System and method for securing tenant data on a local appliance prior to delivery to a SaaS data center hosted application service
8 Assignments
0 Petitions
Accused Products
Abstract
An extensible servicing hosting platform is provided that supports the design, build and concurrent deployment of multiple web accessible services on a services hosting platform. The services hosting platform comprises a services hosting framework capable of hosting multiple service applications, each of which may be shared by multiple tenants that each customize their use of a particular application service by extending the application service to exploit run time platform services within a service execution pipeline. The services hosting framework may easily be leveraged by applications to decrease the time associated with developing, deploying and maintaining high quality services in a cost effective manner.
232 Citations
21 Claims
-
1. (canceled)
-
2. A method of seeding a storage device at a host data center with tenant data received encrypted on a storage medium includes the steps of:
-
extracting an encrypted custom key from the storage medium; decrypting the encrypted custom key using a private certificate associated with a Vault Service of the host data center; storing the decrypted custom key for the tenant by the Vault Service; and decrypting the tenant data using the decrypted custom key. - View Dependent Claims (10, 11, 12, 13)
-
-
3-9. -9. (canceled)
-
14. A host platform, comprising:
-
a storage device for storing encrypted tenant data and an encrypted index to the encrypted tenant data, wherein the encrypted tenant data and the encrypted index to the tenant data are encrypted using different keys; and a computer readable storage medium having program code stored thereon operable when executed by a processor of the host platform to provide a service to a customer associated with the encrypted tenant data using the decrypted index of the tenant data. - View Dependent Claims (15, 16)
-
-
17. A computer readable storage medium storing computer software seeds a storage device at a host data center with tenant data received encrypted, the computer software comprising:
-
executable code that extracts an encrypted custom key from the storage medium; executable code that decrypts the encrypted custom key using a private certificate associated with a vault service of the host data center; executable code that stores the decrypted custom key for the tenant by the vault service; and executable code that decrypts the tenant data using the decrypted custom key. - View Dependent Claims (18, 19, 20, 21)
-
Specification