METHOD AND SYSTEM FOR PROVISION OF CRYPTOGRAPHIC SERVICES
First Claim
Patent Images
1. An encryption service system comprising:
- a. an application programming interface (API) for receiving encryption/decryption requests from one or more calling applications, each request comprising information identifying an encryption/decryption operation to be performed on specified data, and for sending output data in response to the corresponding encryption/decryption requests; and
b. a cryptographic server for determining, for each request, an encryption policy to be applied to the encryption/decryption operation, and for generating said corresponding output data by applying the encryption/decryption operation to the specified data according to the determined encryption policy.
3 Assignments
0 Petitions
Accused Products
Abstract
An encryption service system comprises an API for receiving requests from one or more calling applications. Each request comprises information identifying the operations to be performed on data to be processed and information identifying the origin and target of the data. The encryption service system further comprises a cryptographic server for processing the requests and determining, for each request, an encryption policy to be applied.
129 Citations
63 Claims
-
1. An encryption service system comprising:
-
a. an application programming interface (API) for receiving encryption/decryption requests from one or more calling applications, each request comprising information identifying an encryption/decryption operation to be performed on specified data, and for sending output data in response to the corresponding encryption/decryption requests; and b. a cryptographic server for determining, for each request, an encryption policy to be applied to the encryption/decryption operation, and for generating said corresponding output data by applying the encryption/decryption operation to the specified data according to the determined encryption policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. An encryption service system comprising:
-
a. an application programming interface (API) for receiving encryption/decryption requests from one or more calling applications, each request comprising information identifying an encryption/decryption operation to be performed on specified data; b. a cryptographic server for processing the requests; and c. a key server operable to receive a key request from the cryptographic server and to reply with an encrypted key; wherein the cryptographic server is operable to receive a pre-fetch request from one of said calling applications through the API and to load a defined set of keys from the key server into a local key store in response thereto
-
-
29. (canceled)
-
30. A method of providing an encryption service comprising:
-
a. receiving, at an application programming interface (API), encryption/decryption requests from one or more calling applications, each request comprising information identifying an encryption/decryption operation to be performed on specified input data; b. determining, at the cryptographic server, for each request, an encryption policy to be applied to the encryption/decryption operation; c. at the cryptographic server, for each request, performing the requested encryption/decryption operation on the input data according to the determined encryption policy, to generate corresponding output data; and d. outputting the corresponding output data at the application programming interface (API). - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
57. A method of providing an encryption service comprising:
-
a. receiving, at an application programming interface (API), encryption/decryption requests from one or more calling applications, each request comprising information identifying the operations to be performed on specified data; b. processing the requests at a cryptographic server; and c. receiving a key request from the cryptographic server at a key server, and sending an encrypted key from the key server to the cryptographic server in reply thereto; wherein the method includes receiving a pre-fetch request from one of said calling applications through the API and loading a defined set of keys from the key server into a local key store in response thereto.
-
-
58-61. -61. (canceled)
-
62. A non-transitory computer readable medium having instructions stored thereon which, when executed by a computer processor, cause the processor to perform a method comprising:
-
a. receiving, at an application programming interface (API), encryption/decryption requests from one or more calling applications, each request comprising information identifying an encryption/decryption operation to be performed on specified input data; b. determining, at the cryptographic server, for each request, an encryption policy to be applied to the encryption/decryption operation; c. at the cryptographic server, for each request, performing the requested encryption/decryption operation on the input data according to the determined encryption policy, to generate corresponding output data; and d. outputting the corresponding output data at the application programming interface (API).
-
-
63. A non-transitory computer readable medium having instructions stored thereon which, when executed by a computer processor, cause the processor to perform a method comprising:
-
a. receiving, at an application programming interface (API), encryption/decryption requests from one or more calling applications, each request comprising information identifying the operations to be performed on specified data; b. processing the requests at a cryptographic server; and c. receiving a key request from the cryptographic server at a key server, and sending an encrypted key from the key server to the cryptographic server in reply thereto; wherein the method includes receiving a pre-fetch request from one of said calling applications through the API and loading a defined set of keys from the key server into a local key store in response thereto.
-
Specification