Systems and methods for obfuscation of data via an aggregation of cloud storage services

US 10,116,629 B2
Filed: 05/16/2016
Issued: 10/30/2018
Est. Priority Date: 05/16/2016
Status: Active Grant

First Claim

Patent Images

1. A method for obfuscation of data via an aggregation of cloud storage services, comprising:

identifying, by a synchronization client of a client device, a file for transfer to an aggregation of a plurality of cloud storage services;

extracting, by the synchronization client using a comb filter, a first subset of the file by skipping elements of the file to extract every n^thelement;

transmitting, by the synchronization client, the first subset of the file to a first cloud storage service of the plurality of cloud storage services;

extracting, by the synchronization client using the comb filter, a second subset of the file by skipping elements of the file to extract every n^thelement, offset by one, wherein in the extracting of the first subset and the extracting of the second subset, n is selected to avoid having a whole number relationship to a width of a memory read bus used by the synchronization client;

transmitting, by the synchronization client, the second subset of the file to a second cloud storage service of the plurality of cloud storage services; and

transmitting, by the synchronization client, metadata of the file and an identification of the first subset, first cloud storage service, second subset, and second cloud storage service, to a third cloud storage service.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, file fragmenting may be performed in a non-standard method such that file headers and metadata are divided across separate fragments, obfuscating the original file metadata.

25 Citations

View as Search Results

16 Claims

1. A method for obfuscation of data via an aggregation of cloud storage services, comprising:
- identifying, by a synchronization client of a client device, a file for transfer to an aggregation of a plurality of cloud storage services;
  
  extracting, by the synchronization client using a comb filter, a first subset of the file by skipping elements of the file to extract every n^thelement;
  
  transmitting, by the synchronization client, the first subset of the file to a first cloud storage service of the plurality of cloud storage services;
  
  extracting, by the synchronization client using the comb filter, a second subset of the file by skipping elements of the file to extract every n^thelement, offset by one, wherein in the extracting of the first subset and the extracting of the second subset, n is selected to avoid having a whole number relationship to a width of a memory read bus used by the synchronization client;
  
  transmitting, by the synchronization client, the second subset of the file to a second cloud storage service of the plurality of cloud storage services; and
  
  transmitting, by the synchronization client, metadata of the file and an identification of the first subset, first cloud storage service, second subset, and second cloud storage service, to a third cloud storage service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein each element comprises a predetermined number of bits.
  - 3. The method of claim 1, further comprising:
    - subsequently transmitting a request for the file, by the synchronization client to the third cloud storage service, the request comprising the metadata of the file; and
      
      receiving, by the synchronization client from the third cloud storage service, identifications of the first subset, first cloud storage service, second subset, and second cloud storage service.
  - 4. The method of claim 3, further comprising:
    - retrieving, by the synchronization client, the first subset from the first cloud storage service;
      
      retrieving, by the synchronization client, the second subset to the second cloud storage service;
      
      and generating the file, by the synchronization client, from the first subset and second subset.
  - 5. The method of claim 4, wherein generating the file further comprises multiplexing the first subset and second subset into a single bitstream.
  - 6. The method of claim 4, wherein generating the file further comprises:
    - loading the first subset and second subset into columns of an array having a predetermined number of columns; and
      
      reading a row of the array.
  - 7. The method of claim 1, wherein the first subset of the file does not include any consecutive bits of the file.
  - 8. The method of claim 1, wherein the first subset of the file does not include any consecutive bytes of the file.

9. A system for obfuscation of data via an aggregation of cloud storage services, comprising:
- a client device, in communication with a plurality of cloud storage services, comprising a processor executing a synchronization client, wherein the synchronization client is configured to;
  
  identify a file for transfer to an aggregation of the plurality of a cloud storage services, extract, using a comb filter, a first subset of the file by skipping elements of the file to extract every n^thelement, transmit the first subset of the file to a first cloud storage service of the plurality of cloud storage services, extract using the comb filter, a second subset of the file by skipping elements of the file to extract every n^thelement, offset by one, wherein in extracting of the first subset and the extracting of the second subset, n is selected to avoid having a whole number relationship to a width of a memory read bus used by the synchronization client, transmit the second subset of the file to a second cloud storage service of the plurality of cloud storage services, and transmit metadata of the file and an identification of the first subset, first cloud storage service, second subset, and second cloud storage service, to a third cloud storage service.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein each element comprises a predetermined number of bits.
  - 11. The system of claim 9, wherein the synchronization client is further configured to:
    - subsequently transmit a request for the file, to the third cloud storage service, the request comprising the metadata of the file; and
      
      receive, from the third cloud storage service, identifications of the first subset, first cloud storage service, second subset, and second cloud storage service.
  - 12. The system of claim 11, wherein the synchronization client is further configured to:
    - retrieve the first subset from the first cloud storage service;
      
      retrieve the second subset to the second cloud storage service; and
      
      generate the file from the first subset and second subset.
  - 13. The system of claim 12, wherein the synchronization client is further configured to multiplex the first subset and second subset into a single bitstream.
  - 14. The system of claim 12, wherein the synchronization client is further configured to:
    - load the first subset and second subset into columns of an array having a predetermined number of columns; and
      
      read a row of the array.
  - 15. The system of claim 9, wherein the first subset of the file does not include any consecutive elements of the file, each element having a predetermined length.
  - 16. The system of claim 9, wherein the synchronization client is further configured to encrypt the first subset of the file, prior to transmission of the first subset of the file to the first cloud storage service;
    - and encrypt the second subset of the file, prior to transmission of the second subset of the file to the second cloud storage service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carbonite LLC (Open Text Corporation)
Original Assignee
Carbonite Incorporated (Open Text Corporation)
Inventors
Crofton, Teo Winton, Raissipour, David
Primary Examiner(s)
Kim, Jung W
Assistant Examiner(s)
De Jesus Lassala, Carlos M

Application Number

US15/156,025
Publication Number

US 20170331796A1
Time in Patent Office

897 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/10   File systems; File servers

G06F 16/14   Details of searching files ...

G06F 16/1724   Details of de-fragmentation...

G06F 16/27   Replication, distribution o...

G06F 16/278   Data partitioning, e.g. hor...

G06F 21/6254   by anonymising data, e.g. d...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 63/0407   wherein the identity of one...

H04L 63/0428   wherein the data content is...

H04L 67/06   specially adapted for file ...

H04L 67/1095   Replication or mirroring of...

H04L 67/1097   for distributed storage of ...

Systems and methods for obfuscation of data via an aggregation of cloud storage services

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for obfuscation of data via an aggregation of cloud storage services

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others