公开(公告)号：US20190097791A1

公开(公告)日：2019-03-28

申请号：US15716677

申请日：2017-09-27

Applicant: salesforce.com, Inc.

Inventor： Alexandre Hersans ,  John Bracken ,  Assaf Ben Gur ,  Charles Mortimore ,  Swaroop Shere

IPC: H04L9/08 ,  H04L9/14 ,  G06F12/0813 ,  G06F12/123

Abstract: Methods, systems, and devices for distributed caching of encrypted encryption keys are described. Some multi-tenant database systems may support encryption of data records. To efficiently handle multiple encryption keys across multiple application servers, the database system may store the encryption keys in a distributed cache accessible by each of the application servers. To securely cache the encryption keys, the database system may encrypt (e.g., wrap) each data encryption key (DEK) using a second encryption key (e.g., a key encryption key (KEK)). The database system may store the DEKs and KEKs in separate caches to further protect the encryption keys. For example, while the encrypted DEKs may be stored in the distributed cache, the KEKs may be stored locally on application servers. The database system may further support “bring your own key” (BYOK) functionality, where a user may upload a tenant secret or tenant-specific encryption key to the database.

公开(公告)号：US20130086670A1

公开(公告)日：2013-04-04

申请号：US13633521

申请日：2012-10-02

Applicant: Salesforce.com, inc.

Inventor： Alan Vangpat ,  Prathima Rao ,  Charles Mortimore

IPC: H04L9/32

CPC classification number: H04L9/3213 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/102

Abstract: A method for logging a user into an online host system begins by receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system. The method continues by initiating a single sign-on routine that involves an online third party system and by obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system. Host system records maintained by the online host system are modified in accordance with the obtained third party user data. Thereafter, the user is automatically logged into the online host system.

Abstract translation: 将用户登录到在线主机系统的方法是从客户端设备的web浏览器应用接收登录请求开始的，其中登录请求标识在线主机系统。 该方法通过启动涉及在线第三方系统的单一登录例程并通过从在线第三方系统获得第三方用户数据而继续，其中所获得的第三方用户数据与用户相关联并由在线维护 第三方制度。 在线主机系统维护的主机系统记录根据获得的第三方用户数据进行修改。 此后，用户将自动登录到在线主机系统。

公开(公告)号：US08844013B2

公开(公告)日：2014-09-23

申请号：US13633521

申请日：2012-10-02

Applicant: salesforce.com, inc.

Inventor： Alan Vangpat ,  Prathima Rao ,  Charles Mortimore

IPC: G06F17/30 ,  G06F21/00 ,  H04L9/32 ,  H04L29/06 ,  G06F21/41 ,  G06F15/16

CPC classification number: H04L9/3213 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/102

Abstract: A method for logging a user into an online host system begins by receiving a login request from a web browser application of a client device, wherein the login request identifies the online host system. The method continues by initiating a single sign-on routine that involves an online third party system and by obtaining third party user data from the online third party system, wherein the obtained third party user data is associated with the user and is maintained by the online third party system. Host system records maintained by the online host system are modified in accordance with the obtained third party user data. Thereafter, the user is automatically logged into the online host system.

Abstract translation: 将用户登录到在线主机系统的方法是从客户端设备的web浏览器应用接收登录请求开始的，其中登录请求标识在线主机系统。 该方法通过启动涉及在线第三方系统的单一登录例程并通过从在线第三方系统获得第三方用户数据而继续，其中所获得的第三方用户数据与用户相关联并由在线维护 第三方制度。 在线主机系统维护的主机系统记录根据获得的第三方用户数据进行修改。 此后，用户将自动登录到在线主机系统。