Method and apparatus for enforcing storage encryption for data stored in a cloud
First Claim
1. A method comprising:
- providing a request to store at least a first piece of data, the at least first piece of data being included in a set of information, the set of information further including a first piece of information, the request being provided to a cloud application provider, wherein the request to store the at least first piece of data is a request to store the at least first piece of data in a first encrypted form on a cloud associated with the cloud application provider;
determining whether the cloud application provider is capable of encrypting the at least first piece of data;
providing the at least first piece of data to the cloud application provider if it is determined that the cloud application provider is capable of encrypting the at least first piece of data;
encrypting the at least first piece of data to create the first encrypted form if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data;
providing the first encrypted form to the cloud application provider if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data; and
providing the first piece of information to the cloud application provider, the first piece of information being in an unencrypted form;
wherein determining whether the cloud application provider is capable of encrypting the at least first piece of data includes determining whether the cloud application provider is capable of encrypting the at least first piece of data at a first level of encryption,wherein when it is determined that the cloud application provider is not capable of encrypting the at least first piece of data at the first level of encryption, the method further includes;
determining whether the cloud application provider is capable of encrypting the at least first piece of data at a second level of encryption, the second level of encryption being a minimum encryption standard.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a method includes providing a request to store at least a first piece of data. The request to store the first piece of data is a request to store the first piece of data in a first encrypted form on a cloud associated with the cloud application provider. The method also includes determining whether the cloud application provider is capable of encrypting the first piece of data, and providing the first piece of data to the cloud application provider if it is determined that the cloud application provider is capable of encrypting the first piece of data. If it is determined that the cloud application provider is not capable of encrypting the first piece of data, the method further includes encrypting the first piece of data to create the first encrypted form and providing the first encrypted form to the cloud application provider.
-
Citations
20 Claims
-
1. A method comprising:
-
providing a request to store at least a first piece of data, the at least first piece of data being included in a set of information, the set of information further including a first piece of information, the request being provided to a cloud application provider, wherein the request to store the at least first piece of data is a request to store the at least first piece of data in a first encrypted form on a cloud associated with the cloud application provider; determining whether the cloud application provider is capable of encrypting the at least first piece of data; providing the at least first piece of data to the cloud application provider if it is determined that the cloud application provider is capable of encrypting the at least first piece of data; encrypting the at least first piece of data to create the first encrypted form if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data; providing the first encrypted form to the cloud application provider if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data; and providing the first piece of information to the cloud application provider, the first piece of information being in an unencrypted form; wherein determining whether the cloud application provider is capable of encrypting the at least first piece of data includes determining whether the cloud application provider is capable of encrypting the at least first piece of data at a first level of encryption, wherein when it is determined that the cloud application provider is not capable of encrypting the at least first piece of data at the first level of encryption, the method further includes; determining whether the cloud application provider is capable of encrypting the at least first piece of data at a second level of encryption, the second level of encryption being a minimum encryption standard. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A tangible, non-transitory computer-readable medium comprising computer program code, the computer program code, when executed, configured to:
-
provide a request to store at least a first piece of data, the at least first piece of data being included in a set of information, the set of information further including a first piece of information, the request being provided to a cloud application provider, wherein the request to store the at least first piece of data is a request to store the at least first piece of data in a first encrypted form on a cloud associated with the cloud application provider; determine whether the cloud application provider is capable of encrypting the at least first piece of data; provide the at least first piece of data to the cloud application provider if it is determined that the cloud application provider is capable of encrypting the at least first piece of data; encrypt the at least first piece of data to create the first encrypted form if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data; provide the first encrypted form to the cloud application provider if it is determined that the cloud application provider is not capable of encrypting the at least first piece of data; and providing the first piece of information to the cloud application provider, the first piece of information being in an unencrypted form; wherein the computer program code configured to determine whether the cloud application provider is capable of encrypting the at least first piece of data is configured to determine whether the cloud application provider is capable of encrypting the at least first piece of data at a first level of encryption, wherein when it is determined that the cloud application provider is not capable of encrypting the at least first piece of data at the first level of encryption, the computer program code is further configured to determine whether the cloud application provider is capable of encrypting the at least first piece of data at a second level of encryption, the second level of encryption being a minimum encryption standard. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
a communications interface, the communications interface configured to enable network communications with a cloud application provider; a hardware processing arrangement; and logic embodied on a tangible, non-transitory computer-readable medium, the logic configured to be executed by the hardware processing arrangement, wherein the logic includes communications logic and encryption logic, the communications logic being configured to determine whether the cloud application provider is capable of encrypting a first piece of data included in a set of information that also includes a first piece of information, and configured to provide the first piece of data to the cloud application provider when it is determined that the cloud application provider is capable of encrypting the first piece of data, the encryption logic being configured to encrypt the first piece of data to form a first encrypted piece of data when it is determined that the cloud application provider is not capable of encrypting the first piece of data, and wherein the communications logic is further configured to provide the first encrypted piece of data to the cloud application provider and to provide the first piece of information to the cloud application provider in an unencrypted form; wherein determining whether the cloud application provider is capable of encrypting the first piece of data includes determining whether the cloud application provider is capable of encrypting the first piece of data at a first level of encryption, wherein when it is determined that the cloud application provider is not capable of encrypting the first piece of data at the first level of encryption, determining whether the cloud application provider is capable of encrypting the first piece of data at a second level of encryption, the second level of encryption being a minimum encryption standard. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
providing a request to store a set of information, the set of information including a first piece of data and a second set of data, the first piece of data being sensitive, the second piece of data being not sensitive, the request being provided from a gateway to a cloud application provider, wherein the request to store the set of information includes a request to store the first piece of data in a first encrypted form on a cloud associated with the cloud application provider; determining whether the cloud application provider is capable of encrypting the first piece of data to a first level of encryption; providing the a first piece of data from the gateway to the cloud application provider if it is determined that the cloud application provider is capable of encrypting the first piece of data to the first level of encryption; encrypting the first piece of data at the gateway to create the first encrypted form if it is determined that the cloud application provider is not capable of encrypting the first piece of data to the first level of encryption; providing the first encrypted form to the cloud application provider if it is determined that the cloud application provider is not capable of encrypting the first piece of data to the first level of encryption; and providing the second piece of data to the cloud application provider, the second piece of data being in an unencrypted form; wherein when it is determined that the cloud application provider is not capable of encrypting the first piece of data to the first level of encryption, determining whether the cloud application provider is capable of encrypting the first piece of data to a second level of encryption, the second level of encryption being a minimum encryption standard.
-
Specification