Managing security in a computing environment
First Claim
1. A method for managing data security in a computing environment, said method comprising:
- in response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, said processor generating, for each message, at least one unique encryption key for encrypting and decrypting data, sending each encryption key of the at least one generated encryption key to the user device, and not storing any of the generated encryption keys in a cloud comprising a plurality of interconnected computing systems external to the user device, wherein the at least one generated encryption key comprises a first encryption key;
for each encryption key of the at least one generated encryption key having been sent to the user device, said processor receiving each sent encryption key of the at least one generated encryption key returned from the user device; and
for each received encryption key, said processor validating each received encryption key for use by the processor to encrypt data to be stored in the cloud, wherein said validating each received encryption key comprises storing each received encryption key in the cloud at a time specific to each received encryption key, wherein said storing each received encryption key in the cloud comprises storing the first encryption key in the cloud at a first key storage time.
2 Assignments
0 Petitions
Accused Products
Abstract
In response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, the processor generates at least one unique encryption key for each message and sends the at least one generated encryption key to the user device, but does not store any of the generated encryption keys in the cloud. For each encryption key having been sent to the user device, the processor receives each encryption key returned from the user device. For each encryption key received from the user device, the processor stores each received encryption key in the cloud.
60 Citations
20 Claims
-
1. A method for managing data security in a computing environment, said method comprising:
-
in response to at least one message received by a processor of a gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, said processor generating, for each message, at least one unique encryption key for encrypting and decrypting data, sending each encryption key of the at least one generated encryption key to the user device, and not storing any of the generated encryption keys in a cloud comprising a plurality of interconnected computing systems external to the user device, wherein the at least one generated encryption key comprises a first encryption key; for each encryption key of the at least one generated encryption key having been sent to the user device, said processor receiving each sent encryption key of the at least one generated encryption key returned from the user device; and for each received encryption key, said processor validating each received encryption key for use by the processor to encrypt data to be stored in the cloud, wherein said validating each received encryption key comprises storing each received encryption key in the cloud at a time specific to each received encryption key, wherein said storing each received encryption key in the cloud comprises storing the first encryption key in the cloud at a first key storage time. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product, comprising a computer readable storage device having computer readable program code stored therein, said program code containing instructions which, upon being executed by a processor of a gateway server of a computer system implements a method for managing data security in a computing environment, said method comprising:
-
in response to at least one message received by the processor of the gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, said processor generating, for each message, at least one unique encryption key for encrypting and decrypting data, sending each encryption key of the at least one generated encryption key to the user device, and not storing any of the generated encryption keys in a cloud comprising a plurality of interconnected computing systems external to the user device, wherein the at least one generated encryption key comprises a first encryption key; for each encryption key of the at least one generated encryption key having been sent to the user device, said processor receiving each sent encryption key of the at least one generated encryption key returned from the user device; and for each received encryption key, said processor validating each received encryption key for use by the processor to encrypt data to be stored in the cloud, wherein said validating each received encryption key comprises storing each received encryption key in the cloud at a time specific to each received encryption key, wherein said storing each received encryption key in the cloud comprises storing the first encryption key in the cloud at a first key storage time. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer system comprising a gateway server that includes a processor, a memory coupled to the processor, and a computer readable storage device coupled to the processor, said storage device containing program code which, upon being executed by the processor, implements a method for managing data security in a computing environment, said method comprising:
-
in response to at least one message received by the processor of the gateway server from a user device wherein each message requests that an encryption key be downloaded to the user device, said processor generating, for each message, at least one unique encryption key for encrypting and decrypting data, sending each encryption key of the at least one generated encryption key to the user device, and not storing any of the generated encryption keys in a cloud comprising a plurality of interconnected computing systems external to the user device, wherein the at least one generated encryption key comprises a first encryption key; for each encryption key of the at least one generated encryption key having been sent to the user device, said processor receiving each sent encryption key of the at least one generated encryption key returned from the user device; and for each received encryption key, said processor validating each received encryption key for use by the processor to encrypt data to be stored in the cloud, wherein said validating each received encryption key comprises storing each received encryption key in the cloud at a time specific to each received encryption key, wherein said storing each received encryption key in the cloud comprises storing the first encryption key in the cloud at a first key storage time. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification