US 12,452,041 B2
Distributed encryption management
John Carl Kennedy, Los Olivos, CA (US); Prasanna Kumar Malaiyandi, Santa Clara, CA (US); Martin Josef Pagel, Seattle, WA (US); Karthik Raman, New York, NY (US); and Jan Zila, Seattle, WA (US)
Assigned to Zoom Communications, Inc., San Jose, CA (US)
Filed by Zoom Communications, Inc., San Jose, CA (US)
Filed on Jan. 18, 2023, as Appl. No. 18/156,100.
Claims priority of provisional application 63/418,473, filed on Oct. 21, 2022.
Prior Publication US 2024/0137388 A1, Apr. 25, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); H04L 9/06 (2006.01); H04L 9/08 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/0833 (2013.01) [H04L 9/0618 (2013.01); H04L 9/0891 (2013.01); H04L 63/0876 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving an encryption request from a first server that includes a data type indication and an identifier for one or more users;
selecting a security management policy from a set of security management policies stored in a data structure based on the identifier and based on the data type indication;
selecting a key management server based on the selected security management policy;
transmitting a request for a data encryption key to the selected key management server;
receiving a plaintext key and an encrypted key from the selected key management server;
in response to the encryption request, transmitting the plaintext key to the first server;
determining a context identifier based on the encryption request;
storing the encrypted key in a record associated with the context identifier;
recevieving a decryption request including the context identifier;
accessing the encrypted key in the record associated with the context identifier;
determining the plaintext key based on the encrypted key; and
transmitting the plaintext key in response to the decryption request.