Encryption based security system for network storage
First Claim
1. An encryption based security apparatus for network storage, comprising:
- one or more storage devices;
one or more client devices; and
an encryption device for separating access to said one or more storage devices via said one or more client devices from access to client data stored on said one or more storage devices;
wherein said encryption device encrypts all client data that is stored on said one or more storage devices.
0 Assignments
0 Petitions
Accused Products
Abstract
The presently preferred embodiment of the invention provides an encryption based security system for network storage that separates the ability to access storage from the ability to access the stored data. This is achieved by keeping all the data encrypted on the storage devices. Logically, the invention comprises a device that has two network interfaces: one is a clear text network interface that connects to one or more clients, and the other is a secure network interface that is connected to one or more persistent storage servers. Functionally, each network interface supports multiple network nodes. That is, the clear text network interface supports multiple client machines, and the secure network interface supports one or more storage servers.
151 Citations
54 Claims
-
1. An encryption based security apparatus for network storage, comprising:
-
one or more storage devices;
one or more client devices; and
an encryption device for separating access to said one or more storage devices via said one or more client devices from access to client data stored on said one or more storage devices;
wherein said encryption device encrypts all client data that is stored on said one or more storage devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 45)
-
-
27. An encryption based security apparatus for network storage, comprising:
-
an encryption device, located in a network, on a path between one or more client devices and one or more storage devices, for separating access to said one or more storage devices via said one or more client devices from access to client data stored on said one or more storage devices;
said encryption device comprising at least two network interfaces, comprising a clear text network interface that is connected to said one or more clients; and
a secure network interface that is connected to said one or more storage devices;
wherein each network interface supports multiple network nodes;
wherein said encryption device encrypts all client data that is stored on said one or more storage devices.
-
-
28. An encryption based security method for network storage, comprising the steps of:
-
providing one or more storage devices;
providing one or more client devices; and
separating access to said one or more storage devices via said one or more client devices from access to client data stored on said one or more storage devices with an encryption device;
wherein said encryption device encrypts all client data that is stored on said one or more storage devices. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. An encryption based security method for network storage, comprising the steps of:
-
providing an encryption device, located in a network, on a path between one or more client devices and one or more storage devices;
separating access to said one or more storage devices via said one or more client devices from access to client data stored on said one or more storage devices;
said encryption device comprising at least two network interfaces, comprising a clear text network interface that is connected to said one or more clients; and
a secure network interface that is connected to said one or more storage devices;
wherein each network interface supports multiple network nodes;
wherein said encryption device encrypts all client data that is stored on said one or more storage devices.
-
Specification