Controlling exposure of sensitive data and operation using process bound security tokens in cloud computing environment
First Claim
1. An information security system comprising:
- one or more computer readable memories;
a first security token, disposed in the one or more computer readable memories, which contains a user identity and one or more user credentials associated with a first user;
a second security token, disposed in the one or more computer readable memories, which contains an identity of a token issuer and an identity of a first owning process;
a third security token disposed in the one or more computer readable memories, which contains an identity of a token issuer and an identity of a second owning process; and
a first trusted server which accesses, via a computer network, a downstream computing service on behalf of the first user by substituting or combining the first security token and the second security token, while preventing the second security token from being exposed to the first user;
a second trusted server which accesses, via a computer network, the downstream computing service on behalf of the first trusted server by substituting or combining the second security token and the third security token, while preventing the third security token from being exposed to the first trusted server;
thereby establishing a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service and thereby establishing a third security sensitivity level for the second trusted server, wherein the second security sensitivity level is a lower access level than the third security sensitivity level for the downstream service.
1 Assignment
0 Petitions
Accused Products
Abstract
Exposure of sensitive information to users and other servers is controlled by using a first security token which contains a user identity and one or more user credentials associated with a first user; a second security token which contains an identity of a token issuer and an identity of a first owning process; and at least a first trusted server which accesses a downstream computing service on behalf of the first user by substituting or combining the first security token and the second security token, while preventing the second security token from being exposed to the first user. This establishes a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service.
28 Citations
12 Claims
-
1. An information security system comprising:
-
one or more computer readable memories; a first security token, disposed in the one or more computer readable memories, which contains a user identity and one or more user credentials associated with a first user; a second security token, disposed in the one or more computer readable memories, which contains an identity of a token issuer and an identity of a first owning process; a third security token disposed in the one or more computer readable memories, which contains an identity of a token issuer and an identity of a second owning process; and a first trusted server which accesses, via a computer network, a downstream computing service on behalf of the first user by substituting or combining the first security token and the second security token, while preventing the second security token from being exposed to the first user; a second trusted server which accesses, via a computer network, the downstream computing service on behalf of the first trusted server by substituting or combining the second security token and the third security token, while preventing the third security token from being exposed to the first trusted server; thereby establishing a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service and thereby establishing a third security sensitivity level for the second trusted server, wherein the second security sensitivity level is a lower access level than the third security sensitivity level for the downstream service. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product for information security comprising:
-
a computer-readable storage memory which is not a propagating signal per se; and program instructions embodied by the computer-readable storage memory which cause one or more processors of a first trusted server to, when executed, perform the steps of; accessing, in a computer readable memory, a first security token which contains a user identity and one or more user credentials associated with a first user; accessing, in a computer readable memory, a second security token which contains an identity of a token issuer and an identity of a first owning process; and substituting or combining the first security token and the second security token to provide access, via a computer network, to a downstream computing service on behalf of the first user while preventing the second security token from being exposed to the first user; thereby establishing a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service; and program instructions embodied by the computer-readable storage memory which cause one or more processors of a second trusted server to, when executed, perform the steps of; accessing, in a computer readable memory, a third security token which contains an identity of a token issuer and an identify of a second owning process; and substituting or combining the second security token and the third security token to provide access, via a computer network, to the downstream computing service on behalf of the first trusted server while preventing the third security token from being exposed to the first trusted server; thereby establishing a third security sensitivity level for the second trusted server, wherein the second security sensitivity level is a lower access level than the third security sensitivity level for the downstream service. - View Dependent Claims (6, 7, 8)
-
-
9. A method for information security comprising:
-
accessing, by a processor of a first trusted server, from a computer readable memory, a first security token which contains a user identity and one or more user credentials associated with a first user; accessing, by the processor of a first trusted server, from a computer readable memory, a second security token which contains an identity of a token issuer and an identity of a first owning process; substituting or combining, by the processor of a first trusted server, the first security token and the second security token to provide access, via a computer network, to a downstream computing service on behalf of the first user while preventing the second security token from being exposed to the first user; thereby establishing a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service; accessing, by the processor of a second trusted server, in a computer readable memory, a third security token which contains an identity of a token issuer and an identity of a second substituting or combining, by the processor of a second trusted server, the second owning process; and substituting or combining, by the processor of a second trusted server, the second security token and the third security token to provide access, via a computer network, to the downstream computing service on behalf of the first trusted server while preventing the third security token from being exposed to the first trusted server; thereby establishing a third security sensitivity level for the second trusted server, wherein the second security sensitivity level is a lower access level than the third security sensitivity level for the downstream service. - View Dependent Claims (10, 11, 12)
-
Specification