Patented solutions for innovative, comprehensive security

Protegrity is the leading innovator of proven data security solutions to protect databases, applications and file environments. This technology leadership position has been established through significant investments in research and development since the mid 1990s. Today, Protegrity holds over a dozen important United States patents in data protection and has additional patent applications pending.

The following Protegrity products are protected by patents in the USA and/or elsewhere. This website is provided to satisfy the virtual patent marking provisions of various jurisdictions including Section 16 of the America Invents Act and 35 U.S.C. §287(a). Additional patents may be pending or granted in the USA and/or elsewhere.

 

  • Protegrity® File Protector™
    US Patent #(s): 9,230,128; 9,219,716; 9,152,579; 8,745,094; 8,661,263; 7,418,098
  • Protegrity® Database Protector™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 9,087,209; 8,935,802; 8,745,094; 8,661,263; 6,321,201; 7,418,098; 7,490,248; 8,402,281
    AUS Patent #: AU 1997032823
    CAN Patent #: CA 724388
    CHN Patent #: CN 1222272
    DEU Patent #: EP 0891661 B1
    ISR Patent #: WO 97/49211
    JPN Patent #: JP 4167300 B
    SWE Patent #(s): SE 506853 C2; EP 0891661 B1
    GBR Patent #: EP 0891661 B1
  • Protegrity® Application Protector™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 9,087,209; 8,935,802; 8,893,250; 8,745,094; 8,661,263; 7,418,098
  • Protegrity® Database Protector for Teradata™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 9,087,209; 8,935,802, 8,745,094; 8,661,263; 6,321,201; 7,418,098; 7,490,248; 8,402,281; 8,510,335
    AUS Patent #: AU 1997032823
    CAN Patent #: CA 724388
    CHN Patent #: CN 1222272
    DEU Patent #: EP 0891661 B1
    ISR Patent #: WO 97/49211
    JPN Patent #: JP 4167300 B
    SWE Patent #(s): SE 506853 C2; EP 0891661 B1
    GBR Patent #: EP 0891661 B1
  • Protegrity® Protection Server
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 8,935,802; 8,893,250; 8,745,094; 8,661,263; 7,418,098
  • Protegrity® Big Data Protector™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 9,087,209; 8,935,802; 8,745,094; 8,661,263; 6,321,201; 7,418,098; 7,490,248; 8,402,281; 8,510,335
    AUS Patent #: AU 1997032823
    CAN Patent #: CA 724388
    CHN Patent #: CN 1222272
    DEU Patent #: EP 0891661 B1
    ISR Patent #: WO 97/49211
    JPN Patent #: JP 4167300 B
    SWE Patent #(s): SE 506853 C2; EP 0891661 B1
    GBR Patent #: EP 0891661 B1
  • Protegrity® Avatar™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 9,087,209; 8,935,802; 8,745,094; 8,661,263; 6,321,201; 7,418,098; 7,490,248; 8,402,281; 8,510,335
    AUS Patent #: AU 1997032823
    CAN Patent #: CA 724388
    CHN Patent #: CN 1222272
    DEU Patent #: EP 0891661 B1
    ISR Patent #: WO 97/49211
    JPN Patent #: JP 4167300 B
    SWE Patent #(s): SE 506853 C2; EP 0891661 B1
    GBR Patent #: EP 0891661 B1
  • Protegrity® Cloud Gateway
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 8,935,802; 8,745,094; 8,661,263; 7,418,098
  • Protegrity® File Protector Gateway™
    US Patent #(s): 9,219,716; 9,152,579; 9,148,476; 8,935,802; 8,745,094; 8,661,263; 7,418,098
  • Protegrity® File Protector for Mainframe
    US Patent #(s): 9,219,716; 7,418,098; 8,745,094

Protegrity Patents Include:

UNITED STATES PATENT 5,606,610,ISSUED 2/25/1997

Apparatus and method for storing data

Summary: The invention defines a method and device for protecting personally identifiable information, like a social security number, and other personal information in a database.


UNITED STATES PATENT 6,321,201, ISSUED 11/20/2001

A policy driven encryption method for databases

Summary: The invention describes a method of applying data sensitivity driven encryption levels for specific categories of data in a database based on data element types (commonly arranged in columns) combined with user group restrictions and limitations.


UNITED STATES PATENT 6,963,980, ISSUED 11/8/2005

Combined hardware and software based encryption of databases

Summary: The invention describes a combined system of hardware and software implemented encryption for encryption of data of different security levels, whereby tamper-proof hardware implemented encryption is used for the data of higher security level and software implemented encryption is used for data of lower security level.


UNITED STATES PATENT 7,120,933, ISSUED 10/10/2006

Method for intrusion detection in a database system

Summary: The invention defines a method for detecting and preventing intrusion in a database based on analyzing data access behavior particularly by determining if the user exceeds the number of records or type of operations that are defined in the respective user’s security profile.


UNITED STATES PATENT 7,305,707, ISSUED 12/4/2007

Method for intrusion detection in a database system

Summary: The invention defines a method for detecting and preventing intrusion in a database based on analyzing data access behavior and determining if the results of the query violates the intrusion detection policy.


UNITED STATES PATENT 7,313,822, ISSUED 12/25/2007

Application-layer security method and system

Summary: The underlying invention is a Web Application Firewall software solution where all incoming application operation requests are screened using of a set of security filters (or “pipes”) to protect the application against requests received from an unknown or distrusted environment.


UNITED STATES PATENT 7,325,129, ISSUED 1/29/2008

Method for altering encryption status in a relational database in a continuous process

Summary: The invention describes a method for altering encryption status in a database without need to take the database off-line while the changes are made for example in substituting existing encryption keys, adding, removing or changing any encryption requirement, and re-encrypting the data.


UNITED STATES PATENT 7,418,098, ISSUED 8/26/2008

Data type preserving encryption

Summary: The invention defines a method and a system for preserving the original data type and length when encrypting data in a relational database. This helps to minimize the need for changes to applications and databases.


UNITED STATES PATENT 7,490,248, ISSUED 2/10/2009

Method for re-encryption of a database

Summary: The invention describes an automatic method of re-encryption of a database based on key-expiration deadlines.


UNITED STATES PATENT 7,539,857, ISSUED 5/26/2009

Cooperative processing and escalation in a multi-node application-layer security system and method

Summary: The invention defines a method and system for application-layer security with default operational protection modes that can be escalated to provide a higher level of protection. This can allow a Web Application Firewall to switch between monitoring mode and blocking mode when the threats are changing.


UNITED STATES PATENT 7,594,266, ISSUED 9/22/2009

Data security and intrusion detection

Summary: The invention defines a method for detecting and preventing intrusion in file systems and web servers based on access patterns. It enables the security administrator to set rules on data volumes and access to the file system.


UNITED STATES PATENT 7,614,085, ISSUED 11/3/2009

Method for the automatic setting and updating of a security policy

Summary: The invention defines a method for maintaining a security policy for web applications. The method can identify security flaws in web applications and help configure Web Application Firewalls.


UNITED STATES PATENT 7,882,555, ISSUED 2/1/2011

Application-layer security method and system

Summary: The underlying invention is a Web Application Firewall software solution where the protective layer enables use of a specific path for each operation request and each path involving one or more security filters (or “pipes”). This method enables a more granular protection of an application than the method described in the U.S. patent 7,313,822.


UNITED STATES PATENT 7,984,025, ISSUED 7/19/2011

Method for re-encryption of a database

Summary: The invention describes an automatic method of assuring that every row and item is encrypted with a valid key.


UNITED STATES PATENT 8,225,106, ISSUED 7/17/2012

Differential encryption utilizing trust modes

Summary: The invention defines methods for adjusting data protection levels based to the level of trust that a system currently is operating under. The trust level will adjust based on how the system was (re)started and if it maintains a dialog with an external security system.


UNITED STATES PATENT 8,402,281, ISSUED 3/19/2013

Data security system for a database

Summary: The invention describes a method of granting access to a data portion in a database after validating that the data processing rules, maintained in a separate data protection table, are satisfied.


UNITED STATES PATENT 8,510,335, ISSUED 8/13/2013

Database and method for controlling access to a database

Summary: The invention describes a method of for controlling access to a database, providing both a high security level, separation of duties and great operational performance.


UNITED STATES PATENT 8,661,263, ISSUED 2/25/2014

Meta-complete data storage

Summary: The invention described herein generally relates to systems and methods of securely storing data so that the data contains information about the data and/or the encryption of the data, systems and methods of providing secure access to real world data through data transformations, and systems and methods of managing security parameters for data.


UNITED STATES PATENT 8,701,191, ISSUED 4/15/2014

Multi-layer system for privacy enforcement and monitoring of suspicious data access behavior

Summary: A method for controlling data access in a data-at-rest system includes executing a link intrusion prevention analysis between multiple layers of the data-at-rest system, introducing a privacy policy at enforcement points that span multiple system layers, and dynamically altering the privacy policy.


UNITED STATES PATENT 8,745,094, ISSUED 6/3/2014

Distributed tokenization using several substitution steps

Summary: The invention relates to distributed tokenization of sensitive data by using static token lookup tables and involving one or more tokenization steps.


UNITED STATES PATENT 8,769,272, ISSUED 7/1/2014

Differential encryption utilizing trust modes

Summary: The invention defines methods for adjusting data protection levels based to the level of trust that a system currently is operating under. The trust level will adjust based on how the system was (re)started and if it maintains a dialog with an external security system.


UNITED STATES PATENT 8,826,449, ISSUED 9/2/2014

Data security in a disconnected environment

Summary: The invention relates to systems and methods for detection and prevention of intrusions in data at rest systems such as file systems and web servers.


UNITED STATES PATENT 8,893,250, ISSUED 11/18/2014

Tokenization in mobile environments

Summary: A mobile device can tokenize communication data based on device information and session information.


UNITED STATES PATENT 8,935,787, ISSUED 1/13/2015

Multi-Layer System for Privacy Enforcement and Monitoring of Suspicious Data Access Behavior

Summary: A method and system for introducing a privacy policy with enforcement points that span multiple system layers that is coupled with link intrusion prevention analysis between the multiple system layers.


UNITED STATES PATENT 8,935,802, ISSUED 1/13/2015

Verifiable Tokenization

Summary: To distinguish between tokenized data and un-tokenized data, the tokenization system may be configured to generate tokenized data that intentionally fails a validation test.


UNITED STATES PATENT 8,978,152, ISSUED 3/10/2015

Decentralized token table generation

Summary: Tokenization tables are derived at intervals in order to increase the security of tokenized data.


UNITED STATES PATENT 9,087,209, ISSUED 7/21/2015

Database access control

Summary: The invention describes a method of for controlling access to a database, providing both a high security level, separation of duties and great operational performance.


UNITED STATES PATENT 9,092,614, ISSUED 7/28/2015

Preventing impersonation of a computer system user

Summary: A system and method for preventing an administrator impersonating a user from accessing sensitive resources on a target system is provided.


UNITED STATES PATENT 9,111,116, ISSUED 8/18/2015

Collision avoidance in a distributed tokenization environment

Summary: A central token management system to determine if the candidate token collides with a token generated by or stored at another client.


UNITED STATES PATENT 9,148,476, ISSUED 9/29/2015

Verifiable tokenization

Summary: To distinguish between tokenized data and un-tokenized data, the tokenization system may be configured to generate tokenized data that intentionally fails a validation test.


UNITED STATES PATENT 9,152,579, ISSUED 10/6/2015

Meta-complete data storage

Summary: The invention describes securely storing data so that the data contains information about the data and/or the encryption of the data.


UNITED STATES PATENT 9,202,086,ISSUED 12/1/2015

Tokenization in a Centralized Tokenization Environment

Summary: Data can be protected by tokenization using a token certificate associated with the token.


UNITED STATES PATENT 9,219,716, ISSUED12/22/2015

Distributed Tokenization Using Several Substitution Steps

Summary: The invention relates to general tokenization of sensitive data by using static token lookup tables and involving one or more tokenization steps.


UNITEDSTATESPATENT9,229,987,ISSUED1/5/2015

Mapping Between Tokenization Domains

Summary: A tokenization based on a single-use tokenization system and a multi-use tokenization system.


UNITED STATES PATENT 9,230,128, ISSUED 1/5/2015

Assignment of Security Contexts to Define Access Permissions for File System Objects

Summary: A method for restricting operations in a file system based on security contexts based on roles and access permissions.


UNITED STATES PATENT 9,230,136, ISSUED 1/5/2015

Tokenization Column Replacement

Summary: A tokenization system using a vector table that modifies the sensitive data.


UNITED STATES PATENT 9,237,006, ISSUED 1/12/2015

Meta-complete data storage

Summary: A tokenization system using an initialization vector (IV) based a portion of the sensitive data.


UNITED STATES PATENT 9,514,330, ISSUED 8/23/2016

Verifiable tokenization

Summary: Use rules are included within tokenized data either before or after tokenization.


UNITED STATES PATENT 9,431,767 ISSUED 8/30/2016

Tokenization in mobile environments

Summary: Data cab in protected in mobile and payment environments through various tokenization operations.


UNITED STATES PATENT 9,443,104, ISSUED 9/13/2016

Tokenization of Structured Data

Summary: Structured data, such as email addresses, social security numbers, and the like is accessed for encoding.


UNITED STATES PATENT 9,514,319, ISSUED 12/6/2016

Database and method for controlling access to a database

Summary: A method for controlling access to a database is disclosed, as well as a corresponding database system.


UNITED STATES PATENT 9,516,031, ISSUED 12/6/2016

Assignment of security contexts to define access permissions for file system objects

Summary: A system and method are provided for restricting various operations in a file system based on security contexts.


UNITED STATES PATENT 9,514,457, ISSUED 12/6/2016

Tokenizatiion in mobile environments

Summary: Data can be protected in mobile and payment environments through various tokenization operations.


UNITED STATES PATENT 9,514,330, ISSUED 12/6/2016

Meta-complete data storage

Summary: The invention of methods and systems to securely store data so that the data contains information about the data and/or the encryption of the data, systems and methods of providing secure access to real world data through data transformations, and systems and methods of managing security parameters for data.


UNITED STATES PATENT 9,514,169 ISSUED 12/6/2016

Columnar table data protection

Summary: Shuffling data stored in columnar tables improves data storage security, particularly when used in conjunction with other security operations, such as tokenization and cryptography.


UNITED STATES PATENT 9,563,788, ISSUED 2/7/2016

Tokenization in a centralized tokenization environment

Summary: Data can be protected in a centralized tokenization environment.


 

UNITED STATES PATENT 9,639,716 ISSUED 5/2/2017

Distributed tokenization using several substitution steps

Summary: A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed.


UNITED STATES PATENT 9,639,569, ISSUED 5/2/2017

Mapping between tokenization domains

Summary: A tokenization environment includes a first tokenization system in a first token domain and a second tokenization system in a second token domain.


UNITED STATES PATENT 9,641,519 ISSUED 5/2/2017

Table-connected tokenization

Summary: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data.