Please download the dossier by clicking on the dossier button x
×

Method and system for automatically managing secrets in multiple data security jurisdiction zones

  • US 9,467,477 B2
  • Filed: 11/06/2013
  • Issued: 10/11/2016
  • Est. Priority Date: 11/06/2013
  • Status: Active Grant
First Claim
Patent Images

1. A system for automatically managing secrets in a plurality of data security jurisdiction zones comprising:

  • at least one memory coupled to one or more processors, the at least one memory having stored therein instructions which when executed by any set of the one or more processors, perform a process for automatically managing secrets in the plurality of data security jurisdiction zones, the process for automatically managing secrets in the plurality of data security jurisdiction zones including;

    obtaining data security policy data for the plurality of data security jurisdiction zones, the data security policy data for the plurality of data security jurisdiction zones including data indicating allowed secrets data for each respective data security jurisdiction zone of the plurality of data security jurisdiction zones and prohibited secrets data for each respective data security jurisdiction zone of the plurality of data security jurisdiction zones, the allowed secrets data for each respective data security jurisdiction zone representing one or more secrets allowed to be used to protect data in the respective data security jurisdiction zone, the prohibited secrets data for each respective data security jurisdiction zone of the plurality of data security jurisdiction zones representing one or more secrets that are not allowed to be used to protect data in the respective data security jurisdiction zone;

    obtaining secrets request data representing a request that secrets data be transferred to a resource;

    automatically determining a data security jurisdiction zone of the resource;

    automatically obtaining a portion of the data security policy data corresponding to the data security jurisdiction zone of the resource;

    automatically analyzing the portion of the data security policy data corresponding to the data security jurisdiction zone of the resource to determine the allowed secrets data with respect to the data security jurisdiction zone of the resource;

    identifying one or more secret data classes by classifying the allowed secrets data according to a level of security provided by the allowed secrets data;

    obtaining the allowed secrets data within the one or more secret data classes with respect to the data security jurisdiction zone of the resource; and

    automatically providing the obtained allowed secrets data with respect to the data security jurisdiction zone of the resource to the resource.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×