Protocol translation
First Claim
1. A method for protocol translation executed on a security appliance, comprising:
- receiving a first access request having a first command and a data payload, wherein the first command is formatted according to a first data transfer protocol, wherein the data payload is encrypted according to a first encryption protocol, wherein the first encryption protocol operates at a first layer of a multi-layered protocol stack;
decrypting the encrypted data payload;
translating the first command into a second command formatted according to a second data transfer protocol different than the first data transfer protocol;
re-encrypting the decrypted data payload according to a second encryption protocol different than the first encryption protocol, wherein the second command is not encrypted, wherein the second encryption protocol operates at a second layer of the multi-layered protocol stack different from the first layer; and
transmitting a second access request having the second command and the re-encrypted data payload to a server, wherein the second access request is transmitted according to the second data transfer protocol, wherein the re-encryption is transparent to the server.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securing data by receiving encrypted data at a security appliance transmitted from a client, wherein at least a portion of the encrypted data is encrypted according to a first encryption protocol, and wherein the encrypted data is transmitted to the security appliance according to a first data transfer protocol. The encrypted data is then decrypted at the security appliance, wherein at least a portion of the decrypted data is re-encrypted according to a second encryption protocol at the security appliance. The re-encrypted data is transmitted from the security appliance to a storage device, wherein the re-encrypted data is transmitted according to a second data transfer protocol that is different than the first data transfer protocol.
98 Citations
34 Claims
-
1. A method for protocol translation executed on a security appliance, comprising:
-
receiving a first access request having a first command and a data payload, wherein the first command is formatted according to a first data transfer protocol, wherein the data payload is encrypted according to a first encryption protocol, wherein the first encryption protocol operates at a first layer of a multi-layered protocol stack; decrypting the encrypted data payload; translating the first command into a second command formatted according to a second data transfer protocol different than the first data transfer protocol; re-encrypting the decrypted data payload according to a second encryption protocol different than the first encryption protocol, wherein the second command is not encrypted, wherein the second encryption protocol operates at a second layer of the multi-layered protocol stack different from the first layer; and transmitting a second access request having the second command and the re-encrypted data payload to a server, wherein the second access request is transmitted according to the second data transfer protocol, wherein the re-encryption is transparent to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer readable storage medium containing executable program instructions for execution by a processor, comprising:
-
program instructions that receive, at a security appliance, an access request having a first command and a data payload, the access request directed to a storage device, wherein the data payload is encrypted according to a first encryption protocol and received at the security appliance according to a first data transfer protocol, wherein the first encryption protocol operates at a first layer of a multi-layered protocol stack; program instructions that decrypt the encrypted data payload at the security appliance; program instructions that translate the first command into a second command formatted according to a second data transfer protocol different than the first data transfer protocol; program instructions that re-encrypt the decrypted data payload at the security appliance according to a second encryption protocol different than the first encryption protocol, wherein the second command is not encrypted, wherein the second encryption protocol operates at a second layer of the multi-layered protocol stack different from the first layer; and program instructions that transmit the second command and the re-encrypted data payload according to the second data transfer protocol from the security appliance to a storage device, wherein the re-encryption is transparent to the storage device such that the re-encrypted data payload is stored at the storage device. - View Dependent Claims (17, 18)
-
-
19. A system, comprising:
-
a security appliance configured to be coupled to transmitting and receiving devices, the security appliance further configured to receive a first access request from the transmitting device, wherein the first access request is directed to the receiving device, wherein the first access request includes a first command and a data payload encrypted according to a first encryption protocol, and wherein the first access request is received at the security appliance according to a first data transfer protocol, wherein the first encryption protocol operates at a first layer of a multi-layered protocol stack; the security appliance further configured to decrypt the encrypted data payload; the security appliance further configured to translate the first command into a second command formatted according to a second data transfer protocol different than the first data transfer protocol; the security appliance further configured to re-encrypt the decrypted data payload according to a second encryption protocol different than the first encryption protocol, wherein the second command is not encrypted, wherein the second encryption protocol operates at a second layer of the multi-layered protocol stack different from the first layer; and the security appliance further configured to transmit a second access request having the second command and the re-encrypted data payload to the receiving device, wherein the second access request is transmitted according to the second data transfer protocol, wherein the re-encryption is transparent to the receiving device such that the re-encrypted data payload is received at the receiving device. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
Specification