Data encryption in a network memory architecture for providing data based on local accessibility

CAFC

US 8,392,684 B2
Filed: 07/31/2006
Issued: 03/05/2013
Est. Priority Date: 08/12/2005
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A network memory system for ensuring compliance, comprising:

a source-site appliance comprising a first processor and a first memory device, and configured to be coupled to a source-site computer via a source-site local area network;

a destination-site appliance comprising a second processor and a second memory device, and configured to be coupled to a destination-site computer via a destination-site local area network, the source-site computer in communication with the destination-site computer via a wide area network;

the source-site appliance configured to intercept data sent from the source-site computer to the destination-site computer, encrypt the data, store the data in the first memory device, determine whether the data exists in the second memory device, and transmit a store instruction comprising the data if the data does not exist in the second memory device; and

the destination-site appliance configured to receive the store instruction from the source-site appliance, store the data in the second memory device, subsequently receive a retrieve instruction comprising an index at which the data is stored in the second memory device, process the retrieve instruction to obtain encrypted response data, and decrypt the encrypted response data.

View all claims

5 Assignments

Timeline View

Assignment View

1 Petition

Accused Products

Abstract

A network memory system for ensuring compliance is disclosed. The network memory system comprises a first appliance configured to encrypt first data, store the encrypted first data in a first memory device. The first appliance also determines whether the encrypted first data exists in a second appliance and transmits a store instruction comprising the encrypted first data based on the determination that the encrypted first data does not exist in the second appliance. The second appliance is further configured to receive a retrieve instruction comprising an index at which the encrypted first data is stored, process the retrieve instruction to obtain encrypted response data, and decrypt the encrypted response data.

234 Citations

24 Claims

1. A network memory system for ensuring compliance, comprising:
- a source-site appliance comprising a first processor and a first memory device, and configured to be coupled to a source-site computer via a source-site local area network;
  
  a destination-site appliance comprising a second processor and a second memory device, and configured to be coupled to a destination-site computer via a destination-site local area network, the source-site computer in communication with the destination-site computer via a wide area network;
  
  the source-site appliance configured to intercept data sent from the source-site computer to the destination-site computer, encrypt the data, store the data in the first memory device, determine whether the data exists in the second memory device, and transmit a store instruction comprising the data if the data does not exist in the second memory device; and
  
  the destination-site appliance configured to receive the store instruction from the source-site appliance, store the data in the second memory device, subsequently receive a retrieve instruction comprising an index at which the data is stored in the second memory device, process the retrieve instruction to obtain encrypted response data, and decrypt the encrypted response data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 22)
- - 2. The network memory system of claim 1 wherein the destination-site appliance is further configured to transmit the decrypted response data.
  - 3. The network memory system of claim 1 wherein the source-site appliance is configured to encrypt the data using an Advanced Encryption Scheme algorithm.
  - 4. The network memory system of claim 1 wherein the source-site appliance is configured to encrypt the data using a Data Encryption Scheme algorithm.
  - 5. The network memory system of claim 1 wherein the source-site appliance is configured to encrypt the data using a Triple Data Encryption Scheme algorithm.
  - 6. The network memory system of claim 1 wherein the destination-site appliance is configured to combine the encrypted response data with a stream.
  - 7. The network system of claim 1 wherein the source-site appliance is configured to store the data at the index independent of an application or data context.
  - 22. The network memory system of claim 1 wherein the destination-site computer is a server.

8. A method for ensuring compliance in network memory, the method comprising:
- in a source-site appliance, intercepting data sent from a source-site computer to a destination-site computer, the source-site appliance coupled to the source-site computer via a source-site local area network and the source-site computer in communication with the destination-site computer via a wide area network;
  
  encrypting the data;
  
  storing the data in a first memory device within the source-site appliance;
  
  determining whether the data exists in a destination-site appliance appliance, the destination-site appliance coupled to the destination-site computer via a destination-site local area network;
  
  transmitting a store instruction comprising the data from the source-site appliance based on the determination that the data does not exist in the destination-site appliance;
  
  receiving the store instruction into the destination-site appliance;
  
  storing the data in a second memory device within the destination-site appliance;
  
  subsequently receiving a retrieve instruction into the destination-site appliance, the retrieve instruction comprising an index at which the data is stored;
  
  in the destination-site appliance, processing the retrieve instruction to obtain encrypted response data; and
  
  in the destination-site appliance, decrypting the encrypted response data.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 23)
- - 9. The method of claim 8 further comprising transmitting the decrypted response data from the destination-site appliance.
  - 10. The method of claim 8 further comprising encrypting the first data using an Advanced Encryption Scheme algorithm.
  - 11. The method of claim 8 further comprising encrypting the first data using a Data Encryption Scheme algorithm.
  - 12. The method of claim 8 further comprising encrypting the first data using a Triple Data Encryption Scheme algorithm.
  - 13. The method of claim 8 further comprising combining the encrypted response data with a key stream.
  - 14. The method of claim 9 further comprising storing the data at the index independent of an application or data context.
  - 23. The method of claim 8 wherein the destination-site computer is a server.

15. A software product for ensuring compliance in network memory comprising:
- software operational when executed by a processor to direct the processor to intercept data sent from a source-site computer to a destination-site computer, encrypt the data in a source-site appliance, store the data in a first memory device within the source-site appliance, determine whether the data exists in a destination-site appliance, transmit a store instruction comprising the data from the source-site appliance based on the determination that the data does not exist in the destination-site appliance, receive the store instruction into the destination-site appliance, store the data in a second memory device within the destination-site appliance, subsequently receive a retrieve instruction into the destination-site appliance, the retrieve instruction comprising an index at which the data is stored, process the retrieve instruction to obtain encrypted response data in the destination-site appliance, and decrypt the encrypted response data in the destination-site appliance; and
  
  a storage medium that stores the software.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 24)
- - 16. The software product of claim 15 wherein the software is operational when executed by the processor to transmit the decrypted response data.
  - 17. The software product of claim 15 wherein the software is operational when executed by the processor to encrypt the data using an Advanced Encryption Scheme algorithm.
  - 18. The software product of claim 15 wherein the software is operational when executed by the processor to encrypt the data using a Data Encryption Scheme algorithm.
  - 19. The software product of claim 15 wherein the software is operational when executed by the processor to encrypt the data using a Triple Data Encryption Scheme algorithm.
  - 20. The software product if claim 15 wherein the software is operational when executed by the processor to combine the encrypted response data with a key stream.
  - 21. The software product of claim 15 wherein the software is operational when executed by the processor to store the data at the index independent of an application or data context.
  - 24. The software product of claim 15 wherein the destination-site computer is a server.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Silver Peak Systems Incorporated (Hewlett-Packard Enterprise Company)
Inventors
Hughes, David Anthony
Primary Examiner(s)
Shah, Sanjiv
Assistant Examiner(s)
Ayash, Marwan

Application Number

US11/497,026
Publication Number

US 20070038858A1
Time in Patent Office

2,409 Days
Field of Search

None
US Class Current

711/165
CPC Class Codes

G06F 3/0605   by facilitating the interac...

G06F 3/0623   in relation to content

G06F 3/0647   Migration mechanisms

G06F 3/065   Replication mechanisms

G06F 3/067   Distributed or networked st...

H03M 7/30   Compression speech analysis...

H04L 12/66   Arrangements for connecting...

H04L 2209/12   Details relating to cryptog...

H04L 41/12   Discovery or management of ...

H04L 63/0281   Proxies

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

H04L 63/061   for key exchange, e.g. in p...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04L 67/1097   for distributed storage of ...

H04L 67/56   Provisioning of proxy servi...

H04L 67/564   Enhancement of application ...

H04L 67/5651   Reducing the amount or size...

H04L 67/568 : Storing data temporarily at...

H04L 9/3234 : involving additional secure...

View All

Data encryption in a network memory architecture for providing data based on local accessibility

First Claim

5 Assignments

1 Petition

Accused Products

Abstract

234 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Data encryption in a network memory architecture for providing data based on local accessibility

First Claim

5 Assignments

Subscription Required

Subscription Required

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

234 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links