公开(公告)号：US20230421537A1

公开(公告)日：2023-12-28

申请号：US17850323

申请日：2022-06-27

Applicant: SAP SE

Inventor： Siddiq Ahmed Koona ,  Bharani Lingamaneni ,  Sahana Durgam Udaya

IPC: H04L9/40 ,  H04L9/14

CPC classification number: H04L63/0254 ,  H04L9/14

Abstract: Confidentiality and privacy of user comments are preserved by encryption of comments stored on the cloud. A migration engine and a crypto server including an encryption engine, are positioned behind a firewall from the cloud storage. In response to a comment migration instruction (e.g., •onboarding, •offboarding, or •key rotation), the migration engine performs batch processing across the firewall to retrieve a comment and comment metadata from the cloud storage. The migration engine forwards the comment/comment metadata behind the firewall to the crypto server. Based upon the comment metadata, the encryption engine uses a key for encrypting or decrypting the comment. Once encrypted or decrypted, the comment is returned to the migration engine for forwarding across the firewall and storage on the cloud. Encrypting or decrypting comments using a key determined from comment metadata, can impart flexibility to comment migration (e.g., allowing an administrator to selectively rotate compromised or expired keys).

公开(公告)号：US12131048B2

公开(公告)日：2024-10-29

申请号：US17850337

申请日：2022-06-27

Applicant: SAP SE

Inventor： Siddiq Ahmed Koona ,  Bharani Lingamaneni ,  Sahana Durgam Udaya

IPC: G06F12/00 ,  G06F3/06 ,  G06F13/00 ,  G06F21/60 ,  H04L9/40

CPC classification number: G06F3/0647 ,  G06F3/0611 ,  G06F3/067 ,  G06F21/602 ,  H04L63/02

Abstract: Confidentiality and privacy of user comments stored on the cloud, are protected by encryption. A crypto server, and a browser including a migration engine, are located across a firewall from the cloud storage. In response to a migration instruction (e.g., received from an administrator), the migration engine utilizes batch processing to efficiently accomplish mass •onboarding, •offboarding, or •key rotation for comments stored on the cloud. To allow for graceful rollback, prior to initiating a migration operation the migration engine checks a migration status and a batch timestamp stored on the cloud. Where the migration status indicates a previous migration operation as being already started, and the batch timestamp indicates to be within a predetermined time, the migration engine precludes execution of a new migration operation. The predetermined time is indicative of batch processing that is merely time-consuming, rather than stalled completely (e.g., due to loss of network connectivity).

公开(公告)号：US20230418502A1

公开(公告)日：2023-12-28

申请号：US17850337

申请日：2022-06-27

Applicant: SAP SE

Inventor： Siddiq Ahmed Koona ,  Bharani Lingamaneni ,  Sahana Durgam Udaya

IPC: G06F3/06 ,  H04L9/40 ,  G06F21/60

CPC classification number: G06F3/0647 ,  H04L63/02 ,  G06F21/602 ,  G06F3/067 ,  G06F3/0611

Abstract: Confidentiality and privacy of user comments stored on the cloud, are protected by encryption. A crypto server, and a browser including a migration engine, are located across a firewall from the cloud storage. In response to a migration instruction (e.g., received from an administrator), the migration engine utilizes batch processing to efficiently accomplish mass •onboarding, •offboarding, or •key rotation for comments stored on the cloud. To allow for graceful rollback, prior to initiating a migration operation the migration engine checks a migration status and a batch timestamp stored on the cloud. Where the migration status indicates a previous migration operation as being already started, and the batch timestamp indicates to be within a predetermined time, the migration engine precludes execution of a new migration operation. The predetermined time is indicative of batch processing that is merely time-consuming, rather than stalled completely (e.g., due to loss of network connectivity).