公开(公告)号：US20160112456A1

公开(公告)日：2016-04-21

申请号：US14919258

申请日：2015-10-21

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Siani Pearson ,  Archie Reed ,  Marco Casassa Mont ,  Gina Kounga ,  Liqun Chen

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0442 ,  H04L63/045 ,  H04L63/0464 ,  H04L63/061 ,  H04L63/0876 ,  H04L63/123

Abstract: Compliance to a policy about how to treat data in a computer network environment is ensured by checking that conditions in the policy are satisfied by the entity before access to the data is provided.

Abstract translation: 通过在提供访问数据之前通过检查实体满足策略中的条件来确保遵守关于如何处理计算机网络环境中的数据的策略。

公开(公告)号：US20160078239A1

公开(公告)日：2016-03-17

申请号：US14787835

申请日：2013-07-30

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Michael Bernd Beiter ,  Siani Pearson ,  Marco Casassa Mont ,  Liqun Chen

IPC: G06F21/62 ,  H04L9/08

CPC classification number: G06F21/6209 ,  H04L9/0838

Abstract: An example method for managing data in accordance with aspects of the present disclosure includes receiving from a user in the computer network environment a policy about how a piece of data should be treated, an encryption of the piece of data, a signature of a cryptographic hash of the policy and a cryptographic key, requesting from a trust authority the cryptographic key to access the piece of data, transmitting an encryption of at least one share to the trust authority, wherein the at least one share is created by and received from the trust authority, receiving from the trust authority the cryptographic key, wherein the cryptographic key is recreated by a combiner using a subset of the at least one share, shares associated with the trust authority and shares associated with the combiner, and decrypting the encryption of the piece of data using the recreated cryptographic key.

Abstract translation: 根据本公开的方面的用于管理数据的示例方法包括在计算机网络环境中从用户接收关于如何处理一条数据的方式，该数据片的加密，加密散列的签名 所述策略和加密密钥，从信任机构请求加密密钥来访问所述数据，向所述信任机构发送至少一个共享的加密，其中所述至少一个共享由所述信任建立和接收 从所述信任机构接收所述加密密钥，其中所述加密密钥由组合器使用所述至少一个共享的子集重新创建，与所述信任授权相关联的共享和与所述组合器相关联的共享，以及解密所述片段的加密 的数据使用重新创建的密码。

公开(公告)号：US09798888B2

公开(公告)日：2017-10-24

申请号：US14787835

申请日：2013-07-30

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Michael Bernd Beiter ,  Siani Pearson ,  Marco Casassa Mont ,  Liqun Chen

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/08

CPC classification number: G06F21/6209 ,  H04L9/0838

Abstract: An example method for managing data in accordance with aspects of the present disclosure includes receiving from a user in the computer network environment a policy about how a piece of data should be treated, an encryption of the piece of data, a signature of a cryptographic hash of the policy and a cryptographic key, requesting from a trust authority the cryptographic key to access the piece of data, transmitting an encryption of at least one share to the trust authority, wherein the at least one share is created by and received from the trust authority, receiving from the trust authority the cryptographic key, wherein the cryptographic key is recreated by a combiner using a subset of the at least one share, shares associated with the trust authority and shares associated with the combiner, and decrypting the encryption of the piece of data using the recreated cryptographic key.