SYSTEMS AND METHODS FOR MANAGEMENT OF SECURE DATA IN CLOUD-BASED NETWORK
First Claim
1. A method of accessing data, comprising:
- receiving a request to access secure data from at least one instantiated virtual machine in a cloud-based network;
translating the request to locate the secure data in a secure data store;
retrieving the secure data from the secure data store;
encoding the secure data to generate protected secure data; and
transmitting the protected secure data to the at least one instantiated virtual machine.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments relate to systems and methods for the management of secure data in a cloud-based network. A secure data store can store sensitive or confidential data, such as account numbers, social security numbers, medical or other information in an on-premise data facility. Regulatory and/or operational requirements may prohibit the migration or unprotected transmission of the secure data to the cloud. An operator can instantiate a set of virtual machines to access and process the secure data, for example to process online purchase transactions. To prevent unauthorized disclosure of the secure data, the secure data store can receive data access requests via a translation module that translates the secure data. The secure data store can retrieve and transmit the secure data using a protection mechanism such as a masking and/or encryption mechanism, avoiding the unprotected transport or exposure of that data to the cloud.
255 Citations
33 Claims
-
1. A method of accessing data, comprising:
-
receiving a request to access secure data from at least one instantiated virtual machine in a cloud-based network; translating the request to locate the secure data in a secure data store; retrieving the secure data from the secure data store; encoding the secure data to generate protected secure data; and transmitting the protected secure data to the at least one instantiated virtual machine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for managing access to data, comprising:
-
a first interface to at least one instantiated virtual machine in a cloud-based network; and a management module, communicating with the at least one instantiated virtual machine via the first interface, the management module being configured to receive a request for secure data from the at least one instantiated virtual machine, translate the request to locate the secure data in a secure data store, retrieve the secure data from the secure data store, encode the secure data to generate protected secure data, and transmit the protected secure data to the at least one instantiated virtual machine. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer-readable medium, the computer-readable medium being readable to execute a method of managing access to data, the method comprising:
-
receiving a request to access secure data from at least one instantiated virtual machine in a cloud-based network; translating the request to locate the secure data in a secure data store; retrieving the secure data from the secure data store; encoding the secure data to generate protected secure data; and transmitting the protected secure data to the at least one instantiated virtual machine. - View Dependent Claims (26)
-
-
27. A set of secure data, the set of secure data being generated by a method comprising:
receiving a request to access secure data from at least one instantiated virtual machine in a cloud-based network; translating the request to locate the secure data in a secure data store; retrieving the secure data from the secure data store; encoding the secure data to generate protected secure data; and transmitting the protected secure data to the at least one instantiated virtual machine. - View Dependent Claims (28, 29, 30, 31, 32, 33)
Specification