Abstract: A system for secure processing and storing of sensitive data and non-sensitive data for a tenant in an execution environment of a Software as a Service provider or a Platform as a Service provider is disclosed. In the present disclosure, the sensitive data includes a plaintext sensitive data element. The non-sensitive data does not include a plaintext sensitive data element. The execution environment of the system comprises a general execution area. The general execution area allows full access by the Software or the Platform as a Service provider, and a general application service running in the general execution area, wherein the general application service does not have access to the sensitive data, and wherein the general application service only processes the non-sensitive data. Furthermore, the execution environment of the system comprises a trusted execution area, and a trusted application service running in the trusted execution area.

Abstract: A computer-implemented method of replacing a security-relevant unencrypted data string by a placeholder. The steps involved include: providing a plurality of mutually different replacement tables, wherein specified in each of the plurality of replacement tables for each character of the alphabet is precisely one replacement character from the same alphabet and wherein the replacement characters in each of the plurality of replacement tables are all different from each other; receiving the security-relevant unencrypted data string, wherein the data string is formed from a plurality of characters of an alphabet; and generating the placeholder replacing the unencrypted data string, and outputting the placeholder. To provide a method which is distinguished by enhanced performance with comparable cryptographic security it is proposed. Generation of the placeholder includes the specifically identified steps.

Abstract: A computer-implemented method of transferring a data string from an application to a data protection device. To provide a computer-implemented method of transferring a data string from an application to a data protection device that the database query contains the data string and the database query is coded in a database language.

Abstract: The present invention relates to a computer-implemented method for replacing a data string by a placeholder in a replacement device and, when necessary, for reconstituting the data string from the placeholder in the replacement device. There is a need for a central system for replacing a data string by a placeholder for a whole company which enables all applications to be protected and, when necessary, to have controlled access to sensitive data strings. It is necessary to make possible a central administration but at the same time to offer application-related access points throughout the company without long network communication paths.

Abstract: A computer-implemented method of replacing a security-relevant unencrypted data string by a placeholder. The steps involved include: providing a plurality of mutually different replacement tables, wherein specified in each of the plurality of replacement tables for each character of the alphabet is precisely one replacement character from the same alphabet and wherein the replacement characters in each of the plurality of replacement tables are all different from each other; receiving the security-relevant unencrypted data string, wherein the data string is formed from a plurality of characters of an alphabet; and generating the placeholder replacing the unencrypted data string, and outputting the placeholder. To provide a method which is distinguished by enhanced performance with comparable cryptographic security it is proposed. Generation of the placeholder includes the specifically identified steps.

Abstract: A computer-implemented method of transferring a data string from an application to a data protection device. To provide a computer-implemented method of transferring a data string from an application to a data protection device that the database query contains the data string and the database query is coded in a database language.