Patent · US Active

Encryption in a distributed storage system utilizing cluster-wide encryption keys

US12309258B2 · kind B2 · utility

0Cited by

8References

20Claims

0Family size

Assignee

VMware LLC · US

Inventors

Tao Xie · Copley, US
Wenguang Wang · Santa Clara, US
Ruiling Dou · Shanghai, CN
Zhao Jin · Kirkland, US

Key dates

Filing date	Aug 13, 2021
Grant date	May 20, 2025
Priority date	—
Expiry date	Aug 13, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2009/45587
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for encryption in a distributed datastore is provided. The method generally includes receiving random data from a virtualization management platform as a wrapped data encryption key (DEK), retrieving a key encryption key (KEK) from a key management server (KMS), decrypting the wrapped DEK using the KEK to determine a blank DEK, where the blank DEK is common to a plurality of hosts of a host cluster accessing a distributed datastore; encrypting first data using the blank DEK, and storing the encrypted first data in one or more disks of the distributed datastore, the one or more disks belonging to the plurality of hosts.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.