Compromise free cloud data encryption and security
First Claim
Patent Images
1. A system comprising:
- a central computing authority; and
a network of computing devices, at least some of the computing devices being pod computing devices physically hosted by an operator, wherein the pod computing devices include a first pod computing device comprising;
a central processing unit;
computer readable storage media in data communication with the central processing unit and storing data instructions therein executable by the central processing unit, the computer readable storage media comprising;
volatile memory;
non-volatile memory in data communication with the central processing unit;
a data communication device configured to securely communicate, using encrypted communications, across a data communication network with a first user computing device, the central computing authority, and other computing devices in the network;
wherein the data instructions are executable by the central processing unit to cause the central processing unit to;
receive a first user identifier, a first password, and a private key from the first user assigned to the first pod computing device using the data communication device;
store the first user identifier and the password in the computer readable storage media to identify the first user as an owner of the first pod computing device; and
store the private key in the volatile memory, such that the private key is erased from the computer readable storage media when the volatile memory loses power;
a database storing first user data in the non-volatile memory, wherein the first user data is encrypted in the database using the private key of the first user, such that the first user data is not accessible to the operator hosting the first pod computing device;
wherein the data instructions are further executable by the central processing unit to cause the central processing unit to;
write user data to the database;
read encrypted user data from the database;
decrypt, using the private key, the encrypted user data and store unencrypted user data in the volatile memory;
index at least some of the user data to perform searching or sorting of the user data; and
execute an interface engine for communication with the first user computing device, the interface engine comprising one of;
an application programming interface, and an application configured to generate a user interface to interact with the first user through the first computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
A cloud data encryption and security system includes a central computing authority and a network of computing devices. At least some of the computing devices are pod computing devices physically hosted by an operator. The pod computing devices include a central processing unit and a computer readable storage media in data communication with the central processing unit. Data is encrypted in the computer readable storage media so that the owner can access the data but the operator cannot access the data.
5 Citations
28 Claims
-
1. A system comprising:
-
a central computing authority; and a network of computing devices, at least some of the computing devices being pod computing devices physically hosted by an operator, wherein the pod computing devices include a first pod computing device comprising; a central processing unit; computer readable storage media in data communication with the central processing unit and storing data instructions therein executable by the central processing unit, the computer readable storage media comprising; volatile memory; non-volatile memory in data communication with the central processing unit; a data communication device configured to securely communicate, using encrypted communications, across a data communication network with a first user computing device, the central computing authority, and other computing devices in the network; wherein the data instructions are executable by the central processing unit to cause the central processing unit to; receive a first user identifier, a first password, and a private key from the first user assigned to the first pod computing device using the data communication device; store the first user identifier and the password in the computer readable storage media to identify the first user as an owner of the first pod computing device; and store the private key in the volatile memory, such that the private key is erased from the computer readable storage media when the volatile memory loses power; a database storing first user data in the non-volatile memory, wherein the first user data is encrypted in the database using the private key of the first user, such that the first user data is not accessible to the operator hosting the first pod computing device; wherein the data instructions are further executable by the central processing unit to cause the central processing unit to; write user data to the database; read encrypted user data from the database; decrypt, using the private key, the encrypted user data and store unencrypted user data in the volatile memory; index at least some of the user data to perform searching or sorting of the user data; and execute an interface engine for communication with the first user computing device, the interface engine comprising one of;
an application programming interface, and an application configured to generate a user interface to interact with the first user through the first computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A pod computing device comprising:
-
a processing device; a communication device configured to securely communicate, using encrypted communications, across a data communication network with a computing device of a remote user, a central computing authority, and other computing devices in a network; computer readable storage media comprising; a volatile storage device; and a non-volatile storage device in data communication with the processing device; the computer readable storage media storing data instructions, which when executed by the processing device cause the processing device to; receive a first user identifier, a first password, and a private key from the computing device of the remote user assigned to the pod computing device through the communication device; store the first user identifier and the password in the computer readable storage media to identify the remote user as an owner of the pod computing device; store the private key in the volatile storage device, such that the private key is erased from the computer readable storage media when the volatile memory loses power; a database storing data in the non-volatile memory, wherein the data is encrypted in the database using the private key, such that the data is not accessible to an operator hosting the pod computing device; wherein the data instructions are further executable by the processing device to cause the processing device to; write data to the database; read encrypted data from the database; decrypt the encrypted data using the private key, and store unencrypted data in the volatile memory; index at least some of the data to perform searching or sorting of the data; and execute an interface engine for communication with the computing device of the remote user, the interface engine comprising one of;
an application programming interface, and an application configured to generate a user interface to interact with the remote user through the computing device of the remote user. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A rack mountable server computing device, comprising:
-
a tray storing a plurality of pod computing devices, wherein each pod computing device comprises; a processing device; a communication device configured to securely communicate, using encrypted communications, across a data communication network with a computing device of a remote user, a central computing authority, and other computing devices in a network; non-transitory computer readable storage media comprising; a volatile storage device; and a non-volatile storage device in data communication with the processing device; the computer readable storage media storing data instructions, which when executed by the processing device cause the processing device to; receive a first user identifier, a first password, and a private key from the computing device of the remote user assigned to the pod computing device through the communication device; store the first user identifier and the password in the computer readable storage media to identify the remote user as an owner of the pod computing device; store the private key in the volatile storage device, such that the private key is erased from the computer readable storage media when the volatile memory loses power; a database storing data in the non-volatile memory, wherein the data is encrypted in the database using the private key, such that the data is not accessible to an operator hosting the pod computing device; wherein the data instructions are further executable by the processing device to cause the processing device to; write data to the database; read encrypted data from the database; decrypt the encrypted data using the private key, and store unencrypted data in the volatile memory; index at least some of the data to perform searching or sorting of the data; and execute an interface engine for communication with the computing device of the remote user, the interface engine comprising one of;
an application programming interface, and an application configured to generate a user interface to interact with the remote user through the computing device of the remote user. - View Dependent Claims (24, 25, 26, 27)
-
-
28. A method of operating a pod computing device, the pod computing device comprising:
-
a processing device; a communication device configured to securely communicate, using encrypted communications, across a data communication network with a computing device of a remote user, a central computing authority, and other computing devices in a network; computer readable storage media comprising; a volatile storage device; and a non-volatile storage device in data communication with the processing device; and a database storing data in the non-volatile memory, wherein the data is encrypted in the database using a private key, such that the data is not accessible to an operator hosting the pod computing device; the method comprising; receiving at the pod computing device a first user identifier, a first password, and the private key from a computing device of the remote user assigned to the pod computing device through the communication device; storing the first user identifier and the password in the computer readable storage media to identify the remote user as an owner of the pod computing device; storing the private key in the volatile storage device, such that the private key is erased from the computer readable storage media when the volatile memory loses power; write data to the database; read encrypted data from the database; decrypt the encrypted data using the private key, and store unencrypted data in the volatile memory; index at least some of the data to perform at least one of searching and sorting of the data; and execute an interface engine for communication with the computing device of the remote user, the interface engine comprising at least one of;
an application programming interface, and an application configured to generate a user interface to interact with the remote user through the computing device of the remote user.
-
Specification