| CPC G06F 21/602 (2013.01) [G06F 12/1408 (2013.01); G06N 20/00 (2019.01); H04L 9/0844 (2013.01); H04L 9/321 (2013.01); H04L 9/3247 (2013.01); G06F 2212/1052 (2013.01)] | 20 Claims |
|
1. A computer implemented system for maintaining a segregated data processing subsystem, the system comprising:
a computer readable memory having a protected memory region that is encrypted by a storage key such that the protected memory region is segregated relative to at least one of an operating system or a kernel system, the protected memory region including at least a data storage region and a data processing subsystem storage region;
a secure processor configured to provide:
a data receiver configured to separately receive, from each partner system of a plurality of partner systems, a data set corresponding to the partner system encrypted by a key corresponding to the partner system;
the data receiver configured to securely store, using the storage key, the encrypted data sets received from the plurality of partner systems within the data storage region of the protected memory region;
responsive to receiving a query data message relating to the encrypted data sets in the protected memory region, decrypt and store, the encrypted data sets within the data processing subsystem storage region of the protected memory region;
execute the query against the decrypted data sets, and
generate an output data structure generated based on the execution of the query against the decrypted data sets stored in the protected memory region.
|