Method and apparatus of securely processing data for file backup, de-duplication, and restoration
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
H04L-009/08
G06F-017/30
출원번호
US-0074202
(2011-03-29)
등록번호
US-9054864
(2015-06-09)
발명자
/ 주소
Bosson, Charles
출원인 / 주소
KASEYA LIMITED
인용정보
피인용 횟수 :
0인용 특허 :
12
초록▼
Disclosed are an apparatus and methods of performing a secure backup of at least one data file via an agent application. According to one example, the method may include determining the at least one data file requires a mirror backup file, and determining that the at least one data file is a candida
Disclosed are an apparatus and methods of performing a secure backup of at least one data file via an agent application. According to one example, the method may include determining the at least one data file requires a mirror backup file, and determining that the at least one data file is a candidate for de-duplication based on at least one data file characteristic. The method may also include creating a filekey based on at least a portion of the content of the at least one data file, and transmitting the filekey to a database query handler associated with a database to determine if the file has been de-duplicated.
대표청구항▼
1. A method of performing a backup of at least one data file via an agent application, the method comprising: determining, via a processor, the at least one data file requires a mirror backup file;determining, via the processor, that the at least one data file is a candidate for de-duplication based
1. A method of performing a backup of at least one data file via an agent application, the method comprising: determining, via a processor, the at least one data file requires a mirror backup file;determining, via the processor, that the at least one data file is a candidate for de-duplication based on at least one data file characteristic;creating a filekey, via the processor, based on at least a portion of the content of the at least one data file;wherein creating the filekey further comprises creating a SHA-1 digest of the at least one data file, including a size parameter of the at least one data file, and a cyclic redundancy check checksum (CRC) of the at least one data file;transmitting, via a transmitter, the filekey to a database query handler associated with a database to determine if the file has been de-duplicate;determining the at least one data file has not been de-duplicated based on a pre-stored data record in the database;creating a link file comprising a uniform resource indicator (URI) identifying a repository copy of the at least one data file and an encrypted key; andreplacing the at least one data file with the link file. 2. The method of claim 1, wherein the at least one data file characteristic is at least one of a data file type and a data file size. 3. The method of claim 1, further comprising: encrypting the CRC with a shared secret; andsending the CRC, the filekey and a public key to the database query handler when determining if the at least one data file has been de-duplicated. 4. The method of claim 1, further comprising: when determining that the at least one data file has been de-duplicated, checking a de-duplication registry in the database to determine whether a pre-stored filekey is present;and returning a result indicating no entry for a given digest associated with the filekey. 5. The method of claim 4, further comprising: generating a random advanced encryption standard (AES) key;generating a shared secret to be shared between the agent application and a server application;encrypting the AES key via the shared secret; storing the public key in a metadata of the at least one data file;compressing and encrypting the at least one data file with the AES key while streaming the file to storage; andregistering the at least one data file with a file registry in the database. 6. An apparatus configured to perform a backup of at least one data file via an agent application, the apparatus comprising: a processor configured todetermine the at least one data file requires a mirror backup file,determine that the at least one data file is a candidate for de-duplication based on at least one data file characteristic,create a filekey based on at least a portion of the content of the at least one data,wherein the processor is further configured to create the filekey by creating a SHA-1 digest of the at least one data file, including a size parameter of the at least one data file, and a cyclic redundancy check checksum (CRC) of the at least one data file;determine the at least one data file has not been de-duplicated based on a pre-stored data record in the database,create a link file comprising a uniform resource indicator (URI) identifying a repository copy of the at least one data file and an encrypted key, andreplace the at least one data file with the link file, anda transmitter configured to transmit the filekey to a database query handler associated with the database to determine if the file has been de-duplicated. 7. The apparatus of claim 6, wherein the at least one data file characteristic is at least one of a data file type and a data file size. 8. The apparatus of claim 6, wherein the processor is further configured to encrypt the CRC with a shared secret, and the transmitter is further configured to transmit the CRC, the filekey and a public key to the database query handler when it is determined that the at least one data file has been de-duplicated. 9. The apparatus of claim 6, wherein the processor is further configured to, when determining that the at least one data file has been de-duplicated, check a de-duplication registry in the database to determine whether a pre-stored filekey is present, and return a result indicating no entry for a given digest associated with the filekey. 10. A non-transitory computer readable storage medium configured to store instructions that when executed by a processor perform a backup of at least one data file via an agent application, the processor being further configured to perform: determining the at least one data file requires a mirror backup file;determining that the at least one data file is a candidate for de-duplication based on at least one data file characteristic;creating a filekey based on at least a portion of the content of the at least one data file;wherein creating the filekey further comprises creating a SHA-1 digest of the at least one data file, including a size parameter of the at least one data file, and a cyclic redundancy check checksum (CRC) of the at least one data file;transmitting, via a transmitter, the filekey to a database query handler associated with a database to determine if the file has been de-duplicate;determining the at least one data file has not been de-duplicated based on a pre-stored data record in the database;creating a link file comprising a uniform resource indicator (URI) identifying a repository copy of the at least one data file and an encrypted key; andreplacing the at least one data file with the link file. 11. The non-transitory computer readable storage medium of claim 10, wherein the at least one data file characteristic is at least one of a data file type and a data file size. 12. The non-transitory computer readable storage medium of claim 10, wherein the processor is further configured to perform: encrypting the CRC with a shared secret; andsending the CRC, the filekey and a public key to the database query handler when determining if the at least one data file has been de-duplicated. 13. The non-transitory computer readable storage medium of claim 10, wherein the processor is further configured to perform:when determining that the at least one data file has been de-duplicated, checking a de-duplication registry in the database to determine whether a pre-stored filekey is present; andreturning a result indicating no entry for a given digest associated with the filekey. 14. The non-transitory computer readable storage medium of claim 10, further comprising: generating a random advanced encryption standard (AES) key;generating a shared secret to be shared between the agent application and a server application;encrypting the AES key via the shared secret; storing the public key in a metadata of the at least one data file;compressing and encrypting the at least one data file with the AES key while streaming the file to storage; andregistering the at least one data file with a file registry in the database.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (12)
Sherburne, Timothy J.; Li, Xiaonong; Wen, Shaokai, Automated method for securely establishing simple network management protocol version 3 (SNMPv3) authentication and privacy keys.
Douceur,John R.; Bolosky,William J.; Theimer,Marvin M., Encryption systems and methods for identifying and coalescing identical objects encrypted with different keys.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.