Processing

Please wait...

PATENTSCOPE will be unavailable a few hours for maintenance reason on Saturday 31.10.2020 at 7:00 AM CET
Settings

Settings

Goto Application

1. WO2016144694 - SECURE AND CONTROL DATA MIGRATING BETWEEN ENTERPRISE AND CLOUD SERVICES

Publication Number WO/2016/144694
Publication Date 15.09.2016
International Application No. PCT/US2016/020681
International Filing Date 03.03.2016
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04L 9/14 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
14using a plurality of keys or algorithms
H04L 12/66 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
CPC
G06Q 2220/10
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
2220Business processing using cryptography
10Usage protection of distributed data files
H04L 63/0281
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0281Proxies
H04L 63/0471
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
0428wherein the data content is protected, e.g. by encrypting or encapsulating the payload
0471applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
H04L 63/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
20for managing network security; network security policies in general
H04L 67/1097
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
67Network-specific arrangements or communication protocols supporting networked applications
10in which an application is distributed across nodes in the network
1097for distributed storage of data in a network, e.g. network file system [NFS], transport mechanisms for storage area networks [SAN] or network attached storage [NAS]
H04L 9/0833
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
083involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
0833involving conference or group key
Applicants
  • VORMETRIC, INC. [US]/[US]
Inventors
  • COIMBATORE, Saravanan
Agents
  • GENCARELLA, Michael L.
Priority Data
14/656,51812.03.2015US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) SECURE AND CONTROL DATA MIGRATING BETWEEN ENTERPRISE AND CLOUD SERVICES
(FR) MIGRATION DE DONNÉES SÉCURISÉE ET DE COMMANDE ENTRE UNE ENTREPRISE ET DES SERVICES EN NUAGE
Abstract
(EN)
A method for operating a cloud gateway is provided. The method includes generating a plurality of rules relating users and groups to data access at a plurality of cloud service providers. The method includes encrypting, at one of a plurality of connectors, outgoing data that is moving through a cloud gateway en route from a proxy server to one of the plurality of cloud service providers, responsive to a data write request associated with a first user, the encrypting in accordance to one of the plurality of rules as related to the first user. The method includes decrypting, at one of the plurality of connectors, incoming data that is moving through the cloud gateway en route from one of the plurality of cloud service providers to the server, responsive to a data read request associated with a second user, the decrypting in accordance to one of the plurality of rules as related to the second user.
(FR)
L'invention concerne un procédé de fonctionnement d'une passerelle en nuage. Le procédé comprend la génération d'une pluralité de règles mettant des utilisateurs et des groupes en association avec un accès aux données au niveau d'une pluralité de fournisseurs de service en nuage. Le procédé consiste à chiffrer, au niveau d'un parmi une pluralité de connecteurs, des données sortantes qui se déplacent à travers une passerelle en nuage en route depuis un serveur mandataire vers l'un parmi la pluralité de fournisseurs de service en nuage, en réponse à une demande d'écriture de données associée à un premier utilisateur, le chiffrement étant effectué conformément à l'une parmi la pluralité de règles associée au premier utilisateur. Le procédé comprend les étapes consistant à déchiffrer, au niveau de l'un parmi la pluralité de connecteurs, les données entrantes qui se déplacent à travers la passerelle en nuage en route depuis l'un parmi la pluralité de fournisseurs de service en nuage vers le serveur, en réponse à une demande de lecture de données associée à un second utilisateur, le déchiffrement étant effectué conformément à l'une parmi la pluralité de règles associée au second utilisateur.
Also published as
Latest bibliographic data on file with the International Bureau