CRYPTOGRAPHIC ERASURE OF SELECTED ENCRYPTED DATA
First Claim
1. A method for cryptographic erasure of selected encrypted data by a processor device in a computing environment, the method comprising:
- configuring data files with a plurality of derived keys, the plurality of derived keys adapted to be individually shredded in a subsequent erasure operation, wherein the plurality of derived keys allow for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data.
1 Assignment
0 Petitions
Accused Products
Abstract
Exemplary method, system, and computer program product embodiments for cryptographic erasure of selected encrypted data are provided. In one embodiment, by way of example only, data files are configured with a derived key. The derived keys adapted to be individually shredded in a subsequent erasure operation. The derived key allows for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data. Additional system and computer program product embodiments are disclosed and provide related advantages.
115 Citations
24 Claims
-
1. A method for cryptographic erasure of selected encrypted data by a processor device in a computing environment, the method comprising:
configuring data files with a plurality of derived keys, the plurality of derived keys adapted to be individually shredded in a subsequent erasure operation, wherein the plurality of derived keys allow for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A system for cryptographic erasure of selected encrypted data in a computing environment, comprising:
-
at least one tape drive, and at least one processor device connected to the at least one tape drive operable in the computing environment, wherein the at least one processor device is adapted for; configuring data files with a plurality of derived keys, the plurality of derived keys adapted to be individually shredded in a subsequent erasure operation, wherein the plurality of derived keys allow for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product for cryptographic erasure of selected encrypted data in a computing environment by a processor device, the computer program product comprising a non-transitory computer-readable storage medium having computer-readable program code portions stored therein, the computer-readable program code portions comprising:
a first executable portion for configuring data files with a plurality of derived keys, the plurality of derived keys adapted to be individually shredded in a subsequent erasure operation, wherein the plurality of derived keys allow for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
Specification