypted by the client computer, the encrypted data is stored by the server computer,
a query is performed against the encrypted data by the server computer to produce an encrypted intermediate results set, the
encrypted intermediate results set is sent from the server computer to the client computer and the encrypted intermediate
results set is decrypted and filtered by the client computer to produce unencrypred actual results for the query, such that
the data is always encrypted when it is stored on or processed by the server computer and the encrypted data is never decrypted
by the server computer.
|