Virtualized volume level messaging
First Claim
Patent Images
1. A networked storage system comprising:
- a plurality of physical storage devices configured to store data on a plurality of virtualized volumes, the virtualized volumes being distributed across two or more of the plurality of physical storage devices;
a key store configured to store a plurality of encryption keys; and
a secure messaging manager configured to;
encrypt a message to each of the plurality of virtualized volumes using a different encryption key for each of the plurality of virtualized volumes,receive a request from a client for communication with one of the plurality of virtualized volumes,determine an encryption key used to encrypt data to the one of the plurality of virtualized volumes,request the encryption key from the key store used to encrypt data to the one of the plurality of virtualized volumes from the key store, andencrypt the message to the one of the plurality of virtualized volumes with the encryption key,wherein messages sent between a first of the plurality of virtualized volumes and a first of the two or more physical storage devices are encrypted using a first of the plurality of encryption keys, and wherein messages sent between the first of the plurality of virtualized volumes and a second of the two or more physical storage devices are also encrypted using the first encryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
Implementations and methods herein provide a networked storage system including a plurality of physical storage devices configured to store data on a plurality of virtualized volumes, a key store configured to store a plurality of encryption keys, and a secure messaging manager configured to encrypt a message to each of the plurality of virtualized volumes using a different encryption key.
21 Citations
14 Claims
-
1. A networked storage system comprising:
-
a plurality of physical storage devices configured to store data on a plurality of virtualized volumes, the virtualized volumes being distributed across two or more of the plurality of physical storage devices; a key store configured to store a plurality of encryption keys; and a secure messaging manager configured to; encrypt a message to each of the plurality of virtualized volumes using a different encryption key for each of the plurality of virtualized volumes, receive a request from a client for communication with one of the plurality of virtualized volumes, determine an encryption key used to encrypt data to the one of the plurality of virtualized volumes, request the encryption key from the key store used to encrypt data to the one of the plurality of virtualized volumes from the key store, and encrypt the message to the one of the plurality of virtualized volumes with the encryption key, wherein messages sent between a first of the plurality of virtualized volumes and a first of the two or more physical storage devices are encrypted using a first of the plurality of encryption keys, and wherein messages sent between the first of the plurality of virtualized volumes and a second of the two or more physical storage devices are also encrypted using the first encryption key. - View Dependent Claims (2, 3)
-
-
4. A networked storage system, comprising:
-
a plurality of physical storage devices configured to store data on a plurality of virtualized volumes, the virtualized volumes being distributed across two or more of the plurality of physical storage devices; a key store configured to store a plurality of encryption keys, wherein the plurality of encryption keys of the key store is a plurality of public keys and each of the plurality of virtualized volumes has a private key corresponding to the related one of the plurality of public keys; and a secure messaging manager configured to encrypt a message to each of the plurality of virtualized volumes using a different encryption key for each of the plurality of virtualized volumes, wherein the secure messaging manager is further configured to receive the encryption key from a client, wherein messages sent between a first of the plurality of virtualized volumes and a first of the two or more physical storage devices are encrypted using a first of the plurality of encryption keys, and wherein messages sent between the first of the plurality of virtualized volumes and a second of the two or more physical storage devices are also encrypted using the first encryption key, wherein the secure messaging manager is further configured to encrypt the message to one of the plurality of virtualized volumes using the one of the plurality of public keys related to the one of the plurality of virtualized volumes. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A networked data storage system, comprising:
-
a plurality of virtualized volumes distributed across two or more of a plurality of physical storage devices, messaging with each of the plurality of virtualized volumes being encrypted using a different key for each of the plurality of virtualized volumes, wherein messages sent between a first of the plurality of virtualized volumes and a first of the two or more physical storage devices are encrypted using a first encryption key, and wherein messages sent between the first virtualized volume stored and a second of the two or more physical storage devices are also encrypted using the first encryption keys; a secure messaging manager configured to receive a request from a client to store data to a network resource comprising a plurality of virtualized volumes and to determine an identity of a target virtualized volume; and a key store configured to store a plurality of encryption keys, each of the plurality of encryption keys relating to messaging with one of the plurality of virtualized volumes. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification