WO2010126644A3 - Methods and systems for stripe blind encryption - Google Patents

Methods and systems for stripe blind encryption Download PDF

Info

Publication number
WO2010126644A3
WO2010126644A3 PCT/US2010/024889 US2010024889W WO2010126644A3 WO 2010126644 A3 WO2010126644 A3 WO 2010126644A3 US 2010024889 W US2010024889 W US 2010024889W WO 2010126644 A3 WO2010126644 A3 WO 2010126644A3
Authority
WO
WIPO (PCT)
Prior art keywords
stripe
data item
blind
encryption key
systems
Prior art date
Application number
PCT/US2010/024889
Other languages
French (fr)
Other versions
WO2010126644A2 (en
Inventor
Peter D. Beaman
Tuyen M. Tran
Robert S. Newson
Original Assignee
Iron Mountain Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US12/391,099 external-priority patent/US8145598B2/en
Application filed by Iron Mountain Incorporated filed Critical Iron Mountain Incorporated
Priority to GB1113926A priority Critical patent/GB2480030A/en
Publication of WO2010126644A2 publication Critical patent/WO2010126644A2/en
Publication of WO2010126644A3 publication Critical patent/WO2010126644A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1471Saving, restoring, recovering or retrying involving logging of persistent data for recovery
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/2053Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where persistent mass storage functionality or persistent mass storage control functionality is redundant
    • G06F11/2094Redundant storage or storage space

Abstract

Methods and systems are disclosed that relate to encrypting data of a data item for storing in a data storage system comprising a plurality of disks having stripes. A blinding factor is constructed based on a stripe blind that is assigned to a stripe with which the data item is associated and a unique identifier associated with the data item. A first logic operation is performed between the blinding factor and an encryption key to create a blinded encryption key for the data item. The data item is decrypted by identifying the stripe blind with the unique identifier and recreating the data item's blinding factor based on the stripe blind and the unique identifier. A second logic operation, which is selected based on the first logic operation, is performed between the blinding factor and the blinded encryption key to recreate the encryption key.
PCT/US2010/024889 2009-02-23 2010-02-22 Methods and systems for stripe blind encryption WO2010126644A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1113926A GB2480030A (en) 2009-02-23 2010-02-22 Methods and systems for stripe blind encryption

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US15461809P 2009-02-23 2009-02-23
US61/154,618 2009-02-23
US12/391,099 2009-02-23
US12/391,099 US8145598B2 (en) 2009-02-23 2009-02-23 Methods and systems for single instance storage of asset parts
US12/402,470 US20100215175A1 (en) 2009-02-23 2009-03-11 Methods and systems for stripe blind encryption
US12/402,470 2009-03-11

Publications (2)

Publication Number Publication Date
WO2010126644A2 WO2010126644A2 (en) 2010-11-04
WO2010126644A3 true WO2010126644A3 (en) 2011-01-06

Family

ID=42790994

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2010/024889 WO2010126644A2 (en) 2009-02-23 2010-02-22 Methods and systems for stripe blind encryption

Country Status (3)

Country Link
US (1) US20100215175A1 (en)
GB (1) GB2480030A (en)
WO (1) WO2010126644A2 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090259669A1 (en) * 2008-04-10 2009-10-15 Iron Mountain Incorporated Method and system for analyzing test data for a computer application
US8397051B2 (en) * 2009-02-23 2013-03-12 Autonomy, Inc. Hybrid hash tables
US8145598B2 (en) * 2009-02-23 2012-03-27 Iron Mountain Incorporated Methods and systems for single instance storage of asset parts
US8090683B2 (en) * 2009-02-23 2012-01-03 Iron Mountain Incorporated Managing workflow communication in a distributed storage system
US8914669B2 (en) * 2010-04-26 2014-12-16 Cleversafe, Inc. Secure rebuilding of an encoded data slice in a dispersed storage network
US8751819B1 (en) * 2011-09-22 2014-06-10 Symantec Corporation Systems and methods for encoding data
US10277867B2 (en) 2012-07-12 2019-04-30 Elwha Llc Pre-event repository associated with individual privacy and public safety protection via double encrypted lock box
US9521370B2 (en) 2012-07-12 2016-12-13 Elwha, Llc Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box
US9596436B2 (en) * 2012-07-12 2017-03-14 Elwha Llc Level-one encryption associated with individual privacy and public safety protection via double encrypted lock box
US9825760B2 (en) 2012-07-12 2017-11-21 Elwha, Llc Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box
CN104375848B (en) * 2013-08-14 2017-06-16 英华达(上海)科技有限公司 Information Microprocessor System for Real Time Record and method
US9811546B1 (en) * 2014-06-30 2017-11-07 EMC IP Holding Company LLC Storing data and metadata in respective virtual shards on sharded storage systems
US9680651B2 (en) * 2014-10-27 2017-06-13 Seagate Technology Llc Secure data shredding in an imperfect data storage device
US9558128B2 (en) 2014-10-27 2017-01-31 Seagate Technology Llc Selective management of security data
US20160191508A1 (en) * 2014-12-31 2016-06-30 Nexenta Systems, Inc. Methods and Systems for Block Sharding of Objects Stored in Distributed Storage System
WO2019012329A1 (en) 2017-07-10 2019-01-17 Vchain Technology Limited Method and system for data security within independent computer systems and digital networks
CA3082977A1 (en) 2017-12-06 2019-06-13 Zamna Technologies Limited Method and system for data security, validation, verification and provenance within independent computer systems and digital networks
US10873459B2 (en) * 2018-09-24 2020-12-22 Nxp B.V. Password authentication using white-box cryptography
US10985912B2 (en) * 2018-10-05 2021-04-20 Intuit Inc. Homomorphic key derivation
CN115242540B (en) * 2022-08-03 2023-09-26 平安银行股份有限公司 Data processing method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030188153A1 (en) * 2002-04-02 2003-10-02 Demoff Jeff S. System and method for mirroring data using a server
US20040049700A1 (en) * 2002-09-11 2004-03-11 Fuji Xerox Co., Ltd. Distributive storage controller and method
US20050262361A1 (en) * 2004-05-24 2005-11-24 Seagate Technology Llc System and method for magnetic storage disposal
EP1818847A2 (en) * 2006-02-10 2007-08-15 Ricoh Company, Ltd. Data encoding apparatus, data encoding method, data encoding program, and recording medium

Family Cites Families (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5287499A (en) * 1989-03-22 1994-02-15 Bell Communications Research, Inc. Methods and apparatus for information storage and retrieval utilizing a method of hashing and different collision avoidance schemes depending upon clustering in the hash table
US5440727A (en) * 1991-12-18 1995-08-08 International Business Machines Corporation Asynchronous replica management in shared nothing architectures
US5812398A (en) * 1996-06-10 1998-09-22 Sun Microsystems, Inc. Method and system for escrowed backup of hotelled world wide web sites
US5813008A (en) * 1996-07-12 1998-09-22 Microsoft Corporation Single instance storage of information
US6041423A (en) * 1996-11-08 2000-03-21 Oracle Corporation Method and apparatus for using undo/redo logging to perform asynchronous updates of parity and data pages in a redundant array data storage environment
US20020028783A1 (en) * 1999-09-09 2002-03-07 O'brien John S. Method of stimulating prosaposin receptor activity
US7716060B2 (en) * 1999-03-02 2010-05-11 Germeraad Paul B Patent-related tools and methodology for use in the merger and acquisition process
US6711585B1 (en) * 1999-06-15 2004-03-23 Kanisa Inc. System and method for implementing a knowledge management system
US6477544B1 (en) * 1999-07-16 2002-11-05 Microsoft Corporation Single instance store for file systems
US7093137B1 (en) * 1999-09-30 2006-08-15 Casio Computer Co., Ltd. Database management apparatus and encrypting/decrypting system
JP2001265361A (en) * 2000-03-14 2001-09-28 Sony Corp Device and method for providing information, device and method for providing information, and program storage medium
EP1197828A1 (en) * 2000-10-11 2002-04-17 Trustcopy Pte Ltd Remote printing of secure and/or authenticated documents
US6865577B1 (en) * 2000-11-06 2005-03-08 At&T Corp. Method and system for efficiently retrieving information from a database
US7003551B2 (en) * 2000-11-30 2006-02-21 Bellsouth Intellectual Property Corp. Method and apparatus for minimizing storage of common attachment files in an e-mail communications server
US6629198B2 (en) * 2000-12-08 2003-09-30 Sun Microsystems, Inc. Data storage system and method employing a write-ahead hash log
US6678809B1 (en) * 2001-04-13 2004-01-13 Lsi Logic Corporation Write-ahead log in directory management for concurrent I/O access for block storage
EP1419457B1 (en) * 2001-08-20 2012-07-25 Symantec Corporation File backup system and method
US7047358B2 (en) * 2001-12-26 2006-05-16 Boon Storage Technologies, Inc. High-performance log-structured RAID
JP3702231B2 (en) * 2002-01-31 2005-10-05 株式会社東芝 Disk array apparatus and dynamic storage capacity expansion method in the same
US8335915B2 (en) * 2002-05-14 2012-12-18 Netapp, Inc. Encryption based security system for network storage
US20040088556A1 (en) * 2002-10-31 2004-05-06 Weirauch Charles R. Using digital watermarking for protection of digital data
JP4186602B2 (en) * 2002-12-04 2008-11-26 株式会社日立製作所 Update data writing method using journal log
US7424637B1 (en) * 2003-03-21 2008-09-09 Networks Appliance, Inc. Technique for managing addition of disks to a volume of a storage system
US20050015416A1 (en) * 2003-07-16 2005-01-20 Hitachi, Ltd. Method and apparatus for data recovery using storage based journaling
GB2404538A (en) * 2003-07-31 2005-02-02 Sony Uk Ltd Access control for digital content
US20050033777A1 (en) * 2003-08-04 2005-02-10 Moraes Mark A. Tracking, recording and organizing changes to data in computer systems
US7165082B1 (en) * 2003-10-31 2007-01-16 Veritas Operating Corporation Incremental method for backup of email messages
JP2005157463A (en) * 2003-11-20 2005-06-16 Pioneer Electronic Corp Data classifying method, summary data generating method, data classifying device, summary data generating device, data classifying program, summary data generating program and information recording medium
US7197599B2 (en) * 2003-12-29 2007-03-27 Intel Corporation Method, system, and program for managing data updates
US7386663B2 (en) * 2004-05-13 2008-06-10 Cousins Robert E Transaction-based storage system and method that uses variable sized objects to store data
US20060031230A1 (en) * 2004-07-21 2006-02-09 Kumar Sinha M Data storage systems
US7500053B1 (en) * 2004-11-05 2009-03-03 Commvvault Systems, Inc. Method and system for grouping storage system components
WO2006053050A2 (en) * 2004-11-08 2006-05-18 Commvault Systems, Inc. System and method for performing auxiliary storage operations
EP1828936A2 (en) * 2004-11-17 2007-09-05 Iron Mountain Incorporated Systems and methods for managing digital assets
US7444360B2 (en) * 2004-11-17 2008-10-28 International Business Machines Corporation Method, system, and program for storing and using metadata in multiple storage locations
US7958148B2 (en) * 2004-11-17 2011-06-07 Iron Mountain Incorporated Systems and methods for filtering file system input and output
US7788240B2 (en) * 2004-12-29 2010-08-31 Sap Ag Hash mapping with secondary table having linear probing
US7702850B2 (en) * 2005-03-14 2010-04-20 Thomas Earl Ludwig Topology independent storage arrays and methods
US7765191B2 (en) * 2005-04-15 2010-07-27 Emc Corporation Methods and apparatus for managing the replication of content
US20060248055A1 (en) * 2005-04-28 2006-11-02 Microsoft Corporation Analysis and comparison of portfolios by classification
US7617370B2 (en) * 2005-04-29 2009-11-10 Netapp, Inc. Data allocation within a storage system architecture
US7680806B2 (en) * 2005-05-17 2010-03-16 Cisco Technology, Inc. Reducing overflow of hash table entries
US7562188B2 (en) * 2005-06-17 2009-07-14 Intel Corporation RAID power safe apparatus, systems, and methods
JP2007140746A (en) * 2005-11-16 2007-06-07 Hitachi Ltd Computer system, management computer and recovery management method
US8806227B2 (en) * 2006-08-04 2014-08-12 Lsi Corporation Data shredding RAID mode
EP2122900A4 (en) * 2007-01-22 2014-07-23 Spyrus Inc Portable data encryption device with configurable security functionality and method for file encryption
US20080243878A1 (en) * 2007-03-29 2008-10-02 Symantec Corporation Removal
US8489830B2 (en) * 2007-03-30 2013-07-16 Symantec Corporation Implementing read/write, multi-versioned file system on top of backup data
WO2009029842A1 (en) * 2007-08-31 2009-03-05 Exegy Incorporated Method and apparatus for hardware-accelerated encryption/decryption
US8989388B2 (en) * 2008-04-02 2015-03-24 Cisco Technology, Inc. Distribution of storage area network encryption keys across data centers
US20090259669A1 (en) * 2008-04-10 2009-10-15 Iron Mountain Incorporated Method and system for analyzing test data for a computer application
US8589697B2 (en) * 2008-04-30 2013-11-19 Netapp, Inc. Discarding sensitive data from persistent point-in-time image
US9215066B2 (en) * 2008-06-25 2015-12-15 Oracle America, Inc. Method and system for making information in a data set of a copy-on-write file system inaccessible
US8090683B2 (en) * 2009-02-23 2012-01-03 Iron Mountain Incorporated Managing workflow communication in a distributed storage system
US8397051B2 (en) * 2009-02-23 2013-03-12 Autonomy, Inc. Hybrid hash tables

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030188153A1 (en) * 2002-04-02 2003-10-02 Demoff Jeff S. System and method for mirroring data using a server
US20040049700A1 (en) * 2002-09-11 2004-03-11 Fuji Xerox Co., Ltd. Distributive storage controller and method
US20050262361A1 (en) * 2004-05-24 2005-11-24 Seagate Technology Llc System and method for magnetic storage disposal
EP1818847A2 (en) * 2006-02-10 2007-08-15 Ricoh Company, Ltd. Data encoding apparatus, data encoding method, data encoding program, and recording medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SAEGATE: "The Benefits of Self-Encrypting Drives in the Data Center", 20080401, 1 April 2008 (2008-04-01), pages 1 - 7, XP007915212, Retrieved from the Internet <URL:http://www.lsi.com/campaigns/forms/security_cw/downloads/pdf/TP590.1- 0804US_lr.pdf ORD - 2008-04-00> *
WIKIPEDIA: "Key derivation function", INTERNET CITATION, 25 December 2008 (2008-12-25), pages 1 - 2, XP007915242, Retrieved from the Internet <URL:http://en.wikipedia.org/w/index.php?title=Key_derivation_function&old id=260028157> [retrieved on 20101007] *

Also Published As

Publication number Publication date
US20100215175A1 (en) 2010-08-26
WO2010126644A2 (en) 2010-11-04
GB201113926D0 (en) 2011-09-28
GB2480030A (en) 2011-11-02

Similar Documents

Publication Publication Date Title
WO2010126644A3 (en) Methods and systems for stripe blind encryption
EP2645673A3 (en) Storage device and its control method
GB2418769B (en) Method and system for storing data
SG11202109357VA (en) Methods for splitting and recovering key, program product, storage medium, and system
EP3440494A4 (en) Methods and systems for obtaining. analyzing, and generating vision performance data and modifying media based on the data
GB201021312D0 (en) Distributed file system
WO2010120475A3 (en) Data recovery in a solid state storage system
WO2014070134A3 (en) Quorum-based virtual machine security
WO2009085671A3 (en) Using the lun type for storage allocation
GB2530972A (en) Encrypted purging of data from content node storage
EP3973687A4 (en) Method and system for distributed data storage with enhanced security, resilience, and control
WO2007121035A3 (en) Method and system for high throughput blockwise independent encryption/decryption
EP3879747A4 (en) Key security management system and method, medium, and computer program
WO2012009064A3 (en) Virtual machine aware replication method and system
TW200710670A (en) Serial ata port addressing
WO2009131861A3 (en) Media asset management
US20150324302A1 (en) White box encryption system and method
EP3719761A4 (en) Smart lock power supply control method, smart lock system and storage medium
IL175708A0 (en) Merchandise management system, control program, and information storage medium
WO2012138969A3 (en) Sudoku arrays
WO2011040950A3 (en) Power interrupt management
WO2007143592A3 (en) Content description system
GB2429308B (en) Data transfer device
EP1916809A4 (en) Information communicating system, information communicating method, node apparatuses included in information communicating system, and storage medium in which information processing program has been stored
EP3968597A4 (en) Methods and apparatuses for encrypting and decrypting data, storage medium and encrypted file

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10747712

Country of ref document: EP

Kind code of ref document: A2

ENP Entry into the national phase

Ref document number: 1113926

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20100222

WWE Wipo information: entry into national phase

Ref document number: 1113926.8

Country of ref document: GB

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10747712

Country of ref document: EP

Kind code of ref document: A2

ENPC Correction to former announcement of entry into national phase, pct application did not enter into the national phase

Ref country code: GB