MULTIPLE AUTHORITY DATA SECURITY AND ACCESS
First Claim
1. A computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system of a customer of a computing resource service provider, cause the computer system to:
- cause data to be encrypted under a first key;
obtain the first key encrypted based at least in part on a second key and a third key, the customer lacking access to the second key and the computing resource service provider lacking access to the third key, obtaining the first key encrypted based at least in part on the second key and the third key including;
submitting to the computing resource service provider a request to perform one or more cryptographic operations using the second key, the request including information that enables the computing resource provider to select the second key from a plurality of keys managed on behalf of customers of the computing resource service provider; and
causing the data encrypted under the first key to be stored in association with the first key encrypted based at least in part on the second key and the third key.
1 Assignment
0 Petitions
Accused Products
Abstract
Data is encrypted such that multiple keys are needed to decrypt the data. The keys are accessible to different entities so that no single entity has access to all the keys. At least one key is managed by a service provider. A customer computer system of the service provider may be configured with executable instructions directing the orchestration of communications between the various entities having access to the keys. As a result, security compromise in connection with a key does not, by itself, render the data decryptable.
-
Citations
26 Claims
-
1. A computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system of a customer of a computing resource service provider, cause the computer system to:
-
cause data to be encrypted under a first key; obtain the first key encrypted based at least in part on a second key and a third key, the customer lacking access to the second key and the computing resource service provider lacking access to the third key, obtaining the first key encrypted based at least in part on the second key and the third key including; submitting to the computing resource service provider a request to perform one or more cryptographic operations using the second key, the request including information that enables the computing resource provider to select the second key from a plurality of keys managed on behalf of customers of the computing resource service provider; and causing the data encrypted under the first key to be stored in association with the first key encrypted based at least in part on the second key and the third key. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method, comprising:
under the control of one or more computer systems configured with executable instructions, obtaining, based at least in part on first information inaccessible to a computing resource service provider and second information inaccessible to a customer of the computing resource service provider, an encrypted first key and data encrypted under the first key by at least; submitting, to the computing resource service provider a request to perform one or more operations using the second information, the request including information enabling the computing resource service provider to select the second information from other information managed on behalf of other customers of the computing resource service provider; and causing the data encrypted under the first key and encrypted first key to be persisted so that authorized decryption of the data encrypted under the first key requires use of the first information and second information. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A system, comprising:
a collection of computing resources collectively configured to; operate a first service configured to manage, on behalf of a plurality of entities, a plurality of keys; operate a second service configured to store data without access to the plurality of keys; and provide, to a client computing device corresponding to an entity of the plurality of entities, executable instructions that cause the client computing device to at least; submit a request to perform one or more cryptographic operations using a first key, from the plurality of keys, specified by the request; receive, in response to the request, a result of performance of the one or more cryptographic operations; generate, based at least in part on the result and a second key inaccessible to the system, information that includes encrypted data, the information configured such that use of at least both the first key and second key is required to decrypt the data; and transmit the generated information to the storage service. - View Dependent Claims (14, 15, 16, 17, 18)
-
19. A computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system, cause the computer system to:
-
obtain, based at least in part on first information inaccessible to a computing resource service provider and second information, an encrypted first key and data encrypted under the first key by at least; submitting, to the computing resource service provider a request to perform one or more operations using the second information, the request including information enabling the computing resource service provider to select the second information from other information managed on behalf of customers of the computing resource service provider; and cause the data encrypted under the first key and the encrypted first key to be persistently stored so that authorized access to the data in plaintext form requires use of the first information and second information. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification