Method for accessing a data memory of a cloud computer system using a modified domain name system (dns)
US-2016315915-A1 · Oct 27, 2016 · US
Data computation in a multi-domain cloud environment
US2016119289A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016119289-A1 |
| Application number | US-201514885662-A |
| Country | US |
| Kind code | A1 |
| Filing date | Oct 16, 2015 |
| Priority date | Oct 22, 2014 |
| Publication date | Apr 28, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and the set of operations to the client device. The client device is configured to perform the set of operations on the decoded data, and to incorporate the operation results into an application or interface corresponding to the requested cloud service. The gateway device is configured to encode the operation result data, and to provide the encoded operation result data to the server device for storage.
First claim
Opening claim text (preview).
What is claimed is: 1 . A gateway device coupled between a client device and a server, the gateway device and the client device within a trusted domain comprising a pre-determined network of systems subject to one or more security policies corresponding to the trusted domain, the server external to the trusted domain, the gateway device comprising: an input configured to receive encoded data and a set of operations from the server, the server configured to provide the encoded data and the set of operations in response to a request for cloud services by the client, the encoded data and the set of operations selected based on the request; a decoding engine configured to decode the encoded data; a hardware processor configured to perform the set of operations on the decoded data to produce operation result data; an encoding engine configured to encode the operation result data; and an output configured to: provide the operation result data to the client device; and provide the encoded operation result data to the server. 2 . The gateway device of claim 1 , wherein the server is configured to provide the encoded data and the set of operations to the client device, and wherein the gateway device is configured to intercept the encoded data and the set of operations before the client device receives the encoded data and the set of operations. 3 . The gateway device of claim 1 , wherein the client device is configured to execute an application or interface provided by the server, and to incorporate the operation result data into the executed application or interface. 4 . The gateway device of claim 1 , wherein decoding the encoded data comprises one or both of decrypting the encoded data and detokenizing the encoded data. 5 . The gateway device of claim 1 , wherein providing the set of operations comprises providing an identifier that uniquely identifies an operation stored at the gateway device. 6 . The gateway device of claim 1 , wherein the server is configured to query the gateway device to identify operations available to the gateway device, and to select one or more of the identified operations to provide to the gateway device. 7 . The gateway device of claim 1 , wherein providing the set of operations comprises provided executable code to the gateway device, and wherein the gateway device is configured to execute the code. 8 . A method for comprising: requesting, by a client device within a trusted domain from a server external to the trusted domain, a service provided by the server associated with encoded data stored at the server, the trusted domain comprising a pre-determined network of one or more systems subject to one or more security policies corresponding to the trusted domain, the server unable to decode the encoded data; receiving, at a gateway device within the trusted domain and communicatively coupled between the client device and the server, the encoded data and a set of operations associated with the requested service; decoding, by the gateway device, the encoded data to produce decoded data; providing, by the gateway device to the client device, the decoded data and the received set of operations; performing, by the client device, the received set of operations on the decoded data to produce operation result data; encoding, by the gateway device, the operation result data; and providing, by the gateway device, the encoded result data to the server. 9 . The method of claim 8 , wherein the server is configured to provide the encoded data and the set of operations to the client device, and wherein the gateway device is configured to intercept the encoded data and the set of operations before the client device receives the encoded data and the set of operations. 10 . The method of claim 8 , wherein the client device is configured to execute an application or interface provided by the server, and to incorporate the operation result data into the executed application or interface. 11 . The method of claim 8 , wherein decoding the encoded data comprises one or both of decrypting the encoded data and detokenizing the encoded data. 12 . The method of claim 8 , wherein providing the set of operations comprises providing an identifier that uniquely identifies an operation stored at the client device. 13 . The method of claim 8 , wherein the server is configured to query the client device to identify operations available to the client device, and to select one or more of the identified operations to provide to the client device. 14 . The method of claim 8 , wherein providing the set of operations comprises provided executable code to the client device, and wherein the client device is configured to execute the code. 15 . A method comprising: requesting, by a first system within a trusted domain from a second system external to the trusted domain, a service provided by the second system associated with encoded data stored at the second system, the trusted domain comprising a pre-determined network of one or more systems subject to one or more security policies corresponding to the trusted domain, the second system unable to decode the encoded data; receiving, at the first system from the second system, the encoded data and a set of operations associated with the requested service; decoding, by the first system, the encoded data to produce decoded data; performing, by the first system, the received set of operations on the decoded data to produce operation result data; encoding, by the first system, the operation result data; and providing, by the first system, the encoded result data to the second system. 16 . The method of claim 15 , wherein the first system is configured to execute an application or interface provided by the second system, and to incorporate the operation result data into the executed application or interface. 17 . The method of claim 15 , wherein decoding the encoded data comprises one or both of decrypting the encoded data and detokenizing the encoded data. 18 . The method of claim 15 , wherein providing the set of operations comprises providing an identifier that uniquely identifies an operation stored at the first system. 19 . The method of claim 15 , wherein the second system is configured to query the first system to identify operations available to the first system, and to select one or more of the identified operations to provide to the first system. 20 . The method of claim 15 , wherein providing the set of operations comprises provided executable code to the first system, and wherein the first system is configured to execute the code.
Assignees
Inventors
Classifications
involving the movement of software or configuration parameters (network booting or remote initial program loading [RIPL] G06F9/4416) · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
- H04L63/0281Primary
Proxies · CPC title
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016119289A1 cover?
- A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and is configured to receive encoded data and a set of operations from the server device in response to a request for cloud services from the client device. The gateway device is configured to decode the encoded data, and to provide the decoded data and…
- Who is the assignee on this patent?
- Protegrity Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0281. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Apr 28 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).