A METHOD OF DATA TRANSFER, A METHOD OF CONTROLLING USE OF DATA AND A CRYPTOGRAPHIC DEVICE

摘要

A method of data transfer from a tenant to a service provider comprises encrypting the data with a public key of a key pair generated by a secure device within the service provider system. The data thus cannot be accessed by the service provider during transmission. The data is generated with a corresponding access control list, which specifies that a valid certificate must be presented in order to grant a particular use of the data once stored. The tenant can thus retain control of the use of the data even though it has been transferred out of the tenant system. A method of controlling use of data securely stored in the service provider system comprises issuing a use certificate having an expiry time to the party requesting use of the data. The use certificate must be validated before use of the stored data is granted. This enables the tenant to grant use of the stored data for a limited time period.