SYSTEMS AND METHODS FOR SECURE FILE MANAGEMENT VIA AN AGGREGATION OF CLOUD STORAGE SERVICES

US 20170329677A1
Filed: 05/16/2016
Published: 11/16/2017
Est. Priority Date: 05/16/2016
Status: Active Grant

First Claim

Patent Images

1. A method for secure file management in an aggregation of cloud storage services, comprising:

receiving, by a storage manager from a client device, metadata of a file stored at the client device and designated for synchronization;

identifying, by the storage manager, a plurality of fragments of the file;

selecting, by the storage manager, a first account associated with the client device at a first cloud storage provider of a plurality of cloud storage providers and a second account associated with the client device at a second cloud storage provider of the plurality of cloud storage providers;

selecting, by the storage manager, a first subset of the plurality of fragments of the file and a second subset of the plurality of fragments of the file;

storing, by the storage manager, the metadata of the file, an identification of the first subset and second subset, and an identification of the first selected account and second selected account in a storage device associated with the storage manager;

transmitting, by the storage manager to the client device, the identification of the first selected account and first subset of the plurality of fragments, receipt of the identification causing the client device to transmit the first subset of the plurality of fragments to the first cloud storage provider; and

transmitting, by the storage manager to the client device, the identification of the second selected account and second subset of the plurality of fragments, receipt of the identification causing the client device to transmit the second subset of the plurality of fragments to the second cloud storage provider.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes systems and methods for aggregation and management of cloud storage among a plurality of providers via file fragmenting to provide increased reliability and security. In one implementation, fragments or blocks may be distributed among a plurality of cloud storage providers, such that no provider retains a complete copy of a file. Accordingly, even if an individual service is compromised, a malicious actor cannot access the data. In another implementation, fragments may be duplicated and distributed to multiple providers, such that loss of communications to any one provider does not result in inability to access the data. This implementation may be combined with error correction techniques to allow recovery, even with loss of multiple providers. File synchronization may also be faster in these implementations by dividing reading and writing operations among multiple providers.

33 Citations

View as Search Results

20 Claims

1. A method for secure file management in an aggregation of cloud storage services, comprising:
- receiving, by a storage manager from a client device, metadata of a file stored at the client device and designated for synchronization;
  
  identifying, by the storage manager, a plurality of fragments of the file;
  
  selecting, by the storage manager, a first account associated with the client device at a first cloud storage provider of a plurality of cloud storage providers and a second account associated with the client device at a second cloud storage provider of the plurality of cloud storage providers;
  
  selecting, by the storage manager, a first subset of the plurality of fragments of the file and a second subset of the plurality of fragments of the file;
  
  storing, by the storage manager, the metadata of the file, an identification of the first subset and second subset, and an identification of the first selected account and second selected account in a storage device associated with the storage manager;
  
  transmitting, by the storage manager to the client device, the identification of the first selected account and first subset of the plurality of fragments, receipt of the identification causing the client device to transmit the first subset of the plurality of fragments to the first cloud storage provider; and
  
  transmitting, by the storage manager to the client device, the identification of the second selected account and second subset of the plurality of fragments, receipt of the identification causing the client device to transmit the second subset of the plurality of fragments to the second cloud storage provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - subsequently receiving, by the storage manager from the client device, a request for the file;
      
      retrieving, by the storage manager, the metadata of the file, the identification of the first subset and second subset, and the identification of the first selected account and second selected account stored in the storage device, responsive to receipt of the request;
      
      transmitting, by the storage manager to the client device, the identification of the first selected account and first subset of the plurality of fragments, receipt of the identification causing the client device to transmit transmit a request for the first subset of the plurality of fragments to the first cloud storage provider; and
      
      transmitting, by the storage manager to the client device, the identification of the second selected account and second subset of the plurality of fragments, receipt of the identification causing the client device to transmit a request for the second subset of the plurality of fragments to the second cloud storage provider.
  - 3. The method of claim 1, wherein identifying the plurality of fragments of the file further comprises dividing the file into a plurality of fragments of a predetermined size.
  - 4. The method of claim 3, wherein dividing the file into a plurality of fragments of the predetermined size further comprises dividing the file into the plurality of fragments of the predetermined size and an additional fragment including a remainder of the file.
  - 5. The method of claim 3, wherein the predetermined size is smaller than a header of the file.
  - 6. The method of claim 1, wherein selecting the first subset of the plurality of fragments of the file and selecting the second subset of the plurality of fragments of the file further comprises distributing alternating fragments of the file to the first subset and second subset.
  - 7. The method of claim 6, wherein receipt of the identification of the first selected account and first subset of the plurality of fragments further causes the client device to concatenate the first subset of the plurality of fragments of the file into a first contiguous block.

8. A system for secure file management in an aggregation of cloud storage services, comprising:
- a server comprising a network interface in communication with a client device and a plurality of cloud storage providers, and a processor executing a storage manager;
  
  wherein the storage manager is configured to;
  
  receive, from the client device, metadata of a file stored at the client device and designated for synchronization,identify a plurality of fragments of the file,select a first account associated with the client device at a first cloud storage provider of the plurality of cloud storage providers and a second account associated with the client device at a second cloud storage provider of the plurality of cloud storage providers,select a first subset of the plurality of fragments of the file and a second subset of the plurality of fragments of the file,store the metadata of the file, an identification of the first subset and second subset, and an identification of the first selected account and second selected account in a storage device associated with the storage manager,transmit, to the client device, the identification of the first selected account and first subset of the plurality of fragments, receipt of the identification causing the client device to transmit the first subset of the plurality of fragments to the first cloud storage provider, andtransmit, to the client device, the identification of the second selected account and second subset of the plurality of fragments, receipt of the identification causing the client device to transmit the second subset of the plurality of fragments to the second cloud storage provider.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the storage manager is further configured to:
    - subsequently receive, from the client device, a request for the file,retrieve the metadata of the file, the identification of the first subset and second subset, and the identification of the first selected account and second selected account stored in the storage device, responsive to receipt of the request,transmit, to the client device, the identification of the first selected account and first subset of the plurality of fragments, receipt of the identification causing the client device to transmit transmit a request for the first subset of the plurality of fragments to the first cloud storage provider, andtransmit, to the client device, the identification of the second selected account and second subset of the plurality of fragments, receipt of the identification causing the client device to transmit a request for the second subset of the plurality of fragments to the second cloud storage provider.
  - 10. The system of claim 8, wherein the storage manager is further configured to divide the file into a plurality of fragments of a predetermined size.
  - 11. The system of claim 10, wherein the storage manager is further configured to divide the file into the plurality of fragments of the predetermined size and an additional fragment including a remainder of the file.
  - 12. The system of claim 10, wherein the predetermined size is smaller than a header of the file.
  - 13. The system of claim 8, wherein the storage manager is further configured to distribute alternating fragments of the file to the first subset and second subset.
  - 14. The system of claim 13, wherein receipt of the identification of the first selected account and first subset of the plurality of fragments further causes the client device to concatenate the first subset of the plurality of fragments of the file into a first contiguous block, concatenate the second subset of the plurality of fragments of the file into a second contiguous block, and concatenate the first contiguous block and the second contiguous block.

15. A method for secure file management in an aggregation of cloud storage services, comprising:
- identifying for synchronization, by a synchronization client of a client device, a file stored at the client device;
  
  transmitting, by the synchronization client to a storage manager, metadata of the identified file;
  
  receiving, by the synchronization client from the storage manager, an identification of a first account associated with the client device at a first cloud storage provider of a plurality of cloud storage providers and an identification of a first subset of a plurality of fragments of the file;
  
  receiving, by the synchronization client from the storage manager, an identification of a second account associated with the client device at a second cloud storage provider of the plurality of cloud storage providers and an identification of a second subset of a plurality of fragments of the file; and
  
  transmitting, by the synchronization client, the first subset of the plurality of fragments to the first cloud storage provider, and the second subset of the plurality of fragments to the second cloud storage provider.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the plurality of fragments comprise a first set of fragments of a predetermined size, and an additional fragment including a remainder of the file.
  - 17. The method of claim 16, wherein the predetermined size is smaller than a header of the file.
  - 18. The method of claim 15, further comprising:
    - subsequently transmitting, by the synchronization client to the storage manager, a request for the file;
      
      receiving, by the synchronization client from the storage manager, the identification of the first selected account and first subset of the plurality of fragments, and the identification of the second selected account and second subset of the plurality of fragments;
      
      transmitting, by the synchronization client, a request for the first subset of the plurality of fragments to the first cloud storage provider;
      
      receiving, by the synchronization client, the first subset of the plurality of fragments from the first cloud storage provider;
      
      transmitting, by the synchronization client, a request for the second subset of the plurality of fragments to the second cloud storage provider;
      
      receiving, by the synchronization client, the second subset of the plurality of fragments from the second cloud storage provider; and
      
      reassembling, by the synchronization client, the first subset of the plurality of fragments and the second subset of the plurality of fragments to generate the file.
  - 19. The method of claim 18, wherein reassembling the first subset of the plurality of fragments of the file and the second subset of the plurality of fragments of the file further comprises concatenating alternating fragments of the first subset and second subset to generate the file.
  - 20. The method of claim 18, wherein reassembling the first subset of the plurality of fragments of the file and the second subset of the plurality of fragments of the file further comprises concatenating fragments of the first subset into a first contiguous block, concatenating the second subset of the plurality of fragments of the file into a second contiguous block, and concatenating the first contiguous block and the second contiguous block.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carbonite LLC (Open Text Corporation)
Original Assignee
Carbonite Incorporated (Open Text Corporation)
Inventors
Crofton, Teo Winton, Raissipour, David

Granted Patent

US 11,100,107 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/1446   Point-in-time backing up or...

G06F 16/178   Techniques for file synchro...

G06F 16/2455   Query execution

G06F 21/6227   where protection concerns t...

G06F 2201/84   Using snapshots, i.e. a log...

H04L 67/1095   Replication or mirroring of...

SYSTEMS AND METHODS FOR SECURE FILE MANAGEMENT VIA AN AGGREGATION OF CLOUD STORAGE SERVICES

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SYSTEMS AND METHODS FOR SECURE FILE MANAGEMENT VIA AN AGGREGATION OF CLOUD STORAGE SERVICES

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others