公开(公告)号：US20240289485A1

公开(公告)日：2024-08-29

申请号：US18648135

申请日：2024-04-26

Applicant: MongoDB, Inc.

Inventor： Tarik Moataz

IPC: G06F21/62 ,  G06F16/21

CPC classification number: G06F21/6227 ,  G06F16/213

Abstract: Methods and system implement solutions for integrating encryption and emulation into native database formats and/or architectures. “Native” database is used to describe a database that has not been designed for end to end encryption, an off the shelf database deployment, and/or a commercially available database. According to some embodiments, various encryption systems and methods employ emulation operations to enable a native database and native database functions to leverage full encryption primitives. Various aspects integrate emulation operations into standard database implementations, where the emulation enables native database functions to operate on entirely encrypted data.

公开(公告)号：US20220215115A1

公开(公告)日：2022-07-07

申请号：US17570730

申请日：2022-01-07

Applicant: MongoDB, Inc.

Inventor： Tarik Moataz

IPC: G06F21/62 ,  G06F16/21

Abstract: Methods and system implement solutions for integrating encryption and emulation into native database formats and/or architectures. “Native” database is used to describe a database that has not been designed for end to end encryption, an off the shelf database deployment, and/or a commercially available database. According to some embodiments, various encryption systems and methods employ emulation operations to enable a native database and native database functions to leverage full encryption primitives. Various aspects integrate emulation operations into standard database implementations, where the emulation enables native database functions to operate on entirely encrypted data.

公开(公告)号：US20230325524A1

公开(公告)日：2023-10-12

申请号：US18328867

申请日：2023-06-05

Applicant: MongoDB, Inc.

Inventor： Seny Kamara ,  Tarik Moataz ,  Mark Porter

IPC: G06F21/62 ,  G06F16/21

CPC classification number: G06F21/6227 ,  G06F16/213

Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.

公开(公告)号：US20230315897A1

公开(公告)日：2023-10-05

申请号：US18328907

申请日：2023-06-05

Applicant: MongoDB, Inc.

Inventor： Seny Kamara ,  Tarik Moataz ,  Mark Porter

IPC: G06F21/62 ,  G06F16/21

CPC classification number: G06F21/6227 ,  G06F16/213

Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.

公开(公告)号：US20220207171A1

公开(公告)日：2022-06-30

申请号：US17563425

申请日：2021-12-28

Applicant: MongoDB, Inc.

Inventor： Tarik Moataz

IPC: G06F21/62 ,  G06F21/60 ,  G06F21/53 ,  G06F16/2457 ,  G06F16/248

Abstract: Methods and system implement solutions for integrating encryption and emulation into native database formats and/or architectures. “Native” database is used to describe a database that has not been designed for end to end encryption, an off the shelf database deployment, and/or a commercially available database. According to some embodiments, various encryption systems and methods employ emulation operations to enable a native database and native database functions to leverage full encryption primitives. Various aspects integrate emulation operations into standard database implementations, where the emulation enables native database functions to operate on entirely encrypted data.

公开(公告)号：US12039073B2

公开(公告)日：2024-07-16

申请号：US17570730

申请日：2022-01-07

Applicant: MongoDB, Inc.

Inventor： Tarik Moataz

IPC: G06F21/62 ,  G06F16/21

CPC classification number: G06F21/6227 ,  G06F16/213

Abstract: Methods and system implement solutions for integrating encryption and emulation into native database formats and/or architectures. “Native” database is used to describe a database that has not been designed for end to end encryption, an off the shelf database deployment, and/or a commercially available database. According to some embodiments, various encryption systems and methods employ emulation operations to enable a native database and native database functions to leverage full encryption primitives. Various aspects integrate emulation operations into standard database implementations, where the emulation enables native database functions to operate on entirely encrypted data.

公开(公告)号：US20230315896A1

公开(公告)日：2023-10-05

申请号：US18328878

申请日：2023-06-05

Applicant: MongoDB, Inc.

Inventor： Seny Kamara ,  Tarik Moataz ,  Mark Porter

IPC: G06F21/62 ,  G06F21/60 ,  G06F21/55

CPC classification number: G06F21/6227 ,  G06F21/602 ,  G06F21/556

Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.

公开(公告)号：US20230177177A1

公开(公告)日：2023-06-08

申请号：US18075873

申请日：2022-12-06

Applicant: MongoDB, Inc.

Inventor： Marilyn George ,  Seny Kamara ,  Tarik Moataz

IPC: G06F21/60 ,  G06F16/25 ,  G06F16/2455

CPC classification number: G06F21/602 ,  G06F16/258 ,  G06F16/2455

Abstract: A volume hiding structured encryption system and method is provided. According to some embodiments, the system leverages the principle that a STE scheme can leak cumulative information about the query volumes of the data stored in multi-map format, while still hiding the volumes of client queries at query time. According to various examples, the system implements encryption schemes that have smaller storage and better query complexity than the current state-of-the-art, for some input distributions. According to one example, the STE schemes are adapted to the input data structure in order to improve efficiency over known approaches. Further examples includes schemes that are configured to partition a multi-map into smaller multi-maps, and use different allocation functions for different efficiency trade-offs: (i) random allocation, (ii) cuckoo-hashing allocation, and (iii) Garbled Bloom Filter allocation. In one example, the GBF construct enables a stash-less encryption scheme that hides query volumes.