Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.

Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a system of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the system of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The system of the service provider validates the DEP. The system of the service provider stores the DEP based on the validation.

Abstract: Access to data and resources in a multi-tenant computing system is managed by tagging the data and resources with attributes, as well as by tagging users with attributes. Tenant-specific access policies are configured. When an access request is received from a workload, a policy decision engine processes the attributes that are tagged to the requesting workload (e.g., user, application, etc.) as well as those tagged to the requested data or resource, given a relevant tenant-specific policy. An access decision is provided in response to the access request, and the access decision can be enforced by a tenant-specific enforcement system.

Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The of the service provider validates the DEP. The of the service provider stores the DEP based on the validation.

Abstract: Methods, systems, and computer programs are presented for protecting restricted actions on encryption keys that control the management of data stored by a service provider. In some implementations, a system of the service provider receives a request to generate a data encryption policy (DEP) for data stored by the system of the service provider for a customer, the request including a reference to a customer key and an availability key. The customer key and the availability key are root keys for encrypting a data encryption key. The data encryption key is used to encrypt the data stored by the service provider for the customer. Further, destructive changes to the availability key require receiving an approval from an account of the service provider. The system of the service provider validates the DEP. The system of the service provider stores the DEP based on the validation.

Abstract: A request to perform a command or operation on a computing system is received from a support user. A clearance level needed to perform that requested command or operation is identified, and a data store that has a pool of cleared users is accessed to identify a cleared user that has an adequate clearance level. The secured user is assigned to the request. A risk level, corresponding to the requested command or operation is identified and surfaced for the secured user. The requested command or operation can be automatically executed, after it is authorized by the secured user.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that is a user-facing system and receives requests to prepare for an incident investigation. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The request processing system does not access the workspace and the control message processing system is not available for external access by a user. Data and functionality are ingested into the workspace. The control message processing system performs investigation preparation tasks within the workspace. The results of the investigation tasks are surfaced for user access.

Abstract: A computer implemented method is used for changing a password in a multi-domain environment. The method includes obtaining a private key and a public key from a security card at a user device in a user domain, transferring the public key to a controller in a secure domain, requesting a password change, receiving a public key encrypted new password from the secure domain, and decrypting the new password using the private key.

Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.

Abstract: A computer implemented method is used for changing a password in a multi-domain environment. The method includes obtaining a private key and a public key from a security card at a user device in a user domain, transferring the public key to a controller in a secure domain, requesting a password change, receiving a public key encrypted new password from the secure domain, and decrypting the new password using the private key.

Abstract: Access to data and resources in a multi-tenant computing system is managed by tagging the data and resources with attributes, as well as by tagging users with attributes. Tenant-specific access policies are configured. When an access request is received from a workload, a policy decision engine processes the attributes that are tagged to the requesting workload (e.g., user, application, etc.) as well as those tagged to the requested data or resource, given a relevant tenant-specific policy. An access decision is provided in response to the access request, and the access decision can be enforced by a tenant-specific enforcement system.

Abstract: A request to perform a command or operation on a computing system is received from a support user. A clearance level needed to perform that requested command or operation is identified, and a data store that has a pool of cleared users is accessed to identify a cleared user that has an adequate clearance level. The secured user is assigned to the request. A risk level, corresponding to the requested command or operation is identified and surfaced for the secured user. The requested command or operation can be automatically executed, after it is authorized by the secured user.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The control message processing system performs investigation tasks within the workspace. A secure log generation system captures information corresponding to the tasks and generates an event record based on the captured information.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that receives requests to investigate an incident. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. An investigation pack, which includes investigative resources used in the investigation, is identified and the workspace is pre-configured with the identified investigation pack. The control message processing system performs investigation tasks within the workspace using the investigation pack.

Abstract: A secure investigation platform in a sovereign cloud includes a request processing system that is a user-facing system and receives requests to prepare for an incident investigation. A control message processing system creates a workspace, within the sovereign cloud, so that an investigation can be conducted within that workspace. The request processing system does not access the workspace and the control message processing system is not available for external access by a user. Data and functionality are ingested into the workspace. The control message processing system performs investigation preparation tasks within the workspace. The results of the investigation tasks are surfaced for user access.

Abstract: Systems, methods, and software technology for managing keys used to encrypt data at-rest and decrypt the data when serving requests for the data. In an implementation, a data service receives a request for data that has been encrypted at rest using a data key, wherein the data key has been encrypted using a policy key, and wherein the policy key has been encrypted using a root key. When the root key is unavailable, the data service requests a key service to decrypt the policy key using an alternative root key. When the data service receives the policy key in an unencrypted state from the key service, it decrypts the data key using the policy key and decrypts the data using the data key.