MONITORING AND ALERT SERVICES AND DATA ENCRYPTION MANAGEMENT

US 20170004312A1
Filed: 06/29/2016
Published: 01/05/2017
Est. Priority Date: 07/02/2015
Status: Active Grant

First Claim

Patent Images

1. A data encryption system comprising:

one or more computing devices configured to provide one or more data encryption services; and

a memory configured to store information related to a plurality of applications;

wherein at least one computing device from the one or more computing devices is configurable to;

identify an encryption object related to an application;

extract metadata information related to the encryption object;

identify one or more attributes associated with the encryption object to be exposed based at least in part on the metadata information;

generate a set of one or more rules related to the one or more attributes;

generate an alert for the one or more attributes based at least in part on an execution of the set of one or more rules; and

transmit the alert to one or more users, via one or more communication channels.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A centralized framework for managing the data encryption of resources is disclosed. A data encryption service is disclosed that provides various services related to the management of the data encryption of resources. The services may include managing application policies, cryptographic policies, and encryption objects related to applications. The encryption objects may include encryption keys and certificates used to secure the resources. In an embodiment, the data encryption service may be included or implemented in a cloud computing environment and may provide a centralized framework for effectively managing the data encryption requirements of various applications hosted or provided by different customer systems. The disclosed data encryption service may provide monitoring and alert services related to encryption objects managed by the data encryption service and transmit the alerts related to the encryption objects via various communication channels.

24 Citations

View as Search Results

20 Claims

1. A data encryption system comprising:
- one or more computing devices configured to provide one or more data encryption services; and
  
  a memory configured to store information related to a plurality of applications;
  
  wherein at least one computing device from the one or more computing devices is configurable to;
  
  identify an encryption object related to an application;
  
  extract metadata information related to the encryption object;
  
  identify one or more attributes associated with the encryption object to be exposed based at least in part on the metadata information;
  
  generate a set of one or more rules related to the one or more attributes;
  
  generate an alert for the one or more attributes based at least in part on an execution of the set of one or more rules; and
  
  transmit the alert to one or more users, via one or more communication channels.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein the encryption object comprises at least one of an encryption key or a digital certificate used to secure the application.
  - 3. The system of claim 1, wherein the metadata information comprises information related to the one or more attributes of the encryption object and information related to one or more values of the one or more attributes.
  - 4. The system of claim 1, wherein a computing device of the one or more computing devices is further configured to extract the metadata information related to the encryption object based at least in part on an application policy related to the application.
  - 5. The system of claim 1, wherein the one or more attributes associated with the encryption object to be exposed comprise at least one of a name of the encryption object, an activation date of the encryption object, an expiration date of the encryption object, a size of the encryption object, user groups associated with the encryption object, a version of the encryption object, a roll over date of the encryption object, and a renewal date of the encryption object.
  - 6. The system of claim 1, wherein a computing device of the one or more computing devices is further configured to generate the alert related to the one or more attributes when at least one condition of a set of one or more conditions defined by the set of one or more rules is satisfied.
  - 7. The system of claim 1, wherein a computing device of the one or more computing devices is further configured to receive a definition of the set of one or more rules based at least in part on an input received from a user of the system.
  - 8. The system of claim 1, wherein a computing device of the one or more computing devices is further configured to generate an alert for the encryption object based at least in part on identifying a violation of an application policy defined for the application associated with the encryption object.
  - 9. The system of claim 1, wherein a computing device of the one or more computing devices is further configured to transmit the alert via at least one of email, Instant Messaging (IM), Short Message Service (SMS), Multimedia Message Service (MMS), and Application-to-Application messaging.
  - 12. The method of claim 1, wherein the metadata information comprises information related to the one or more attributes of the encryption object and information related to one or more values of the one or more attributes.
  - 13. The method of claim 1, further comprising extracting the metadata information related to the encryption object based at least in part on an application policy related to the application.
  - 14. The method of claim 1, wherein the one or more attributes associated with the encryption object to be exposed comprise at least one of a name of the encryption object, an activation date of the encryption object, an expiration date of the encryption object, a size of the encryption object, user groups associated with the encryption object, a version of the encryption object, a roll over date of the encryption object, and a renewal date of the encryption object.
  - 15. The method of claim 7, further comprising generating the alert related to the one or more attributes when at least one condition of a set of one or more conditions defined by the set of one or more rules is satisfied.

10. A method comprising:
- identifying an encryption object related to an application;
  
  extracting metadata information related to the encryption object;
  
  identifying one or more attributes associated with the encryption object to be exposed based at least in part on the metadata information;
  
  generating a set of one or more rules related to the one or more attributes;
  
  generating an alert for the one or more attributes based at least in part on an execution of the set of one or more rules; and
  
  transmitting the alert to one or more users, via one or more communication channels.
- View Dependent Claims (11, 16, 17)
- - 11. The method of claim 10, wherein the encryption object comprises at least one of an encryption key or a digital certificate used to secure the application.
  - 16. The method of claim 10 further comprising receiving a definition of the set of one or more rules based at least in part on an input received from a user.
  - 17. The method of claim 10 further comprising generating an alert for the encryption object based at least in part on identifying a violation of an application policy defined for the application associated with the encryption object.

18. One or more non-transitory computer-readable media storing computer-executable instructions executable by one or more processors, the computer-executable instructions comprising:
- instructions that cause the one or more processors to identify an encryption object related to an application;
  
  instructions that cause the one or more processors to extract metadata information related to the encryption object;
  
  instructions that cause the one or more processors to identify one or more attributes associated with the encryption object to be exposed based at least in part on the metadata information;
  
  instructions that cause the one or more processors to generate a set of one or more rules related to the one or more attributes;
  
  instructions that cause the one or more processors to generate an alert for the one or more attributes based at least in part on an execution of the set of one or more rules; and
  
  instructions that cause the one or more processors to transmit the alert to one or more users, via one or more communication channels.
- View Dependent Claims (19, 20)
- - 19. The computer-readable media of claim 18, wherein the metadata information comprises information related to the one or more attributes of the encryption object and information related to one or more values of the one or more attributes.
  - 20. The computer-readable media of claim 18, wherein the plurality of instructions further comprise instructions that cause the one or more processors to transmit the alert via at least one of email, Instant Messaging (IM), Short Message Service (SMS), Multimedia Message Service (MMS), and Application-to-Application messaging.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Agarwal, Amit, Tirumalai, Srikant Krishnapuram, Sriramadhesikan, Krishnakumar

Granted Patent

US 10,699,020 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/629   to features or functions of...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

H04L 9/3263   involving certificates, e.g...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 4/12   Messaging; Mailboxes; Annou...

H04W 4/60   Subscription-based services...

MONITORING AND ALERT SERVICES AND DATA ENCRYPTION MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MONITORING AND ALERT SERVICES AND DATA ENCRYPTION MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links