The present invention generally relates to a method for secure message routing in a multi-tenant system.
Being able to securely send messages to a shared infrastructure such as a multi-tenant cloud or a multi-tenant datacenter is critical to realizing the cost advantages of shared computer infrastructures. However, routing messages through shared data entry points normally requires some examination of the message contents to verify correct customer data routing.
Generally, a simple network address or a customer name or ID such as a customer seed ID is used to route the message correctly. However, the manipulation of the customer ID may cause a legal risk in many industries. For example, in the healthcare industry, routing confidential patient information to a wrong provider or hospital may lead to fines, penalties, and patient risks. In industries that fall under anti-trust laws, maintaining any information from competitors can lead to anti-trust violations and fines.
One possible solution to avoid such legal risks discussed above is to utilize encryption throughout the message transmission through the shared cloud or datacenter infrastructure. However, there still is a risk that the encryption keys themselves are compromised and utilized to send the message to a wrong customer or even route it to an attacker. Such a solution for message encryption in the shared cloud and datacenter computer infrastructure relies on block cyphers or symmetric cryptography, i.e., the key for encrypting the message is the same one utilized to decrypt the message, because the symmetric encryption is far less computationally intensive than other encryption methods such as public key/private key encryption.