System and method for automatically securing sensitive data in public cloud using a serverless architecture
First Claim
1. A system comprising a cloud compute service for executing jobs immediately upon receipt of a notification, the cloud compute service comprising:
- one or more hardware processors; and
a memory unit storing instructions executable by the one or more hardware processors to perform operations comprising;
receiving, at the cloud compute service, a first notification that a first sensitive file comprising sensitive data has been received at a file receipt location, the first sensitive file being sent by a client device;
selecting, by the cloud compute service, a warm container instance for completing a first job comprising stripping the sensitive data from the first sensitive file;
assigning, by the cloud compute service, the first job to the warm container instance;
retrieving, by the warm container instance, the first sensitive file from the file receipt location;
generating, by the warm container instance, a first stripped file by stripping the sensitive data from the first sensitive file based on a configuration file;
transmitting, by the warm container instance, the first stripped file to a storage location;
deleting the first sensitive file from the file receipt location; and
terminating the warm container instance, whereinterminating the container instance comprises deleting files comprising sensitive data.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided executing jobs immediately upon receipt of a notification. The systems and methods may include receiving, at a cloud compute service, a notification that a sensitive file comprising sensitive data has been received at a file receipt location, the sensitive file being sent by a client device; generating, by the cloud compute service, a container instance in response to the notification; retrieving, by the container instance, the sensitive file from the file receipt location; generating, by the container instance, a stripped file by stripping the sensitive data from the sensitive file based on a configuration file; transmitting, by the container instance, the stripped file to a storage location; deleting the sensitive file and associated file pointers from the file receipt location; and terminating the container instance, wherein terminating the container instance comprises deleting files comprising sensitive data and associated file pointers.
-
Citations
16 Claims
-
1. A system comprising a cloud compute service for executing jobs immediately upon receipt of a notification, the cloud compute service comprising:
-
one or more hardware processors; and a memory unit storing instructions executable by the one or more hardware processors to perform operations comprising; receiving, at the cloud compute service, a first notification that a first sensitive file comprising sensitive data has been received at a file receipt location, the first sensitive file being sent by a client device; selecting, by the cloud compute service, a warm container instance for completing a first job comprising stripping the sensitive data from the first sensitive file; assigning, by the cloud compute service, the first job to the warm container instance; retrieving, by the warm container instance, the first sensitive file from the file receipt location; generating, by the warm container instance, a first stripped file by stripping the sensitive data from the first sensitive file based on a configuration file; transmitting, by the warm container instance, the first stripped file to a storage location; deleting the first sensitive file from the file receipt location; and terminating the warm container instance, wherein terminating the container instance comprises deleting files comprising sensitive data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer readable medium having stored instructions, which when executed, cause at least one processor to perform operations comprising:
-
receiving, at the cloud compute service, a first notification that a first sensitive file comprising sensitive data has been received at a file receipt location, the first sensitive file being sent by a client device; selecting, by the cloud compute service, a warm container instance for completing a first job comprising stripping the sensitive data from the first sensitive file; assigning, by the cloud compute service, the first job to the warm container instance; retrieving, by the warm container instance, the first sensitive file from the file receipt location; generating, by the warm container instance, a first stripped file by stripping the sensitive data from the first sensitive file based on a configuration file; transmitting, by the warm container instance, the first stripped file to a storage location; deleting the first sensitive file and associated file pointers from the file receipt location; and terminating the warm container instance, wherein terminating the container instance comprises deleting files comprising sensitive data and associated file pointers.
-
Specification