PARTIAL AND RISK-BASED DATA FLOW CONTROL IN CLOUD ENVIRONMENTS
First Claim
1. A computer-implemented method for risk-based data flow control in a cloud environment, the method being executed using one or more processors and comprising:
- intercepting first data transmitted from a first application to a second application before receipt of the first data at the second application, the first application and the second application being hosted within the cloud environment;
processing the first data to provide a first risk factor, the first risk factor reflecting a degree of risk if the first data is received by the second application;
generating first sanitized data based on the first data, the first risk factor and a first access control policy associated with the first data; and
transmitting the first sanitized data to the second application.
2 Assignments
0 Petitions
Accused Products
Abstract
Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for risk-based data flow control in a cloud environment. Implementations include actions of intercepting first data transmitted from a first application to a second application before receipt of the first data at the second application, the first application and the second application being hosted within the cloud environment, processing the first data to provide a first risk factor, the first risk factor reflecting a degree of risk if the first data is received by the second application, generating first sanitized data based on the first data, the first risk factor and a first access control policy associated with the first data and transmitting the first sanitized data to the second application.
-
Citations
16 Claims
-
1. A computer-implemented method for risk-based data flow control in a cloud environment, the method being executed using one or more processors and comprising:
-
intercepting first data transmitted from a first application to a second application before receipt of the first data at the second application, the first application and the second application being hosted within the cloud environment; processing the first data to provide a first risk factor, the first risk factor reflecting a degree of risk if the first data is received by the second application; generating first sanitized data based on the first data, the first risk factor and a first access control policy associated with the first data; and transmitting the first sanitized data to the second application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for risk-based data flow control in a cloud environment, the operations comprising:
-
intercepting first data transmitted from a first application to a second application before receipt of the first data at the second application, the first application and the second application being hosted within the cloud environment; processing the first data to provide a first risk factor, the first risk factor reflecting a degree of risk if the first data is received by the second application; generating first sanitized data based on the first data, the first risk factor and a first access control policy associated with the first data; and transmitting the first sanitized data to the second application.
-
-
16. A system, comprising:
-
a computing device; and a computer-readable storage device coupled to the computing device and having instructions stored thereon which, when executed by the computing device, cause the computing device to perform operations for risk-based data flow control in a cloud environment, the operations comprising; intercepting first data transmitted from a first application to a second application before receipt of the first data at the second application, the first application and the second application being hosted within the cloud environment; processing the first data to provide a first risk factor, the first risk factor reflecting a degree of risk if the first data is received by the second application; generating first sanitized data based on the first data, the first risk factor and a first access control policy associated with the first data; and transmitting the first sanitized data to the second application.
-
Specification