KEY SEARCH TOKEN FOR ENCRYPTED DATA
First Claim
Patent Images
1. A method, comprising:
- receiving, at a data storage system from a client, a key search token that has not been used to encrypt data records or keywords associated with the data records, said key search token being independent of an encryption key used to encrypt the data records associated with the key search token;
determining, by the data storage system, an encrypted data record associated with the key search token; and
transmitting, by the data storage system, the determined encrypted data record to the client.
2 Assignments
0 Petitions
Accused Products
Abstract
Implementations are directed, for example, to a method that includes receiving, at a data storage system from a client, a key search token that has not been used to encrypt data records or keywords associated with the data records. The key search token is independent of an encryption key used to encrypt the data records associated with the key search token. The method further includes determining an encrypted data record associated with the key search token, and transmitting the determined encrypted data record to the client. Implementations of the client are also provided.
37 Citations
15 Claims
-
1. A method, comprising:
-
receiving, at a data storage system from a client, a key search token that has not been used to encrypt data records or keywords associated with the data records, said key search token being independent of an encryption key used to encrypt the data records associated with the key search token; determining, by the data storage system, an encrypted data record associated with the key search token; and transmitting, by the data storage system, the determined encrypted data record to the client. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A data storage system, comprising:
-
a storage device containing a data structure, the data structure to include a plurality of entries, each entry to include an encrypted data record and, associated with each encrypted data record, an encrypted keyword and a key search token, the key search token not used to encrypt data or a keyword, said key search token being independent of an encryption key used to encrypt the data records associated with the key search token; and a management unit coupled to the storage device, the management unit to receive a key search token and at least one of a plaintext keyword and an encrypted keyword for encrypted data record retrieval. - View Dependent Claims (8, 9, 10)
-
-
11. A computing apparatus, comprising:
-
a processing resource; and network interface coupled to the processing resource; wherein the processing resource causes a plurality of child encryption keys to be derived from a parent encryption key, the child encryption keys to include; a first child encryption key to be used to encrypt data records to generate encrypted data records; a second child encryption key to be used to encrypt keywords associated with encrypted data records; and a third child encryption key to be used as a key search token; and wherein the processing resource is to cause the third child encryption key to be transmitted through the interface to a data storage apparatus containing encrypted data records and, via the interface, to receive an encrypted data record that is associated with the transmitted third child encryption key. - View Dependent Claims (12, 13, 14, 15)
-
Specification