SYSTEMS AND METHODS FOR SECURE MULTI-TENANT DATA STORAGE
First Claim
1. A method of securely storing data in a multi-tenant data storage system, comprising:
- receiving a first data set from a first data source;
receiving a second data set from a second data source;
encrypting the first data set with a first key;
encrypting the second data set with a second key, the second key different from the first key;
generating a first plurality of shares, wherein each of the first plurality of shares contains a distribution of data from the encrypted first data set;
generating a second plurality of shares, wherein each of the second plurality of shares contains a distribution of data from the encrypted second data set; and
storing at least one share of the first plurality of shares and at least one share of the second plurality of shares in a first shared memory device of the multi-tenant data storage system,wherein access to the first key and a threshold number of the first plurality of shares are necessary to restore the first data set.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for transmitting data for secure storage. For each of two or more data sets, a plurality of shares are generated containing a distribution of data from an encrypted version of the data set. The shares are then stored in a shared memory device, wherein a data set may be reconstructed from a threshold number of the associated plurality of shares using an associated key. Also provided are systems and methods for providing access to secured data. A plurality of shares containing a distribution of data from an encrypted version of a data set are stored in a memory device. A client is provided with a virtual machine that indicates the plurality of shares, and the capability to reconstruct the data set from the plurality of shares using an associated key.
160 Citations
34 Claims
-
1. A method of securely storing data in a multi-tenant data storage system, comprising:
-
receiving a first data set from a first data source; receiving a second data set from a second data source; encrypting the first data set with a first key; encrypting the second data set with a second key, the second key different from the first key; generating a first plurality of shares, wherein each of the first plurality of shares contains a distribution of data from the encrypted first data set; generating a second plurality of shares, wherein each of the second plurality of shares contains a distribution of data from the encrypted second data set; and storing at least one share of the first plurality of shares and at least one share of the second plurality of shares in a first shared memory device of the multi-tenant data storage system, wherein access to the first key and a threshold number of the first plurality of shares are necessary to restore the first data set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of providing access to secured data, comprising:
-
encrypting a first data set using a first key; generating a first plurality of shares, wherein each of the first plurality of shares contains a distribution of data from the encrypted first data set; transmitting the first plurality of shares to at least one memory device for storage; providing, to a first client, access to a second key; and providing, to the first client, a virtual machine that indicates the first plurality of shares stored on the at least one memory device, wherein the first client is provided with the capability to retrieve the first plurality of shares from the at least one memory device and reconstruct the first data set using the second key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for securely storing data in a multi-tenant data storage system, comprising:
-
at least one processing device configured to receive a first data set from a first data source and a second data set from a second data source; and a first shared memory device; the at least one processing device further configured to; encrypt the first data set with a first key; encrypt the second data set with a second key, the second key different from the first key; generate a first plurality of shares, wherein each of the first plurality of shares contains a distribution of data from the encrypted first data set; generate a second plurality of shares, wherein each of the second plurality of shares contains a distribution of data from the encrypted second data set; and store at least one share of the first plurality of shares and at least one share of the second plurality of shares in a first shared memory device of the multi-tenant data storage system, wherein access to the first key and a threshold number of the first plurality of shares are necessary to restore the first data set. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. A system for providing access to secured data, comprising:
-
at least one processing device; a first client; and at least one memory device; wherein the at least one processing device is configured to; encrypt a first data set using a first key; generate a first plurality of shares, wherein each of the first plurality of shares contains a distribution of data from the encrypted first data set; transmit the first plurality of shares to the at least one memory device for storage; provide, to the first client, access to a second key; and provide, to the first client, a virtual machine that indicates the first plurality of shares stored on the at least one memory device, wherein the first client is provided with the capability to retrieve the first plurality of shares from the at least one memory device and reconstruct the first data set using the second key. - View Dependent Claims (30, 31, 32, 33, 34)
-
Specification