SYSTEMS AND METHODS FOR SECURE AND PERSISTENT RETENTION OF SENSITIVE INFORMATION
First Claim
1. A method implemented in an information processing system including one or more data processors, the method comprising:
- provisioning, by the information processing system, a client account for a user to enable a client computer associated with the user to store information in an elastic storage system and to prohibit the client computer, the information processing system, and the elastic storage system from altering and from deleting the stored information during an authorized retention period;
receiving at the information processing system data messages sent via one or more communications networks from one or more client computers, the received data messages including information that is required to be stored for the authorized retention period;
transmitting, from the information processing system, the received information via one or more data communications networks to the elastic storage system for storage so that the stored information is non-rewriteable and non-erasable during the authorized retention period;
in response to an authorized access request from an authorized computer device, the information processing system transmitting a retrieval request message to the elastic storage system via the one or more communication networks to retrieve a copy of the information stored in the elastic storage system;
wherein the provisioning step includes the information processing system configuring the elastic storage system to permit deletion, modification, or destruction of the stored information only when a trusted third party having a predetermined authentication information associated with the client account provides the predetermined authentication information to the elastic storage system,wherein the trusted third party is an entity independent from and not controlled by the user, the information processing system, or the elastic storage system.
2 Assignments
0 Petitions
Accused Products
Abstract
An information processing system provisions a client account for a user to enable a client computer associated with the user to store information in an elastic storage system and to prohibit the client computer, the information processing system, and the elastic storage system from altering and from deleting the stored information during an authorized retention period. Data messages are received from one or more client computers and include information that is required to be stored for the authorized retention period. That information is transmitted via one or more data communications networks to the elastic storage system for storage so that the stored information is non-rewriteable and non-erasable during the authorized retention period. The secure data center receives the retrieved copy and provides it to the user device. The elastic storage system permits deletion, modification, or destruction of the stored information only when a trusted independent third party having predetermined authentication information associated with the client account provides the predetermined authentication information to the elastic storage system.
-
Citations
29 Claims
-
1. A method implemented in an information processing system including one or more data processors, the method comprising:
-
provisioning, by the information processing system, a client account for a user to enable a client computer associated with the user to store information in an elastic storage system and to prohibit the client computer, the information processing system, and the elastic storage system from altering and from deleting the stored information during an authorized retention period; receiving at the information processing system data messages sent via one or more communications networks from one or more client computers, the received data messages including information that is required to be stored for the authorized retention period; transmitting, from the information processing system, the received information via one or more data communications networks to the elastic storage system for storage so that the stored information is non-rewriteable and non-erasable during the authorized retention period; in response to an authorized access request from an authorized computer device, the information processing system transmitting a retrieval request message to the elastic storage system via the one or more communication networks to retrieve a copy of the information stored in the elastic storage system; wherein the provisioning step includes the information processing system configuring the elastic storage system to permit deletion, modification, or destruction of the stored information only when a trusted third party having a predetermined authentication information associated with the client account provides the predetermined authentication information to the elastic storage system, wherein the trusted third party is an entity independent from and not controlled by the user, the information processing system, or the elastic storage system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A secure information processing system comprising:
-
one or more data processors configured to communicate with a client computer associated with a user, to communicate with a cloud computing and storage platform via a communications network, and configured to; provision a client account for the user to enable the client computer to store information in an elastic storage system and to prohibit the client computer, the information processing system, and the elastic storage system from altering and from deleting the stored information during an authorized retention period; receive data messages sent via one or more communications networks from one or more client computers, the received data messages including information that is required to be stored for the authorized retention period; transmit the received information via one or more data communications networks to the elastic storage system for storage so that the stored information is non-rewriteable and non-erasable during the authorized retention period; in response to an authorized access request from an authorized computer device, retrieve a copy of the information stored in the elastic storage system, and wherein the one or more data processors configure the elastic storage system to permit deletion, modification, or destruction of the stored information when a trusted third party having a predetermined authentication information associated with the client account presents the predetermined authentication information to the elastic storage system, wherein the trusted third party is an entity independent from and not controlled by the user, the information processing system, or the elastic storage system. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A financial information processing system comprising:
-
a secure data center including one or more data processors configured for communication with user communication devices; a cloud computing and storage platform including a shared infrastructure of multiple computing and storage resources connected by one or more networks and providing shared services; and one or more data communications networks providing data communication between the secure data center and the cloud computing and storage platform, wherein; the secure data center is configured to; provision a client account for the user to enable the computer to store financial information in the cloud computing and storage platform and to prohibit user communication devices, the secure data center, and the cloud computing and storage platform from altering and from deleting the stored financial information during an authorized retention period; receive data messages sent via one or more communications networks from one or more client computers, the received data messages including financial information that is required to be stored for the authorized retention period; transmit the received information via the one or more data communications networks to the cloud computing and storage platform; transmit a retrieval request message for the stored financial information to the cloud computing and storage platform via the one or more data communications networks in response to an authorized access request from an authorized user communication device, the cloud computing and storage platform configured to; store the financial information transmitted by the secure data center in memory that is non-rewriteable and non-erasable during the authorized retention period; retrieve a copy of the stored financial information in response to receiving the retrieval request message; receive a request to delete, modify, or destroy the stored financial information, and if that request is accompanied by a predetermined authentication information associated with the client account and entrusted to a third party, then to perform the requested deletion, modification, or destruction of the stored financial information, wherein the third party is an entity independent from and not controlled by users, the secure data center, or the cloud computing and storage platform. - View Dependent Claims (28, 29)
-
Specification