Data encryption in a network memory architecture for providing data based on local accessibility
First Claim
1. A network memory system, comprising:
- a source-site appliance comprising a first processor and a first memory device, and configured to be coupled to a source-site computer via a source-site local area network; and
a destination-site appliance comprising a second processor and a second memory device, and configured to be coupled to a destination-site computer via a destination-site local area network, the source-site computer in communication with the destination-site computer via a wide area network;
the source-site appliance configured to intercept original data sent from the source-site computer to the destination-site computer, encrypt the original data to generate encrypted data, store the encrypted data in the first memory device, determine whether a representation of the original data exists in the second memory device, and transmit a store instruction comprising the original data if the representation of the original data does not exist in the second memory device; and
the destination-site appliance configured to receive the store instruction from the source-site appliance, encrypt the original data received with the store instruction at the destination-site appliance to generate encrypted received data, store the encrypted received data in the second memory device, subsequently receive a retrieve instruction comprising an index at which the encrypted received data is stored in the second memory device, process the retrieve instruction to obtain encrypted response data comprising at least a portion of the encrypted received data, and decrypt the encrypted response data.
5 Assignments
0 Petitions
Accused Products
Abstract
A network memory system is disclosed. The network memory system comprises a first appliance configured to encrypt first data, and store the encrypted first data in a first memory device. The first appliance also determines whether the first data is available in a second appliance and transmits a store instruction comprising the first data based on the determination that the first data does not exist in the second appliance. The second appliance is configured to receive the store instruction from the first appliance comprising the first data, encrypt the first data, and store the encrypted first data in a second memory device. The second appliance is further configured to receive a retrieve instruction comprising a location indicator indicating where the encrypted first data is stored, process the retrieve instruction to obtain encrypted response data, and decrypt the encrypted response data.
366 Citations
20 Claims
-
1. A network memory system, comprising:
-
a source-site appliance comprising a first processor and a first memory device, and configured to be coupled to a source-site computer via a source-site local area network; and a destination-site appliance comprising a second processor and a second memory device, and configured to be coupled to a destination-site computer via a destination-site local area network, the source-site computer in communication with the destination-site computer via a wide area network; the source-site appliance configured to intercept original data sent from the source-site computer to the destination-site computer, encrypt the original data to generate encrypted data, store the encrypted data in the first memory device, determine whether a representation of the original data exists in the second memory device, and transmit a store instruction comprising the original data if the representation of the original data does not exist in the second memory device; and the destination-site appliance configured to receive the store instruction from the source-site appliance, encrypt the original data received with the store instruction at the destination-site appliance to generate encrypted received data, store the encrypted received data in the second memory device, subsequently receive a retrieve instruction comprising an index at which the encrypted received data is stored in the second memory device, process the retrieve instruction to obtain encrypted response data comprising at least a portion of the encrypted received data, and decrypt the encrypted response data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for ensuring compliance in network memory, the method comprising:
-
in a source-site appliance, intercepting original data sent from a source-site computer to a destination-site computer, the source-site appliance coupled to the source-site computer via a source-site local area network and the source-site computer in communication with the destination-site computer via a wide area network; encrypting the original data to generate encrypted data; storing the encrypted data in a first memory device within the source-site appliance; determining whether a representation of the original data exists in a destination-site appliance, the destination-site appliance coupled to the destination-site computer via a destination-site local area network; transmitting a store instruction comprising the original data from the source-site appliance based on the determination that the representation of the original data does not exist in the destination-site appliance; receiving the store instruction into the destination-site appliance; encrypting the original data received with the store instruction at the destination-site appliance to generate encrypted received data; storing the encrypted received data in a second memory device within the destination-site appliance; subsequently receiving a retrieve instruction into the destination-site appliance, the retrieve instruction comprising an index at which the encrypted received data is stored; in the destination-site appliance, processing the retrieve instruction to obtain encrypted response data comprising at least a portion of the encrypted received data; and in the destination-site appliance, decrypting the encrypted response data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A network memory system comprising:
-
a first non-transitory computer-readable storage medium storing first instructions that when executed causing a first processor to perform steps comprising; encrypting the original data to generate encrypted data; storing the encrypted data in a first memory device within the source-site appliance; determining whether a representation of the original data exists in a destination-site appliance, the destination-site appliance coupled to the destination-site computer via a destination-site local area network; transmitting a store instruction comprising the original data from the source-site appliance based on the determination that the representation of the original data does not exist in the destination-site appliance; a second non-transitory computer-readable storage medium storing second instructions that when executed causing a second processor to perform steps comprising; receiving the store instruction into the destination-site appliance; encrypting the original data received with the store instruction at the destination-site appliance to generate encrypted received data; storing the encrypted received data in a second memory device within the destination-site appliance; subsequently receiving a retrieve instruction into the destination-site appliance, the retrieve instruction comprising an index at which the encrypted received data is stored; in the destination-site appliance, processing the retrieve instruction to obtain encrypted response data comprising at least a portion of the encrypted received data; and in the destination-site appliance, decrypting the encrypted response data. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification