NETWORK SECURITY BROKER

摘要

Certain methods and systems are described to provide security for sending and receiving data over unsecured networks. In an example a security broker (260) is provided between a first network (210) and a second network (220) where the security level of the first network is different from the security level of the second network. A user in the first network is given control over the level of security to be applied to data being supplied to an application (240) in the second network. The security broker (260) is arranged to supply data encrypted using a security scheme to the application (240) in the second network (220) and to supply decrypted data using the security scheme to a computing device associated with the first network (210).

主权项

1. A security broker in secure communication with a first network and having access to a second network external to the first network, the first network having a first level of security and the second network having a second level of security, the first level of security being different from the second level of security, the security broker comprising:
an interface arranged to receive data record definitions for an application, the application being accessible using the second network, the data record definitions specifying one or more properties that define how data is stored by the application; a security controller arranged to map security data for the first network to one or more parameters for a security scheme to be applied by the security broker to data for storage by the application, the security controller being arranged to configure the security scheme to comply with the data record definitions; and wherein the security broker is arranged to supply data encrypted using the security scheme to the application for storage using the second network and is arranged to supply data from the application that is decrypted using the security scheme to a computing device associated with the first network.