	US 11,706,229 B2
	Enforcing data sovereignty policies in a cloud environment
Robert Edgar Barton, Richmond (CA); and Matthew William Gillies, Vancouver (CA)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Jun. 29, 2021, as Appl. No. 17/362,735.
Application 17/362,735 is a continuation of application No. 16/425,520, filed on May 29, 2019, granted, now 11,095,661.
Prior Publication US 2021/0329001 A1, Oct. 21, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 67/1097 (2022.01)

CPC H04L 63/107 (2013.01) [H04L 63/0823 (2013.01); H04L 63/20 (2013.01); H04L 67/1097 (2013.01)]

20 Claims

1. A method comprising:

receiving, by a cloud provider, device security data corresponding to a plurality of nodes associated with the cloud provider, wherein the device security data includes data that corresponds to a respective node of the plurality of nodes, and wherein the data that corresponds to the respective node comprises a deployment domain identity attribute identifying a physical location of the respective node;

creating a data sovereignty policy for one or more customers of the cloud provider, the data sovereignty policy specifying that data associated with a policy of a government entity be stored on nodes located within a geographic area associated with the government entity;

based on the device security data, verifying those of the plurality of nodes that comply with the data sovereignty policy; and

storing the data associated with the policy of the government entity on those of the plurality of nodes verified to comply with the data sovereignty policy.