ENHANCED SYSTEM SECURITY
First Claim
1. A method of maintaining the confidentiality of data provided by an organization for storage on a third party database system, the method comprising:
- receiving data encrypted using a first key, wherein the first key is stored on an internal network of the organization;
storing the encrypted data on the third party database system;
associating, on the third party database system, metadata with the encrypted data, wherein the metadata includes information usable to locate the first key;
receiving a request for the encrypted data from a computing device communicating on the internal network of the organization; and
sending the encrypted data with the associated metadata to the computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for maintaining the confidentiality of data provided by an organization for storage on a third party database system are provided. The data can encrypted on an internal network of the organization and sent to the third party database system for storage. The third party database system can associate metadata with the encrypted data and can store the encrypted data. Accordingly, when a request for the encrypted data is received from a computing device communicating with an internal network of the organization, the encrypted data and associated metadata can be sent to the computing device. A key that is stored on an internal network of the organization can be called through an applet, which utilizes information within the metadata to locate the key on the internal network of the organization. The computing device to which the encrypted data is sent can use the key location information to retrieve the key and decrypt the data for display to a user.
161 Citations
25 Claims
-
1. A method of maintaining the confidentiality of data provided by an organization for storage on a third party database system, the method comprising:
-
receiving data encrypted using a first key, wherein the first key is stored on an internal network of the organization; storing the encrypted data on the third party database system; associating, on the third party database system, metadata with the encrypted data, wherein the metadata includes information usable to locate the first key; receiving a request for the encrypted data from a computing device communicating on the internal network of the organization; and sending the encrypted data with the associated metadata to the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system of maintaining confidentiality of data provided by an organization for storage on a third party database system, the system comprising:
-
one or more processors; a network interface; and a memory for storing instructions to control the processors, the instructions including; receiving data encrypted using a first key, wherein the first key is stored on an internal network of the organization; storing the encrypted data on the third party database system; associating, on the third party database system, metadata with the encrypted data, wherein the metadata includes information usable to locate the first key; receiving a request for the encrypted data from a computing device communicating on the internal network of the organization; and sending the encrypted data with the associated metadata to the computing device. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A computer program product comprising a tangible computer readable medium storing a plurality of instructions for controlling one or more processors of a third party database system to perform an operation for maintaining the confidentiality of data provided by an organization for storage on a the database, the instructions comprising:
-
receiving, from the organization, data encrypted using a first key, wherein the first key is stored on an internal server of the organization; storing the encrypted data on the third party database system; associating, on the third party database system, metadata with the encrypted data, wherein the metadata includes information usable to locate the first key, receiving a request for the encrypted data from a computing device communicating with an internal network of the organization; and sending the encrypted data with the associated metadata to the computing device.
-
-
24. A method of maintaining the confidentiality of data provided by an organization to a third party server, the method comprising:
-
encrypting data using a first key, wherein the first key is located on a first server at the organization; sending the encrypted data to the third party server for storage, wherein the data is associated with metadata including information usable to locate the first key on the first server; a computing device requesting, from the third party server, a page of encrypted data, the computing device being in communication with the first server; receiving, from the third party server, the page and associated metadata; locating the first key on the first server; and decrypting the encrypted data using the first key to obtain the requested data. - View Dependent Claims (25)
-
Specification