SYSTEM FOR AUTOMATICALLY SHADOWING ENCRYPTED DATA AND FILE DIRECTORY STRUCTURES FOR A PLURALITY OF NETWORK-CONNECTED COMPUTERS USING A NETWORK-ATTACHED MEMORY WITH SINGLE INSTANCE STORAGE
First Claim
1. A data shadowing system for the automatic backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this data for restoration to said memories, comprising:
- memory module means, connected to a plurality of monitored computer systems via a communication medium, for storing a shadow copy of the data which is written in the memories of the plurality of monitored computer systems;
customer data file management means, resident in each of said plurality of monitored computer systems, comprising;
customer data file mapping means for mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system, and a location in said memory module means which stores said customer data;
customer data file hash means for processing each of said customer data files to generate an associated hash value of each of said customer data files;
customer data encryption means for encrypting each of said customer data files using a cryptokey having public and private components;
encrypted customer data file transmission means for transmitting said encrypted customer file, said hash value and a public encryption key to said memory module means; and
customer data file storage means, located at said memory module means, for storing each of said encrypted customer data files, said associated hash value, and said public encryption key received from each of said monitored computer systems via said communication medium, in said memory module means.
9 Assignments
0 Petitions
Accused Products
Abstract
The Secure Networked Data Shadowing System is connected to a plurality of monitored computer systems via an existing communication medium to store the shadowed data. The data is encrypted by the monitored computer system using a cryptokey, and the data file is processed using a hash function prior to encryption, so the contents of this file are uniquely identified. Thus, the encrypted file is stored in its encrypted form and the hash index is used to identify the encrypted file. A “data de-duplication” process avoids storing multiple copies of the same files by identifying instances of duplication via the hash index. Files that have the same hash index can be reduced to a single copy without any loss of data as long as the file structure information for each instance of the file is maintained.
70 Citations
20 Claims
-
1. A data shadowing system for the automatic backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this data for restoration to said memories, comprising:
-
memory module means, connected to a plurality of monitored computer systems via a communication medium, for storing a shadow copy of the data which is written in the memories of the plurality of monitored computer systems; customer data file management means, resident in each of said plurality of monitored computer systems, comprising; customer data file mapping means for mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system, and a location in said memory module means which stores said customer data; customer data file hash means for processing each of said customer data files to generate an associated hash value of each of said customer data files; customer data encryption means for encrypting each of said customer data files using a cryptokey having public and private components; encrypted customer data file transmission means for transmitting said encrypted customer file, said hash value and a public encryption key to said memory module means; and customer data file storage means, located at said memory module means, for storing each of said encrypted customer data files, said associated hash value, and said public encryption key received from each of said monitored computer systems via said communication medium, in said memory module means. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for the autonomous encrypted backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this encrypted data for restoration to said memories, comprising:
-
storing, in a memory module which is connected to a plurality of monitored computer systems via a communication medium, a shadow copy of the data which is written in the memories of the plurality of monitored computer systems; managing customer data files, resident in each of said plurality of monitored computer systems, comprising; mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system and a location in said memory module means which stores said customer data; processing each of said customer data files to generate an associated hash value of each of said customer data files; encrypting each of said customer data files using a cryptokey having public and private components; transmitting said encrypted customer file, said hash value and a public encryption key to said memory module; and storing customer data files, located at said memory module, each of said encrypted customer data files, said associated hash value, and said public encryption key received from each of said monitored computer systems via said communication medium, in said memory module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. The method for the autonomous encrypted backup storage of data of claim 21 wherein said customer data file management means comprises:
change journal means for automatically tracking changes to said customer data files, including;
customer data file creation, customer data file movement, customer data file content changes, and customer data file renaming.- View Dependent Claims (20)
Specification