主权项 |
1. A security broker in secure communication with a first network and having access to a second network external to the first network, the first network having a first level of security and the second network having a second level of security, the first level of security being different from the second level of security, the security broker comprising:
an interface arranged to receive data record definitions for an application, the application being accessible using the second network, the data record definitions specifying one or more properties that define how data is stored by the application; a security controller arranged to map security data for the first network to one or more parameters for a security scheme to be applied by the security broker to data for storage by the application, the security controller being arranged to configure the security scheme to comply with the data record definitions; and wherein the security broker is arranged to supply data encrypted using the security scheme to the application for storage using the second network and is arranged to supply data from the application that is decrypted using the security scheme to a computing device associated with the first network. |