WO2017124179A1 - Automated updates for encrypted attached, network or cloud data storage systems - Google Patents

Automated updates for encrypted attached, network or cloud data storage systems Download PDF

Info

Publication number
WO2017124179A1
WO2017124179A1 PCT/CA2017/000013 CA2017000013W WO2017124179A1 WO 2017124179 A1 WO2017124179 A1 WO 2017124179A1 CA 2017000013 W CA2017000013 W CA 2017000013W WO 2017124179 A1 WO2017124179 A1 WO 2017124179A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
file
directory
backup
updated
Prior art date
Application number
PCT/CA2017/000013
Other languages
French (fr)
Inventor
Inderjit BAINS
Original Assignee
Arctec Mobile Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arctec Mobile Inc. filed Critical Arctec Mobile Inc.
Publication of WO2017124179A1 publication Critical patent/WO2017124179A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • G06F11/1451Management of the data involved in backup or backup restore by selection of backup contents
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/16Protection against loss of memory contents
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • the present disclosure relates to the data backups to a storage device, and in particular, data encryption and backup to local and cloud storage.
  • the invention describes how updates and changes to encrypted user data stored on networked local storage or tire Cloud can be handled automatically or with minimal user interaction, and with minimal impact on the user's computer and internet data usage.
  • An object of the invention is to allow a computer such as a desktop, laptop, tablet, mobile phone, or similar device to encrypt user data, such as personal information, taxes, documents, code, photos, videos, etc., or the entire computing environment, including the user data, operating system and applications, with a user-defined encryption key, for archiving to attached local or network storage, or to Cloud storage through the internet.
  • Data encryption on the user's computer allows for more robust security: the Cloud storage provider will not be able to decrypt the data if it's encrypted with a secure encryption algorithm such as AES-256.
  • a second object of the invention is to allow a user to select directories or files to be archived, to reduce the amount of time required to encrypt and store the user data, vs. encrypting the entire computing environment.
  • the user is also allowed to specify which types of files are to be excluded from encryption and archiving, based on file extensions. Examples include executable files, compiled object files, temporary files, etc.
  • a third object of the invention is to allow a computer to automatically encrypt file system updates without user intervention or tire need to re-encrypt the entire set of user data or computing environment, by periodically looking for changes in the selected directories or the entire file system from the last time the scan as run, and encrypt and archive only updated or new files.
  • the user may also select to scan and archive changes manually rather than rely on the computer to perform automatic scans, but the user will not need to remember which files or directories are new or were updated, and manually move them into an archive folder. Updated files may be versioned or replaced on the Cloud, depending on user preference.
  • a fourth object of the invention is to allow the encrypted and archived user data or entire computing environment to be restored to a computer, with the latest file versions or user-selected versions added to the original archive in their proper directories.
  • FIGURE 1 is a block diagram of the invention, showing the computer, network or internet connection, and networked local or Cloud storage, according to one embodiment
  • FIGURE 2 is an flowchart of the update process of user data according to one embodiment.
  • Couple and variants of it such as “coupled”, “couples”, “coupling”, and “coupleable” as used in this description are intended to include indirect and direct connections unless otherwise indicated. For example, if a first device is coupled to a second device, that coupling may be through a direct connection or through an indirect connection via other devices and connections. Similarly, if the first device is communicatively coupled to the second device, communication may be through a direct connection or through an indirect connection via other devices and connections.
  • the term “coupleable”, as used in the present disclosure means that a first device is capable of being coupled to the second device. A first device that is communicatively coupleable to a second device has the ability to communicatively couple with the second device but may not always be communicatively coupled.
  • the computer program, application, applet, app, or script may be a standalone or integrated within other computer programs, applications, applets, apps, scripts, or systems, such as a computer operating system.
  • a computer in the context of this document, refers to a device having a processor and a computer readable memory.
  • the memory may be the processor's internal memory.
  • the memory may comprise a separately embodied memory to which the processor has access - e.g. by suitable physical interface, suitable network interface and/or the like. Examples of computers include smart phones, tablets, laptops and desktops.
  • Remote, online, networked local and Cloud storage all refer to data storage that is physically some distance from the computer, accessed through a network such as Ethernet or the Internet.
  • a target directory on the computer in which to place the encrypted files, directories, or file system, from which the files are copied to networked local or Cloud storage by a Cloud storage provider, or a direct link to a Cloud server (e.g., ftp link, webpage, etc.).
  • a Cloud server e.g., ftp link, webpage, etc.
  • a record of the file system which may include the directory structure, filenames, size of each file, and other metadata, such as the date each file was created, last modified/accessed, may be encrypted and copied to networked local or Cloud storage as a database, linked-list, text file, file system-type of allocation table, or similar structure.
  • the enciypted files may also be copied to networked local or Cloud storage with a flat file structure, with each fde including a prefix or suffix with the filename, directory path, size, and other metadata, with or without the record of the file system.
  • the current file system may be checked against the record of the file system, and any new files or directories encrypted and backed up to networked local or Cloud storage.
  • Updated files (newer time stamp than what's in the record of the file system) may be encrypted and backed up to networked local or Cloud storage according to the user's preferences:
  • a rename of a file or directory may be treated as a new file or directory, with the corresponding old file or directory on networked local or Cloud storage deleted or marked as deleted, in case it needs to be recovered.
  • the record of the file system may be updated to reflect the current file system, including versioned files.
  • the record of the file system may be kept on the computer, and encrypted and backed up on networked local or Cloud storage. Enciyption and backup of only the new or modified files or directories instead of entire set of data will save the user time and reduce network or Internet usage, and reduce storage volume requirements.
  • the restoration of encrypted files or the entire computing environment to a computer is the reverse of encryption and backup to networked local or Cloud storage.
  • the user-defined encryption key may be used by a computer program, application, applet, app, or script to decrypt the files on networked local or Cloud storage and copy them to the computer, using the record of die file system or paths in the prefix/suffix of the files to create tire directories. If diere are versioned files, the latest version is used, with an option to retrieve older files. Versioned files may be indicated to the user in a GUI, or provided as a list, and may be determined from the record of the file system.
  • AES-256 is said to be unbreakable with current and foreseeable computer technology in the near future, including quantum computing. Encryption security is only as strong as key security if a hacker gets hold of the user's encryption key, the data on networked local or Cloud storage can be decrypted. It is therefore up to the user to safeguard the key: the key should be either committed to memoiy or written down and locked in a secure place.
  • the user must also take precautions against malicious software that can read security keys in computer memory while tire enciyption program is running or while the key is typed in.
  • the use of anti-virus / anti-malware software that scans for incoming threats in real time and also periodically scans running programs, and the complete file system for vimses and malware may help mitigate this risk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Databases & Information Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

Methods, systems, and techniques are disclosed to compress, encrypt, and back up to networked local or Cloud storage a computer user's data, such as personal information, taxes, documents, code, photos, videos, etc., with a user-defined encryption key, where the computer is a desktop, laptop, tablet, mobile phone or similar device. The user may select complete backups of the entire computing environment, common user files, or user-specified files or directories. Updated and new files in the entire computing environment, common user directories, or user- specified files or directories may be automatically compressed, encrypted and backed up with little or no user interaction, and without the need to compress, re-encrypt and backup the entire set of data. The invention also allows the backed-up user data to be restored to a computer, with the latest file updates, or the version the user chooses from a list, using the user-defined encryption key to decrypt the data.

Description

AUTOMATED UPDATES FOR ENCRYPTED ATTACHED, NETWORK OR CLOUD
DATA STORAGE SYSTEMS
TECHNICAL FIELD
[0001] The present disclosure relates to the data backups to a storage device, and in particular, data encryption and backup to local and cloud storage.
BACKGROUND
[0002] Computers are currently available in desktop, laptop, tablet and mobile phone form factors. Many computer users find it convenient to store data such as personal information, taxes, documents, code, photos, videos, etc., on internal storage devices such as hard drives or persistent electronic storage such as Flash. Code developers and business users also store their code and data on computers. Savvy computer users, to guard against failure of hard drives or persistent electronic storage devices, archive their data to internal, external, or local networked storage devices. One drawback to this approach is the loss of data in case of theft, cyber attack, fire, flood, earthquake or other disaster. Online or Cloud storage with encryption is an option to mitigate these risks, but after the initial backup, current solutions do not allow an easy or automated way to capture changes or updates to user data.
[0003] The invention describes how updates and changes to encrypted user data stored on networked local storage or tire Cloud can be handled automatically or with minimal user interaction, and with minimal impact on the user's computer and internet data usage.
SUMMARY
[0004] An object of the invention is to allow a computer such as a desktop, laptop, tablet, mobile phone, or similar device to encrypt user data, such as personal information, taxes, documents, code, photos, videos, etc., or the entire computing environment, including the user data, operating system and applications, with a user-defined encryption key, for archiving to attached local or network storage, or to Cloud storage through the internet. Data encryption on the user's computer allows for more robust security: the Cloud storage provider will not be able to decrypt the data if it's encrypted with a secure encryption algorithm such as AES-256.
[0005] A second object of the invention is to allow a user to select directories or files to be archived, to reduce the amount of time required to encrypt and store the user data, vs. encrypting the entire computing environment. The user is also allowed to specify which types of files are to be excluded from encryption and archiving, based on file extensions. Examples include executable files, compiled object files, temporary files, etc.
[0006] A third object of the invention is to allow a computer to automatically encrypt file system updates without user intervention or tire need to re-encrypt the entire set of user data or computing environment, by periodically looking for changes in the selected directories or the entire file system from the last time the scan as run, and encrypt and archive only updated or new files. The user may also select to scan and archive changes manually rather than rely on the computer to perform automatic scans, but the user will not need to remember which files or directories are new or were updated, and manually move them into an archive folder. Updated files may be versioned or replaced on the Cloud, depending on user preference.
[0007] A fourth object of the invention is to allow the encrypted and archived user data or entire computing environment to be restored to a computer, with the latest file versions or user-selected versions added to the original archive in their proper directories.
BRIEF DESCRIPTION OF THE DRAWINGS
[0008] In the accompanying drawings, which illustrate one or more example embodiments,
[0009] FIGURE 1 is a block diagram of the invention, showing the computer, network or internet connection, and networked local or Cloud storage, according to one embodiment; and
[0010] FIGURE 2 is an flowchart of the update process of user data according to one embodiment.
DETAILED DESCRIPTION
[0011] The invention will be described as it applies to its preferred embodiment. It is not intended that tire invention be limited as described. Rather, the invention is intended to cover all modifications and alternatives which may be included within the spirit and scope of the invention.
[0012] The term "couple" and variants of it such as "coupled", "couples", "coupling", and "coupleable" as used in this description are intended to include indirect and direct connections unless otherwise indicated. For example, if a first device is coupled to a second device, that coupling may be through a direct connection or through an indirect connection via other devices and connections. Similarly, if the first device is communicatively coupled to the second device, communication may be through a direct connection or through an indirect connection via other devices and connections. The term "coupleable", as used in the present disclosure, means that a first device is capable of being coupled to the second device. A first device that is communicatively coupleable to a second device has the ability to communicatively couple with the second device but may not always be communicatively coupled.
[0013] The terms computer program, application, applet, app, or script, as used in this document, refer to a set of instructions executable by a computer processor. The computer program, application, applet, app, or script may be a standalone or integrated within other computer programs, applications, applets, apps, scripts, or systems, such as a computer operating system. A computer, in the context of this document, refers to a device having a processor and a computer readable memory. The memory may be the processor's internal memory. The memory may comprise a separately embodied memory to which the processor has access - e.g. by suitable physical interface, suitable network interface and/or the like. Examples of computers include smart phones, tablets, laptops and desktops. Remote, online, networked local and Cloud storage all refer to data storage that is physically some distance from the computer, accessed through a network such as Ethernet or the Internet.
[0014] As computer users rely more and more on the electronic storage of data such as personal information, taxes, documents, code, photos, videos, etc., the secure backup of this data or the entire computing environment, including the user data, operating system and applications, to networked local or remote storage, such as the Cloud, is necessary to prevent the loss of this data in case of theft, fire, flood, earthquake or other disaster. The security of data stored on the Cloud is also important to prevent the data from being stolen by hackers or the providers of Cloud storage, not only for personal computer users but also for code developers and business users.
[0015] Current solutions allow for the encryption and backup of entire computing environments or provide a folder into which files or folders to be encrypted and stored on networked local or Cloud storage may be copied, but do not deal well with file system, directory, or file updates. To overcome this limitation, the invention describes a system and methodology which allows a user to specify the following options in a computer program, application, applet, app, or script:
1. Encryption key.
2. Encrypt and backup:
a. Entire computing environment, including data, operating system, and applications, or
b. User data found in common file locations in a specific type of file system and operating system, or
c. User-specified files or directories, by right-clicking on the directory in the computer's file browser or by selecting from a list.
3. Compress all files, or only pre-defined/us er-defined file types based on file extensions, before encryption.
4. Exclude pre-defined or user-defined file types, based on file extensions, from being compressed, encrypted and backed up, such as executables (.exe, .bin), object files (.o), etc., for the entire computer or defined on a per-directory basis.
5. Encrypt file and directory names.
6. When to encrypt and store to networked local or Cloud storage (e.g. at 3AM, when the computer is not in use).
7. A target directory on the computer in which to place the encrypted files, directories, or file system, from which the files are copied to networked local or Cloud storage by a Cloud storage provider, or a direct link to a Cloud server (e.g., ftp link, webpage, etc.). [0016] Referring to Figure 1, an embodiment of the invention is shown. A Computer
(10) sends encrypted data over a Local Network or Internet Link (15) to networked local or Cloud Storage (20).
[0017] Along with the backup of the complete or partial file system, a record of the file system, which may include the directory structure, filenames, size of each file, and other metadata, such as the date each file was created, last modified/accessed, may be encrypted and copied to networked local or Cloud storage as a database, linked-list, text file, file system-type of allocation table, or similar structure. The enciypted files may also be copied to networked local or Cloud storage with a flat file structure, with each fde including a prefix or suffix with the filename, directory path, size, and other metadata, with or without the record of the file system.
[0018] After the initial backup to networked local or Cloud storage, changes to the file system, such new directories, new files, updated files, and file or directory moves may be checked according to user preferences :
1. Automatically, with a computer program, application, applet, app, or script that constantly runs in the background and periodically checks for, or is notified by the operating system of, changes in the file system for the entire computing environment, or files or directories specified by the user.
2. Manually, when the user launches a computer program, application, applet, app, or script or issues a command in a mnning program to check for file system changes in the file system for the entire computing environment or in files or directories specified by the user.
[0019] The current file system may be checked against the record of the file system, and any new files or directories encrypted and backed up to networked local or Cloud storage. Updated files (newer time stamp than what's in the record of the file system) may be encrypted and backed up to networked local or Cloud storage according to the user's preferences:
1. Over-write old files with updated files.
2. Create new versions for file and directory updates, while keeping the old versions, uniquely stored by date or unique filename prefix or suffix. [0020] A rename of a file or directory may be treated as a new file or directory, with the corresponding old file or directory on networked local or Cloud storage deleted or marked as deleted, in case it needs to be recovered. After the changes to the file system have been encrypted and stored, the record of the file system may be updated to reflect the current file system, including versioned files. The record of the file system may be kept on the computer, and encrypted and backed up on networked local or Cloud storage. Enciyption and backup of only the new or modified files or directories instead of entire set of data will save the user time and reduce network or Internet usage, and reduce storage volume requirements.
[0021] Referring to Figure 2, an embodiment of the update process for Cloud storage is provide as a flowchart.
[0022] The restoration of encrypted files or the entire computing environment to a computer is the reverse of encryption and backup to networked local or Cloud storage. The user-defined encryption key may be used by a computer program, application, applet, app, or script to decrypt the files on networked local or Cloud storage and copy them to the computer, using the record of die file system or paths in the prefix/suffix of the files to create tire directories. If diere are versioned files, the latest version is used, with an option to retrieve older files. Versioned files may be indicated to the user in a GUI, or provided as a list, and may be determined from the record of the file system.
[0023] The choice of encryption standard is implementation-specific. AES-256 is said to be unbreakable with current and foreseeable computer technology in the near future, including quantum computing. Encryption security is only as strong as key security if a hacker gets hold of the user's encryption key, the data on networked local or Cloud storage can be decrypted. It is therefore up to the user to safeguard the key: the key should be either committed to memoiy or written down and locked in a secure place.
[0024] The user must also take precautions against malicious software that can read security keys in computer memory while tire enciyption program is running or while the key is typed in. The use of anti-virus / anti-malware software that scans for incoming threats in real time and also periodically scans running programs, and the complete file system for vimses and malware may help mitigate this risk.

Claims

1) A system for remotely storing encrypted data, the system comprising:
a) a computer, the computer comprising a computer readable memory and a processor; b) a communications interface coupled to the computer and communicatively couplable with a storage device, the communications interface operable to send and receive encrypted data;
c) an application stored on the computer readable memory and executable by the processor, the application comprising:
i) a selection module for selecting a set of data representing at least one of a file, a directory, or an entire user environment from the data stored in the computer readable memory for encryption and backup;
ii) an encryption routine for compressing and encrypting a copy of the set of data; iii) an encryption key routine for creating a user defined encryption key for the encryption, backup, and restoration of the set of data;
iv) a backup and restore routine for sending the compressed and enciypted copy of the set of data to the storage device for backup and receiving compressed and encrypted backup data from the storage device for restoration.
2) The system of claim 1 wherein the storage device is a cloud storage server. '
3) The system of claim 1 wherein the selection module provides for the selection of at least one of a file, a directory, and an entire user environment from the backup data stored on the storage device for sending to the computer.
4) The system of claim 1 wherein the application comprises an exclusion module for selecting a file type based on a file extension, wherein any file of the selected file type within the data is excluded from encryption and backup.
5) The system of claim 1 wherein the application provides for encrypting at least one of a file name and a directory name. 6) The system of claim 1 wherein the application comprises a compiling module for compiling and storing in the computer readable memory a record of the data sent to the storage device, the record including at least one of a directory structure and file metadata, and wherein the compiling module compresses, encrypts and sends the record to the storage device.
7) The system of claim 1 wherein the application comprises a backup update routine for compressing, encrypting, and backing up only changes to the selected at least one of the file, the directory and the entire user environment wherein the changes are determined by the application based on a record of a filesystem and represent changes made to the selected at least one of the file, the directory and the entire user environment since a last occurrence of the enciyption and backup of the selected at least one of the file, the directory, and the entire user environment.
8) The system of claim 7 wherein the backup update routine is operable for replacing portions of the compressed and encrypted copy on the storage device that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directory and an updated file.
9) The system of claim 7 wherein the backup update routine is operable for versioning portions of the compressed and enciypted copy on the storage device that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directory and an updated file.
10) The system of claim 7 wherein the backup and restore routine comprise a restore routine that is operable to restore the compressed and encrypted copy of the data by receiving from the storage device only portions of the compressed and encrypted copy that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directory and an updated file.
11) The system of claim 1 wherein the backup and restore routine is operable to restore a backup of the encrypted copy of the set of data to a computing device.
12) A method for compressing, encrypting, and backing up data stored on a computer readable memory, the method comprising: a) selecting, using an application stored on the computer readable memory and executable by a processor communicatively coupled to the computer readable memory, at least one of an entire user environment, a user defined directory, and a user defined file for compression, encryption, and backup;
b) compressing and encrypting with a user defined encryption key a copy of data representing the selected at least one of the file, the directory and the entire user environment, wherein the data further comprises at least one of a file name and a directory name;
c) compressing and storing on the computer readable memory using the user-defined encryption key a record of a filesystem for the data, wherein the filesystem comprises at least one of a directory structure and file metadata of the data; and
d) performing a backup of the compressed and encrypted copy of the data and the record by sending the compressed and encrypted copy of the data and the record via a communications interface communicatively coupled to the processor to at least one of a storage device and a cloud storage server.
13) The method of claim 12 further comprising selecting file types based on file extension for exclusion from the compression, encryption, and backup;
14) The method of claim 12 further comprising restoring the compressed and encrypted data by receiving the copy of the compressed and encrypted data from the at least one of the storage device and the cloud storage server, decrypting the copy with the user-defined encryption key, and writing the copy to the computer readable memory.
15) The method of claim 12 further comprising performing an update of the backup by compressing, enciypting and backing up only changes to the selected at least one of the file, the directory and the entire user environment wherein the changes are determined by the application based on the record of the filesystem and represent changes made to the selected at least one of the file, the directory and the entire user environment since a last occurrence of the backup of the selected at least one of the file, the directory and the entire user environment.
16) The method of claim 15 further comprising performing the update automatically after a , configurable time interval. 17) The method of claim 15 further comprising performing the update in response to a user input.
18) The method of claim 15 wherein backing up comprises replacing portions of the compressed and encrypted copy that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directory and an updated file.
19) The method of claim 15 wherein backing up comprises versioning portions of the compressed and encrypted copy that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directory and an updated file.
20) The method of claim 15 further comprising restoring the compressed and encrypted copy of the data by receiving from at least one of the storage device and the cloud storage server only portions of the compressed and encrypted copy that correspond to changes to the selected at least one of the file, the directory and the entire user environment with updated data, wherein the updated data comprises at least one of an updated directoiy and an updated file.
21) A computer program product for compressing, encrypting, and backing up data, the computer program product comprising a non-transitory computer-readable medium having computer-readable code embodied therein executable by a processor for- perfonning a method for compressing, encrypting, and backing up data stored on a computer readable memory, the method comprising:
a) selecting, using an application stored on the computer readable memory and executable by the processor, at least one of an entire user environment, a user defined directoiy, and a user defined file for compression, encryption, and backup;
b) compressing and encrypting with a user defined encryption key a copy of data representing the selected at least one of the file, the directory and the entire user environment, wherein the data further comprises at least one of a file name and a directory name;
c) compressing and storing on the computer readable memory using the user-defined encryption key a record of a filesystem for the data, wherein the filesystem comprises at least one of a directory structure and file metadata of the data; d) perfonning a backup of the compressed and encrypted copy of the data and the record by sending the compressed and encrypted copy of the data and the record via a communications interface communicatively coupled to the processor to at least one of a storage device and a cloud storage server; and
e) restoring the compressed and encrypted data by receiving the copy of the compressed and encrypted data from the at least one of the storage device and the cloud storage server, decrypting tlie copy with the user-defined encryption key, and writing the copy to the computer readable memoiy.
PCT/CA2017/000013 2016-01-21 2017-01-20 Automated updates for encrypted attached, network or cloud data storage systems WO2017124179A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201662281515P 2016-01-21 2016-01-21
US62/281,515 2016-01-21

Publications (1)

Publication Number Publication Date
WO2017124179A1 true WO2017124179A1 (en) 2017-07-27

Family

ID=59361139

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2017/000013 WO2017124179A1 (en) 2016-01-21 2017-01-20 Automated updates for encrypted attached, network or cloud data storage systems

Country Status (1)

Country Link
WO (1) WO2017124179A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019205991A1 (en) 2018-04-27 2019-10-31 Telefonaktiebolaget Lm Ericsson (Publ) Serving gateway control plane function to manage a plurality of serving gateway user plane functions, and mobility management entity to communicate with the same
CN114679410A (en) * 2020-12-24 2022-06-28 网神信息技术(北京)股份有限公司 Method and device for reducing occupation of external network resources, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6629110B2 (en) * 2000-01-10 2003-09-30 Connected Corporation Administration of a differential backup system in a client-server environment
US20060179083A1 (en) * 2005-02-08 2006-08-10 Raghavendra Kulkarni Systems and methods for storing, backing up and recovering computer data files
US20070276991A1 (en) * 2006-05-23 2007-11-29 Jaquette Glen A Method and system for controlling access to data of a tape data storage medium
US20150293817A1 (en) * 2014-04-14 2015-10-15 Vembu Technologies Private Limited Secure Relational File System With Version Control, Deduplication, And Error Correction

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6629110B2 (en) * 2000-01-10 2003-09-30 Connected Corporation Administration of a differential backup system in a client-server environment
US20060179083A1 (en) * 2005-02-08 2006-08-10 Raghavendra Kulkarni Systems and methods for storing, backing up and recovering computer data files
US20070276991A1 (en) * 2006-05-23 2007-11-29 Jaquette Glen A Method and system for controlling access to data of a tape data storage medium
US20150293817A1 (en) * 2014-04-14 2015-10-15 Vembu Technologies Private Limited Secure Relational File System With Version Control, Deduplication, And Error Correction

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019205991A1 (en) 2018-04-27 2019-10-31 Telefonaktiebolaget Lm Ericsson (Publ) Serving gateway control plane function to manage a plurality of serving gateway user plane functions, and mobility management entity to communicate with the same
CN114679410A (en) * 2020-12-24 2022-06-28 网神信息技术(北京)股份有限公司 Method and device for reducing occupation of external network resources, electronic equipment and storage medium
CN114679410B (en) * 2020-12-24 2024-04-12 奇安信网神信息技术(北京)股份有限公司 Method and device for reducing occupation of external network resources, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
US10460107B2 (en) Systems and methods for automatic snapshotting of backups based on malicious modification detection
US10884990B2 (en) Application-aware and remote single instance data management
US11093336B2 (en) Browsing data stored in a backup format
EP3855330B1 (en) Protection and recovery of backup storage systems from ransomware attacks
US11016859B2 (en) De-duplication systems and methods for application-specific data
US10158483B1 (en) Systems and methods for efficiently and securely storing data in a distributed data storage system
US10762229B2 (en) Secure searchable and shareable remote storage system and method
US9990512B2 (en) File backup with selective encryption
US8219524B2 (en) Application-aware and remote single instance data management
US8812442B1 (en) Backup service and appliance with single-instance storage of encrypted data
US9336092B1 (en) Secure data deduplication
US9678967B2 (en) Information source agent systems and methods for distributed data storage and management using content signatures
US11574050B2 (en) Media agent hardening against ransomware attacks
US20150186668A1 (en) Protecting data in insecure cloud storage
US20120185505A1 (en) Methods and computer program products for accelerated web browsing
KR20060101855A (en) System and method of efficient data backup in a networking environment
US9734156B1 (en) Systems and methods for leveraging data-deduplication capabilities of file systems
WO2017124179A1 (en) Automated updates for encrypted attached, network or cloud data storage systems
CN112925750A (en) Method, electronic device and computer program product for accessing data
US10503898B2 (en) Method for defending against malware
US8266110B1 (en) Integrated archival and backup
Tsai et al. Physical forensic acquisition and pattern unlock on Android smart phones
CN113939808A (en) Method and system for data backup and recovery

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17740926

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17740926

Country of ref document: EP

Kind code of ref document: A1