Transparent Encryption/Decryption Gateway for Cloud Storage Services
First Claim
Patent Images
1. A computer implemented method for secure data storage in a storage in a distributed computing system by a client of the distributed computing system, the method comprising in a gateway device of the distributed computing system:
- intercepting a data file from at least a portion of stream data during transmission of the stream data in the distributed computing system;
evaluating the data file for determining a communication protocol used for the team data transmission;
evaluating the data file based on the communication protocol for determining a destination and a source of the data file;
responsive to determining the destination is the storage and the source is the client;
selecting a set of analysis algorithms from a plurality of predetermined analysis algorithms;
analyzing the data file using each of the analysis algorithms of the set of analysis algorithms for determining whether the data file comprises sensitive data;
in response to a determination that the data file comprises sensitive data, replacing payload content of the data file with encrypted payload data; and
transmitting the data file to the storage.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism is provided for secure data storage in a distributed computing system by a client of the distributed computing system. A gateway device intercepts a data file from at least a portion of stream data during transmission. If the destination of the data file is the storage, the gateway device selects a set of analysis algorithms to determine whether the data file comprises sensitive data.
68 Citations
20 Claims
-
1. A computer implemented method for secure data storage in a storage in a distributed computing system by a client of the distributed computing system, the method comprising in a gateway device of the distributed computing system:
-
intercepting a data file from at least a portion of stream data during transmission of the stream data in the distributed computing system; evaluating the data file for determining a communication protocol used for the team data transmission; evaluating the data file based on the communication protocol for determining a destination and a source of the data file; responsive to determining the destination is the storage and the source is the client; selecting a set of analysis algorithms from a plurality of predetermined analysis algorithms; analyzing the data file using each of the analysis algorithms of the set of analysis algorithms for determining whether the data file comprises sensitive data; in response to a determination that the data file comprises sensitive data, replacing payload content of the data file with encrypted payload data; and transmitting the data file to the storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 15, 16, 17)
-
-
13. A computer-readable storage medium, comprising computer-readable program code embodied therewith which, when executed by a processor, causes the processor to:
-
intercept a data file from at least a portion of stream data during transmission of the stream data in the distributed computing system; evaluate the data file for determining a communication protocol used for the stream data transmission; evaluate the data file based on the communication protocol for determining a destination and a source of the data file; responsive to determining the destination is the storage and the source is the client; select a set of analysis algorithms from a plurality of predetermined analysis algorithms; analyze the data file using each of the analysis algorithms of the set of analysis algorithms for determining whether the data file comprises sensitive data; in response to a determination that the data file comprises sensitive data, replace content of the data file with encrypted payload data; and transmit the data file to the storage. - View Dependent Claims (18, 19, 20)
-
-
14. A gateway device for secure data storage in a storage in a distributed computing system, the gateway device comprising a memory for storing machine executable instructions and a processor for controlling the gateway device, wherein execution of the machine executable instructions causes the processor to:
-
intercept a data file from at least a portion of stream data during transmission of the stream data in the distributed computing system; evaluate the data file for determining a communication protocol used for the stream data transmission; evaluate the data file based on the communication protocol for determining a destination and a source of the data file; responsive to determining the destination is the storage and the source is the client; select a set of analysis algorithms from a plurality of predetermined analysis algorithms; analyze the data file using each of the analysis algorithms of the set of analysis algorithms for determining whether the data file comprises sensitive data; in response to a determination that the data file comprises sensitive data, replace payload content of the data file with encrypted payload data; and transmit the data file to the storage.
-
Specification