METHOD AND APPARATUS FOR SECURING SENSITIVE DATA IN A CLOUD STORAGE SYSTEM
First Claim
1. A system for securing sensitive data in a cloud storage system comprising:
- an Encrypted Drive System (EDS) automatically linked with cloud storage services associated with a user; and
a key store located separately from the EDS for storing keys used to encrypt documents, wherein the EDS is configured to;
encrypt the document based on file-encryption key associated with the user;
store the encrypted document in the cloud storage services associated with the user;
generate metadata associated with the encrypted document to enable indexing and search over file names and contents;
sharing of encrypted document through email or folder; and
implement a functional security layer around a set of cloud applications to allow the user to access existing features of linked applications.
1 Assignment
0 Petitions
Accused Products
Abstract
In one aspect, relates to a system and method of seamlessly encrypting data files before uploading them to a public cloud storage system by providing an encrypted drive system (EDS) that forms a security layer around existing cloud storage services to provide enhanced protection to data. The EDS also provides a convenient interface to specify data protection policies across connected cloud storage applications. The EDS implements standard functionalities like accessing, search and sharing directly on the encrypted data using secure indexing and querying of encrypted data. The EDS is able to guarantee a much higher level of security for data in the cloud without the user having to compromise on the features of the various applications.
-
Citations
20 Claims
-
1. A system for securing sensitive data in a cloud storage system comprising:
-
an Encrypted Drive System (EDS) automatically linked with cloud storage services associated with a user; and a key store located separately from the EDS for storing keys used to encrypt documents, wherein the EDS is configured to; encrypt the document based on file-encryption key associated with the user; store the encrypted document in the cloud storage services associated with the user; generate metadata associated with the encrypted document to enable indexing and search over file names and contents; sharing of encrypted document through email or folder; and implement a functional security layer around a set of cloud applications to allow the user to access existing features of linked applications. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for securing sensitive data in a cloud storage system comprising:
-
linking the encrypted drive system (EDS) with cloud storage services associated with the user; providing a keystore located separately from the said EDS; creating a public-private key pair for user to encrypt and decrypt using RSA algorithm; securely storing keys in the key store for the EDS to encrypt and decrypt documents; storing the encrypted documents in the cloud storage services associated with the user; and generating metadata associated with the said encrypted document to enable indexing, sharing and searching functionality across the encrypted documents stored by the said cloud storage services. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for full text search over all connected cloud drives by EDS comprise steps of:
-
obtaining a list of all files in the connected cloud drive; parsing each file to extract keyword and pattern information; extracting indexable text based on keywords and pattern information; performing coloring of the each file to generate color-tags based on an extracted word-set (W) and pattern set (P); generating content summary and storing the content summary in the metadata field; creating Bloom filters per document and storing the Bloom filters as metadata; storing the metadata for indexing and querying by creating the placeholder file within Google Drive for every file in another cloud drive and sharing files seamlessly irrespective of backend cloud drive connected to the EDS. - View Dependent Claims (20)
-
Specification