Policy based data aggregation
First Claim
1. A method for data aggregation of declassified sensitive data, comprising:
- receiving a request for a file stored on a first server computer in an isolated network region of a service provider, the request being received from a second server computer;
obtaining, by the first server computer, a policy associated with the isolated network region of the service provider, the policy identifying a plurality of rules for declassifying sensitive data accessible within the isolated network region;
identifying the file with the sensitive data on the first server computer;
obtaining, by the first server computer, at least a portion of the plurality of rules identified by the policy, the obtained rules associated with the identified file;
transforming, using the first server computer on which the file is stored, the identified file to an output file by replacing sensitive information with non-sensitive information, which is indicative of a type of sensitive information, using the obtained portion of the plurality of rules, wherein the sensitive information includes identification information of a customer associated with the file and the non-sensitive information includes performance metrics associated with the architecture of the first server computer; and
,transmitting the output file outside of the isolated network region to the second server computer as a response to the request for the file, wherein the output file includes the performance metrics.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for data aggregation of declassified sensitive data may include obtaining a policy associated with an isolated region of a service provider. The policy may identify a plurality of rules for declassifying sensitive data accessible within the isolated region. At least a portion of the plurality of rules identified by the policy may be obtained. A file with the sensitive data may be identified, the file being generated within the isolated region. An output file may be generated based on applying the obtained rules to the file. At least a portion of the sensitive data may be filtered out using the obtained rules. The generated output file may be provided for access outside of the isolated region. The sensitive data may be inaccessible by at least another region of the service provider.
-
Citations
19 Claims
-
1. A method for data aggregation of declassified sensitive data, comprising:
-
receiving a request for a file stored on a first server computer in an isolated network region of a service provider, the request being received from a second server computer; obtaining, by the first server computer, a policy associated with the isolated network region of the service provider, the policy identifying a plurality of rules for declassifying sensitive data accessible within the isolated network region; identifying the file with the sensitive data on the first server computer; obtaining, by the first server computer, at least a portion of the plurality of rules identified by the policy, the obtained rules associated with the identified file; transforming, using the first server computer on which the file is stored, the identified file to an output file by replacing sensitive information with non-sensitive information, which is indicative of a type of sensitive information, using the obtained portion of the plurality of rules, wherein the sensitive information includes identification information of a customer associated with the file and the non-sensitive information includes performance metrics associated with the architecture of the first server computer; and
,transmitting the output file outside of the isolated network region to the second server computer as a response to the request for the file, wherein the output file includes the performance metrics. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-readable storage including instructions thereon for executing a method for data aggregation in a multi-tenant network of a service provider, the method comprising:
-
receiving a request for a file including sensitive data stored on a first server computer in an isolated region from a second server computer; accessing a policy with a plurality of filtering rules by the first server computer; selecting within a virtual private network, at least a portion of the plurality of filtering rules, the selecting based on the sensitive data; transforming, within the virtual private network, the file into output data based on filtering the sensitive data using the selected plurality of filtering rules, wherein the transforming includes replacing identification information of a tenant associated with the sensitive data with tokens that are indicative of generic identification information and wherein the transforming allows performance metrics associated with an architecture of the first server computer to be included in the output data; transmitting the generated output data, including the performance metrics, to the second server computer, which is outside of the isolated region; and storing the output data on the second server computer. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for data aggregation in a distributed system of a compute service provider, the system comprising:
a plurality of server computers disposed among a plurality of isolated regions of the compute service provider coupled together through a network, wherein; at least a portion of the server computers for executing a plurality of virtual machine instances associated with a customer account; at least one server computer of the plurality of server computers associated with an isolated region of the plurality of isolated regions of the compute service provider; a policy store operable to store a plurality of policies for filtering data generated within at least one of the plurality of isolated regions of the compute service provider; and an aggregator service communicatively coupled to the plurality of server computers and the policy store, the aggregator service operable to; obtain a policy from the policy store, the policy associated with the at least one server computer and identifying a plurality of rules for filtering sensitive data generated within the isolated region; identify within the isolated region, a file with the sensitive data, the file generated within the isolated region; retrieve at least one of the plurality of rules based on the identified file; generate an output file based on applying the at least one of the plurality of rules to the file, wherein at least a portion of the sensitive data is one of anonymized or tokenized using the plurality of rules so that a type of the sensitive data can be identified without the sensitive data, and wherein the output file includes performance metrics associated with an operation of hardware on the at least one server computer; and store the output file on the at least one server computer. - View Dependent Claims (16, 17, 18, 19)
Specification