Enhanced system security
First Claim
1. A method of maintaining the confidentiality of data provided by an organization for storage on a database system including a server and a database, the method comprising:
- receiving, by the server, data encrypted on an internal network of the organization using a first key, wherein the first key is stored on the internal network of the organization, the internal network being separate from an external network having the server of the database system by a firewall;
storing, by the server, the encrypted data on the database in association with metadata usable to locate the first key on the internal network of the organization;
providing, by the server, a login page allowing a user of a computing device on the internal network of the organization to log in as a client of the database system,receiving, by the server, a request for the encrypted data from the computing device; and
sending, by the server, the encrypted data with the associated metadata to the computing device, wherein the metadata is usable by the computing device to locate the first key on the internal network of the organization and decrypt the encrypted data using the first key.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for maintaining the confidentiality of data provided by an organization for storage on a third party database system are provided. The data can be encrypted on an internal network of the organization and sent to the third party database system for storage. The third party database system can associate metadata with the encrypted data and can store the encrypted data. Accordingly, when a request for the encrypted data is received from a computing device communicating with an internal network of the organization, the encrypted data and associated metadata can be sent to the computing device. A key that is stored on an internal network of the organization can be called through an applet, which utilizes information within the metadata to locate the key on the internal network of the organization.
-
Citations
20 Claims
-
1. A method of maintaining the confidentiality of data provided by an organization for storage on a database system including a server and a database, the method comprising:
-
receiving, by the server, data encrypted on an internal network of the organization using a first key, wherein the first key is stored on the internal network of the organization, the internal network being separate from an external network having the server of the database system by a firewall; storing, by the server, the encrypted data on the database in association with metadata usable to locate the first key on the internal network of the organization; providing, by the server, a login page allowing a user of a computing device on the internal network of the organization to log in as a client of the database system, receiving, by the server, a request for the encrypted data from the computing device; and sending, by the server, the encrypted data with the associated metadata to the computing device, wherein the metadata is usable by the computing device to locate the first key on the internal network of the organization and decrypt the encrypted data using the first key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system of maintaining confidentiality of data provided by an organization for storage on a database, the system comprising:
-
one or more processors; a network interface to an external network separated from an internal network of the organization by a firewall; and a memory for storing instructions to control the processors, the instructions being executable by the one or more processors to; receive data encrypted on an internal network of the organization using a first key, wherein the first key is stored on the internal network of the organization; store the encrypted data on the database in association with metadata usable to locate the first key on the internal network of the organization; receive a request for the encrypted data from a computing device communicating on the internal network of the organization; and send the encrypted data with the associated metadata to the computing device, wherein the metadata is usable by the computing device to locate the first key on the internal network of the organization and decrypt the encrypted data using the first key.
-
-
16. A method of maintaining the confidentiality of data provided by an organization for storage on a database system including a server and a database, the method comprising:
-
receiving, by the server, data encrypted on an internal network of the organization using a key, wherein the key is stored on the internal network of the organization and the internal network is separate from an external network having the server of the database system by a firewall; storing, by the server, the encrypted data on the database in association with metadata including key location information usable to locate the key on the internal network of the organization; providing, by the server, a webpage allowing a user of a computing device communicating on the internal network of the organization to log in as a client of the database system; receiving, by the server, a request for a page including the encrypted data from the computing device; and sending, by the server, the encrypted data and the associated metadata to the computing device as part of the requested page, wherein the associated metadata is usable by the computing device to locate the key on the internal network of the organization and decrypt the encrypted data using the key. - View Dependent Claims (17, 18, 19, 20)
-
Specification