Abstract: A method and system for consistent format preserving encryption (C-FPE) are provided to protect data while the data is in a domain while allowing encrypted data to be treated inside the domain as if it were the unencrypted data. The method includes inserting a coupling into a data flow at a perimeter of the domain, and translating a data element from an unprotected data element to a protected data element using the coupling such that the data element is a protected data element within the domain.

Abstract: A method and system for consistent format preserving encryption (C-FPE) are provided to protect data while the data is in a domain while allowing encrypted data to be treated inside the domain as if it were the unencrypted data. The method includes inserting a coupling into a data flow at a perimeter of the domain, and translating a data element from an unprotected data element to a protected data element using the coupling such that the data element is a protected data element within the domain.

Abstract: A method and system for consistent format preserving encryption (C-FPE) are provided to protect sensitive data while the sensitive data is in a domain while allowing encrypted sensitive data to be treated inside the domain as if it were the unencrypted sensitive data. The method includes inserting a transparent coupling into a data flow at a perimeter of the domain, and translating a sensitive data element from an unprotected data element to a protected data element using the transparent coupling such that the sensitive data element is a protected data element within the domain.

Abstract: A method and system for consistent format preserving encryption (C-FPE) are provided to protect sensitive data while the sensitive data is in a domain while allowing encrypted sensitive data to be treated inside the domain as if it were the unencrypted sensitive data. The method includes inserting a transparent coupling into a data flow at a perimeter of the domain, and translating a sensitive data element from an unprotected data element to a protected data element using the transparent coupling such that the sensitive data element is a protected data element within the domain.

Abstract: In cross-domain transactions, a user communicates with multiple distinct domains. For example, in an authenticated online credit card purchase, the user supplies a credit card number to a merchant's web page, and is thereafter sent (via a pop-up window) to an issuing bank's access control server to provide a password to the issuing bank. The server verifies the password and returns a transaction authorization to the user (via the pop-up), who forwards the authorization to the merchant. If the user's computer includes a pop-up killer, the communication channel between the user's browser and the issuing bank (i.e., the pop-up) is eliminated, preventing authentication and transaction authorization. This patent discloses techniques for creating a simulated pop-up window that resists automatic termination by pop-up killers, so that the cross-domain transaction can proceed in spite of the pop-up killer.