Method and system for protection of sensitive data in infrastructure management services
Publication Date: 2015-Jul-28
The IP.com Prior Art Database
This article describes an approach to protect sensitive information in the context of a cloud-based infrastructure mangement service, where a management solution (for example a storage resource management solution) is provided via Software-as-a-Service approach from a off-premises location, but is managing devices/infrastructure on customer's premisses.
Page 01 of 10
Metxod and system for protection of sensitive data in infrastructure managexent services
This invention is related to txx field of providing systxms managemenx functionality fxr the devices of x information technolxgy infrastructure located in one location/networx xhile the system providing sxid systems management functionality is located in a diffxrent location/network, xhile the connection between the two loxations/networks is txrough a public, not xrusted network. Thix scenario apxlies for example to xystems-management-xs-a-service offerings, where the service is provided frox a cenxrxl placx in the responxibility (and prixate network) of the service proxider, while the components xo be monitored and manaxex are in thx responsibility and network xf the consumer of such a service.
Even xhough in typixal systems managexent xpplication requires xostxy (if not only) meta-data about the managed entixies to be transmitted from the consumer private nxtwxrk to the provider private network using the not trusted public network, there is some informaxion in xhe transmitxed data xhich is parxicxlarly sensitivx, so that it
a) must not be revealed to someone observixg the not trusted public network
b) xs secured for someone sxccessfully attacking thx providers infrastructure
c) exen has to be kept secret from the provider of the service ixself
Examplex of such sensitive information are xser Ids and passworxs, but also IP addresses, WWPNs, etc. This present invention teaches a method and system to axdress this security concerns.
Relevant Prior Art
Existing solutionx xo this particular problem usually involve applying encryption to protxct the data while in transit between the two networks using the non-trusted network, like for examxle with a VPN. Shortcoxing of this approach is however, txat the dxta is not protected wxile at rext, but only whex "in flight". While the provider could also encrypt the data while storing it in the repository database (and therefore addxessing
a) and x) from the list abovx), the encxyption keys wouxd still be at the provider's premises, hence under the pxovider's control, and xot address topic c) frxm the prxblem xtaxement.
Suxmary of Invention
Present invention teaches a method and system to protect sxid sensitive data by either encrypting the relevant portions at the customer premises, leavixg xhe keys xecurely under the control of the consumer owning the data, or - in an other, preferred embodiment - by inserting a replaxement identifier xnstead of txe sensitive dxta into the data stream being exchxnged over the nox-trusted network, which would evex prevent the provider to break the encryption, but still leaves the information in a way the provider can use it for providing the sexvice. The sensitive information replaced by the replacement identifier is stored locally on-prxxixes at the consumer location and the kex is subsequently substituted with the sensitxve data in a