Highly Available Encryption Framework for Multiple Different Computing Environments
First Claim
1. A system for data object encryption, the system comprising:
- an encryption framework available across a plurality of runtime environments;
wherein the system is configured to;
receive a data object in one of the plurality of runtime environments, wherein the data object is capable of being encrypted using a content encryption key;
determine an encryption module implemented in the encryption framework that is compatible with the one of the plurality of runtime environment, wherein the encryption module comprises a key service provider that provides a master key and a key wrapping algorithm for the content encryption key in the runtime environment;
encrypt the data object using the content encryption key;
encrypt the content encryption key using the master key and key wrapping algorithm; and
write the encrypted data object to networked database storage.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is provided for data object encryption. The system includes an encryption framework available across a plurality of runtime environments. The system is configured to receive a data object in one of the plurality of runtime environments, wherein the data object is capable of being encrypted using a content encryption key and determine an encryption module implemented in the encryption framework that is compatible with the one of the plurality of runtime environment, wherein the encryption module comprises a key service provider that provides a master key and a key wrapping algorithm for the content encryption key in the runtime environment. The system is further configured to encrypt the data object using the content encryption key, encrypt the content encryption key using the master key and key wrapping algorithm, and write the encrypted data object to networked database storage.
37 Citations
24 Claims
-
1. A system for data object encryption, the system comprising:
-
an encryption framework available across a plurality of runtime environments; wherein the system is configured to; receive a data object in one of the plurality of runtime environments, wherein the data object is capable of being encrypted using a content encryption key; determine an encryption module implemented in the encryption framework that is compatible with the one of the plurality of runtime environment, wherein the encryption module comprises a key service provider that provides a master key and a key wrapping algorithm for the content encryption key in the runtime environment; encrypt the data object using the content encryption key; encrypt the content encryption key using the master key and key wrapping algorithm; and write the encrypted data object to networked database storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for data object encryption, the method comprising:
-
receiving a data object in one of a plurality of runtime environments associated with an encryption framework, wherein the data object is capable of being encrypted using a content encryption key, and wherein the encryption framework is available across the plurality of runtime environments; determining an encryption module implemented in the encryption framework, wherein the encryption module comprises a key service provider that provides a master key and a key wrapping algorithm for the content encryption key in the runtime environment; encrypting the data object using the content encryption key; encrypting the content encryption key using the master key and key wrapping algorithm; and writing the encrypted data object to networked database storage. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory machine readable medium having stored thereon instructions for performing a method comprising machine executable code which when executed by at least one machine, causes the machine to:
-
receive a data object in one of a plurality of runtime environments associated with an encryption framework, wherein the data object is capable of being encrypted using a content encryption key, and wherein the encryption framework is available across the plurality of runtime environments; determine an encryption module implemented in the encryption framework that is compatible with the one of the plurality of runtime environment, wherein the encryption module comprises a key service provider that provides a master key and a key wrapping algorithm for the content encryption key in the runtime environment; encrypt the data object using the content encryption key; encrypt the content encryption key using the master key and key wrapping algorithm; and write the encrypted data object to networked database storage. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification