Patents by Inventor Seny Kamara
Seny Kamara has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260161817Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: ApplicationFiled: November 25, 2025Publication date: June 11, 2026Applicant: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Publication number: 20260080093Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: ApplicationFiled: November 24, 2025Publication date: March 19, 2026Applicant: MongoDB, Inc.Inventors: Seny Kamara, Tank Moataz, Mark Porter
-
Patent number: 12511422Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: GrantFiled: June 5, 2023Date of Patent: December 30, 2025Assignee: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Patent number: 12511421Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: GrantFiled: June 5, 2023Date of Patent: December 30, 2025Assignee: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Patent number: 12511423Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: GrantFiled: June 5, 2023Date of Patent: December 30, 2025Assignee: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Publication number: 20250356046Abstract: Described herein are database systems that execute range queries on encrypted data. Provided is a numerical encoding scheme provides a set of order-preserving functions that maps all numerical data types supported by the database systems to a compact set of positive integers representative of the range query. Stored encrypted data may also be represented as positive integers. The positive integers from the range query may then be used to execute a set of equality queries on the stored encrypted data. Also provided is a range hypergraph supporting range queries to be executed on the encrypted data with high-throughput and without high amounts of storage overhead. Additionally, a hypergraph-friendly compaction protocol may be performed with padded inputs, in order to reduce leakage for range queries.Type: ApplicationFiled: May 15, 2025Publication date: November 20, 2025Applicant: MongoDB, Inc.Inventors: Tarik Moataz, Seny Kamara
-
Publication number: 20250358099Abstract: Provided are systems and methods for implementing an updatable private set intersection (UPSI) that supports arbitrary deletions, where one is not known to date. Various embodiments leverage this new UPSI to enable and improve a variety of privacy-preserving applications where PSI is currently employed. For example, various embodiments provide a constant round protocol with worst-case communication and computation complexity that grows linearly in the size of the updates and only poly-logarithmically with the size of the accumulated sets, and provides the first implementation to support arbitrary inserts and deletes for updatable PSI. Any one of these functionalities improve over current solutions.Type: ApplicationFiled: May 15, 2025Publication date: November 20, 2025Inventors: Archita Agarwal, David Cash, Marilyn George, Seny Kamara, Tarik Moataz, Jaspal Singh
-
Publication number: 20250356045Abstract: Provided are systems and methods for implementing an updatable private set intersection (UPSI) that supports arbitrary deletions, where one is not known to date. Various embodiments leverage this new UPSI to enable and improve a variety of privacy-preserving applications where PSI is currently employed. For example, various embodiments provide a constant round protocol with worst-case communication and computation complexity that grows linearly in the size of the updates and only poly-logarithmically with the size of the accumulated sets, and provides the first implementation to support arbitrary inserts and deletes for updatable PSI. Any one of these functionalities improve over current solutions.Type: ApplicationFiled: May 15, 2025Publication date: November 20, 2025Inventors: Archita Agarwal, David Cash, Marilyn George, Seny Kamara, Tarik Moataz, Jaspal Singh
-
Publication number: 20250358112Abstract: Systems and methods are provided for implementing updatable private set intersection in distributed database architectures (e.g., the well-known MongoDB). The systems and methods can include a new specification language referred to for convenience as “MPPL,” for specifying general multi-party computation protocols. This architecture incorporates private set intersection, accessible via command line operators or other operators formatted according to a native query language. Other embodiments detail systems and methods for integrating multi-party database operations via new server node(s) added to a distributed database system (e.g., MongoDB cluster) that manage communication between parties holding private data.Type: ApplicationFiled: May 15, 2025Publication date: November 20, 2025Applicant: MongoDB, Inc.Inventors: Archita Agarwal, Zachary Espiritu, Marilyn George, Seny Kamara, Tarik Moataz, Andrew Park
-
Patent number: 12430449Abstract: A volume hiding structured encryption system and method is provided. According to some embodiments, the system leverages the principle that a STE scheme can leak cumulative information about the query volumes of the data stored in multi-map format, while still hiding the volumes of client queries at query time. According to various examples, the system implements encryption schemes that have smaller storage and better query complexity than the current state-of-the-art, for some input distributions. According to one example, the STE schemes are adapted to the input data structure in order to improve efficiency over known approaches. Further examples includes schemes that are configured to partition a multi-map into smaller multi-maps, and use different allocation functions for different efficiency trade-offs: (i) random allocation, (ii) cuckoo-hashing allocation, and (iii) Garbled Bloom Filter allocation. In one example, the GBF construct enables a stash-less encryption scheme that hides query volumes.Type: GrantFiled: December 6, 2022Date of Patent: September 30, 2025Assignee: MongoDB, Inc.Inventors: Marilyn George, Seny Kamara, Tarik Moataz
-
Publication number: 20230325524Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: ApplicationFiled: June 5, 2023Publication date: October 12, 2023Applicant: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Publication number: 20230315897Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: ApplicationFiled: June 5, 2023Publication date: October 5, 2023Applicant: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Publication number: 20230315896Abstract: According to some aspects, provided are systems and methods that implement end-to-end encryption, and provide implementation configured to secure information during execution of queries on an encrypted data source. Various embodiments include multiple encrypted multi-map data structures and associated encryption schemes configured to securely read, write, and delete information while supporting any one or more of the following features: snapshot security, multiple client support, efficient execution under concurrent operation, and resilience to client failures. In various embodiments, addressable multi-map data structures enable concurrent access, and allow correct operation under polynomial time constraints.Type: ApplicationFiled: June 5, 2023Publication date: October 5, 2023Applicant: MongoDB, Inc.Inventors: Seny Kamara, Tarik Moataz, Mark Porter
-
Publication number: 20230177177Abstract: A volume hiding structured encryption system and method is provided. According to some embodiments, the system leverages the principle that a STE scheme can leak cumulative information about the query volumes of the data stored in multi-map format, while still hiding the volumes of client queries at query time. According to various examples, the system implements encryption schemes that have smaller storage and better query complexity than the current state-of-the-art, for some input distributions. According to one example, the STE schemes are adapted to the input data structure in order to improve efficiency over known approaches. Further examples includes schemes that are configured to partition a multi-map into smaller multi-maps, and use different allocation functions for different efficiency trade-offs: (i) random allocation, (ii) cuckoo-hashing allocation, and (iii) Garbled Bloom Filter allocation. In one example, the GBF construct enables a stash-less encryption scheme that hides query volumes.Type: ApplicationFiled: December 6, 2022Publication date: June 8, 2023Inventors: Marilyn George, Seny Kamara, Tarik Moataz
-
Patent number: 10255454Abstract: A security controller controls secure processing of queries in an encrypted relational database. A query controller receives, from a client device, a secure query in a format of an encrypted token generated using a structured query language (SQL) query in a conjunctive query form, and sends an encrypted response to the secure query to the client device. A search engine generates the encrypted response to the secure query by initiating a search on the encrypted relational database, without decrypting the secure query and without decrypting the encrypted multi-maps. The encrypted relational database includes encrypted multi-maps corresponding to a relational database hosted at the client device, and an encrypted dictionary, based on structured encryption, using structured encryption, in lieu of using property-preserving encryption (PPE), and in lieu of using fully homomorphic encryption (FHE).Type: GrantFiled: February 17, 2016Date of Patent: April 9, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Seny Kamara, Tarik Moataz
-
Publication number: 20170235969Abstract: A security controller controls secure processing of queries in an encrypted relational database. A query controller receives, from a client device, a secure query in a format of an encrypted token generated using a structured query language (SQL) query in a conjunctive query form, and sends an encrypted response to the secure query to the client device. A search engine generates the encrypted response to the secure query by initiating a search on the encrypted relational database, without decrypting the secure query and without decrypting the encrypted multi-maps. The encrypted relational database includes encrypted multi-maps corresponding to a relational database hosted at the client device, and an encrypted dictionary, based on structured encryption, using structured encryption, in lieu of using property-preserving encryption (PPE), and in lieu of using fully homomorphic encryption (FHE).Type: ApplicationFiled: February 17, 2016Publication date: August 17, 2017Inventors: Seny Kamara, Tarik Moataz
-
Patent number: 9158925Abstract: Existing private set intersection (PSI) protocol allows two parties to find intersection of their sets, but restricts learning any other information about each other's set except for its size. In general, the server-aided private set intersection with data transfer technique described herein provides a server-aided private set intersection (PSI) protocol that supports data transfers. The technique pertains to a method for providing a server-aided private set intersection protocol which allows two parties to transfer some of the information about their elements via an untrusted third party. The protocol involves (a) parties applying a shared pseudo-random permutation to each of their sets to create labels of the elements of the set, (b) sending the labels to the third party and (c) the third party performing data transfer between the two parties along with computation of intersection of sets received using a multi-share key.Type: GrantFiled: November 27, 2013Date of Patent: October 13, 2015Assignee: Microsoft Technology Licensing, LLCInventor: Seny Kamara
-
Publication number: 20150149763Abstract: Existing private set intersection (PSI) protocol allows two parties to find intersection of their sets, but restricts learning any other information about each other's set except for its size. In general, the server-aided private set intersection with data transfer technique described herein provides a server-aided private set intersection (PSI) protocol that supports data transfers. The technique pertains to a method for providing a server-aided private set intersection protocol which allows two parties to transfer some of the information about their elements via an untrusted third party. The protocol involves (a) parties applying a shared pseudo-random permutation to each of their sets to create labels of the elements of the set, (b) sending the labels to the third party and (c) the third party performing data transfer between the two parties along with computation of intersection of sets received using a multi-share key.Type: ApplicationFiled: November 27, 2013Publication date: May 28, 2015Applicant: Microsoft CorporationInventor: Seny Kamara