| CPC H04L 63/20 (2013.01) [G06F 21/6218 (2013.01); G06F 16/275 (2019.01)] | 20 Claims |
|
1. A method comprising:
identifying, by a computing system comprising one or more computing devices and based on a data description, a data subset from a secured data set stored in a secured datastore associated with a first computing domain, the data subset comprising a proper subset of the secured data set;
generating, by the computing system, a replicated data subset in a transient datastore that is segregated from the secured datastore, the replicated data subset in the transient datastore being a replica of the data subset from the secured data set stored in the secured datastore;
enabling, by the computing system, a client device associated with a second computing domain to access the replicated data subset in the transient datastore according to a data access policy, the data access policy identifying the client device and identifying access rights of the client device with respect to the replicated data subset, and identifying an expiration condition upon the occurrence of which access to the replicated data subset by the client device is to be terminated;
determining, by the computing system, that the expiration condition specified by the data access policy has occurred; and
in response to determining, by the computing system, that the expiration condition specified by the data access policy has occurred, terminating, by the computing system, access to the replicated data subset in the transient datastore.
|