Method and apparatus for multi-tenancy secrets management

US 9,282,122 B2
Filed: 04/30/2014
Issued: 03/08/2016
Est. Priority Date: 04/30/2014
Status: Active Grant

First Claim

Patent Images

1. A computing system implemented method for managing secrets of tenants of a multi-tenant computing environment, comprising:

maintaining, by a service provider computing system, a service provider secrets policy,wherein the service provider secrets policy includes security requirements associated with the secrets of tenants within the multi-tenant computing environment;

receiving, by the service provider computing system, a first tenant secrets policy from a first tenant computing system for a first tenant of the multi-tenant computing environment;

receiving a request from the first tenant computing system to apply the first tenant secrets policy to at least one multi-tenant asset in the multi-tenant computing environment;

in response to receiving the request from the first tenant computing system, comparing the first tenant secrets policy with the security requirements of the service provider secrets policy;

if the first tenant secrets policy satisfies the security requirements, authorizing, with the service provider computing system, the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset;

if the first tenant secrets policy fails the security requirements, rejecting the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset; and

applying the first tenant secrets policy to the at least one multi-tenant asset if the request from the first tenant computing system is authorized.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A service provider computing environment includes a service provider secrets policy. A service provider computing device receives tenant secrets policies from tenants. The tenants are tenants of multi-tenant assets of a service provider. The service provider computing environment determines of the tenant secrets policies satisfy the requirements of the service provider secrets policy. If the tenant secrets policies satisfy the requirements of the service provider secrets policy, the service provider computing environment allows the tenant secrets policies to be applied to tenant data or information in the multi-tenant assets.

81 Citations

View as Search Results

30 Claims

1. A computing system implemented method for managing secrets of tenants of a multi-tenant computing environment, comprising:
- maintaining, by a service provider computing system, a service provider secrets policy,wherein the service provider secrets policy includes security requirements associated with the secrets of tenants within the multi-tenant computing environment;
  
  receiving, by the service provider computing system, a first tenant secrets policy from a first tenant computing system for a first tenant of the multi-tenant computing environment;
  
  receiving a request from the first tenant computing system to apply the first tenant secrets policy to at least one multi-tenant asset in the multi-tenant computing environment;
  
  in response to receiving the request from the first tenant computing system, comparing the first tenant secrets policy with the security requirements of the service provider secrets policy;
  
  if the first tenant secrets policy satisfies the security requirements, authorizing, with the service provider computing system, the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset;
  
  if the first tenant secrets policy fails the security requirements, rejecting the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset; and
  
  applying the first tenant secrets policy to the at least one multi-tenant asset if the request from the first tenant computing system is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computing system implemented method of claim 1 further comprising:
    - receiving, by the service provider computing system, a second tenant secrets policy from a second tenant computing system for a second tenant of the multi-tenant computing environment.
  - 3. The computing system implemented method of claim 2 wherein receiving the first tenant secrets policy includes receiving first tenant secrets,wherein receiving the second tenant secrets policy includes receiving second tenant secrets, the method further comprising:
    - maintaining a first log of one or more of use, copying, deletion, receipt, transfer, transmission, backup, and restoration of the first tenant secrets;
      
      maintaining a second log of one or more of use, copying, deletion, receipt, transfer, transmission, backup, and restoration of the second tenant secrets;
      
      providing the first log to the first tenant computing system, in response to receiving a request for the first log from the first tenant computing system; and
      
      providing the second log to the second tenant computing system, in response to receiving a request for the second log from the second tenant computing system.
  - 4. The computing system implemented method of claim 2, further comprising:
    - maintaining a cross-tenant policy that includes rules associated with sharing first tenant secrets with the second tenant computing system, and with sharing second tenant secrets with the first tenant computing system.
  - 5. The computing system implemented method of claim 2, further comprising:
    - maintaining a cross-tenant policy,wherein the cross-tenant policy includes rules and exceptions for enabling the at least one multi-tenant asset to concurrently use first tenant secrets and second tenant secrets to decrypt encrypted user data,wherein the at least one multi-tenant asset is shared by the first tenant and the second tenant.
  - 6. The computing system implemented method of claim 2 wherein the first tenant secrets policy includes rules for applying first tenant secrets and the second tenant secrets policy includes rules for applying second tenant secrets, wherein the first tenant secrets and the second tenant secrets include encryption keys,wherein the security requirements of the service provider secrets policy include a minimum frequency by which the encryption keys are required to be rotated if some of the encryption keys are applied by either the first tenant or the second tenant to data stored by the at least one multi-tenant asset in the multi-tenant computing environment.
  - 7. The computing system implemented method of claim 2 wherein the request from the first tenant computing system is a first request, the method further comprising:
    - receiving a second request from the second tenant computing system to apply the second tenant secrets policy to the at least one multi-tenant asset in the multi-tenant computing environment;
      
      in response to receiving the second request from the second tenant computing system, comparing the second tenant secrets policy with the security requirements of the service provider secrets policy; and
      
      if the second tenant secrets policy satisfies the security requirements, authorizing the second request from the second tenant computing system and applying the second tenant secrets policy to the at least one multi-tenant asset.
  - 8. The computing system implemented method of claim 1 wherein applying the first tenant secrets policy includes applying, by the service provider, the first tenant secrets policy to the at least one multi-tenant asset.
  - 9. The computing system implemented method of claim 1 wherein applying the first tenant secrets policy includes applying, by the first tenant computing system, the first tenant secrets policy to the at least one multi-tenant asset.
  - 10. The computing system implemented method of claim 2 wherein the at least one multi-tenant asset includes at least one:
    - application shared by the first tenant and the second tenant;
      
      server computing system shared by the first tenant and the second tenant; and
      
      non-volatile memory device shared by the first tenant and the second tenant.

11. A computing system implemented method for managing secrets of customers of a service provider for a multi-tenant computing environment, comprising:
- maintaining, by a service provider computing system, a service provider security policy that includes security requirements for the customers of a multi-tenant asset,wherein the multi-tenant asset is hosted for the customers by the service provider,wherein the multi-tenant asset includes at least one of;
  
  an application shared by the customers;
  
  a server computing system shared by customers;
  
  a virtual machine; and
  
  non-volatile memory device logically divided between at least two of the customers;
  
  receiving a request from a first one of the customers to apply a first customer security policy to a part of the multi-tenant asset allocated to the first one of the customers,wherein the first customer security policy includes rules for managing first customer secrets with the multi-tenant asset in the multi-tenant computing environment;
  
  comparing the first customer security policy of the request from the first one of the customers to the service provider security policy; and
  
  if the first customer security policy is at least as restrictive as the service provider security policy, authorizing the request from the first one of the customers to enable the first one of the customers to apply the first customer security policy to the part of the multi-tenant asset allocated to the first one of the customers.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computing system implemented method of claim 11, further comprising:
    - receiving, by the service provider computing system, a second request from a second one of the customers for access to the first customer secrets to enable the second one of the customers to execute an operation associated with the multi-tenant asset;
      
      accessing a cross-tenant security policy maintained by the service provider computing system to determine access rights of the second one of the customers to the first customer secrets; and
      
      authorizing the second request from the second one of the customers if the cross-tenant security policy includes access rights for the second one of the customers to the first customer secrets for the operation associated with the multi-tenant asset.
  - 13. The computing system implemented method of claim 11 wherein the first customer secrets include one or more passwords, encryption keys, and digital certificates that are required to access data of the first one of the customers within the multi-tenant asset.
  - 14. The computing system implemented method of claim 11, further comprising:
    - receiving, by the multi-tenant asset, the first customer secrets and second customer secrets;
      
      managing, with the service provider computing system, the first customer secrets and the second customer secrets received by the multi-tenant asset;
      
      recording a first log associated with managing the first customer secrets and a second log associated with managing the second customer secrets; and
      
      providing the first log to the first one of the customers and the second log to the second one of the customers.
  - 15. The computing system implemented method of claim 14, wherein providing the first log and the second log includes hosting a user interface for viewing and retrieving the first log and the second log.

16. A system for managing secrets of tenants of a multi-tenant computing environment, the system comprising:
- at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for managing secrets of tenants of the multi-tenant computing environment, the process including;
  
  maintaining, by a service provider computing system, a service provider secrets policy,wherein the service provider secrets policy includes security requirements associated with the secrets of tenants within the multi-tenant computing environment;
  
  receiving, by the service provider computing system, a first tenant secrets policy from a first tenant computing system for a first tenant of the multi-tenant computing environment;
  
  receiving a request from the first tenant computing system to apply the first tenant secrets policy to at least one multi-tenant asset in the multi-tenant computing environment;
  
  in response to receiving the request from the first tenant computing system, comparing the first tenant secrets policy with the security requirements of the service provider secrets policy;
  
  if the first tenant secrets policy satisfies the security requirements, authorizing, with the service provider computing system, the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset;
  
  if the first tenant secrets policy fails the security requirements, rejecting the request from the first tenant computing system to apply the first tenant secrets policy to the at least one multi-tenant asset; and
  
  applying the first tenant secrets policy to the at least one multi-tenant asset if the request from the first tenant computing system is authorized.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The system of claim 16 further comprising:
    - receiving, by the service provider computing system, a second tenant secrets policy from a second tenant computing system for a second tenant of the multi-tenant computing environment.
  - 18. The system of claim 17 wherein receiving the first tenant secrets policy includes receiving first tenant secrets,wherein receiving the second tenant secrets policy includes receiving second tenant secrets, the process further comprising:
    - maintaining a first log of one or more of use, copying, deletion, receipt, transfer, transmission, backup, and restoration of the first tenant secrets;
      
      maintaining a second log of one or more of use, copying, deletion, receipt, transfer, transmission, backup, and restoration of the second tenant secrets;
      
      providing the first log to the first tenant computing system, in response to receiving a request for the first log from the first tenant computing system; and
      
      providing the second log to the second tenant computing system, in response to receiving a request for the second log from the second tenant computing system.
  - 19. The system of claim 17 wherein the process further comprises:
    - maintaining a cross-tenant service policy that includes rules associated with sharing first tenant secrets with the second tenant computing system, and with sharing second tenant secrets with the first tenant computing system.
  - 20. The system of claim 17 wherein the process further comprises:
    - maintaining a cross-tenant policy,wherein the cross-tenant policy includes rules and exceptions for enabling the at least one multi-tenant asset to concurrently use first tenant secrets and second tenant secrets to decrypt encrypted user data,wherein the at least one multi-tenant asset is shared by the first tenant and the second tenant.
  - 21. The system of claim 17 wherein the first tenant secrets policy includes rules for applying first tenant secrets and the second tenant secrets policy includes rules for applying second tenant secrets, wherein the first tenant secrets and the second tenant secrets include encryption keys,wherein the security requirements of the service provider secrets policy include a minimum frequency by which the encryption keys are required to be rotated if some of the encryption keys are applied by either the first tenant or the second tenant to data stored by the at least one multi-tenant asset in the multi-tenant computing environment.
  - 22. The system of claim 17 wherein the request from the first tenant computing system is a first request, the process further comprising:
    - receiving a second request from the second tenant computing system to apply the second tenant secrets policy to the at least one multi-tenant asset in the multi-tenant computing environment;
      
      in response to receiving the second request from the second tenant computing system, comparing the second tenant secrets policy with the security requirements of the service provider secrets policy; and
      
      if the second tenant secrets policy satisfies the security requirements, authorizing the second request from the second tenant computing system and applying the second tenant secrets policy to the at least one multi-tenant asset.
  - 23. The system of claim 16 wherein applying the first tenant secrets policy includes applying, by the service provider, the first tenant secrets policy to the at least one multi-tenant asset.
  - 24. The system of claim 16 wherein applying the first tenant secrets policy includes applying, by the first tenant computing system, the first tenant secrets policy to the at least one multi-tenant asset.
  - 25. The system of claim 17 wherein the at least one multi-tenant asset includes at least one:
    - an application shared by the first tenant and the second tenant;
      
      a server computing system shared by the first tenant and the second tenant; and
      
      non-volatile memory device shared by the first tenant and the second tenant.

26. A system for managing secrets of customers of a service provider for a multi-tenant computing environment, comprising:
- at least one processor; and
  
  at least one memory coupled to the at least one processor, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for managing secrets of customers of a service provider for a multi-tenant computing environment, the process including;
  
  maintaining, by a service provider computing system, a service provider security policy that includes security requirements for customers of a multi-tenant asset,wherein the multi-tenant asset is hosted for the customers by the service provider,wherein the multi-tenant asset includes at least one of;
  
  an application shared by the customers;
  
  server computing system shared by customers;
  
  a virtual machine; and
  
  non-volatile memory device logically divided between at least some of the customers;
  
  receiving a request from a first one of the customers to apply a first customer security policy to a part of the multi-tenant asset allocated to the first one of the customers,wherein the first customer security policy includes rules for managing first customer secrets with the multi-tenant asset in the multi-tenant computing environment;
  
  comparing the first customer security policy of the request from the first one of the customers to the service provider security policy; and
  
  if the first customer security policy is at least as restrictive as the service provider security policy, authorizing the request from the first one of the customers to enable the first one of the customers to apply the first customer security policy to the part of the multi-tenant asset allocated to the first one of the customers.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The system of claim 26 wherein the process further comprises:
    - receiving, by the service provider computing system, a second request from a second one of the customers for access to the first customer secrets to enable the second one of the customers to execute an operation associated with the multi-tenant asset;
      
      accessing a cross-tenant security policy maintained by the service provider computing system to determine access rights of the second one of the customers to the first customer secrets; and
      
      authorizing the second request from the second one of the customers if the cross-tenant security policy includes access rights for the second one of the customers to the first customer secrets for the operation associated with the multi-tenant asset.
  - 28. The system of claim 26 wherein the first customer secrets include one or more passwords, encryption keys, and digital certificates that are required to access data of the first one of the customers within the multi-tenant asset.
  - 29. The system of claim 26 wherein the process further comprises:
    - receiving, by the multi-tenant asset, the first customer secrets and second customer secrets;
      
      managing, with the service provider computing system, the first customer secrets and the second customer secrets received by the multi-tenant asset;
      
      recording a first log associated with managing the first customer secrets and a second log associated with managing the second customer secrets; and
      
      providing the first log to the first one of the customers and the second log to the second one of the customers.
  - 30. The system of claim 29, wherein providing the first log and the second log includes hosting a user interface for viewing and retrieving the first log and the second log.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Cabrera, Luis Felipe, Lietz, M. Shannon
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US14/265,930
Publication Number

US 20150319192A1
Time in Patent Office

678 Days
Field of Search

726 1- 4, 726/18, 726/26, 713/167, 713/176, 713/180, 713/193, 707/783
US Class Current

1/1
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/108   when the policy decisions a...

H04L 63/20   for managing network securi...

H04L 63/205   involving negotiation or de...

Method and apparatus for multi-tenancy secrets management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

81 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for multi-tenancy secrets management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links