EP2359250A2 - Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé - Google Patents

Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé

Info

Publication number
EP2359250A2
EP2359250A2 EP09807661A EP09807661A EP2359250A2 EP 2359250 A2 EP2359250 A2 EP 2359250A2 EP 09807661 A EP09807661 A EP 09807661A EP 09807661 A EP09807661 A EP 09807661A EP 2359250 A2 EP2359250 A2 EP 2359250A2
Authority
EP
European Patent Office
Prior art keywords
data
block
plurality
secure storage
state
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09807661A
Other languages
German (de)
English (en)
Inventor
Scott Summers
Albert French
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Unisys Corp
Original Assignee
Unisys Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US12/272,012 priority Critical patent/US20100125730A1/en
Priority to US12/336,559 priority patent/US20100153703A1/en
Priority to US12/336,564 priority patent/US8392682B2/en
Priority to US12/336,568 priority patent/US20100150341A1/en
Priority to US12/336,562 priority patent/US20100154053A1/en
Priority to US12/336,558 priority patent/US20100153740A1/en
Priority to US12/342,636 priority patent/US20100162005A1/en
Priority to US12/342,610 priority patent/US20100161981A1/en
Priority to US12/342,523 priority patent/US20100162003A1/en
Priority to US12/342,464 priority patent/US20100162032A1/en
Priority to US12/342,414 priority patent/US20100162002A1/en
Priority to US12/342,575 priority patent/US20100161964A1/en
Priority to US12/342,547 priority patent/US20100162004A1/en
Priority to US12/342,500 priority patent/US8386798B2/en
Priority to US12/342,438 priority patent/US8135980B2/en
Priority to US12/342,379 priority patent/US20100162001A1/en
Priority to US12/346,561 priority patent/US10007807B2/en
Priority to US12/346,578 priority patent/US20100169662A1/en
Application filed by Unisys Corp filed Critical Unisys Corp
Priority to PCT/US2009/064786 priority patent/WO2010057181A2/fr
Publication of EP2359250A2 publication Critical patent/EP2359250A2/fr
Application status is Withdrawn legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from or digital output to record carriers, e.g. RAID, emulated record carriers, networked record carriers
    • G06F3/0601Dedicated interfaces to storage systems
    • G06F3/0628Dedicated interfaces to storage systems making use of a particular technique
    • G06F3/0662Virtualisation aspects
    • G06F3/0664Virtualisation aspects at device level, e.g. emulation of a storage device or system
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from or digital output to record carriers, e.g. RAID, emulated record carriers, networked record carriers
    • G06F3/0601Dedicated interfaces to storage systems
    • G06F3/0602Dedicated interfaces to storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0623Securing storage systems in relation to content
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from or digital output to record carriers, e.g. RAID, emulated record carriers, networked record carriers
    • G06F3/0601Dedicated interfaces to storage systems
    • G06F3/0628Dedicated interfaces to storage systems making use of a particular technique
    • G06F3/0655Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
    • G06F3/0656Data buffering arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from or digital output to record carriers, e.g. RAID, emulated record carriers, networked record carriers
    • G06F3/0601Dedicated interfaces to storage systems
    • G06F3/0668Dedicated interfaces to storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • H04L63/104Grouping of entities

Abstract

On décrit des procédés et des systèmes destinés à gérer des blocs de données et des demandes d’E/S. Un des procédés est destiné à gérer des blocs de données dans un appareil de stockage sécurisé. Le procédé comporte les étapes consistant à recevoir un bloc de données associé à un volume, ledit volume étant associé à une pluralité de partitions stockées sur une pluralité de dispositifs physiques de stockage, et à stocker le bloc de données dans un tampon. Le procédé comporte également l’étape consistant à associer le bloc de données à un état parmi une pluralité d’états, chacun des états correspondant à un état du bloc de données. Le procédé comporte en outre l’étape consistant à traiter le bloc de données en effectuant au moins une opération cryptographique sur le bloc de données et, une fois le traitement du bloc de données terminé, à mettre à jour l’état du bloc de données.
EP09807661A 2008-11-17 2009-11-17 Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé Withdrawn EP2359250A2 (fr)

Priority Applications (19)

Application Number Priority Date Filing Date Title
US12/272,012 US20100125730A1 (en) 2008-11-17 2008-11-17 Block-level data storage security system
US12/336,564 US8392682B2 (en) 2008-12-17 2008-12-17 Storage security using cryptographic splitting
US12/336,568 US20100150341A1 (en) 2008-12-17 2008-12-17 Storage security using cryptographic splitting
US12/336,562 US20100154053A1 (en) 2008-12-17 2008-12-17 Storage security using cryptographic splitting
US12/336,558 US20100153740A1 (en) 2008-12-17 2008-12-17 Data recovery using error strip identifiers
US12/336,559 US20100153703A1 (en) 2008-12-17 2008-12-17 Storage security using cryptographic splitting
US12/342,610 US20100161981A1 (en) 2008-12-23 2008-12-23 Storage communities of interest using cryptographic splitting
US12/342,523 US20100162003A1 (en) 2008-12-23 2008-12-23 Retrieval of cryptographically-split data blocks from fastest-responding storage devices
US12/342,464 US20100162032A1 (en) 2008-12-23 2008-12-23 Storage availability using cryptographic splitting
US12/342,414 US20100162002A1 (en) 2008-12-23 2008-12-23 Virtual tape backup arrangement using cryptographically split storage
US12/342,575 US20100161964A1 (en) 2008-12-23 2008-12-23 Storage communities of interest using cryptographic splitting
US12/342,547 US20100162004A1 (en) 2008-12-23 2008-12-23 Storage of cryptographically-split data blocks at geographically-separated locations
US12/342,500 US8386798B2 (en) 2008-12-23 2008-12-23 Block-level data storage using an outstanding write list
US12/342,438 US8135980B2 (en) 2008-12-23 2008-12-23 Storage availability using cryptographic splitting
US12/342,379 US20100162001A1 (en) 2008-12-23 2008-12-23 Secure network attached storage device using cryptographic settings
US12/342,636 US20100162005A1 (en) 2008-12-23 2008-12-23 Storage communities of interest using cryptographic splitting
US12/346,578 US20100169662A1 (en) 2008-12-30 2008-12-30 Simultaneous state-based cryptographic splitting in a secure storage appliance
US12/346,561 US10007807B2 (en) 2008-12-30 2008-12-30 Simultaneous state-based cryptographic splitting in a secure storage appliance
PCT/US2009/064786 WO2010057181A2 (fr) 2008-11-17 2009-11-17 Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé

Publications (1)

Publication Number Publication Date
EP2359250A2 true EP2359250A2 (fr) 2011-08-24

Family

ID=42125014

Family Applications (2)

Application Number Title Priority Date Filing Date
EP09807661A Withdrawn EP2359250A2 (fr) 2008-11-17 2009-11-17 Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé
EP09802051A Pending EP2359296A2 (fr) 2008-11-17 2009-11-17 Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé

Family Applications After (1)

Application Number Title Priority Date Filing Date
EP09802051A Pending EP2359296A2 (fr) 2008-11-17 2009-11-17 Partage cryptographique simultané basé sur les états dans un appareil de stockage sécurisé

Country Status (3)

Country Link
EP (2) EP2359250A2 (fr)
AU (4) AU2009324969A1 (fr)
WO (2) WO2010057181A2 (fr)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7391865B2 (en) 1999-09-20 2008-06-24 Security First Corporation Secure data parser method and system
CA2922172A1 (fr) 2004-10-25 2006-05-04 Security First Corp. Systeme analyseur syntaxique de donnees securise et procede correspondant
US8135134B2 (en) 2007-09-14 2012-03-13 Security First Corp. Systems and methods for managing cryptographic keys
US8656167B2 (en) 2008-02-22 2014-02-18 Security First Corp. Systems and methods for secure workgroup management and communication
CN104079573A (zh) 2009-05-19 2014-10-01 安全第一公司 用于安全保护云中的数据的系统和方法
CN106411909A (zh) 2009-11-25 2017-02-15 安全第公司 对移动中数据进行保护的系统和方法
EP2553905B1 (fr) 2010-03-31 2018-05-09 Security First Corp. Systèmes et procédés pour sécuriser des données en mouvement
EP2577936A2 (fr) 2010-05-28 2013-04-10 Lawrence A. Laurich Système accélérateur destiné à être utilisé avec un dispositif de stockage de données sécurisé
CN106452737A (zh) 2010-08-11 2017-02-22 安全第公司 用于安全多租户数据存储的系统和方法
CN103229165A (zh) * 2010-08-12 2013-07-31 安全第一公司 用于数据的安全远程存储的系统和方法
CN103744808B (zh) * 2013-12-31 2017-12-26 百度在线网络技术(北京)有限公司 一种用于控制i/o请求的方法与设备
US9733849B2 (en) 2014-11-21 2017-08-15 Security First Corp. Gateway for cloud-based secure storage
CN105610734B (zh) * 2015-12-28 2018-12-25 杭州宏杉科技股份有限公司 一种流量控制方法及装置

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5359713A (en) * 1989-06-01 1994-10-25 Legato Systems, Inc. Method and apparatus for enhancing synchronous I/O in a computer system with a non-volatile memory and using an acceleration device driver in a computer operating system
GB2264798A (en) * 1992-03-04 1993-09-08 Hitachi Ltd High speed access control
US6167531A (en) * 1998-06-18 2000-12-26 Unisys Corporation Methods and apparatus for transferring mirrored disk sets during system fail-over
US8200938B2 (en) * 2002-02-11 2012-06-12 Oracle America, Inc. Computer system and method providing a memory buffer for use with native and platform-independent software code
DE602006002606D1 (de) * 2005-04-29 2008-10-16 Network Appliance Inc System und verfahren zur erzeugung einheitlicher bilder einer menge von datenobjekten
EP1770492B1 (fr) * 2005-08-01 2016-11-02 Infortrend Technology, Inc. Une méthode pour améliorer l'efficacité d'écriture de données et sous-système de stockage et système correspondant
US8880799B2 (en) * 2005-09-30 2014-11-04 Cleversafe, Inc. Rebuilding data on a dispersed storage network
EP1952575B1 (fr) * 2005-11-18 2017-12-27 Security First Corp. Procédé et système analyseur syntaxique de données sécurisées
US8892905B2 (en) * 2007-03-21 2014-11-18 Oracle International Corporation Method and apparatus for performing selective encryption/decryption in a data storage system

Also Published As

Publication number Publication date
WO2010057181A2 (fr) 2010-05-20
AU2009313736A1 (en) 2011-07-07
AU2016203740B2 (en) 2018-07-26
EP2359296A2 (fr) 2011-08-24
AU2016203766A1 (en) 2016-06-30
WO2010057181A3 (fr) 2014-11-27
WO2010068377A3 (fr) 2010-11-25
AU2009324969A1 (en) 2011-07-07
WO2010068377A2 (fr) 2010-06-17
AU2016203740A1 (en) 2016-06-23

Similar Documents

Publication Publication Date Title
CA2839072C (fr) Services de stockage de donnees distribues en ligne securises
US9722788B1 (en) Rekeying encrypted virtual machines in a cloud
US8578205B2 (en) Requesting cloud data storage
US8644502B2 (en) Secure data parser method and system
US9886257B1 (en) Methods and apparatus for remotely updating executing processes
US9785491B2 (en) Processing a certificate signing request in a dispersed storage network
AU2006299819B2 (en) Method and system for data backup
US8621241B1 (en) Storage and recovery of cryptographic key identifiers
US8856549B2 (en) Deleting encoded data slices in a dispersed storage network
JP6118778B2 (ja) 移動中のデータをセキュア化するためのシステムおよび方法
CN101855860B (zh) 用于管理加密密钥的系统和方法
US8200965B2 (en) Storage system for data encryption
EP2304919B1 (fr) Dispositif de stockage et son procédé de commande
US20050165972A1 (en) File input/output control device and method for the same
US7277941B2 (en) System and method for providing encryption in a storage network by storing a secured encryption key with encrypted archive data in an archive storage device
JP2009506405A (ja) データアーカイブシステム
US9294564B2 (en) Shadowing storage gateway
US8904080B2 (en) Tape backup method
CA2881475C (fr) Identification de donnees d'archives
US9825927B2 (en) Systems and methods for securing data using multi-factor or keyed dispersal
US20130013931A1 (en) Secure file sharing method and system
US7383462B2 (en) Method and apparatus for encrypted remote copy for secure data backup and restoration
JP5663083B2 (ja) 移動中のデータをセキュア化するためのシステムおよび方法
US9465952B2 (en) Systems and methods for secure multi-tenant data storage
US20070174362A1 (en) System and methods for secure digital data archiving and access auditing

Legal Events

Date Code Title Description
17P Request for examination filed

Effective date: 20110607

AK Designated contracting states:

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

DAX Request for extension of the european patent (to any country) deleted
R17D Search report (correction)

Effective date: 20141127

17Q First examination report

Effective date: 20150904

18D Deemed to be withdrawn

Effective date: 20170209