Enforcing data security in a cleanroom data processing environment

US 10,491,597 B2
Filed: 01/03/2019
Issued: 11/26/2019
Est. Priority Date: 03/30/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials;

registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials;

preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for enforcing data security in a cleanroom data processing environment are described herein. In one or more embodiments, a virtual private cloud environment stores a first set of data provided by a first user account and a second set of data provided by a second user account, where the first user account is associated with a first set of one or more security credentials and the second user account is associated with a second set of security credentials and where the first user account is prevented from accessing at least the second set of data and the second user account is prevented from accessing at least the first set of data. In response to receiving, from the first user account or the second user account, a request to destroy the virtual private cloud environment, at least the first set of data and the second set of data are deleted.

Citations

20 Claims

1. A method comprising:
- storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials;
  
  registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials;
  
  preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the second set of one or more security credentials does not allow access to the set of data stored in the virtual private cloud environment.
  - 3. The method of claim 1, wherein the first and second set of security credentials are prevented from unilaterally accessing resources within the virtual private cloud environment sufficient to send sensitive data stored in the virtual private cloud environment to locations outside of the virtual private cloud environment.
  - 4. The method of claim 1, wherein the set of one or more software components generates a set of output data as a function of the set of data provided by the first user account, wherein access to the set of output data by sources external to the virtual private cloud environment is restricted by a jump server in the virtual private cloud environment and wherein the set of one or more software components are prevented from sending the set of output data to locations external to the virtual private cloud environment using the third set of one or more security credentials.
  - 5. The method of claim 4, wherein the jump server prevents outbound internet access to the set of one or more software components.
  - 6. The method of claim 4, wherein the jump server restricts access to the set of output data to a single internet protocol address assigned to a particular machine when an administrator session has been initiated using a shared secret.
  - 7. The method of claim 1, further comprising:
    - maintaining audit logs that track accesses to data stored within the virtual private cloud environment;
      
      wherein both the first and second set of security credentials are restricted from accessing the audit logs at rest; and
      
      wherein an administrator access session is initiated to copy a requested set of audit logs to a first location;
      
      wherein the second set of one or more security credentials allow the second user account to read the audit logs in the first location and allow the second user account to approve and copy the audit logs to a second location;
      
      wherein the first set of one or more security credentials allow the first user account to read the audit logs from the second location.
  - 8. The method of claim 1, wherein the first set of one or more security credentials allow the first user account to unilaterally destroy the virtual private cloud environment without authorization from another user.
  - 9. The method of claim 8, wherein a set of log data that tracks all accesses to resources within the virtual private cloud environment by devices external to the virtual private cloud environment is maintained after the virtual private cloud environment has been destroyed.

10. One or more non-transitory computer-readable media storing instructions, which, when executed by one or more hardware processors, cause:
- storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials;
  
  registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials;
  
  preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The one or more non-transitory computer-readable media of claim 10, wherein the second set of one or more security credentials does not allow access to the set of data stored in the virtual private cloud environment.
  - 12. The one or more non-transitory computer-readable media of claim 10, wherein the first and second set of security credentials are prevented from unilaterally accessing resources within the virtual private cloud environment sufficient to send sensitive data stored in the virtual private cloud environment to locations outside of the virtual private cloud environment.
  - 13. The one or more non-transitory computer-readable media of claim 10, wherein the set of one or more software components generates a set of output data as a function of the set of data provided by the first user account, wherein access to the set of output data by sources external to the virtual private cloud environment is restricted by a jump server in the virtual private cloud environment and wherein the set of one or more software components are prevented from sending the set of output data to locations external to the virtual private cloud environment using the third set of one or more security credentials.
  - 14. The one or more non-transitory computer-readable media of claim 13, wherein the jump server prevents outbound internet access to the set of one or more software components.
  - 15. The one or more non-transitory computer-readable media of claim 13, wherein the jump server restricts access to the set of output data to a single internet protocol address assigned to a particular machine when an administrator session has been initiated using a shared secret.
  - 16. The one or more non-transitory computer-readable media of claim 10, wherein the instructions further cause:
    - maintaining audit logs that track accesses to data stored within the virtual private cloud environment;
      
      wherein both the first and second set of security credentials are restricted from accessing the audit logs at rest; and
      
      wherein an administrator access session is initiated to copy a requested set of audit logs to a first location;
      
      wherein the second set of one or more security credentials allow the second user account to read the audit logs in the first location and allow the second user account to approve and copy the audit logs to a second location;
      
      wherein the first set of one or more security credentials allow the first user account to read the audit logs from the second location.
  - 17. The one or more non-transitory computer-readable media of claim 10, wherein the first set of one or more security credentials allow the first user account to unilaterally destroy the virtual private cloud environment without authorization from another user.
  - 18. The one or more non-transitory computer-readable media of claim 17, wherein a set of log data that tracks all accesses to resources within the virtual private cloud environment by devices external to the virtual private cloud environment is maintained after the virtual private cloud environment has been destroyed.

19. A system comprising:
- one or more hardware processors;
  
  one or more non-transitory computer readable media storing instructions, which, when executed by one or more hardware processors, cause;
  
  storing, within a virtual private cloud environment, a set of data provided by a first user account of the virtual private cloud environment and a set of one or more software components provided by a second user account of the virtual private cloud environment, wherein the first user account is associated with a first set of one or more security credentials that allow the first user account to store data in the virtual private cloud environment and the second user account associated with a second set of one or more security credentials;
  
  registering a third set of one or more security credentials for the set of one or more software components stored within the virtual private cloud environment, wherein the set of one or more software components reads the set of data stored within the virtual private cloud environment using the third set of one or more security credentials;
  
  preventing the set of one or more software components from accessing any resources sufficient to send the set of data outside of the virtual private cloud environment.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein the second set of one or more security credentials does not allow access to the set of data stored in the virtual private cloud environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Plichta, Jeremy Ryszard, Baird, Andrew V., Siggs, Roger, DiMichel, Kevin Scott, Cuthbertson, Robert J., Mitchell, David Michael
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
Gundry, Stephen T

Application Number

US16/239,049
Publication Number

US 20190141049A1
Time in Patent Office

327 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

H04L 63/0272   Virtual private networks

H04L 63/04   for providing a confidentia...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

H04L 63/308   retaining data, e.g. retain...

Enforcing data security in a cleanroom data processing environment

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enforcing data security in a cleanroom data processing environment

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links