Distributed data set encryption and decryption
First Claim
1. An apparatus comprising a processor component and a storage to store instructions that, when executed by the processor component, cause the processor component to perform operations comprising:
- use, by the processor component, first map block encryption data to encrypt a first map extension of multiple map extensions of a map data to generate a first encrypted map extension of multiple encrypted map extensions, wherein;
each map extension of the multiple map extensions comprises multiple map entries; and
each map entry of the multiple map entries within each map extension comprises data block encryption data used to encrypt a portion of a data set to generate a corresponding encrypted data block of multiple encrypted data blocks, and an indication of a data block size of the corresponding encrypted data block;
store the first encrypted map extension at a first location within a data file maintained by one or more storage devices to store the data set and the map data in encrypted form;
use, by the processor component, second map block encryption data to encrypt a second map extension of the multiple map extensions to generate a second encrypted map extension of the multiple encrypted map extensions, wherein;
the second map block encryption data differs from the first map block encryption data; and
the second map extension comprises the first map block encryption data;
store the second encrypted map extension at a second location within the data file;
use, by the processor component, third map block encryption data to encrypt a map base of the map data to generate an encrypted map base, wherein;
the third map block encryption data differs from the first map block encryption data and the second map block encryption data;
the map base comprises the second map block encryption data; and
the map base comprises multiple extension pointers that each point to a corresponding location within the data file at which a corresponding encrypted map extension of the multiple encrypted map extensions is stored; and
store the encrypted map base at a third location within the data file.
0 Assignments
0 Petitions
Accused Products
Abstract
An apparatus may include a processor component caused to: generate map entries in map data descriptive of encrypted data blocks within a data file; use first map block encryption data to encrypt a first map extension of the map data; transmit the encrypted first map extension for storage within the data file; store the first map block encryption data within the second map extension; use second map block encryption data to encrypt a second map extension of the map data after storage of the first map block encryption data therein; transmit encrypted second map extension for storage within the data file; store the second map block encryption data within the map base; use third map block encryption data to encrypt a map base of the map data after storage of the second map block encryption data therein; and transmit the encrypted map base for storage within the data file.
25 Citations
30 Claims
-
1. An apparatus comprising a processor component and a storage to store instructions that, when executed by the processor component, cause the processor component to perform operations comprising:
-
use, by the processor component, first map block encryption data to encrypt a first map extension of multiple map extensions of a map data to generate a first encrypted map extension of multiple encrypted map extensions, wherein; each map extension of the multiple map extensions comprises multiple map entries; and each map entry of the multiple map entries within each map extension comprises data block encryption data used to encrypt a portion of a data set to generate a corresponding encrypted data block of multiple encrypted data blocks, and an indication of a data block size of the corresponding encrypted data block; store the first encrypted map extension at a first location within a data file maintained by one or more storage devices to store the data set and the map data in encrypted form; use, by the processor component, second map block encryption data to encrypt a second map extension of the multiple map extensions to generate a second encrypted map extension of the multiple encrypted map extensions, wherein; the second map block encryption data differs from the first map block encryption data; and the second map extension comprises the first map block encryption data; store the second encrypted map extension at a second location within the data file; use, by the processor component, third map block encryption data to encrypt a map base of the map data to generate an encrypted map base, wherein; the third map block encryption data differs from the first map block encryption data and the second map block encryption data; the map base comprises the second map block encryption data; and the map base comprises multiple extension pointers that each point to a corresponding location within the data file at which a corresponding encrypted map extension of the multiple encrypted map extensions is stored; and store the encrypted map base at a third location within the data file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-program product tangibly embodied in a non-transitory machine-readable storage medium, the computer-program product including instructions operable to cause a processor component to perform operations comprising:
-
use, by the processor component, first map block encryption data to encrypt a first map extension of multiple map extensions of a map data to generate a first encrypted map extension of multiple encrypted map extensions, wherein; each map extension of the multiple map extensions comprises multiple map entries; and each map entry of the multiple map entries within each map extension comprises data block encryption data used to encrypt a portion of a data set to generate a corresponding encrypted data block of multiple encrypted data blocks, and an indication of a data block size of the corresponding encrypted data block; store the first encrypted map extension at a first location within a data file maintained by one or more storage devices to store the data set and the map data in encrypted form; use, by the processor component, second map block encryption data to encrypt a second map extension of the multiple map extensions to generate a second encrypted map extension of the multiple encrypted map extensions, wherein; the second map block encryption data differs from the first map block encryption data; and the second map extension comprises the first map block encryption data; store the second encrypted map extension at a second location within the data file; use, by the processor component, third map block encryption data to encrypt a map base of the map data to generate an encrypted map base, wherein; the third map block encryption data differs from the first map block encryption data and the second map block encryption data; the map base comprises the second map block encryption data; and the map base comprises multiple extension pointers that each point to a corresponding location within the data file at which a corresponding encrypted map extension of the multiple encrypted map extensions is stored; and store the encrypted map base at a third location within the data file. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer-implemented method comprising:
-
using, by a processor component, first map block encryption data to encrypt a first map extension of multiple map extensions of a map data to generate a first encrypted map extension of multiple encrypted map extensions, wherein; each map extension of the multiple map extensions comprises multiple map entries; and each map entry of the multiple map entries within each map extension comprises data block encryption data used to encrypt a portion of a data set to generate a corresponding encrypted data block of multiple encrypted data blocks, and an indication of a data block size of the corresponding encrypted data block; storing the first encrypted map extension at a first location within a data file maintained by one or more storage devices to store the data set and the map data in encrypted form; using, by the processor component, second map block encryption data to encrypt a second map extension of the multiple map extensions to generate a second encrypted map extension of the multiple encrypted map extensions, wherein; the second map block encryption data differs from the first map block encryption data; and the second map extension comprises the first map block encryption data; storing the second encrypted map extension at a second location within the data file; using, by the processor component, third map block encryption data to encrypt a map base of the map data to generate an encrypted map base, wherein; the third map block encryption data differs from the first map block encryption data and the second map block encryption data; the map base comprises the second map block encryption data; and the map base comprises multiple extension pointers that each point to a corresponding location within the data file at which a corresponding encrypted map extension of the multiple encrypted map extensions is stored; and storing the encrypted map base at a third location within the data file. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification