In-flight data encryption/decryption for a distributed storage platform
US10848468B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 5, 2018 |
| Grant date | Nov 24, 2020 |
| Priority date | — |
| Expiry date | Sep 19, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45583
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Encryption of data occurs before it is written to the storage platform; decryption occurs after it is read from the storage platform on a computer separate from the storage platform. By encrypting data before it travels over a wide-area network to a storage platform (and by only decrypting that data once it has arrived at an enterprise from the storage platform), we address data security over the network. Application data is encrypted at the virtual disk level before it leaves a controller virtual machine, and is only decrypted at that controller virtual machine after being received from the storage platform. Encryption and decryption of data is compatible with other services of the storage system such as de-duplication. Any number of key management services can be used in a transparent manner.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.