Securing restricted actions on critical resources

Securing restricted actions on critical resources

Methods, systems, and computer programs are presented for protecting restricted actions on an encryption key that controls management of data stored by a service provider. In some implementations, a system of a service provider receives a request for generating a data encryption policy (DEP) for dat...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: JAYARAMAN KARTHIK, DHAWAN ASHISH, PANDEY, GANESH, DESAI BANKIM B, KOHL ANDREAS, LIEBERMAN, STEVEN, J, BAPAT ASHISH ASHOK, CAO QI, MANEK PAVEL
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods, systems, and computer programs are presented for protecting restricted actions on an encryption key that controls management of data stored by a service provider. In some implementations, a system of a service provider receives a request for generating a data encryption policy (DEP) for data stored for a customer by the system of the service provider, the request including references to a customer key and an availability key. The customer key and the availability key are root keys used to encrypt the data encryption key. The data encryption key is used to encrypt data stored by the service provider for the customer. Further, a destructive change to the availability key requires receipt of an approval from an account of the service provider. The system of the service provider verifies the DEP. The system of the service provider stores the DEP based on the verification. 提出了用于保护对加密密钥的受限动作的方法、系统和计算机程序,该加密密钥控制对由服务提供商存储的数据的管理。在一些实施方式中,服务提供商的系统接收用于针对由服务提供商的系统为客户存储的数据而生成数据加密策略(DEP)的请求,该请求包括对客户密钥和可用性密钥的引用。客户密