Secure restoration of data selected based on user-specified search criteria

US 7,761,456 B1
Filed: 07/11/2005
Issued: 07/20/2010
Est. Priority Date: 04/22/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

storing one or more backup versions of a plurality of storage objects in one or more storage devices;

initiating a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor;

receiving a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms;

identifying a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user;

generating an encoding of each of the compatible set of security descriptors by applying the lossy compression technique;

performing a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and

identifying, based on the search, one or more backup versions of a particular storage object that the user is authorized to access.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure restoration of data selected based on user-specified search criteria includes maintaining one or more backup versions of a plurality of storage objects and initiating the generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object and includes an encoding of a security descriptor associated with the storage object. The method may further include, in response to a backup version search request from a user, using contents of the search request and encodings of security descriptors stored in the plurality of database entries to identify one or more backup versions of a particular storage object that the user is authorized to access.

Citations

13 Claims

1. A method, comprising:
- storing one or more backup versions of a plurality of storage objects in one or more storage devices;
  
  initiating a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor;
  
  receiving a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms;
  
  identifying a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user;
  
  generating an encoding of each of the compatible set of security descriptors by applying the lossy compression technique;
  
  performing a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and
  
  identifying, based on the search, one or more backup versions of a particular storage object that the user is authorized to access.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as recited in claim 1, wherein a database entry corresponding to a backup version of the particular storage object includes a field indicative of contents of the backup version of the particular storage object, and wherein the backup version search request includes a content-based search criterion.
  - 3. The method as recited in claim 1, further comprising:
    - in response to a restoration request from a user, restoring the particular storage object from a backup version of the one or more backup versions of the particular storage object that the user is authorized to access.
  - 4. The method as recited in claim 1, wherein a backup version of the one or more backup versions of the particular storage object is included within a replica of the plurality of storage objects.
  - 5. The method as recited in claim 1, wherein a backup version of the one or more backup versions of the particular storage object includes a point-in-time copy of the particular storage object.
  - 6. The method as recited in claim 5, wherein the point-in-time copy is included within a snapshot of a replica of the plurality of storage objects.

7. A system, comprising:
- a processor;
  
  one or more storage devices; and
  
  a memory coupled to the processor,wherein the memory stores program instructions computer-executable by the processor to implement a backup manager configured to;
  
  store one or more backup versions of a plurality of storage objects in the one or more storage devices;
  
  initiate a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor;
  
  receive a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms;
  
  identify a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user;
  
  generate an encoding of each of the compatible set of security descriptors by applying the lossy compression technique;
  
  perform a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and
  
  identify, based on the search, one or more backup versions of a particular storage object that the user is authorized to access.
- View Dependent Claims (8, 9, 10)
- - 8. The system as recited in claim 7, wherein a backup version of the one or more backup versions of the particular storage object is included within a replica of the plurality of storage objects.
  - 9. The system as recited in claim 7, wherein a backup version of the one or more backup versions of the particular storage object is included within a snapshot of a replica of the plurality of storage objects.
  - 10. The system as recited in claim 7, wherein the backup manager is further configured to generate the plurality of database entries.

11. A storage medium comprising program instructions, wherein the instructions are computer-executable to:
- store one or more backup versions of a plurality of storage objects in one or more storage devices;
  
  initiate a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor;
  
  receive a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms;
  
  identify a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user;
  
  generate an encoding of each of the compatible set of security descriptors by applying the lossy compression technique;
  
  perform a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and
  
  identify, based on the search, one or more backup versions of a particular storage object that the user is authorized to access.
- View Dependent Claims (12, 13)
- - 12. The storage medium as recited in claim 11, wherein a backup version of the one or more backup versions of the particular storage object is included within a replica of the plurality of storage objects.
  - 13. The storage medium as recited in claim 11, wherein a backup version of the one or more backup versions of the particular storage object is included within a snapshot of a replica of the plurality of storage objects.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Veritas Technologies, LLC (Whitehouse Group Ltd.)
Original Assignee
Symantec Operating Corporation (Gen Digital Inc.)
Inventors
Somerville, Robert James, Breidbach, Stephen Andrew, Cram, Paul
Primary Examiner(s)
Jalil; Neveen Abel
Assistant Examiner(s)
LIANG, VEI CHUNG

Application Number

US11/178,957
Time in Patent Office

1,835 Days
Field of Search

707/204
US Class Current

707/754
CPC Class Codes

G06F 11/1435   using file system or storag...

G06F 11/1451   by selection of backup cont...

G06F 11/1453   using de-duplication of the...

G06F 11/1458   Management of the backup or...

G06F 11/1469   Backup restoration techniques

G06F 11/2071   using a plurality of contro...

G06F 11/2079   Bidirectional techniques

G06F 2201/84   Using snapshots, i.e. a log...

Secure restoration of data selected based on user-specified search criteria

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Secure restoration of data selected based on user-specified search criteria

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links