Enforcing data security in a cleanroom data processing environment
First Claim
1. A method comprising:
- storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials;
registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials;
preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques for enforcing data security in a cleanroom data processing environment are described herein. In one or more embodiments, a virtual private cloud environment stores a first set of data provided by a first user account and a second set of data provided by a second user account, where the first user account is associated with a first set of one or more security credentials and the second user account is associated with a second set of security credentials and where the first user account is prevented from accessing at least the second set of data and the second user account is prevented from accessing at least the first set of data. In response to receiving, from the first user account or the second user account, a request to destroy the virtual private cloud environment, at least the first set of data and the second set of data are deleted.
-
Citations
20 Claims
-
1. A method comprising:
-
storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials; registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials; preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory computer-readable media storing instructions, which, when executed by one or more hardware processors, cause:
-
storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials; registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials; preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system comprising:
-
one or more hardware processors; one or more non-transitory computer readable media storing instructions, which, when executed by one or more hardware processors, cause; storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials; registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials; preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment. - View Dependent Claims (20)
-
Specification