SECURE CLOUD STORAGE DISTRIBUTION AND AGGREGATION
First Claim
1. A method comprising:
- maintaining, by a trusted gateway device logically interposed between an enterprise network and a plurality of third-party cloud storage services, a file storage policy for each user of a plurality of users of the enterprise network, wherein the plurality of file storage policies define access rights, storage diversity requirements and types of encryption to be applied to files stored to the plurality of third-party cloud storage services on behalf of respective users of the plurality of users; and
responsive to receiving, by the trusted gateway device, a request to store a local file from a user of the plurality of users;
creating, by the trusted gateway device, searchable encrypted data corresponding to one or more of (i) content of the local file and (ii) metadata associated with the local file, wherein the searchable encrypted data is based on a type of encryption defined by a file storage policy of the plurality of file storage policies assigned to the user; and
distributing, by the trusted gateway device, the searchable encrypted data among the plurality of third-party cloud storage services based on a storage diversity requirement defined by the file storage policy by uploading a subset of the searchable encrypted data to each of the plurality of third-party cloud storage services.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for secure cloud storage are provided. According to one embodiment, file storage policies are maintained for users of an enterprise network by a trusted gateway device interposed between the network and multiple third-party cloud storage services. Responsive to receiving a request to store a local file from a user: (i) searchable encrypted data is created by the gateway corresponding to one or more of (a) content of the local file and (b) metadata associated with the local file and (ii) the searchable encrypted data is distributed by the gateway among the cloud storage services based on a storage diversity requirement defined by the user'"'"'s file storage policy by uploading a subset of the searchable encrypted data to each of the cloud storage services.
-
Citations
14 Claims
-
1. A method comprising:
-
maintaining, by a trusted gateway device logically interposed between an enterprise network and a plurality of third-party cloud storage services, a file storage policy for each user of a plurality of users of the enterprise network, wherein the plurality of file storage policies define access rights, storage diversity requirements and types of encryption to be applied to files stored to the plurality of third-party cloud storage services on behalf of respective users of the plurality of users; and responsive to receiving, by the trusted gateway device, a request to store a local file from a user of the plurality of users; creating, by the trusted gateway device, searchable encrypted data corresponding to one or more of (i) content of the local file and (ii) metadata associated with the local file, wherein the searchable encrypted data is based on a type of encryption defined by a file storage policy of the plurality of file storage policies assigned to the user; and distributing, by the trusted gateway device, the searchable encrypted data among the plurality of third-party cloud storage services based on a storage diversity requirement defined by the file storage policy by uploading a subset of the searchable encrypted data to each of the plurality of third-party cloud storage services. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium embodying a set of instructions, which when executed by one or more processors of a trusted gateway device logically interposed between a plurality of third-party cloud storage services and an enterprise network, cause the one or more processors to perform a method comprising:
-
maintaining a file storage policy for each user of a plurality of users of the enterprise network, wherein the plurality of file storage policies define access rights, storage diversity requirements and types of encryption to be applied to files stored to the plurality of third-party cloud storage services on behalf of respective users of the plurality of users; and responsive to receiving a request to store a local file from a user of the plurality of users; creating searchable encrypted data corresponding to one or more of (i) content of the local file and (ii) metadata associated with the local file, wherein the searchable encrypted data is based on a type of encryption defined by a file storage policy of the plurality of file storage policies assigned to the user; and distributing the searchable encrypted data among the plurality of third-party cloud storage services based on a storage diversity requirement defined by the file storage policy by uploading a subset of the searchable encrypted data to each of the plurality of third-party cloud storage services. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification