ACCESS TO DATA STORED IN A CLOUD
First Claim
1. A method for accessing data stored in a cloud,(a) in which a request for access to the data is transmitted from a rights application to a rights server,(b) in which the rights server checks, on the basis of the request from the rights application, whether access to the data is allowed,(c) in which, if access to the data is allowed, the rights server provides the rights application with an item of access information,(d) in which the rights application accesses the data.
2 Assignments
0 Petitions
Accused Products
Abstract
It is proposed that known digital rights management (EDRM: Enterprise Digital Rights Management) be extended such that control over the access to data stored in a cloud remains with the user or originator of the data. This requires the access information to be coordinated between a rights application in the cloud and a rights server in the region of the user (that is to say outside the cloud). A rights policy can be used for fine-grained regulation of the access for users (user groups), computers (client, server) and validity periods. In this context, the access comprises a wide variety of actions which can be performed with the data. In particular, it is advantageous that a server application is provided with (temporally limited) access to a portion of the data in order to index said data, for example, without the server being able to access the complete contents of the data in the process. By way of example, the approach for works for document management and for databases that have been relocated in the cloud. The invention can be used for any type of distributed data processing in which the data are intended to be protected against unauthorized access operations.
24 Citations
16 Claims
-
1. A method for accessing data stored in a cloud,
(a) in which a request for access to the data is transmitted from a rights application to a rights server, (b) in which the rights server checks, on the basis of the request from the rights application, whether access to the data is allowed, (c) in which, if access to the data is allowed, the rights server provides the rights application with an item of access information, (d) in which the rights application accesses the data.
-
16. An apparatus for accessing data stored in a cloud, comprising a processing unit which is set up in such a manner that
(a) a request for access to the data can be transmitted from a rights application to a rights server; -
(b) the rights server can check, on the basis of the request from the rights application, whether access to the data is allowed, (c) if access to the data is allowed, the rights server can provide the rights application with an item of access information, (d) the rights application can access the data.
-
Specification