SECURING INFORMATION WITHIN A CLOUD COMPUTING ENVIRONMENT

US 20140317398A1
Filed: 06/30/2014
Published: 10/23/2014
Est. Priority Date: 04/27/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method for securing information within a Cloud computing environment, comprising:

receiving a first communication at the central encryption service, the first communication containing first information to be secured from a first endpoint at the central encryption service;

encrypting the first information at the central encryption service;

communicating the encrypted first information to a Cloud storage system from the central encryption service;

receiving a second communication at the central encryption service, the second communication containing second information to be secured from a second endpoint at the central encryption service;

encrypting the second information at the central encryption service; and

communicating the encrypted second information to the Cloud storage system from the central encryption service;

wherein the central encryption service operates on a system at a remote location from the first endpoint and the second endpoint.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention provide a solution for securing information within a Cloud computing environment. Specifically, an encryption service/gateway is provided to handle encryption/decryption of information for all users in the Cloud computing environment. Typically, the encryption service is implemented between Cloud portals and a storage Cloud. Through the use of a browser/portal plug-in (or the like), the configuration and processing of the security process is managed for the Cloud computing environment user by pointing all traffic for which security is desired to this encryption service so that it can perform encryption (or decryption in the case of document retrieval) as needed (e.g., on the fly) between the user and the Cloud.

12 Citations

View as Search Results

20 Claims

1. A method for securing information within a Cloud computing environment, comprising:
- receiving a first communication at the central encryption service, the first communication containing first information to be secured from a first endpoint at the central encryption service;
  
  encrypting the first information at the central encryption service;
  
  communicating the encrypted first information to a Cloud storage system from the central encryption service;
  
  receiving a second communication at the central encryption service, the second communication containing second information to be secured from a second endpoint at the central encryption service;
  
  encrypting the second information at the central encryption service; and
  
  communicating the encrypted second information to the Cloud storage system from the central encryption service;
  
  wherein the central encryption service operates on a system at a remote location from the first endpoint and the second endpoint.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14, 16)
- - 2. The method of claim 1, the information comprising an electronic document.
  - 3. The method of claim 1, the first endpoint being a browser.
  - 4. The method of claim 1, the first endpoint, the second endpoint, the central encryption service, and the Cloud storage system comprising at least four distinct systems.
  - 5. The method of claim 4, wherein the central encryption service is implemented by a trusted third party entity.
  - 6. The method of claim 1, further comprising:
    - receiving, using the at least one first computing device, a request for the information from the first endpoint on the central encryption service;
      
      receiving, using the at least one first computing device, the first information from the Cloud storage system on the central encryption service;
      
      decrypting, using the at least one first computing device, the first information on the central encryption service; and
      
      communicating, using the at least one first computing device, the decrypted first information to the first endpoint in fulfillment of the request.
  - 7. The method of claim 6, further comprising receiving, using the at least one first computing device, a first set of encryption keys, the encrypting comprising encrypting the first information at the central encryption service using the first set of encryption keys, and the decrypting comprising decrypting the first information at the central encryption service using the first set of encryption keys.
  - 8. The method of claim 1, wherein a service solution provider provides a computer infrastructure that performs the method for one or more consumers.
  - 10. The system of claim 8, the information comprising an electronic document.
  - 11. The system of claim 8, the first endpoint being a browser.
  - 12. The system of claim 8, the first endpoint, the second endpoint, and the central encryption service, and the Cloud storage system comprising at least four distinct systems.
  - 13. The system of claim 8, the system further being caused to:
    - receive a request for the first information from the first endpoint on the central encryption service;
      
      receive the first information from the Cloud storage system on the central encryption service;
      
      decrypt the first information on the central encryption service; and
      
      communicate the decrypted first information to the first endpoint in fulfillment of the request.
  - 14. The system of claim 13, the system further being caused to receive a first set of encryption keys, the system further being caused to encrypt the first information at the central encryption service using the first set of encryption keys, and decrypt the first information at the central encryption service using the first set of encryption keys.
  - 16. The computer readable storage medium containing the program product of claim 14, the information comprising an electronic document.

9. A system for securing information within a Cloud computing environment, comprising:
- a memory medium comprising instructions;
  
  a bus coupled to the memory medium; and
  
  a processor coupled to the bus that when executing the instructions causes the system to;
  
  receive a first communication at the central encryption service, the first communication containing first information to be secured from a first endpoint at the central encryption service;
  
  encrypt the first information at the central encryption service;
  
  communicate the encrypted first information to a Cloud storage system from the central encryption service;
  
  receive a second communication at the central encryption service, the second communication containing second information to be secured from a second endpoint at the central encryption service;
  
  encrypt the second information at the central encryption service; and
  
  communicate the encrypted second information to the Cloud storage system from the central encryption service;
  
  wherein the central encryption service operates on a system at a remote location from the first endpoint and the second endpoint.

15. A computer readable storage medium containing a program product for securing information within a Cloud computing environment, the computer readable storage medium comprising program code for causing a computer to:
- receive a first communication at the central encryption service, the first communication containing first information to be secured from a first endpoint at the central encryption service;
  
  encrypt the first information at the central encryption service;
  
  communicate the encrypted first information to a Cloud storage system from the central encryption service;
  
  receive a second communication at the central encryption service, the second communication containing second information to be secured from a second endpoint at the central encryption service;
  
  encrypt the second information at the central encryption service; and
  
  communicate the encrypted second information to the Cloud storage system from the central encryption service;
  
  wherein the central encryption service operates on a system at a remote location from the first endpoint and the second endpoint.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer readable storage medium containing the program product of claim 15, the first endpoint being a browser.
  - 18. The computer readable storage medium containing the program product of claim 15, the first endpoint, the second endpoint, the central encryption service, and the Cloud storage system comprising at least four distinct systems.
  - 19. The computer readable storage medium containing the program product of claim 15, the computer readable medium further comprising program code for causing the computer to:
    - receive a request for the first information from the first endpoint on the central encryption service;
      
      receive the first information from the Cloud storage system on the central encryption service;
      
      decrypt the first information on the central encryption service; and
      
      communicate the decrypted first information to the first endpoint in fulfillment of the request.
  - 20. The computer readable storage medium containing the program product of claim 19, the system further being caused to receive a first set of encryption keys, the system further being caused to encrypt the first information at the central encryption service using the first set of encryption keys, and decrypt the first information at the central encryption service using the first set of encryption keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Ho, Wesley J., Lingafelt, Charles S., Merrill, David P., Betz, Linda N.

Application Number

US14/318,918
Publication Number

US 20140317398A1
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 67/10   in which an application is ...

SECURING INFORMATION WITHIN A CLOUD COMPUTING ENVIRONMENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SECURING INFORMATION WITHIN A CLOUD COMPUTING ENVIRONMENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others