Dedicated encrypted container storage
US11340797B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Apr 9, 2020 |
| Grant date | May 24, 2022 |
| Priority date | — |
| Expiry date | Apr 27, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/107
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques are disclosed for dynamically allocating dedicated encrypted storage for containers/applications in a containerized environment. Only those container(s) are able to access an encrypted storage volume that have access to the volume secret for the volume. The volume secret is combined with a pre-key using a hash-based key derivation function (HKDF) to obtain the volume/encryption key for the volume. In various aspects, one is able to specify the amount of encrypted storage desired/required in a storage/host volume to be allocated to a container on-demand. The containerized application for which an instant dynamically allocated dedicated storage volume is created may be a composable multi-container or microservices application. The encrypted storage volume is optimally assembled from the partitions of the storage devices available on a host. The storage devices may be local to the host or remote or in the cloud.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.