| 发明名称 | Techniques for achieving tenant data confidentiality from cloud service provider administrators | ||
| 摘要 | Techniques for achieving tenant data confidentiality in a cloud environment are presented. A daemon process within a Tenant Storage Machine (TSM) manages a key store for a particular tenant of a cloud storage environment having multiple other tenants. Just TSM storage processes are given access to the key store. Data is decrypted for the particular tenant when access is needed and data is encrypted using encryption keys of the key store when written in the cloud storage environment. | ||
| 申请公布号 | US9270459(B2) | 申请公布日期 | 2016.02.23 |
| 申请号 | US201213611170 | 申请日期 | 2012.09.12 |
| 申请人 | CloudByte, Inc. | 发明人 | Mukkara Umasankar;Xavier Felix;Ranganathan Shyamsundar |
| 分类号 | H04L9/00;H04L9/08 | 主分类号 | H04L9/00 |
| 代理机构 | Schwegman Lundberg & Woessner, P.A. | 代理人 | Schwegman Lundberg & Woessner, P.A. |
| 主权项 | 1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors of a machine configured to perform the method, comprising: establishing, on the machine, a tenant storage machine (TSM) in a cloud storage environment for an authenticated tenant, wherein establishing further includes creating the TSM as a Virtual Machine (VM) within the cloud storage environment for the authenticated tenant to access data of the authenticated tenant and the VM is just for access by the authenticated tenant; managing, from the machine, a tenant key store within the TSM for the authenticated tenant, the tenant key store including encryption keys for encrypting the data of the authenticated tenant within the cloud storage environment; and ensuring, from the machine, only TSM storage processes are given access to the tenant key store, wherein the TSM processes run within the TSM. | ||
| 地址 | Cupertino CA US | ||