US 11,755,767 B2
Systems and methods of multi-key encryption for multi-tenant database
Ravindra Pratap Singh, Irvine, CA (US); Bin Xu, Cupertino, CA (US); and Shuangli Cao, San Jose, CA (US)
Assigned to, LLC, Irvine, CA (US)
Filed by, LLC, Irvine, CA (US)
Filed on Sep. 1, 2021, as Appl. No. 17/463,767.
Claims priority of provisional application 63/073,665, filed on Sep. 2, 2020.
Prior Publication US 2022/0067193 A1, Mar. 3, 2022
Int. Cl. G06F 21/62 (2013.01); G06F 21/60 (2013.01); G06F 21/78 (2013.01); G06F 21/31 (2013.01)
CPC G06F 21/6227 (2013.01) [G06F 21/31 (2013.01); G06F 21/602 (2013.01); G06F 21/78 (2013.01); G06F 2221/0751 (2013.01)] 9 Claims
OG exemplary drawing
1. A method for data isolation in multi-tenant environments, comprising:
receiving, by a vault API, an encryption request comprising a client ID associated with a client, an entity name, an entity ID and entity data;
generating, by the vault API, a key ID corresponding to the client ID;
issuing, by the vault API and to a cloud-based computer system, an encryption request comprising the generated key ID and the entity data;
generating, by the cloud-based computer system, a data key based on the key ID, wherein the data key is associated with the entity data;
encrypting, by the cloud-based computer system, the entity data by using the data key;
transmitting, by the cloud-based computer system and to the vault API, the encrypted data; and
storing, by the vault API, the encrypted data and key ID in a client collection within a vault database, wherein the client collection is associated with the client ID.