Method and apparatus for securely accessing data
First Claim
1. A method comprising:
- receiving a request for data that is subject to data security management;
determining, in response to receiving the request, a data security policy to associate with the data, including determining an access level to the data for the requester;
if access is allowed, providing a secure virtual partition in which to execute an application to enable the requester to access the data; and
loading a version of the application into the virtual partition that is verified to be secure.
1 Assignment
0 Petitions
Accused Products
Abstract
A security manager receives a request for data that is subject to data security management. The security manager operates independently of a host partition and is not directly accessible or detectable by the host partition. The security manager determines whether to grant or deny access to the requested data based at least in part on a requesting user'"'"'s authentication credentials. If the data request is approved, a security policy associated with the data is determined. In addition, instructions are sent to a system hypervisor to create a secure partition. The hypervisor loads the requested data and a verified version of an application necessary to access the data into the secure partition creating a secure environment for accessing the data.
86 Citations
20 Claims
-
1. A method comprising:
-
receiving a request for data that is subject to data security management;
determining, in response to receiving the request, a data security policy to associate with the data, including determining an access level to the data for the requester;
if access is allowed, providing a secure virtual partition in which to execute an application to enable the requester to access the data; and
loading a version of the application into the virtual partition that is verified to be secure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
-
a host partition to initiate a data request;
a security manager to receive the data request, determine whether to allow access to the requested data, and determine a security policy to associate with the data, wherein the security manager is not directly accessible or detectable by the host partition; and
a hypervisor to receive an instruction from the active platform manager to generate a secure virtual partition in which to execute an application to enable access to the requested data and to load a verified version of an application that is known to be secure. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. An article of manufacture comprising a machine accessible medium having content stored thereon to provide instructions cause a machine to perform operations including:
-
determining whether to grant access to data requested by a user;
determining a security policy associated with the data; and
generating a secure virtual partition in which to execute an application to enable the user to access the data if access is granted. - View Dependent Claims (17, 18, 19, 20)
-
Specification