METHOD AND APPARATUS FOR MIGRATING ENCRYPTED DATA
First Claim
1. A method comprising:
- associating a security certificate with a business unit based on the submission of a provisioning request;
generating a policy for establishing the identity of the business unit, for controlling access to data associated with the business unit as maintained by a data service, or a combination thereof based on the security certificate; and
associating one or more keys for accessing the data from the data service with a data container of the data service, the business unit, a key manager associated with the business unit, or a combination thereof based on the policy.
1 Assignment
0 Petitions
Accused Products
Abstract
An approach is provided for managing the provisioning and sharing of data among common users of a data service. A provisioning platform associates a security certificate with a business unit based on the submission of a provisioning request. The provisioning platform also associating one or more keys for accessing the data from the data service with a data container of the data service, the business unit, a key manager associated with the business unit, or a combination thereof based on the generation of a policy for establishing the identity of the business unit, for controlling access to data associated with the business unit as maintained by a data service, or a combination thereof based on the security certificate.
-
Citations
21 Claims
-
1. A method comprising:
-
associating a security certificate with a business unit based on the submission of a provisioning request; generating a policy for establishing the identity of the business unit, for controlling access to data associated with the business unit as maintained by a data service, or a combination thereof based on the security certificate; and associating one or more keys for accessing the data from the data service with a data container of the data service, the business unit, a key manager associated with the business unit, or a combination thereof based on the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus comprising:
-
at least one processor; and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following, associate a security certificate with a business unit based on the submission of a provisioning request; and generate a policy for establishing the identity of the business unit, for controlling access to data associated with the business unit as maintained by a data service, or a combination thereof based on the security certificate; and associate one or more keys for accessing the data from the data service with a data container of the data service, the business unit, a key manager associated with the business unit, or a combination thereof based on the policy. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer-readable storage medium carrying one or more sequences of one or more instructions which, when executed by one or more processors, cause an apparatus to perform:
-
associating a security certificate with a business unit based on the submission of a provisioning request; generating a policy for establishing the identity of the business unit, for controlling access to data associated with the business unit as maintained by a data service, or a combination thereof based on the security certificate; and associating one or more keys for accessing the data from the data service with a data container of the data service, the business unit, a key manager associated with the business unit, or a combination thereof based on the policy. - View Dependent Claims (19, 20)
-
-
21-48. -48. (canceled)
Specification