SECURING FILES AT REST IN REMOTE STORAGE SYSTEMS
First Claim
Patent Images
1. A method, comprising:
- receiving a first request from a user to write a file to a remote storage system; and
processing, by a computer system, the first request by;
receiving a first encrypted version of the file from a client associated with the first request;
decrypting the first encrypted version to obtain an unencrypted version of the file;
using the unencrypted version to generate a second encrypted version of the file;
writing the second encrypted version to a file store; and
storing metadata for the file in a virtual filesystem that is physically separate from the file store.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosed embodiments provide a system for managing access to a remote storage system. During operation, the system receives a first request from a user to write a file to a remote storage system. Next, the system receives a first encrypted version of the file from a client associated with the first request. The system then decrypts the first encrypted version to obtain an unencrypted version of the file and uses the unencrypted version to generate a second encrypted version of the file. Finally, the system writes the second encrypted version to a file store and stores metadata for the file in a virtual filesystem that is physically separate from the file store.
40 Citations
20 Claims
-
1. A method, comprising:
-
receiving a first request from a user to write a file to a remote storage system; and processing, by a computer system, the first request by; receiving a first encrypted version of the file from a client associated with the first request; decrypting the first encrypted version to obtain an unencrypted version of the file; using the unencrypted version to generate a second encrypted version of the file; writing the second encrypted version to a file store; and storing metadata for the file in a virtual filesystem that is physically separate from the file store. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus, comprising:
-
one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the apparatus to; receive a first request from a user to write a file to a remote storage system; receive a first encrypted version of the file from a client associated with the first request; decrypt the first encrypted version to obtain an unencrypted version of the file; use the unencrypted version to generate a second encrypted version of the file; write the second encrypted version to a file store; and store metadata for the file in a virtual filesystem that is physically separate from the file store. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A remote storage system, comprising:
-
a file store; a virtual filesystem that is physically separate from the file store; and a server comprising a non-transitory computer-readable medium comprising instructions that, when executed, cause the system to; receive a first request from a user to write a file to the remote storage system; receive a first encrypted version of the file from a client associated with the first request; decrypt the first encrypted version to obtain an unencrypted version of the file; use the unencrypted version to generate a second encrypted version of the file; write the second encrypted version to the file store; and store metadata for the file in the virtual filesystem. - View Dependent Claims (20)
-
Specification