SECURE DATA PARSER METHOD AND SYSTEM
First Claim
Patent Images
1. A method of securely storing data in a network, the method comprising:
- receiving a unit of data from a client device;
splitting the unit of data into a predetermined number of secondary units of data, each of the secondary units of data associated with one of a plurality of shares;
encrypting the plurality of shares with a corresponding number of different keys; and
storing each secondary unit of data and key used to encrypt the secondary unit of data.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.
-
Citations
32 Claims
-
1. A method of securely storing data in a network, the method comprising:
-
receiving a unit of data from a client device; splitting the unit of data into a predetermined number of secondary units of data, each of the secondary units of data associated with one of a plurality of shares; encrypting the plurality of shares with a corresponding number of different keys; and storing each secondary unit of data and key used to encrypt the secondary unit of data. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of reading secured data in a network, the method comprising:
-
receiving a request from a client device to read a unit of data managed by a secure storage appliance; determining a number of secondary units of data required to reconstitute the unit of data; transmitting a request for the number of secondary units of data to a plurality of shares located at a plurality of physical storage devices, the plurality of shares corresponding to the number of secondary units of data required to reconstitute the unit of data, each of the secondary units of data representing a portion of the unit of data encrypted by a different key; receiving at least the number of secondary units of data required to reconstitute the block of data from the plurality of shares; reconstituting the unit of data from the secondary units of data; and transmitting the reconstituted unit of data to the client device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of securing data in a network, the method comprising:
-
receiving at a secure storage appliance a unit of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices; cryptographically splitting the unit of data received by the secure storage appliance into a plurality of secondary data units; and encrypting each of the plurality of secondary data units with a different key, each key associated with at least one of the plurality of shares. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A secure storage appliance comprising a programmable circuit configured to execute program instructions which, when executed, configure the secure storage appliance to:
-
receive from a client device a unit of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices; cryptographically split the unit of data into a plurality of secondary data units; and encrypt each of the plurality of secondary data units with a different key, each key associated with at least one of the plurality of shares. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A secure data storage network comprising:
-
a client device; a plurality of physical storage devices; a secure storage appliance communicatively connected to the client device and the plurality of physical storage devices, the secure storage appliance including a programmable circuit configured to execute program instructions which, when executed, cause the secure storage appliance to; receive from the client device a unit of data for storage on a volume, the volume associated with a plurality of shares distributed across the plurality of physical storage devices; cryptographically split the unit of data into a plurality of secondary data units; and encrypt each of the plurality of secondary data blocks with a different key, each key associated with at least one of the plurality of shares. - View Dependent Claims (27, 28, 29, 30, 31, 32)
-
Specification