DEVICE AND METHODS FOR MANAGEMENT AND ACCESS OF DISTRIBUTED DATA SOURCES

US 20140096199A1
Filed: 09/28/2012
Published: 04/03/2014
Est. Priority Date: 09/28/2012
Status: Active Grant

First Claim

Patent Images

1. A cloud security server comprising:

a database management module to;

(i) associate a data source with a user account, (ii) assign one of a plurality of trust levels to data stored on the data source, (iii) associate a client device with the user account, and (iv) assign one of the plurality of trust levels to the client device;

a data source connector to broker access to data of the data source; and

a data access module to (i) receive a request from the client device for access to requested data of the data source and (ii) authenticate the client device in response to receiving the request;

wherein (i) the database management module is further to verify the request by verifying the assigned trust level of the client device has a predefined relationship with the assigned trust level of the requested data, and (ii) the data access module is further to broker access to the requested data by the client device using the data source connector in response to the database management module verifying the request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device and method for provided access to distributed data sources includes a cloud security server configured to associate any number of data sources and client devices with a cloud security server account. The cloud security server assigns trust levels to the data sources and the client devices. A client device requests data from the cloud security server. The cloud security server authenticates the client device and verifies the trust levels of the client device and the requested data. If verified, the cloud security server brokers a connection between the client device and the data source, and the client device accesses the requested data. Data sources may include cloud service providers and local storage devices. The cloud security server may assign a trust level to a client device for a limited time or revoke a trust level assigned to a client device. Other embodiments are described and claimed.

85 Citations

View as Search Results

29 Claims

1. A cloud security server comprising:
- a database management module to;
  
  (i) associate a data source with a user account, (ii) assign one of a plurality of trust levels to data stored on the data source, (iii) associate a client device with the user account, and (iv) assign one of the plurality of trust levels to the client device;
  
  a data source connector to broker access to data of the data source; and
  
  a data access module to (i) receive a request from the client device for access to requested data of the data source and (ii) authenticate the client device in response to receiving the request;
  
  wherein (i) the database management module is further to verify the request by verifying the assigned trust level of the client device has a predefined relationship with the assigned trust level of the requested data, and (ii) the data access module is further to broker access to the requested data by the client device using the data source connector in response to the database management module verifying the request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The cloud security server of claim 1, wherein the database management module is to verify the request by verifying the assigned trust level of the client device is at least the assigned trust level of the data source.
  - 3. The cloud security server of claim 1, wherein:
    - the data source connector is to broker access to data of the data source using credentials to allow access to the data source; and
      
      the database management module is to associate a data source with a user account by configuring the data source connector with the credentials.
  - 4. The cloud security server of claim 1, wherein:
    - the data source connector is to broker access to a local storage device; and
      
      the database management module is to associate a data source with a user account by configuring the data connector to allow access to the local storage device.
  - 5. The cloud security server of claim 1, wherein the data access module is to broker access to the requested data by (i) retrieving the requested data from the data source and (ii) forwarding the requested data to the client device.
  - 6. The cloud security server of claim 1, wherein the data access module is to broker access to the requested data by establishing a direct connection between the data source and the client device.
  - 7. The cloud security server of claim 1, wherein the database management module is to generate management data as a function of the accesses to the data stored on the data source and transmit the management data to the client device in response to receiving a request for the management data.
  - 8. The cloud security server of claim 7, wherein the management data comprises data that identifies one of:
    - the individuals that have accessed the data stored on the data source, the type of data that has been accessed, and the amount of data that has been accessed.
  - 9. The cloud security server of claim 1, wherein the database access module is to import data directly from the data source in real-time in response to the database management module verifying the request and an authorization to import the data received from an owner of the data.

10. A method to manage cloud data access on a cloud security server, the method comprising:
- associating, on the cloud security server, a data source with a user account;
  
  assigning, on the cloud security server, one of a plurality of trust levels to data stored on the data source;
  
  associating, on the cloud security server, a client device with the user account;
  
  assigning, on the cloud security server, one of the plurality of trust levels to the client device;
  
  receiving, on the cloud security server, a request from the client device for access to requested data of the data source;
  
  authenticating, on the cloud security server, the client device in response to receiving the request;
  
  verifying, on the cloud security server, the request by verifying the assigned trust level of the client device has a predefined relationship with the assigned trust level of the requested data in response to authenticating the client device; and
  
  brokering, on the cloud security server, access to the requested data by the client device in response to verifying the request.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, wherein verifying the assigned trust level of the client device has the predefined relationship with the assigned trust level of the requested data comprises verifying the assigned trust level of the client device is at least equal to the assigned trust level of the requested data.
  - 12. The method of claim 10, wherein associating the data source with the user account comprises configuring, on the cloud security server, login information with credentials to allow access to the data source.
  - 13. The method of claim 10, wherein associating the data source with the user account comprises configuring, on the cloud security server, login information to allow access to a local storage device.
  - 14. The method of claim 10, wherein brokering access to the requested data comprises:
    - retrieving, on the cloud security server, the requested data from the data source; and
      
      forwarding the requested data from the cloud security server to the client device.
  - 15. The method of claim 10, wherein brokering access to the requested data comprises establishing a direct connection between the data source and the client device.
  - 16. The method of claim 10, further comprising generating management data as a function of the accesses to the data stored on the data source and transmit the management data to the client device in response to receiving a request for the management data.
  - 17. The method of claim 10, further comprising importing data directly from the data source in real-time in response to the database management module verifying the request and an authorization to import the data received from an owner of the data.

18. One or more non-transitory, machine readable media comprising a plurality of instructions that in response to being executed result in a cloud security server:
- associating, on the cloud security server, a data source with a user account;
  
  assigning, on the cloud security server, one of a plurality of trust levels to data stored on the data source;
  
  associating, on the cloud security server, a client device with the user account;
  
  assigning, on the cloud security server, one of the plurality of trust levels to the client device;
  
  receiving, on the cloud security server, a request from the client device for access to requested data of the data source;
  
  authenticating, on the cloud security server, the client device in response to receiving the request;
  
  verifying, on the cloud security server, the request by verifying the assigned trust level of the client device has a predefined relationship with the assigned trust level of the requested data in response to authenticating the client device; and
  
  brokering, on the cloud security server, access to the requested data by the client device in response to verifying the request.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The machine readable media of claim 18, wherein verifying the assigned trust level of the client device has the predefined relationship with the assigned trust level of the requested data comprises verifying the assigned trust level of the client device is at least equal to the assigned trust level of the requested data.
  - 20. The machine readable media of claim 18, wherein associating the data source with the user account comprises configuring, on the cloud security server, login information with credentials to allow access to the data source.
  - 21. The machine readable media of claim 18, wherein associating the data source with the user account comprises configuring, on the cloud security server, login information to allow access to a local storage device.
  - 22. The machine readable media of claim 18, wherein brokering access to the requested data comprises:
    - retrieving, on the cloud security server, the requested data from the data source; and
      
      forwarding the requested data from the cloud security server to the client device.
  - 23. The machine readable media of claim 18, wherein brokering access to the requested data comprises establishing a direct connection between the data source and the client device.
  - 24. The machine readable media of claim 18, further comprising a plurality of instructions that in response to being executed result in the cloud security server generating management data as a function of the accesses to the data stored on the data source and transmitting the management data to the client device in response to receiving a request for the management data.
  - 25. The machine readable media of claim 18, further comprising a plurality of instructions that in response to being executed result in the cloud security server importing data directly from the data source in real-time in response to the database management module verifying the request and an authorization to import the data received from an owner of the data.

26. One or more machine readable storage media comprising a plurality of instructions stored thereon that, in response to being executed, result in a computing device:
- receiving an invitation to access data of a data source from the cloud security server on the client device;
  
  authenticating the client device to the cloud security server;
  
  sending a request from the client device to the cloud security server for access to the data of a data source; and
  
  accessing the requested data on the client device as a function of a trust level assigned to the client device and a trust level assigned to the requested data.
- View Dependent Claims (27, 28, 29)
- - 27. The one or more machine readable storage media of claim 26, wherein accessing the requested data on the client device as a function of the trust level assigned to the client device and the trust level assigned to the requested data comprises accessing the requested data as a function of the trust level assigned to the client device being at least equal to the trust level assigned to the requested data.
  - 28. The one or more machine readable storage media of claim 26, wherein accessing the requested data comprises receiving the requested data from the cloud security server.
  - 29. The one or more machine readable storage media of claim 26, wherein accessing the requested data comprises accessing the requested data on the data source.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Dave, Manish, Hassan, Vishwa, Shekhar, Mrigank, Gowda, Bhaskar D.

Granted Patent

US 9,507,949 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/604   Tools and structures for ma...

H04L 63/0884   by delegation of authentica...

H04L 67/10   in which an application is ...

DEVICE AND METHODS FOR MANAGEMENT AND ACCESS OF DISTRIBUTED DATA SOURCES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

85 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

DEVICE AND METHODS FOR MANAGEMENT AND ACCESS OF DISTRIBUTED DATA SOURCES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links