Customer controlled data privacy protection in public cloud
First Claim
Patent Images
1. A method of protecting data, comprising:
- receiving an indication that a data value to be submitted, using a browser, to a remote node is to be protected, wherein the remote node comprises a cloud-based application or service;
receiving, via a selective data protection interface, an indication that selective data protection is to be activated;
in response to receiving the indication that selective data protection is to be activated, providing one or more fields by which the indication that the data value to be submitted is to be protected is input, wherein the one or more fields respectively correspond to one or more data values to be submitted to the remote node;
receiving an input corresponding to a submission of the data value to the remote node, wherein the data value is included in a set of data values associated with a display page;
in response to receiving the input corresponding to the submission of the data value to the remote node, prompting a user to select a type of encryption to be used for protection of the data value, wherein the type of encryption is related to a policy of the encryption to be used;
automatically determining, by a processor, a security key at least in part by selecting a security key that is associated with the remote node to which the data value is to be submitted, wherein a plurality of security keys are stored in a key store, wherein each of at least some of the plurality of security keys in the key store are associated with an identifier of a corresponding remote node, and wherein selecting the security key that is associated with the remote node includes identifying the security key that is associated with an identifier of the remote node from the plurality of security keys in the key store;
selectively encrypting, by a processor, the data value based at least in part on the security key; and
providing the encrypted data value to the browser to be submitted to the remote node.
9 Assignments
0 Petitions
Accused Products
Abstract
Data to be submitted to a remote node is selectively protected. In various embodiments, an indication is received to protect a data value that is to be submitted, using a browser, to a remote node. A security key that is associated with the remote node is determined automatically. The data value is selectively encrypted using the security key. The encrypted data value is provided to the browser to be submitted to the remote node.
40 Citations
21 Claims
-
1. A method of protecting data, comprising:
-
receiving an indication that a data value to be submitted, using a browser, to a remote node is to be protected, wherein the remote node comprises a cloud-based application or service; receiving, via a selective data protection interface, an indication that selective data protection is to be activated; in response to receiving the indication that selective data protection is to be activated, providing one or more fields by which the indication that the data value to be submitted is to be protected is input, wherein the one or more fields respectively correspond to one or more data values to be submitted to the remote node; receiving an input corresponding to a submission of the data value to the remote node, wherein the data value is included in a set of data values associated with a display page; in response to receiving the input corresponding to the submission of the data value to the remote node, prompting a user to select a type of encryption to be used for protection of the data value, wherein the type of encryption is related to a policy of the encryption to be used; automatically determining, by a processor, a security key at least in part by selecting a security key that is associated with the remote node to which the data value is to be submitted, wherein a plurality of security keys are stored in a key store, wherein each of at least some of the plurality of security keys in the key store are associated with an identifier of a corresponding remote node, and wherein selecting the security key that is associated with the remote node includes identifying the security key that is associated with an identifier of the remote node from the plurality of security keys in the key store; selectively encrypting, by a processor, the data value based at least in part on the security key; and providing the encrypted data value to the browser to be submitted to the remote node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 20, 21)
-
-
17. A system to protect data, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured to; receive an indication that a data value to be submitted to a remote node via the communication interface is to be protected, wherein the remote node comprises a cloud-based application or service; receive, via a selective data protection interface, an indication that selective data protection is to be activated; in response to receiving the indication that selective data protection is to be activated, provide one or more fields by which the indication that the data value to be submitted is to be protected is input, wherein the one or more fields respectively correspond to one or more data values to be submitted to the remote node; receive an input corresponding to a submission of the data value to the remote node, wherein the data value is included in a set of data values associated with a display page; in response to receiving the input corresponding to the submission of the data value to the remote node, prompt a user to select a type of encryption to be used for protection of the data value, wherein the type of encryption is related to a policy of the encryption to be used; automatically determine a security key at least in part by selecting a security key that is associated with the remote node to which the data value is to be submitted, wherein a plurality of security keys are stored in a key store, wherein each of at least some of the plurality of security keys in the key store are associated with an identifier of a corresponding remote node, and wherein selecting the security key that is associated with the remote node includes identifying the security key that is associated with an identifier of the remote node from the plurality of security keys in the key store; selectively encrypting the data value based at least in part on the security key; and providing the encrypted data value to a browser to be submitted to the remote node; and a memory coupled to the processor and configured to provide instructions to the processor. - View Dependent Claims (18)
-
-
19. A computer program product to protect data, the computer program product being embodied in a tangible and non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving an indication that a data value to be submitted, using a browser, to a remote node is to be protected, wherein the remote node comprises a cloud-based application or service; receiving, via a selective data protection interface, an indication that selective data protection is to be activated; in response to receiving the indication that selective data protection is to be activated, providing one or more fields by which the indication that the data value to be submitted is to be protected is input, wherein the one or more fields respectively correspond to one or more data values to be submitted to the remote node; receiving an input corresponding to a submission of the data value to the remote node, wherein the data value is included in a set of data values associated with a display page; in response to receiving the input corresponding to the submission of the data value to the remote node, prompting a user to select a type of encryption to be used for protection of the data value, wherein the type of encryption is related to a policy of the encryption to be used; automatically determining a security key at least in part by selecting a security key that is associated with the remote node to which the data value is to be submitted, wherein a plurality of security keys are stored in a key store, wherein each of at least some of the plurality of security keys in the key store are associated with an identifier of a corresponding remote node, and wherein selecting the security key that is associated with the remote node includes identifying the security key that is associated with an identifier of the remote node from the plurality of security keys in the key store; selectively encrypting the data value based at least in part on the security key; and providing the encrypted data value to the browser to be submitted to the remote node.
-
Specification