Water-soluble trans-membrane proteins and methods for the preparation and use thereof
US-2015370961-A1 · Dec 24, 2015 · US
Secure computing systems and methods
US9558322B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9558322-B2 |
| Application number | US-201514702632-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 1, 2015 |
| Priority date | May 1, 2014 |
| Publication date | Jan 31, 2017 |
| Grant date | Jan 31, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure relates to systems and methods for facilitating trusted handling of genomic and/or other sensitive information. Certain embodiments may use a virtualized execution environment to execute code and/or programs that wish to access and/or otherwise use genomic and/or other sensitive information. In some embodiments, data requests from the code and/or programs may be routed through a transparent data access proxy configured to transform requests and/or associated responses to protect the integrity of the genomic and/or other sensitive information.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for performing trusted computations on sensitive data performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising: receiving, by an execution manager executing on the system, a request from a user to perform a computation using a genomic data set; loading a first program associated with the computation within a first virtualized execution environment executing on the system; generating, by the execution manager, first execution context for the first program; receiving, by a data access proxy module executing on the system, a first data request from the first program to use the genomic data set; generating, by the data access proxy module, a first secure data request based on the first data request and the first execution context; sending, by the data access proxy module to a data store managing the genomic data set, the first secure data request, receiving, by the data access proxy module from the data store, a first secure data response based on the first secure data request; generating, by the data access proxy module, a first response to the first data request by transforming the first secure data response based on the first execution context; and sending, by the data access proxy module to the first program, the first response to the first data request. 2. The method of claim 1 , wherein the method further comprises: sending, by the execution manager, a response to the request from the user generated based on the first response. 3. The method of claim 1 , wherein the method further comprises: initializing, in response to receiving the request from the user, the first virtualized execution environment. 4. The method of claim 1 , wherein the method further comprises: identifying, by the data access proxy module, a policy associated with the first data request, wherein the secure data request is further generated based on the identified policy. 5. The method of claim 4 , wherein the policy is identified based on the first program. 6. The method of claim 4 , wherein the policy is identified based on the genomic data set. 7. The method of claim 4 , wherein the policy is identified based on an identity of the user. 8. The method of claim 1 , wherein the first virtualized execution environment comprises a limited execution environment. 9. The method of claim 8 , wherein the first virtualized execution environment is associated with a different address space than the data store. 10. The method of claim 1 , wherein the data store comprises a local data store. 11. The method of claim 1 , wherein the data store comprises a distributed data store. 12. The method of claim 1 , wherein the first data request comprises a request to access the genomic data set. 13. The method of claim 1 , wherein the first data request comprises a request for a result generated based on the genomic data set. 14. The method of claim 1 , wherein the method further comprises: loading a second program associated with the computation within a second virtualized execution environment executing on the system; generating, by the execution manager, second execution context for the second program; receiving, by the data access proxy module executing on the system, a second data request from the second program to use the genomic data set; generating, by the data access proxy module, a second secure data request generated based on the second execution context; and sending, by the data access proxy module to the data store, the second secure data request. 15. The method of claim 14 , wherein the method further comprises: receiving, by the data access proxy module from the data store, a second secure data response based on the second secure data request; and sending, to the second program by the data access proxy module, a second response to the second data request generated based on the second secure data response and the second execution context, wherein the response to the request from the user is further generated based on the second response. 16. The method of claim 1 , wherein the first execution context comprises a mapping between a first set of identifiers and a second set of identifiers. 17. The method of claim 16 , wherein the first set of identifiers comprises protected actual identifiers associated with the genomic data set and the second set of identifiers comprises ephemeral identifiers accessible by the first program and the second program. 18. The method of claim 17 , wherein the second set of identifiers are generated randomly. 19. The method of claim 18 , wherein the second set of identifiers are generated by a applying a function to the first set of identifiers. 20. The method of claim 19 , wherein the function comprises at least one of an encryption function and a hashing function.
Assignees
Inventors
Classifications
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9558322B2 cover?
- The present disclosure relates to systems and methods for facilitating trusted handling of genomic and/or other sensitive information. Certain embodiments may use a virtualized execution environment to execute code and/or programs that wish to access and/or otherwise use genomic and/or other sensitive information. In some embodiments, data requests from the code and/or programs may be routed th…
- Who is the assignee on this patent?
- Intertrust Tech Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F19/28. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 31 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).