System and method for multi-layered sensitive data protection in a virtual computing environment
US9009471B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 14, 2014 |
| Grant date | Apr 14, 2015 |
| Priority date | — |
| Expiry date | Mar 14, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2115
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Systems and methods for providing sensitive data protection in a virtual computing environment. The systems and methods utilize a sensitive data control monitor on a virtual appliance machine administering guest virtual machines in a virtual computing environment, wherein each of the guest virtual machines may include a local sensitive data control agent. The sensitive data control monitor generates encryption keys for each guest virtual machine which are sent to the local sensitive data control agents and used to encrypt data locally on a protected guest virtual machine. In this manner the data itself on the virtual (or physical) disc associated with the guest virtual machine is encrypted while access attempts are gated by a combination of the local agent and the environment-based monitor, providing for secure yet administrable sensitive data protection.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.