DISCARDING SENSITIVE DATA FROM PERSISTENT POINT-IN-TIME IMAGE
First Claim
Patent Images
1. A method comprising:
- identifying a dataset to be discarded, wherein the dataset is selected from a plurality of datasets managed in a Persistent Point-in-time Image (PPI), each of the plurality of datasets being read-only and encrypted with a first encryption key;
decrypting each of the plurality of datasets except the dataset to be discarded with the first encryption key;
re-encrypting each of the decrypted datasets with a second encryption key;
copying each of the re-encrypted datasets to a storage structure; and
shredding the first encryption key to render the dataset to be discarded unrecoverable.
1 Assignment
0 Petitions
Accused Products
Abstract
A network storage server implements a method to discard sensitive data from a Persistent Point-In-Time Image (PPI). The server first efficiently identifies a dataset containing the sensitive data from a plurality of datasets managed by the PPI. Each of the plurality of datasets is read-only and encrypted with a first encryption key. The server then decrypts each of the plurality of datasets, except the dataset containing the sensitive data, with the first encryption key. The decrypted datasets are re-encrypted with a second encryption key, and copied to a storage structure. Afterward, the first encryption key is shredded.
-
Citations
25 Claims
-
1. A method comprising:
-
identifying a dataset to be discarded, wherein the dataset is selected from a plurality of datasets managed in a Persistent Point-in-time Image (PPI), each of the plurality of datasets being read-only and encrypted with a first encryption key; decrypting each of the plurality of datasets except the dataset to be discarded with the first encryption key; re-encrypting each of the decrypted datasets with a second encryption key; copying each of the re-encrypted datasets to a storage structure; and shredding the first encryption key to render the dataset to be discarded unrecoverable. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
creating a Persistent Point-in-time Image (PPI) based on an Active File System (AFS), wherein the AFS references a plurality of datasets each of which is encrypted with a corresponding encryption key, and the PPI provides read-only references to the plurality of datasets; and generating a new encryption key in response to the creation of the PPI, wherein the new encryption key is to encrypt newly allocated datasets in AFS. - View Dependent Claims (9, 10, 11, 21)
-
-
12. A method to discard a dataset, comprising:
-
identifying the dataset to be discarded, wherein the dataset is read-only and is encrypted with a first encryption key; identifying a Persistent Point-in-time Image (PPI) referencing the dataset to be discarded, wherein the PPI is created based on a writable Active File System (AFS), and the PPI references a plurality of datasets each of which is read-only and encrypted with a corresponding encryption key; identifying a subset of datasets referenced by the PPI and the AFS, wherein the dataset to be discarded is not part of the subset, and each dataset in the subset is encrypted with the first encryption key; decrypting each dataset of the subset with the first encryption key; encrypting each dataset of the subset with a second encryption key; writing each re-encrypted dataset of the subset to the AFS; and shredding the first encryption key to render the dataset to be discarded unrecoverable. - View Dependent Claims (13, 14, 15, 16, 18, 19, 20)
-
-
17. A storage server system comprising:
-
a network interface through which to receive data access requests from a plurality of storage clients; a storage interface through which to communicate with a storage facility that stores one or more Persistent Point-in-time Images (PPIs) and an Active File System (AFS), wherein each of the PPIs is created from the AFS and references a corresponding plurality of datasets on the storage facility, each of the corresponding plurality of datasets being read-only and encrypted with a corresponding encryption key; a processor; and a machine-readable medium that stores instructions which, if executed by the processor, causes the processor to perform a process comprising; identifying all PPIs referencing a dataset to be discarded, wherein the dataset to be discarded is encrypted with a first encryption key; for each of the identified PPIs, identifying a subset of datasets referenced by the identified PPI and AFS, wherein the dataset to be discarded is not part of the subset, and each dataset of the subset is encrypted with the first encryption key; decrypting each dataset of the subset with the first encryption key; encrypting each dataset of the subset with a second encryption key uniquely associated with the AFS; writing each re-encrypted dataset of the subset to the AFS; and shredding the first encryption key.
-
-
22. A data storage system, comprising:
-
a storage unit that stores one or more Persistent Point-in-time Images (PPIs) and an Active File System (AFS), wherein each of the PPIs is created from the AFS and references a corresponding plurality of datasets on the storage unit, each of the corresponding plurality of datasets being read-only and encrypted with a corresponding encryption key; and an encryption engine to decrypt a dataset with the dataset'"'"'s corresponding encryption key in response to a request for the dataset. - View Dependent Claims (23, 24, 25)
-
Specification