Search

US-12627463-B2 - Using automatic homomorphic encryption in a multi-cloud environment to support translytical data computation using an elastic hybrid memory cube

US12627463B2US 12627463 B2US12627463 B2US 12627463B2US-12627463-B2

Abstract

Aspects of the disclosure relate to using automatic homomorphic encryption in a multi-cloud environment to support translytical data computation using an elastic hybrid memory cube. A computing platform may receive enterprise data from a data collection engine associated with an enterprise organization. The computing platform may inspect the enterprise data and discard enterprise data that fails to satisfy validation criteria. The computing platform may attach encryption rules to the remaining enterprise data. The computing platform may divide the enterprise data into discrete components and may continuously encrypt each component of the enterprise data using public keys. The computing platform may generate private keys that can be used to access the encrypted enterprise data, and may transmit the private keys to the enterprise organization. The computing platform, upon receipt of a private key from the enterprise organization, may determine whether the private key is authorized to access the encrypted enterprise data.

Inventors

  • Elvis Nyamwange

Assignees

  • BANK OF AMERICA CORPORATION

Dates

Publication Date
20260512
Application Date
20240723

Claims (20)

  1. 1 . A method comprising: at a computing device configured to operate within a multi-cloud environment and including a hybrid memory cube processor, at least one or more additional processors, and memory: determining, by a validation engine, whether enterprise data associated with an enterprise organization satisfies validation criteria; based on the enterprise data satisfying the validation criteria, dividing, by a self-auto homomorphic encryption engine, the enterprise data into discrete components; generating, by a logic engine, a plurality of public keys and plurality of private keys; transmitting, to the self-auto homomorphic encryption engine, the plurality of public keys, wherein each public key is used to encrypt the discrete components of the enterprise data; encrypting, by the self-auto homomorphic encryption engine, the discrete components of the enterprise data according to a plurality of encryption rules and using a public key of the plurality of public keys; transmitting, by the self-auto homomorphic encryption engine, encrypted enterprise data to a data access engine; transmitting, to the enterprise organization, the plurality of private keys, wherein a most recently created private key of the plurality of private keys is used to access, by the enterprise organization, the encrypted enterprise data; receiving, by the data access engine and from the enterprise organization, a request to access the encrypted enterprise data using a private key of the plurality of private keys; and transmitting a notification, wherein the notification indicates one of: approval of the request to access the encrypted enterprise data; or denial of the request to access the encrypted enterprise data.
  2. 2 . The method of claim 1 , further comprising transmitting, by a batch collection engine and to the validation engine, a collection of enterprise data, associated with the enterprise organization, collected over a period of time.
  3. 3 . The method of claim 1 , further comprising transmitting, by an altered data collection engine and to the validation engine, the enterprise data, associated with the enterprise organization, that has been altered by the enterprise organization over a period of time.
  4. 4 . The method of claim 1 , further comprising transmitting, by a streaming engine and to the validation engine, the enterprise data associated with the enterprise organization.
  5. 5 . The method of claim 1 , wherein the transmitting the notification indicating approval of the request to access the encrypted enterprise data comprises: comparing, by the data access engine, the private key to the most recently created private key; and determining, by the data access engine, that the private key matches the most recently created private key.
  6. 6 . The method of claim 1 , wherein encrypting, by the self-auto homomorphic encryption engine, the discrete components of the enterprise data is performed continuously.
  7. 7 . The method of claim 1 , further comprising maintaining, by the logic engine, a relationship between the discrete components of the enterprise data.
  8. 8 . A computing platform comprising: a hybrid memory cube processor; at least one additional processor; a communication interface communicatively coupled to the at least one additional processor; and memory storing computer-readable instructions that, when executed by the hybrid memory cube processor and the at least one additional processor, cause the computing platform to: determine, by a validation engine, whether enterprise data associated with an enterprise organization satisfies validation criteria; based on the enterprise data satisfying the validation criteria, divide, by a self-auto homomorphic encryption engine, the enterprise data into discrete components; generate, by a logic engine, a plurality of public keys and plurality of private keys; transmit, to the self-auto homomorphic encryption engine, the plurality of public keys, wherein each public key is used to encrypt the discrete components of the enterprise data; encrypt, by the self-auto homomorphic encryption engine, the discrete components of the enterprise data according to a plurality of encryption rules and using a public key of the plurality of public keys; transmit, by the self-auto homomorphic encryption engine, encrypted enterprise data to a data access engine; transmit, to the enterprise organization, the plurality of private keys, wherein a most recently created private key of the plurality of private keys is used to access, by the enterprise organization, the encrypted enterprise data; receive, by the data access engine and from the enterprise organization, a request to access the encrypted enterprise data using a private key of the plurality of private keys; and transmit a notification, wherein the notification indicates one of: approval of the request to access the encrypted enterprise data; or denial of the request to access the encrypted enterprise data.
  9. 9 . The computing platform of claim 8 , wherein the instructions, when executed, further cause the computing platform to transmit, by a batch collection engine and to the validation engine, a collection of enterprise data, associated with the enterprise organization, collected over a period of time.
  10. 10 . The computing platform of claim 8 , wherein the instructions, when executed, further cause the computing platform to transmit, by an altered data collection engine and to the validation engine, the enterprise data, associated with the enterprise organization, that has been altered by the enterprise organization over a period of time.
  11. 11 . The computing platform of claim 8 , further including instructions that, when executed, cause the computing platform to transmit, by a streaming engine and to the validation engine, the enterprise data associated with the enterprise organization.
  12. 12 . The computing platform of claim 8 , wherein the instructions, when executed, further cause the computing platform to: generate, by a logic engine, the plurality of public keys and the plurality of private keys; transmit, to the self-auto homomorphic encryption engine and from the logic engine, the plurality of public keys, wherein each public key is used to encrypt the discrete components of the enterprise data; and transmit, to the data access engine and the enterprise organization, and from the logic engine, the plurality of private keys, wherein a most recently created private key of the plurality of private keys is used to access, by the enterprise organization, the encrypted enterprise data.
  13. 13 . The computing platform of claim 8 , wherein the transmitting the notification indicating approval of the request to access the encrypted enterprise data further causes the computing platform to: compare, by the data access engine, the private key to the most recently created private key; and determine, by the data access engine, that the private key matches the most recently created private key.
  14. 14 . The computing platform of claim 8 , wherein the instructions, when executed, further cause the computing platform to maintain, by the logic engine, a relationship between the discrete components of the enterprise data.
  15. 15 . One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising a hybrid memory cube processor, at least one additional processor, memory, and a communication interface, cause the computing platform to: determine, by a validation engine, whether enterprise data associated with an enterprise organization satisfies validation criteria; based on the enterprise data satisfying the validation criteria, divide, by a self-auto homomorphic encryption engine, the enterprise data into discrete components; generate, by a logic engine, a plurality of public keys and plurality of private keys; transmit, to the self-auto homomorphic encryption engine, the plurality of public keys, wherein each public key is used to encrypt the discrete components of the enterprise data; encrypt, by the self-auto homomorphic encryption engine, the discrete components of the enterprise data according to a plurality of encryption rules and using a public key of the plurality of public keys; transmit, by the self-auto homomorphic encryption engine, encrypted enterprise data to a data access engine; transmit, to the enterprise organization, the plurality of private keys, wherein a most recently created private key of the plurality of private keys is used to access, by the enterprise organization, the encrypted enterprise data; receive, by the data access engine and from the enterprise organization, a request to access the encrypted enterprise data using a private key of the plurality of private keys; and transmit a notification, wherein the notification indicates one of: approval of the request to access the encrypted enterprise data; or denial of the request to access the encrypted enterprise data.
  16. 16 . The one or more non-transitory computer-readable media of claim 15 , wherein the instructions, when executed, further cause the computing platform to transmit, by a batch collection engine and to the validation engine, a collection of enterprise data, associated with the enterprise organization, collected over a period of time.
  17. 17 . The one or more non-transitory computer-readable media of claim 15 , wherein the instructions, when executed, further cause the computing platform to transmit, by an altered data collection engine and to the validation engine, the enterprise data, associated with the enterprise organization, that has been altered by the enterprise organization over a period of time.
  18. 18 . The one or more non-transitory computer-readable media of claim 15 , further including instructions that, when executed, cause the computing platform to transmit, by a streaming engine and to the validation engine, the enterprise data associated with the enterprise organization.
  19. 19 . The one or more non-transitory computer-readable media of claim 15 , wherein the transmitting the notification indicating approval of the request to access the encrypted enterprise data further causes the computing platform to: compare, by the data access engine, the private key to the most recently created private key; and determine, by the data access engine, that the private key matches the most recently created private key.
  20. 20 . The one or more non-transitory computer-readable media of claim 15 , wherein the instructions, when executed, further cause the computing platform to maintain, by the logic engine, a relationship between the discrete components of the enterprise data.

Description

CROSS REFERENCE TO RELATED APPLICATIONS This application is a continuation of and claims priority to co-pending U.S. application Ser. No. 17/537,738, filed Nov. 30, 2021, and entitled, “Using Automatic Homomorphic Encryption in a Multi-Cloud Environment to Support Translytical Data Computation Using an Elastic Hybrid Memory Cube,” which is incorporated herein by reference in its entirety. BACKGROUND Aspects of the disclosure relate to hardware and/or software for using automatic homomorphic encryption in a multi-cloud environment to support translytical data computation using an elastic hybrid memory cube. In particular, one or more aspects of the disclosure relate to continuously encrypting enterprise data using a self-auto homomorphic encryption engine to provide cost-efficient, real-time security measures to prevent unauthorized access to the enterprise data. Current enterprise data security measures may be inefficient, expensive, and associated with technology that fails to protect against data breaches. Extract, transform, and load procedures (e.g., ETL procedures) within online transactional processing (OLTP) or online analytical processing (OLAP) may be time consuming procedures which often lead to delays in the data security process. When enterprise data is transmitted from an enterprise organization to either an OLTP system or an OLAP system, the system might not inspect the enterprise data to ensure corrupted enterprise data is removed from the data security process. The inclusion of corrupted enterprise data within the data security process further delays security processing and renders the entirety of the enterprise data vulnerable to attack. Furthermore, once the enterprise data is transmitted to either the OLTP system or the OLAP system, the enterprise data may remain in a data pool rather than being processed immediately. While in the data pool, the enterprise data remains vulnerable to attack. Once the enterprise data enters the data security process, the enterprise data may be processed in a single iteration through the data security process, as opposed to continuous iterations through the data security process. A single iteration through the data security process leaves the enterprise data vulnerable to attack as there are fewer layers to infiltrate to access the enterprise data. Finally, once the enterprise data completes the data security process, the enterprise data may be associated with a single method of accessing the processed enterprise data (e.g., a single authorization password, a single private key, or the like). A single method of accessing the processed enterprise data renders the enterprise data vulnerable to attack as there are fewer levels of authorization to overcome to access the encrypted enterprise data. As such, current enterprise data security measures not only fail to utilize continuous encryption, but fail to initiate immediate security processing upon receipt of enterprise data. SUMMARY The following presents a simplified summary in order to provide a basic understanding of some aspects of the disclosure. The summary is not an extensive overview of the disclosure. It is neither intended to identify key or critical elements of the disclosure nor to delineate the scope of the disclosure. The following summary merely presents some concepts of the disclosure in a simplified form as a prelude to the description below. Aspects of the disclosure provide effective, efficient, and convenient technical solutions that address and overcome the technical problems associated with using automatic homomorphic encryption in a multi-cloud environment to support translytical data computation using an clastic hybrid memory cube. In accordance with one or more embodiments, a method may comprise, at a computing device configured to operate within a multi-cloud environment and including a hybrid memory cube processor, at least one or more additional processors, and memory, transmitting, by a streaming engine and to a validation engine, enterprise data associated with an enterprise organization. The method may comprise determining, by the validation engine, whether the enterprise data satisfies validation criteria. The method may comprise, based on the enterprise data satisfying the validation criteria, dividing, by a self-auto homomorphic encryption engine, the enterprise data into discrete components. The method may comprise encrypting, by the self-auto homomorphic encryption engine, the discrete components of the enterprise data according to a plurality of encryption rules and using a public key of a plurality of public keys. The method may comprise transmitting, by the self-auto homomorphic encryption engine, encrypted enterprise data to a data access engine. The method may comprise receiving, by the data access engine and from the enterprise organization, a request to access the encrypted enterprise data using a private key of a plurality of private keys. The method may comprise tran