Method and apparatus of securely processing data for file backup, de-duplication, and restoration

US 8,527,472 B2
Filed: 03/29/2011
Issued: 09/03/2013
Est. Priority Date: 03/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method of restoring at least one data file, the method comprising:

retrieving the at least one data file to be restored from a data storage location which also stores at least one de-duplicated file;

determining that the at least one data file is a link file storing metadata comprising a uniform resource identifier (URI) of a repository source file, and which also includes a key encrypted with an agent and server shared secret that was previously exchanged;

regenerating the previously exchanged shared secret;

decrypting the key from the link file using the shared secret; and

retrieving data from a data repository location to be restored using the decrypted key.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are an apparatus and method of restoring at least one data file. The method may include retrieving the at least one data file to be restored from a data storage location, determining that the at least one data file is a link file, and regenerating a previously exchanged shared secret. The method may also include decrypting a key from the link file using the shared secret, and retrieving data from a data repository location to be restored.

27 Citations

View as Search Results

20 Claims

1. A method of restoring at least one data file, the method comprising:
- retrieving the at least one data file to be restored from a data storage location which also stores at least one de-duplicated file;
  
  determining that the at least one data file is a link file storing metadata comprising a uniform resource identifier (URI) of a repository source file, and which also includes a key encrypted with an agent and server shared secret that was previously exchanged;
  
  regenerating the previously exchanged shared secret;
  
  decrypting the key from the link file using the shared secret; and
  
  retrieving data from a data repository location to be restored using the decrypted key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the data storage location is an online data storage location.
  - 3. The method of claim 1, wherein the shared secret is shared between an agent application and a server application.
  - 4. The method of claim 3, wherein the shared secret is a Diffie-Hellman (D-H) type shared secret.
  - 5. The method of claim 1, wherein the key is a random advanced encryption standard (AES) key.
  - 6. The method of claim 5, wherein the AES key is decrypted from metadata of the link file.
  - 7. The method of claim 1, further comprising:
    - decrypting the retrieved data from the data repository location via the AES key.

8. An apparatus configured to restore at least one data file, the apparatus comprising:
- a receiver configured to receive the at least one data file to be restored from a data storage location which also stores at least one de-duplicated file; and
  
  a processor configured todetermine that the at least one data file is a link file storing metadata comprising a uniform resource identifier (URI) of a repository source file, and which also includes a key encrypted with an agent and server shared secret that was previously exchanged;
  
  regenerate the previously exchanged shared secret; and
  
  decrypt the key from the link file using the shared secret; and
  
  wherein the receiver is further configured to receive data from a data repository location to be restored using the decrypted key.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the data storage location is an online data storage location.
  - 10. The apparatus of claim 8, wherein the shared secret is shared between an agent application and a server application.
  - 11. The apparatus of claim 10, wherein the shared secret is a Diffie-Hellman (D-H) type shared secret.
  - 12. The apparatus of claim 8, wherein the key is a random advanced encryption standard (AES) key.
  - 13. The apparatus of claim 12, wherein the AES key is decrypted from metadata of the link file.
  - 14. The apparatus of claim 8, wherein the processor is further configured to decrypt the received data from the data repository location via the AES key.

15. A non-transitory computer readable storage medium configured to store instructions that when executed cause a processor to perform restoring at least one data file, the processor being further configured to perform:
- retrieving the at least one data file to be restored from a data storage location which also stores at least one de-duplicated file;
  
  determining that the at least one data file is a link file storing metadata comprising a uniform resource identifier (URI) of a repository source file, and which also includes a key encrypted with an agent and server shared secret that was previously exchanged;
  
  regenerating the previously exchanged shared secret;
  
  decrypting the key from the link file using the shared secret; and
  
  retrieving data from a data repository location to be restored using the decrypted key.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium of claim 15, wherein the data storage location is an online data storage location.
  - 17. The non-transitory computer readable storage medium of claim 15, wherein the shared secret is shared between an agent application and a server application.
  - 18. The non-transitory computer readable storage medium of claim 17, wherein the shared secret is a Diffie-Hellman (D-H) type shared secret.
  - 19. The non-transitory computer readable storage medium of claim 15, wherein the key is a random advanced encryption standard (AES) key.
  - 20. The non-transitory computer readable storage medium of claim 19, wherein the AES key is decrypted from metadata of the link file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Datto LLC
Original Assignee
Kaseya International Limited (Kaseya Limited)
Inventors
Bosson, Charles
Primary Examiner(s)
DANG, THANH HA T

Application Number

US13/074,231
Publication Number

US 20120254125A1
Time in Patent Office

889 Days
Field of Search

707/679, 707/690, 707/693, 707/791, 707/802
US Class Current

707/679
CPC Class Codes

G06F 11/1453   using de-duplication of the...

G06F 11/1464   for networked environments

G06F 11/1469   Backup restoration techniques

G06F 16/1748   De-duplication implemented ...

G06F 2201/00   Indexing scheme relating to...

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/0844   with user authentication or...

H04L 9/0894   Escrow, recovery or storing...

Method and apparatus of securely processing data for file backup, de-duplication, and restoration

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus of securely processing data for file backup, de-duplication, and restoration

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links