SYSTEMS AND METHODS FOR MANAGEMENT OF SECURE DATA IN CLOUD-BASED NETWORK
First Claim
1. A method, comprising:
- receiving a request to access secure data;
translating the request in order to locate the secure data in a secure data store;
retrieving the secure data from the secure data store;
encoding the secure data to generate protected secure data; and
transmitting the protected secure data from the secure data store to at least one instantiated virtual machine in a cloud-based network.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments relate to systems and methods for the management of secure data in a cloud-based network. A secure data store can store sensitive or confidential data, such as account numbers, social security numbers, medical or other information in an on-premise data facility. Regulatory and/or operational requirements may prohibit the migration or unprotected transmission of the secure data to the cloud. An operator can instantiate a set of virtual machines to access and process the secure data, for example to process online purchase transactions. To prevent unauthorized disclosure of the secure data, the secure data store can receive data access requests via a translation module that translates the secure data. The secure data store can retrieve and transmit the secure data using a protection mechanism such as a masking and/or encryption mechanism, avoiding the unprotected transport or exposure of that data to the cloud.
24 Citations
25 Claims
-
1. A method, comprising:
-
receiving a request to access secure data; translating the request in order to locate the secure data in a secure data store; retrieving the secure data from the secure data store; encoding the secure data to generate protected secure data; and transmitting the protected secure data from the secure data store to at least one instantiated virtual machine in a cloud-based network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system, comprising:
-
a first interface to at least one instantiated virtual machine in a cloud-based network; and a management module, communicating with the at least one instantiated virtual machine via the first interface, the management module being configured to— receive a request for secure data, translate the request in order to locate the secure data in a secure data store, retrieve the secure data from the secure data store, encode the secure data to generate protected secure data, and transmit the protected secure data from the secure data store to the at least one instantiated virtual machine in the cloud-based network. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A non-transitory computer-readable storage medium programmed to include instructions that, when executed by a processing device, cause the processing device to perform a method, the method comprising:
-
receiving a request to access secure data; translating the request in order to locate the secure data in a secure data store; retrieving the secure data from the secure data store; encoding the secure data to generate protected secure data; and transmitting the protected secure data from the secure data store to at least one instantiated virtual machine in a cloud-based network.
-
Specification