Secure information flow
First Claim
Patent Images
1. A system comprising:
- a service component implemented by one or more processors and memory and configured to;
receive, from a caller component, a service call request that includes one or more caller permissions; and
respond to the service call request, based at least in part on the one or more caller permissions, to provide information requested by the service call request to the caller component via a secure flow container, wherein the one or more caller permissions pertain to the requested information; and
a creator component implemented by one or more processors and memory to;
create a master secure flow container based at least in part on an environment specification from a data store; and
access configuration or permission data to create the secure flow container as an instance of the master secure flow container;
a monitoring environment implemented by one or more processors and memory and configured to;
determine if the secure flow container is permitted to receive the information provided by the service component;
permit the secure flow container to receive the information; and
determine, based at least in part on the one or more caller permissions, if the secure flow container is permitted to send the information to the caller;
wherein the secure flow container is;
implemented by one or more processors and memory distinct from one or more processors and memory that implement the caller component, and is configured to;
receive the information from the service component as permitted by the monitoring environment; and
send the information to the caller component as permitted by the monitoring environment.
0 Assignments
0 Petitions
Accused Products
Abstract
Secure information flow may include a service receiving a request for data from a caller. The service may respond to the request with the requested data via a secure flow container. The secure flow container may then send the information to the caller component. Before the secure flow container receives or sends the information, a monitoring environment may permit the secure flow container to receive or send the information, respectively.
23 Citations
19 Claims
-
1. A system comprising:
-
a service component implemented by one or more processors and memory and configured to; receive, from a caller component, a service call request that includes one or more caller permissions; and respond to the service call request, based at least in part on the one or more caller permissions, to provide information requested by the service call request to the caller component via a secure flow container, wherein the one or more caller permissions pertain to the requested information; and a creator component implemented by one or more processors and memory to; create a master secure flow container based at least in part on an environment specification from a data store; and access configuration or permission data to create the secure flow container as an instance of the master secure flow container; a monitoring environment implemented by one or more processors and memory and configured to; determine if the secure flow container is permitted to receive the information provided by the service component; permit the secure flow container to receive the information; and determine, based at least in part on the one or more caller permissions, if the secure flow container is permitted to send the information to the caller; wherein the secure flow container is; implemented by one or more processors and memory distinct from one or more processors and memory that implement the caller component, and is configured to; receive the information from the service component as permitted by the monitoring environment; and send the information to the caller component as permitted by the monitoring environment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
performing, by one or more computers; receiving, by a service, a request for data from a caller component; creating, by a creator component, a master secure flow container based at least in part on an environment specification from a data store; creating, based on configuration or permission data, a secure flow container, wherein the secure flow container is implemented by one or more hosts distinct from one or more hosts that implement the caller component, and wherein the secure flow container is an instance of the master secure flow container; transmitting, by the service, the requested data to the secure flow container; determining that the secure flow container is permitted to receive the requested data from the service; in response to said determining that the secure flow container is permitted to receive the requested data, the secure flow container receiving the requested data from the service; determining, based at least in part on one or more caller permissions, that the secure flow container is permitted to provide access to the requested data to the caller; and in response to said determining, based at least in part on the one or more caller permissions, that the secure flow container is permitted to provide access to the requested data to the caller, the secure flow container providing access to the requested data to the caller. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
18. A non-transitory, computer-readable storage medium storing program instructions, wherein the program instructions are computer-executable to implement:
-
a master secure flow container based at least in part on an environment specification from a data store; and a secure flow container, derived based at least in part on the master secure follow container, the secure flow container configured to; receive, from a caller component, a set of permissions, wherein the caller component is implemented by one or more hosts distinct from one or more hosts that implement the secure flow container; receive, in response to a monitor intercepting and permitting a request from a service component to the secure flow container, the request from the service component to provide data to the caller component, wherein the set of permissions pertain to the requested data; and provide, in response to the monitor intercepting and permitting a transmission from the service flow container to the caller and based at least in part on the received set of permissions, the requested data to the caller component. - View Dependent Claims (19)
-
Specification