Data Computation in a Multi-Domain Cloud Environment
First Claim
1. A gateway device coupled between a client device and a server, the gateway device and the client device within a trusted domain comprising a pre-determined network of systems subject to one or more security policies corresponding to the trusted domain, the server external to the trusted domain, the gateway device comprising:
- an input configured to intercept encoded data and a set of operation identifiers sent by a server to a client device in response to a request for cloud services by the client device, each operation identifier uniquely identifying a computational operation, the encoded data and the set of operation identifiers selected by the server based on the requested cloud services and based on a set of operations that the gateway device is able to perform such that computational operations identified by the set of operation identifiers, when performed in a particular order, produce an operation result equivalent to an operation result produced by a cloud computation operation associated with the requested cloud services;
a hardware processor configured to decode the encoded data and to perform the computational operations identified by the set of operation identifiers; and
an output configured to;
provide the operation result data to the client device.
1 Assignment
0 Petitions
Accused Products
Abstract
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
13 Citations
20 Claims
-
1. A gateway device coupled between a client device and a server, the gateway device and the client device within a trusted domain comprising a pre-determined network of systems subject to one or more security policies corresponding to the trusted domain, the server external to the trusted domain, the gateway device comprising:
-
an input configured to intercept encoded data and a set of operation identifiers sent by a server to a client device in response to a request for cloud services by the client device, each operation identifier uniquely identifying a computational operation, the encoded data and the set of operation identifiers selected by the server based on the requested cloud services and based on a set of operations that the gateway device is able to perform such that computational operations identified by the set of operation identifiers, when performed in a particular order, produce an operation result equivalent to an operation result produced by a cloud computation operation associated with the requested cloud services; a hardware processor configured to decode the encoded data and to perform the computational operations identified by the set of operation identifiers; and an output configured to; provide the operation result data to the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
intercepting, by a gateway device coupled between a server and a client device, encoded data and a set of operation identifiers sent by the server to the client device in response to a request for cloud services by the client device, each operation identifier uniquely identifying a computational operation, the encoded data and the set of operation identifiers selected by the server based on the requested cloud services and based on a set of operations that the gateway device is able to perform such that computational operations identified by the set of operation identifiers, when performed in a particular order, produce an operation result equivalent to an operation result produced by a cloud computation operation associated with the requested cloud services; decoding, by the gateway device, the encoded data to produce decoded data; performing, by the gateway device, the computational operations identified by the set of operation identifiers to produce an operation result; and providing, by the gateway device, the operation result to the client device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium storing executable computer instructions that, when executed by a processor of a gateway device coupled between a server and a client device, cause the processor to perform steps comprising:
-
intercepting, by the gateway device, encoded data and a set of operation identifiers sent by the server to the client device in response to a request for cloud services by the client device, each operation identifier uniquely identifying a computational operation, the encoded data and the set of operation identifiers selected by the server based on the requested cloud services and based on a set of operations that the gateway device is able to perform such that computational operations identified by the set of operation identifiers, when performed in a particular order, produce an operation result equivalent to an operation result produced by a cloud computation operation associated with the requested cloud services; decoding, by the gateway device, the encoded data to produce decoded data; performing, by the gateway device, the computational operations identified by the set of operation identifiers to produce an operation result; and providing, by the gateway device, the operation result to the client device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification