System and method for a secure data collection system

摘要

The system may provide for the collection of data in a heterogeneous network, long term secure storage of the data, and secure transfer of the data to an environment that may be secure and controlled for the purpose of controlled and secure selected viewing of all or parts of the data. The data stored may include core data of interest as well as any data that is associated with the core data. The core data and associated data may be stored. To do so, the system may identify and collect associated data at the point of release of all or part of the data. Further, the system may provide secure and controlled transfer of the data to a permanent and secure media. Lastly, the system may provide secure transfer of all or parts of the data from the media to a controlled and secure environment suitably constructed to provide for secure viewing of all or parts of the data under the control of the owner of the data.

主权项

1. A method for collecting data comprising:
receiving data related to a product and internal to an enterprise across heterogeneous networks at a time of release of the data to the public; receiving identification information identifying the data; storing the data in an archive based on the identification information; receiving a request from a secure environment to access the stored data from the archive; providing the stored data from the archive to the secure environment; providing a plurality of access levels to the secure environment; receiving from an external user device via a network a request to access the data stored on a server in the secure environment; providing the external user device access across a firewall to a terminal services gateway; providing a plurality of dedicated connections from the terminal services gateway to the secure environment and from the terminal services gateway to the external user device over an internet, wherein each of the dedicated connections has its own network port; performing a first authentication based on at least a first user credential to determine an access level from the plurality of access levels of the user; establishing a dedicated connection from the plurality of dedicated connections over the network to the secure environment for the user device based on the access level of the user, wherein the dedicated connection to the secure environment is independent for each of the plurality of access levels and each of the plurality of dedicated connections represents one and only one security level of a plurality of security levels; performing at least a second authentication verifying the access level determined by the first authentication based on at least a second user credential and the dedicated connection, wherein the second user credential is different than the first user credential; providing access to data stored on the server over the dedicated connection to the external user device; receiving a decryption password from the external user device; mounting at least one encrypted container stored on the server based on the decryption password; and providing data from the at least one mounted container to the user device.