DATA RETENTION MANAGEMENT

US 20110055559A1
Filed: 08/27/2009
Published: 03/03/2011
Est. Priority Date: 08/27/2009
Status: Abandoned Application

First Claim

Patent Images

1. A file-based data retention management system, comprising:

a data source configured to store data files;

an online backup file system configured to make an encrypted backup copy of the data files from the data source and to store the backup copy of the data files on a backup server;

a policy database comprising data retention policies for the data files for retention management of the data files; and

a centralized key management system configured to assign and manage encryption keys for the data files and to store the encryption keys on a separate system from the data files stored on the backup server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A file-based data retention management system is provided. A data source can store data files. An online backup file system can make a backup copy of the data files from the data source and store the backup copy of the data files on a backup server. A policy database can be maintained by the system, the policy database including data retention policies for the data files for retention management of the data files. A key management system can assign and manage encryption keys for the data files. The key management system can store the encryption keys on a separate system from the data files stored on the backup server.

Citations

20 Claims

1. A file-based data retention management system, comprising:
- a data source configured to store data files;
  
  an online backup file system configured to make an encrypted backup copy of the data files from the data source and to store the backup copy of the data files on a backup server;
  
  a policy database comprising data retention policies for the data files for retention management of the data files; and
  
  a centralized key management system configured to assign and manage encryption keys for the data files and to store the encryption keys on a separate system from the data files stored on the backup server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A system in accordance with claim 1, wherein the key management system is configured to encrypt the encryption keys with a master key and the system further comprises a portable computer readable storage medium configured to store the master key.
  - 3. A system in accordance with claim 1, wherein the key management system is configured to split the encryption keys into encryption key blocks, and further comprising a plurality of geographically separated data centers each configured to receive at least one of the encryption key blocks.
  - 4. A system in accordance with claim 1, further comprising an offline backup computer readable storage medium configured to receive and store backups of the data files on the backup server.
  - 5. A system in accordance with claim 1, further comprising a policy enforcement module configured to enforce file retention policies by deleting encryption keys assigned to data files with expired retention periods.
  - 6. A system in accordance with claim 1, further comprising a policy database comprising data retention policies for the received data and usable by the policy enforcement module in managing retention of the received data files.
  - 7. A system in accordance with claim 1, further comprising a reporting module configured to report at least one of an expired retention period for a data file and deletion of a data file for which the retention period has expired.
  - 8. A system in accordance with claim 1, further comprising a large-scale parallel processing architecture configured to process large volumes of data files stored using the file-based data retention management system.

9. A file-based data retention management system, comprising:
- a data source configured to store data files;
  
  an online backup file system configured to make an encrypted backup copy of the data files from the data source and to store the backup copy of the data files on a backup server;
  
  a policy database comprising data retention policies for the data files for retention management of the data files;
  
  a key management system configured to assign and manage encryption keys for the data files and split the encryption keys into encryption key blocks; and
  
  a plurality of geographically separated data centers each configured to receive at least one of the encryption key blocks.

10. A method for file-based data retention management, comprising:
- storing and encrypting a user data file from a data source on a backup server;
  
  assigning a symmetric encryption key to the data file;
  
  storing the symmetric encryption key in an encryption key repository separate from the backup server;
  
  receiving data retention policies from a user and storing the data retention policies on a data policy server;
  
  enforcing file retention policies by operably deleting the symmetric encryption key.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. A method in accordance with claim 10, further comprising splitting the encryption key repository into encryption key blocks.
  - 12. A method in accordance with claim 11, wherein storing the symmetric encryption key separate from the backup server further comprises sending at least one encryption key block to each of a plurality of geographically separated data centers.
  - 13. A method in accordance with claim 10, further comprising encrypting the encryption key repository using a master key.
  - 14. A method in accordance with claim 13, further comprising storing the master key on a computer readable storage medium.
  - 15. A method in accordance with claim 13, further comprising periodically changing the master key.
  - 16. A method in accordance with claim 10, wherein enforcing file retention policies further comprises operably deleting at least one of a data file at the data source and a data file on the backup server when a file retention period has expired.
  - 17. A method in accordance with claim 10, further comprising processing large volumes of data files stored using a large-scale parallel processing architecture implemented in a file-based data retention management system.
  - 18. A method in accordance with claim 10, further comprising reporting at least one of an expired retention period for the data file and deletion of a data file for which the retention period has expired to a user using a reporting module.
  - 19. A method in accordance with claim 10, further comprising:
    - continuing to store the data file on the backup server at least temporarily unless the user requests deletion of the data file on the backup server; and
      
      continuing to store the symmetric encryption key associated with the data file when the user deletes the data file from the data source and the retention period for the data file has not expired unless the user requests deletion of the symmetric encryption key associated with the data file.
  - 20. A method in accordance with claim 10, further comprising restoring a data file accidentally deleted by the user using the data file stored on the backup server and the symmetric encryption key stored in the encryption key repository when the retention period for the accidentally deleted data file has not expired.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Singhal, Sharad, Li, Jun, Swaminathan, Ram

Application Number

US12/549,179
Publication Number

US 20110055559A1
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 11/1448   Management of the data invo...

G06F 21/6218   to a system of files or obj...

H04L 9/083   involving central third par...

H04L 9/0894   Escrow, recovery or storing...

DATA RETENTION MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DATA RETENTION MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links