SYSTEMS AND METHODS FOR CRYPTOGRAPHIC SECURITY AS SERVICE Russian patent published in 2017 - IPC G06F21/60 H04L9/30 

FIELD: physics.

SUBSTANCE: method for providing remote cryptographic service for the client application, when calling a service of the service system in the provider's computer service system, containing: storing identification data information for a variety of client applications; creating key control by the service module that is associated with the provider's computer service system, an encryption key, and the encryption key is associated with, at least, one client application from a variety of client applications. The encryption key is used by the cryptographic service provider to encrypt application data; the API provision (application programming interface) of the cryptographic service provider to a variety of client applications. Herewith the cryptographic service provider API is adapted i) to deliver encryption requests and decryption requests to the cryptographic service provider and ii) to deliver encrypted data and decrypted data to multiple client applications; getting an encryption request through the cryptographic service API provider by, at least, one client application. The encryption request includes data for the end user of, at least, one client application. The encryption request includes, at least, one encryption parameter specified by, at least, one client application to use, when encrypting the data. And, at least, one encryption parameter identifies the encryption type and the encryption depth; data encryption using the generated encryption key, the encryption type specified by, at least, one client application, and the encryption depth specified by, at least, one client application; transfer via cryptographic service API provider to retrieve the encrypted data to, at least, one client application without transmission the encryption key to, at least, one client application; getting from, at least, one client application a decryption request, containing, at least, part of the parameters and encrypted data. The encryption type specifies the part of the parameters associated with the encrypted data and the encryption depth associated with the encrypted data; determination of the identity of, at least, one client application sending the received message, on the basis of the identification data and the part of the parameters; decryption of the encrypted data based on the generated encryption key, encryption type and encryption depth; and transfer of the decrypted data back to, at least, one application.

EFFECT: effective data protection.

20 cl, 9 dwg