Secure restoration of data selected based on user-specified search criteria
First Claim
1. A method, comprising:
- storing one or more backup versions of a plurality of storage objects in one or more storage devices;
initiating a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor;
receiving a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms;
identifying a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user;
generating an encoding of each of the compatible set of security descriptors by applying the lossy compression technique;
performing a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and
identifying, based on the search, one or more backup versions of a particular storage object that the user is authorized to access.
9 Assignments
0 Petitions
Accused Products
Abstract
A method for secure restoration of data selected based on user-specified search criteria includes maintaining one or more backup versions of a plurality of storage objects and initiating the generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object and includes an encoding of a security descriptor associated with the storage object. The method may further include, in response to a backup version search request from a user, using contents of the search request and encodings of security descriptors stored in the plurality of database entries to identify one or more backup versions of a particular storage object that the user is authorized to access.
-
Citations
13 Claims
-
1. A method, comprising:
-
storing one or more backup versions of a plurality of storage objects in one or more storage devices; initiating a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor; receiving a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms; identifying a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user; generating an encoding of each of the compatible set of security descriptors by applying the lossy compression technique; performing a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and identifying, based on the search, one or more backup versions of a particular storage object that the user is authorized to access. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a processor; one or more storage devices; and a memory coupled to the processor, wherein the memory stores program instructions computer-executable by the processor to implement a backup manager configured to; store one or more backup versions of a plurality of storage objects in the one or more storage devices; initiate a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor; receive a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms; identify a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user; generate an encoding of each of the compatible set of security descriptors by applying the lossy compression technique; perform a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and identify, based on the search, one or more backup versions of a particular storage object that the user is authorized to access. - View Dependent Claims (8, 9, 10)
-
-
11. A storage medium comprising program instructions, wherein the instructions are computer-executable to:
-
store one or more backup versions of a plurality of storage objects in one or more storage devices; initiate a generation of a plurality of database entries, wherein each database entry corresponds to a backup version of a storage object of the plurality of storage objects, wherein each database entry includes an indication of a location of the corresponding backup version within the one or more storage devices, wherein each database entry includes an encoding of a security descriptor associated with the storage object, wherein the encoding of the security descriptor associated with the storage object is generated by applying a lossy compression technique to the security descriptor; receive a backup version search request from a user, wherein the backup version search request comprises one or more user-specified search terms; identify a compatible set of security descriptors, wherein the compatible set of security descriptors comprises one or more security descriptors that are compatible with authorization privileges of the user; generate an encoding of each of the compatible set of security descriptors by applying the lossy compression technique; perform a search of the plurality of database entries based on search criteria, wherein the search criteria comprise the one or more user-specified search terms and the encodings of the compatible set of security descriptors, wherein results of the search exclude database entries that do not include an encoding of at least one of the compatible set of security descriptors; and identify, based on the search, one or more backup versions of a particular storage object that the user is authorized to access. - View Dependent Claims (12, 13)
-
Specification