SYSTEM FOR AUTOMATICALLY SHADOWING ENCRYPTED DATA AND FILE DIRECTORY STRUCTURES FOR A PLURALITY OF NETWORK-CONNECTED COMPUTERS USING A NETWORK-ATTACHED MEMORY WITH SINGLE INSTANCE STORAGE

US 20100174684A1
Filed: 03/16/2010
Published: 07/08/2010
Est. Priority Date: 10/31/2006
Status: Active Grant

First Claim

Patent Images

1. A data shadowing system for the automatic backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this data for restoration to said memories, comprising:

memory module, connected to a plurality of monitored computer systems via a communication medium, for storing a shadow copy of the data which is written in the memories of the plurality of monitored computer systems;

customer data file manager, resident in each of said plurality of monitored computer systems, comprising;

customer data file map generator for mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system, and a location in said memory which stores said customer data to enable both memory-level and file-level restoration of data;

customer data file hash generator for processing each of said customer data files to generate an associated hash value of each said customer data file to uniquely identify said customer data file;

customer data file transmitter for transmitting said customer file and said hash value to said memory module; and

wherein said memory module comprises;

customer data file storage for storing each of said customer data files and said associated hash value received from each of said monitored computer systems via said communication medium, in said memory module; and

duplication eliminator, responsive to a plurality of said customer data files having the same hash value, for storing a single instance of said customer data file in said memory module.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The Secure Networked Data Shadowing System is connected to a plurality of monitored computer systems via an existing communication medium to store the shadowed data. The data is encrypted by the monitored computer system using a cryptokey, and the data file is processed using a hash function prior to encryption, so the contents of this file are uniquely identified. Thus, the encrypted file is stored in its encrypted form and the hash index is used to identify the encrypted file. A “data de-duplication” process avoids storing multiple copies of the same files by identifying instances of duplication via the hash index. Files that have the same hash index can be reduced to a single copy without any loss of data as long as the file structure information for each instance of the file is maintained.

72 Citations

View as Search Results

20 Claims

1. A data shadowing system for the automatic backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this data for restoration to said memories, comprising:
- memory module, connected to a plurality of monitored computer systems via a communication medium, for storing a shadow copy of the data which is written in the memories of the plurality of monitored computer systems;
  
  customer data file manager, resident in each of said plurality of monitored computer systems, comprising;
  
  customer data file map generator for mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system, and a location in said memory which stores said customer data to enable both memory-level and file-level restoration of data;
  
  customer data file hash generator for processing each of said customer data files to generate an associated hash value of each said customer data file to uniquely identify said customer data file;
  
  customer data file transmitter for transmitting said customer file and said hash value to said memory module; and
  
  wherein said memory module comprises;
  
  customer data file storage for storing each of said customer data files and said associated hash value received from each of said monitored computer systems via said communication medium, in said memory module; and
  
  duplication eliminator, responsive to a plurality of said customer data files having the same hash value, for storing a single instance of said customer data file in said memory module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The data shadowing system of claim 1, further comprising:
    - wherein said customer data file manager further comprises;
      
      customer data encryption processor for encrypting each of said customer data files using a cryptokey having public and private components; and
      
      wherein said customer data file storage stores said encrypted customer data files, said associated hash value, and said public encryption key received from each of said monitored computer systems via said communication medium, in said memory module.
  - 3. The data shadowing system of claim 2 wherein said customer data file storage additionally stores said file tree information as well as said associated hash value and public cryptokey for each of said plurality of encrypted customer data files having the same hash value with said single instance of said customer data file in said memory module.
  - 4. The data shadowing system of claim 2, further comprising:
    - system file manager for automatically mapping system files written in the memory of the monitored computer system into file tree information which identifies original names of system files as stored on said monitored computer system and a location in said memory module which stores said system files.
  - 5. The data shadowing system of claim 4 wherein said system files comprise:
    - computer files, exclusive of customer provided data, including at least one of;
      
      master boot record, partition table, and programs.
  - 6. The data shadowing system of claim 4, further comprising:
    - system file hash for processing each of said system files to generate an associated hash value of each of said system files;
      
      wherein said memory module further comprises;
      
      system file storage for storing each of said system files and said associated hash value in said memory module; and
      
      wherein said mapping database stores said hash value of each of said customer data files in said database.
  - 7. The data shadowing system of claim 6, further comprising:
    - duplication, responsive to a plurality of said system files having the same hash value, for storing a single instance of said system file in said memory module.
  - 8. The data shadowing system of claim 7 wherein said system file storage additionally stores said file tree information for each of said plurality of system files having the same hash value and said associated hash value with said single instance of said system file in said memory module.
  - 9. The data shadowing system of claim 1 wherein said customer data file management comprises:
    - change journal for automatically tracking changes to said customer data files, including;
      
      customer data file creation, customer data file movement, customer data file content changes, and customer data file renaming.
  - 10. The data shadowing system of claim 9, further comprising:
    - file history, responsive to a modification of a customer data file, for generating file change data indicative of a difference between said customer data file and said modified customer data file;
      
      file tracking for storing said file change data in said memory module; and
      
      wherein said customer data file manager stores said file change data in said memory module and substitutes said modified customer data file for said customer data file in said memory module.

11. A method for the autonomous encrypted backup storage of data that is written in the memories of a plurality of monitored computer systems and the selective retrieval of this encrypted data for restoration to said memories, comprising:
- storing, in a memory module which is connected to a plurality of monitored computer systems via a communication medium, a shadow copy of the data which is written in the memories of the plurality of monitored computer systems;
  
  managing customer data files, resident in each of said plurality of monitored computer systems, comprising;
  
  mapping file directory structures associated with the customer data written in the memory of the monitored computer system into file tree information which identifies original names of customer data files as stored on said monitored computer system and a location in said memory of the monitored computer system which stores said customer data to enable both memory-level and file-level restoration of data;
  
  processing each of said customer data files to generate an associated hash value of each said customer data file to uniquely identify said customer data file;
  
  transmitting said customer file and said hash value to said memory module; and
  
  wherein said step of storing a shadow copy of the data comprises;
  
  storing each of said customer data files and said hash value received from each of said monitored computer systems via said communication medium, in said memory module; and
  
  storing, in response to a plurality of said customer data files having the same hash value, a single instance of said customer data file in said memory module.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method for the autonomous encrypted backup storage of data of claim 11, further comprising:
    - encrypting each of said customer data files using a cryptokey having public and private components; and
      
      wherein said step of storing each of said customer data files stores said encrypted customer data files, said associated hash value, and said public encryption key received from each of said monitored computer systems via said communication medium, in said memory module.
  - 13. The method for the autonomous encrypted backup storage of data of claim 12 wherein said step of storing customer data files additionally stores said file tree information as well as said associated hash value and public cryptokey for each of said plurality of encrypted customer data files having the same hash value with said single instance of said customer data file in said memory module.
  - 14. The method for the autonomous encrypted backup storage of data of claim 12, further comprising:
    - automatically mapping system files written in the memory of the monitored computer system into file tree information which identifies original names of system files as stored on said monitored computer system and a location in said memory module which stores said system files.
  - 15. The method for the autonomous encrypted backup storage of data of claim 14 wherein said system files comprise:
    - computer files, exclusive of customer provided data, including at least one of;
      
      master boot record, partition table, and programs.
  - 16. The method for the autonomous encrypted backup storage of data of claim 14, further comprising:
    - processing each of said system files to generate an associated hash value of each of said system files;
      
      wherein said step of storing a shadow copy of data files further comprises;
      
      storing each of said system files and said associated hash value in said memory module; and
      
      wherein said step of mapping customer data files stores said hash value of each of said customer data files in said database.
  - 17. The method for the autonomous encrypted backup storage of data of claim 16, further comprising:
    - storing, in response to a plurality of said system files having the same hash value, a single instance of said system file in said memory module.
  - 18. The method for the autonomous encrypted backup storage of data of claim 17 wherein said system file storage additionally stores said file tree information for each of said plurality of system files having the same hash value and said associated hash value with said single instance of said system file in said memory module.
  - 19. The method for the autonomous encrypted backup storage of data of claim 11 wherein said customer data file management comprises:
    - change journal for automatically tracking changes to said customer data files, including;
      
      customer data file creation, customer data file movement, customer data file content changes, and customer data file renaming.
  - 20. The method for the autonomous encrypted backup storage of data of claim 19, further comprising:
    - file history, responsive to a modification of a customer data file, for generating file change data indicative of a difference between said customer data file and said modified customer data file;
      
      file tracking for storing said file change data in said memory module; and
      
      wherein said customer data file manager stores said file change data in said memory module and substitutes said modified customer data file for said customer data file in said memory module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carbonite LLC (Open Text Corporation)
Original Assignee
Rebit, Inc. (Open Text Corporation)
Inventors
Schwaab, David, Probst, Nathan, Batchelor, Dennis B.

Granted Patent

US 8,356,174 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/655
CPC Class Codes

G06F 11/1451   by selection of backup cont...

G06F 11/1453   using de-duplication of the...

G06F 11/1458   Management of the backup or...

G06F 11/1471   involving logging of persis...

G06F 16/1734   Details of monitoring file ...

G06F 16/1756   based on delta files

G06F 21/6218   to a system of files or obj...

G06F 2201/84   Using snapshots, i.e. a log...

SYSTEM FOR AUTOMATICALLY SHADOWING ENCRYPTED DATA AND FILE DIRECTORY STRUCTURES FOR A PLURALITY OF NETWORK-CONNECTED COMPUTERS USING A NETWORK-ATTACHED MEMORY WITH SINGLE INSTANCE STORAGE

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

72 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM FOR AUTOMATICALLY SHADOWING ENCRYPTED DATA AND FILE DIRECTORY STRUCTURES FOR A PLURALITY OF NETWORK-CONNECTED COMPUTERS USING A NETWORK-ATTACHED MEMORY WITH SINGLE INSTANCE STORAGE

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links