Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.

Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.

Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.

Abstract: A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.

Abstract: A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.

Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.

Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.

Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.

Abstract: A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.

Abstract: A gateway device includes a network interface connected to data sources, and computer instructions, that when executed cause a processor to access data portions from the data sources. The processor accesses classification rules, which are configured to classify a data portion of the plurality of data portions as sensitive data in response to the data portion satisfying the rule. Each rule is associated with a significance factor representative of an accuracy of the classification rule. The processor applies each of the set of classification rules to a data portion to obtain an output of whether the data is sensitive data. The output are weighed by significance factors to produce a set of weighted outputs. The processor determines if the data portion is sensitive data by aggregating the set of weighted outputs, and presents the determination in a user interface. Security operations may also be performed on the data portion.

Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.

Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.

Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.

Abstract: A tokenization system tokenizes sensitive data to prevent unauthorized entities from accessing the sensitive data. The tokenization system accesses sensitive data, and retrieves an initialization vector (IV) from an IV table using a first portion of the sensitive data. A second portion of the sensitive data is modified using the accessed initialization vector. A token table is selected from a set of token tables using a third portion of the sensitive data. The modified second portion of data is used to query the selected token table, and a token associated with the value of the modified second portion of data is accessed. The second portion of the sensitive data is replaced with the accessed token to form tokenized data.