	US 12,457,209 B2
	Stateful access control of data
Anurag Kahol, Los Gatos, CA (US); Anoop Kumar Bhattacharjya, Campbell, CA (US); and Balas Natarajan Kausik, Los Gatos, CA (US)
Assigned to Bitglass, LLC, Austin, TX (US)
Filed by Bitglass, LLC., Campbell, CA (US)
Filed on Jun. 14, 2022, as Appl. No. 17/840,550.
Application 17/840,550 is a continuation of application No. 16/533,744, filed on Aug. 6, 2019, granted, now 11,363,018.
Prior Publication US 2022/0311769 A1, Sep. 29, 2022
Int. Cl. G06F 21/71 (2013.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01); H04L 9/40 (2022.01); G06F 21/53 (2013.01); G06F 21/78 (2013.01)

CPC H04L 63/0876 (2013.01) [H04L 63/0263 (2013.01); H04L 63/0428 (2013.01); H04L 63/0853 (2013.01); H04L 63/18 (2013.01)]

18 Claims

1. A method, comprising:

receiving, by an intermediate device, a data storage request from a first user device across a network, the data storage request requesting a cloud application to store data included in the data storage request;

inserting, by the intermediate device, tag information in the data in the data storage request, wherein the tag information includes information associated with any combination of: data source identification, user identification, user device identification, or user device location;

encrypting, by the intermediate device, the data including the tag information, the data including the tag information encrypted by the intermediate device using a key that is available only within one or more specific trusted zones;

forwarding, by the intermediate device, the data storage request with the encrypted data to the cloud application, the cloud application stores the encrypted data;

wherein the tag information is used to determine whether a second user device has permission to access the data.