Sub-volume level security for deduplicated data
US8117464B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Apr 30, 2008 |
| Grant date | Feb 14, 2012 |
| Priority date | — |
| Expiry date | Oct 26, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0428
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A network storage server receives write requests from clients via a network and internally buffers data blocks written by the write requests. At a consistency point, the storage server commits the data blocks to nonvolatile mass storage. In the consistency point process, a storage operating system in the network storage server compresses the data blocks, encrypts selected data blocks, and stores the compressed and (possibly) encrypted data blocks in the nonvolatile mass storage facility. Data blocks can also be fingerprinted in parallel with compression and/or encryption, to facilitate deduplication. Data blocks can be indexed and classified according to content or attributes of the data. Encryption can be applied at different levels of logical container granularity, where a separate, unique cryptographic key is used for each encrypted data container. To facilitate deduplication, the system creates an additional, shared encryption key for each data block duplicated between two or more logical containers.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.