DATA COMPUTATION IN A MULTI-DOMAIN CLOUD ENVIRONMENT
First Claim
1. A gateway device coupled between a client device and a server, the gateway device and the client device within a trusted domain comprising a pre-determined network of systems subject to one or more security policies corresponding to the trusted domain, the server external to the trusted domain, the gateway device comprising:
- an input configured to receive encoded data and a set of operations from the server, the server configured to provide the encoded data and the set of operations in response to a request for cloud services by the client, the encoded data and the set of operations selected based on the request;
a decoding engine configured to decode the encoded data;
a hardware processor configured to perform the set of operations on the decoded data to produce operation result data;
an encoding engine configured to encode the operation result data; and
an output configured to;
provide the operation result data to the client device; and
provide the encoded operation result data to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
110 Citations
20 Claims
-
1. A gateway device coupled between a client device and a server, the gateway device and the client device within a trusted domain comprising a pre-determined network of systems subject to one or more security policies corresponding to the trusted domain, the server external to the trusted domain, the gateway device comprising:
-
an input configured to receive encoded data and a set of operations from the server, the server configured to provide the encoded data and the set of operations in response to a request for cloud services by the client, the encoded data and the set of operations selected based on the request; a decoding engine configured to decode the encoded data; a hardware processor configured to perform the set of operations on the decoded data to produce operation result data; an encoding engine configured to encode the operation result data; and an output configured to; provide the operation result data to the client device; and provide the encoded operation result data to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for comprising:
-
requesting, by a client device within a trusted domain from a server external to the trusted domain, a service provided by the server associated with encoded data stored at the server, the trusted domain comprising a pre-determined network of one or more systems subject to one or more security policies corresponding to the trusted domain, the server unable to decode the encoded data; receiving, at a gateway device within the trusted domain and communicatively coupled between the client device and the server, the encoded data and a set of operations associated with the requested service; decoding, by the gateway device, the encoded data to produce decoded data; providing, by the gateway device to the client device, the decoded data and the received set of operations; performing, by the client device, the received set of operations on the decoded data to produce operation result data; encoding, by the gateway device, the operation result data; and providing, by the gateway device, the encoded result data to the server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
requesting, by a first system within a trusted domain from a second system external to the trusted domain, a service provided by the second system associated with encoded data stored at the second system, the trusted domain comprising a pre-determined network of one or more systems subject to one or more security policies corresponding to the trusted domain, the second system unable to decode the encoded data; receiving, at the first system from the second system, the encoded data and a set of operations associated with the requested service; decoding, by the first system, the encoded data to produce decoded data; performing, by the first system, the received set of operations on the decoded data to produce operation result data; encoding, by the first system, the operation result data; and providing, by the first system, the encoded result data to the second system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification