US 11,941,146 B2
Data privacy via cross jurisdiction container execution
Pascal Thubert, Roquefort-les-Pins (FR); Patrick Wetterwald, Mouans Sartoux (FR); Eric Levy- Abegnoli, Valbonne (FR); and Jonas Zaddach, Antibes (FR)
Assigned to CISCO TECHNOLOGY, INC., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 31, 2021, as Appl. No. 17/462,501.
Prior Publication US 2023/0068788 A1, Mar. 2, 2023
Int. Cl. G06F 21/62 (2013.01); G06F 9/455 (2018.01); H04L 9/32 (2006.01)
CPC G06F 21/6245 (2013.01) [G06F 9/45558 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); G06F 2009/4557 (2013.01); G06F 2009/45595 (2013.01); G06F 2221/2111 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
loading, within a first regulatory jurisdiction, a container into a container execution environment, the container including a user program;
executing the user program within the container execution environment;
obtaining from the user program, intermediate data;
determining the intermediate data meets a data export policy of the first regulatory jurisdiction;
generating, based on the determining, a validated data;
generating, based on a first key that is private to the first regulatory jurisdiction, and further based on the validated data, a first digital signature;
storing the validated data and the first digital signature in the container;
receiving a request to export the container outside the first regulatory jurisdiction;
in response to the request, confirming, based on the first key, the first digital signature of the validated data included in the container; and
exporting, based on the confirming, the container.