公开(公告)号：US20170004312A1

公开(公告)日：2017-01-05

申请号：US15197463

申请日：2016-06-29

Applicant: Oracle International Corporation

Inventor： Amit Agarwal ,  Srikant Krishnapuram Tirumalai ,  Krishnakumar Sriramadhesikan

IPC: G06F21/60 ,  G06F21/62

Abstract: A centralized framework for managing the data encryption of resources is disclosed. A data encryption service is disclosed that provides various services related to the management of the data encryption of resources. The services may include managing application policies, cryptographic policies, and encryption objects related to applications. The encryption objects may include encryption keys and certificates used to secure the resources. In an embodiment, the data encryption service may be included or implemented in a cloud computing environment and may provide a centralized framework for effectively managing the data encryption requirements of various applications hosted or provided by different customer systems. The disclosed data encryption service may provide monitoring and alert services related to encryption objects managed by the data encryption service and transmit the alerts related to the encryption objects via various communication channels.

Abstract translation: 公开了一种用于管理资源数据加密的集中式框架。 公开了提供与资源的数据加密的管理相关的各种服务的数据加密服务。 服务可以包括管理与应用有关的应用策略，加密策略和加密对象。 加密对象可以包括用于保护资源的加密密钥和证书。 在一个实施例中，可以在云计算环境中包括或实现数据加密服务，并且可以提供用于有效管理由不同客户系统托管或提供的各种应用的数据加密要求的集中式框架。 公开的数据加密服务可以提供与由数据加密服务管理的加密对象有关的监视和警报服务，并通过各种通信信道发送与加密对象有关的警报。

公开(公告)号：US08761399B2

公开(公告)日：2014-06-24

申请号：US13655535

申请日：2012-10-19

Applicant: Oracle International Corporation

Inventor： Amit Agarwal ,  Srikant Krishnapuram Tirumalai ,  Krishnakumar Sriramadhesikan

IPC: H04L29/06 ,  H04L9/08

CPC classification number: H04L9/083 ,  G06F17/30589 ,  H04L9/0894

Abstract: A keystore management system is provided that manages a keystore. The keystore management system creates a mapping of a plurality of keystore identity parameters to a plurality of keystore repository parameters. The keystore identity parameters identify the keystore. The keystore repository parameters identify a repository that stores the keystore. The keystore is a storage entity stored on the repository. The keystore management system further stores the mapping within a configuration file. The keystore management system further translates the keystore identity parameters into the keystore repository parameters based on the mapping stored within the configuration file.

Abstract translation: 提供了管理密钥库的密钥库管理系统。 密钥库管理系统创建多个密钥库身份参数到多个密钥存储库参数的映射。 密钥库身份参数标识密钥库。 密钥存储库参数标识存储密钥库的存储库。 密钥库是存储在存储库中的存储实体。 密钥库管理系统进一步将映射存储在配置文件中。 基于存储在配置文件内的映射，密钥库管理系统还将密钥库身份参数转换为密钥存储库参数。

公开(公告)号：US08726342B1

公开(公告)日：2014-05-13

申请号：US13664517

申请日：2012-10-31

Applicant: Oracle International Corporation

Inventor： Amit Agarwal ,  Srikant Krishnapuram Tirumalai ,  Krishnakumar Sriramadhesikan

IPC: G06F17/00

CPC classification number: G06F21/6218

Abstract: A keystore access system is provided that controls access to a keystore. The keystore access control system receives a request to access content of the keystore from a software application component. The keystore access control system applies a stored authorization policy to the request to determine whether access to the content of the keystore is granted. The keystore access system further grants the software application component access to the content of the keystore when it is determined that access to the content of the keystore is granted. The keystore access system further denies the software application component access to the content of the keystore when it is determined that access to the content of the keystore is not granted.

Abstract translation: 提供了一个密钥库访问系统，用于控制对密钥库的访问。 密钥库访问控制系统从软件应用程序组件接收访问密钥库的内容的请求。 密钥库访问控制系统将存储的授权策略应用于请求以确定是否授予对密钥库的内容的访问。 当确定对授予密钥库的内容的访问时，密钥库访问系统还允许软件应用程序组件访问密钥库的内容。 当确定对密钥库的内容的访问未被授予时，密钥库访问系统还拒绝软件应用程序组件访问密钥库的内容。