Abstract: The invention relates to a client computer for updating a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying a postfix search on a search criterion, determining the suffix item matching the search criterion, providing to the database a request for provi

Abstract: The invention relates to a method for creating a set of asymmetrical cryptographic key pairs, wherein the set of key pairs has a first key pair (K1) and a second key pair (K2), wherein the first key pair is formed by a first private (G1) and a first public key (O1) and the second key pair is formed by a second private (G2) and a second public key (O2), wherein a first cipher (C_G2_O1) is allocated to the first and second key pair, wherein the first cipher is formed by an encryption of the second private key (G2) with the first public key (O1), having the following steps: adding a third asymmetrical cryptographic key pair (K3) to the set of key pairs, wherein the third key pair is formed by a third private (G3) and a third public key (O3); creating a second cipher (C_G3_O1) by encrypting the third private key (G3) with the first public key (O1); storing the second cipher (212; 186), wherein the set of key pairs has a directed graph structure.

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying an infix search expression, said expression comprising a first wildcard term on the left side of a search criterion and a second wildcard term o

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying a postfix search on a search criterion, determining the suffix item matching the search criterion, providing to the database a request for provi

Abstract: The present disclosure relates to a computer system for querying a database residing on a server computer of the computer system, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, wherein a referential connection exists assigning each encrypted data item in the relation to a respective data record of the data records, wherein the encrypted data items are annotated with data elements of a linear order in the database, the linear order corresponding the order in which the encrypted data items are stored in the relation with respect to the partial ordered set, the computer system further comprising a client computer, the client computer being configured for sending to the server computer a request for data

Abstract: The present disclosure relates to a computer system for inserting multiple data items in a relation, the relation being stored on a server computer of the computer system, the relation comprising data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form.

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises a first relation, wherein the first relation comprises first data items, wherein the first data items are encrypted with a first cryptographic key in the first relation, wherein the first data items form a partially ordered set in the first relation, the partial order being formed with respect to the first data items in non-encrypted form, wherein the client computer has installed thereon an application program, the application program being operational to perform the steps of receiving a search request specifying a search interval and determining the first data item forming an interval boundary of the search interval.

Abstract: A computer system is disclosed herein for storage and retrieval of encrypted data items, such as for storing encrypted data items in the cloud, as well as a respective client computer, client computer system, computer program product and computer-implemented method. Embodiments of the disclosed computer system allow for searching for encrypted data items stored in a database based on functional values associated with the data items. The retrieval of the data items from the database can be performed without knowledge of a respective cryptographic key by the database.

Abstract: The invention relates to a client computer for updating a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises a set of first relations, wherein each first relation in the set of the first relations comprises first data items, wherein for each first relation the first data items are encrypted with a respective first cryptographic key in the first relation, wherein the first data items form a partially ordered set in each first relation, in each first relation the partial order being formed with respect to the first data items of said first relation in non-encrypted form.

Abstract: The invention relates to a client computer for updating a first relation in a database stored on a server via a network with an update first data item, the server being coupled to the client computer via the network, wherein the first data items are encrypted with a first cryptographic key in the first relation, wherein the first data items form a partially ordered set in the first relation, the partial order being formed with respect to the first data items in non-encrypted form, wherein the client computer has installed thereon an application program, the application program being operational to perform the steps of sequentially requesting and decrypting encrypted first data items and providing a storage request to the data base in case a position for storing the update first data item is determined.

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server-being coupled to the client computer via the network, wherein the database comprises a set of first relations, wherein each first relation in the set of the first relations comprises first data items, wherein for each first relation the first data items are encrypted with a respective first cryptographic key in the first relation, wherein the first data items form a partially ordered set in each first relation, in each first relation the partial order being formed with respect to the first data items of said first relation in non-encrypted form.

Abstract: The invention relates to a client computer for updating a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying a postfix search on a search criterion, determining the suffix item matching the search criterion, providing to the database a request for provi

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying an infix search expression, said expression comprising a first wildcard term on the left side of a search criterion and a second wildcard term o

Abstract: The invention relates to a computer implemented method for analyzing data of a first user, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key and a private key, the data being stored pseudonymously in a database with the data being assigned to an identifier, wherein the identifier comprises the public key, the method comprising: receiving a set of rules, the set of rules describing data processing steps, receiving the identifier, retrieving the data assigned to the identifier from the database, analyzing the retrieved data by applying the set of rules, providing a result of the analysis.

Abstract: An apparatus for encrypting data is provided. The apparatus is capable of symmetrically encrypting data and then encrypting the symmetrically encrypted data with the aid of a bit string. The bit string has a maximum entropy. Encryption of the symmetrically encrypted data is designed such that a section of the bit string is used for encryption and successive encryption operations are carried out with carrying sections of the bit string while the bit string remains unchanged.

Abstract: The invention relates to a computer system comprising a client computer (10) and a database (30) stored on a server (22), the server (22) being coupled to the client computer (10) via a network (48; 114), wherein the database (30) comprises a first relation (36) and a second relation (32; 34), wherein the first relation (36) comprises first data items, wherein the first data items are encrypted with a first cryptographic key (18; 108) in the first relation (36), wherein the second relation (32; 34) comprises equivalence classes, wherein the equivalence classes are encrypted with a second cryptographic key (18; 108) in the second relation (32; 34), wherein each equivalence class is a functional value of one of the first data items, the functional value being obtainable by applying an equivalence relation to the one of the first data items, wherein the second relation (32; 34) comprises for each equivalence class a referential connection assigning the equivalence class to the first data item stored encrypted in

Abstract: The invention relates to a method for creating a second asymmetric cryptographic pair of keys, wherein a first private key (G0) together with a first public key (O0) forms a first asymmetric cryptographic pair of keys (K0). Embodiments of the method may comprise the following steps: receiving a user identifier; calculating a second private key (G1), wherein a random value (z) and the user identifier are considered in the calculation; calculating a second public key (O1) from the second private key using an asymmetric cryptographic key creation method, wherein the second private key and the second public key form the second asymmetric cryptographic pair of keys (K1, 206); creating a first cipher (C_G0—O1) by encrypting the first private key (G0) with the second public key (O1); and storing the first cipher (C_G0—O1).

Abstract: The invention relates to a client computer for querying a database stored on a server via a network, the server being coupled to the client computer via the network, wherein the database comprises first data items and suffix items, wherein each suffix item describes a suffix of at least one first data item of the first data items, wherein for each suffix item a first referential connection exists in the database assigning said suffix item to the at least one first data item comprising the suffix of said suffix item, wherein each suffix item is encrypted with a suffix cryptographic key in the database, wherein each first data item is encrypted with a first cryptographic key in the database, wherein the client computer has installed thereon an application program, the application program being operational to: receiving a search request, the search request specifying an infix search expression, said expression comprising a first wildcard term on the left side of a search criterion and a second wildcard term o

Abstract: The invention relates to a server system for providing at least one service. The system having an interface for connecting a server to a user's computer, an authentication device that is designed and provided for request personal identification data of a user who logs onto the server via the user computer and to permit the user computer access if authentication is successful, and a server protection system. The server protection system is designed and provides to compare additional user's computer specific identification data with identification data stored in advance on the server, after successful authentication by the authentication device, and to grant authorization to the user's computer to access the service or services depending on the comparison of the user's computer specific identification data. The invention also relates to a method for providing at least one service and the method for executing an application program.

Abstract: A system is disclosed comprising multiple sets of client computers each client computer having installed thereon an application program The application program comprising client computer specific log-in information, a database system coupled to the set of client computers via a network. The database system having a log-in component for logging-in the client computers, and being partitioned into multiple relational databases each one of which is assigned to one set of the sets of client computers. Each database further storing encrypted data items, each data item being encrypted with one of the user or user-group specific cryptographic keys, the key identifier of the cryptographic key with which one of the data items is encrypted being stored in the database as an attribute of the one of the encrypted data items. The log-in component comprising assignment information indicative of the assignment of the databases to the set of client computers.