The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 09, 2020
Filed:
Sep. 27, 2017
Salesforce.com, Inc., San Francisco, CA (US);
Alexandre Hersans, San Francisco, CA (US);
John Bracken, San Francisco, CA (US);
Assaf Ben Gur, San Francisco, CA (US);
William Charles Mortimore, Jr., San Francisco, CA (US);
Swaroop Shere, San Francisco, CA (US);
salesforce.com, inc., San Francisco, CA (US);
Abstract
Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support 'bring your own key' (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.