Browse Prior Art Database

System & method for policy based Geofencing of data in PaaS environment

IP.com Disclosure Number: IPCOM000249181D
Publication Date: 2017-Feb-08
Document File: 6 page(s) / 182K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a system and method for policy based geofencing of data in Platform as a Service (PaaS) cloud deployment scenarios.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 28% of the total text.

1

System & method for policy based Geofencing of data in PaaS environment

Due to rapid adoption of smart mobile devices, Companies are in the process of encouraging their employees to bring their own devices to work - this could be a mobile device or own laptop/tablet. This policy is called "Bring Your Own Device (BYOD)" policy. If an employee uses his own device for work, Companies have to deal with data security at an heightened level as these can be devices can be anywhere anytime. Enforcing company data security policies is bit a problem because of this location mobility.

In addition, companies are also encouraging employees to have proper work life balance. One aspect of this is, employees can work from any where. Once again data security is a problem because company data stores get accessed from varying places. But all the data may not be needed all the time. Companies right now have a simple policy of either to allow access or deny it based on whether you are in the company premises or not (or) whether the employee is granted access to the requested data. Ensuring proper protection of company's data is crucial for successful implementation of these policies as captured in Figure 1.

So the main problem for companies is to provide requested data adhering to company policies and enforcing those policies even when an employee is mobile. As listed in the references section, there are few attempts made at providing solution to this in piece meal manner. In order to have a unique solution, one need to address the following concerns together:

a) How to enforce security (data access and integrity) when data is accessed from multiple locations which may or may not be secure themselves? b) When the location changes dynamically (due to employee or hand set mobility), how to enforce data security? c) Accessing complete set of data in partly or unsecured locations may result in data breach. How to restrict amount of data access depending on the current mobile device location?

2

d) Occasionally, there may be need to access complete set of data independent of device location. How to serve this specific requirement without loss of data integrity? e) Providing data integrity might be a problem especially on slow or breaking connections. How to adjust data access policy to such type of situations?

The solution presented herein addresses all these questions to have a cohesive corporate policy for establishing data security across mobile device usage boundaries. What is provided here is a comprehensive location aware data access & management solution for mobile devices using the concept of dynamic geofences. A dynamic geofence is the one which is created on demand based on the current location characterization. Amount of data that may be served against a data request is tuned to the geofence that is in position. As mobile device location changes so is the geofence that is laid out and data that is being served. As shown in figure 2 below, the mobile device...