Method and system for cloud based storage

US 9,021,264 B2
Filed: 02/03/2012
Issued: 04/28/2015
Est. Priority Date: 02/03/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing a first virtual machine in execution;

providing a storage area network for storing of data of the first virtual machine; and

providing a second virtual machine for receiving first data from the first virtual machine for storage within the storage area network and for securing the first data to form secured first data and for storing the secured first data within the storage area network,wherein the second virtual machine encrypts the first data using an encryption key data provided by an enterprise, the enterprise a same enterprise for whom the first virtual machine is in execution,wherein the first virtual machine is in execution exclusively for the same enterprise,wherein the encryption key data is provided from a key manager, andwherein the second virtual machine is authenticated to a process in execution within the enterprise prior to receiving the encryption key data and wherein the process within the enterprise requests the encryption key data from the key manager for provision to the second virtual machine.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is disclosed wherein a first virtual machine is provided in execution. A storage area network for storing of data of the first virtual machine is also provided. A second virtual machine is executed for receiving first data from the first virtual machine for storage within the storage area network and for securing the first data to form secured first data and for storing the secured first data within the storage area network.

15 Citations

View as Search Results

21 Claims

1. A method comprising:
- providing a first virtual machine in execution;
  
  providing a storage area network for storing of data of the first virtual machine; and
  
  providing a second virtual machine for receiving first data from the first virtual machine for storage within the storage area network and for securing the first data to form secured first data and for storing the secured first data within the storage area network,wherein the second virtual machine encrypts the first data using an encryption key data provided by an enterprise, the enterprise a same enterprise for whom the first virtual machine is in execution,wherein the first virtual machine is in execution exclusively for the same enterprise,wherein the encryption key data is provided from a key manager, andwherein the second virtual machine is authenticated to a process in execution within the enterprise prior to receiving the encryption key data and wherein the process within the enterprise requests the encryption key data from the key manager for provision to the second virtual machine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1 comprising providing a third virtual machine for maintaining a secure communication with the enterprise, the third virtual machine for being authenticated to the process in execution within the enterprise.
  - 3. A method according to claim 2 wherein the second virtual machine and the third virtual machine being authenticated comprises a process requiring manual provision of authentication data.
  - 4. A method according to claim 2 wherein the second virtual machine and the third virtual machine being authenticated comprises an automated virtual machine authentication method.
  - 5. A method according to claim 2 wherein the third virtual machine comprises a wNode and wherein the second virtual machine comprises an sNode.
  - 6. A method according to claim 1 wherein the second virtual machine forms part of a disaster recovery system.
  - 7. A method according to claim 6 comprising providing a fourth virtual machine for execution within the enterprise, the fourth virtual machine for performing an identical function to the first virtual machine, the first virtual machine for, upon failure of the fourth virtual machine, performing said function.
  - 8. A method according to claim 1 comprising:
    - providing a third virtual machine for receiving data from the enterprise and for providing the data to the first virtual machine for provision to the second virtual machine.
  - 9. A method according to claim 1 comprising:
    - providing a third virtual machine for receiving data from the enterprise and for providing the data to the first virtual machine for processing thereof.
  - 10. A method according to claim 1 wherein the second virtual machine forms part of a capacity planning system.

11. A method comprising:
- providing a first virtual service in execution;
  
  providing a storage area network for storing of data of the first virtual service; and
  
  providing a second virtual service for receiving first data from the first virtual service for storage within the storage area network and for securing the first data to form secured first data and for storing the secured first data within the storage area network,wherein the second virtual service encrypts the first data using an encryption key data provided by an enterprise, the enterprise a same enterprise for whom the first virtual service is in execution,wherein the first virtual service is in execution exclusively for the same enterprise,wherein the encryption key data is provided from a key manager, andwherein the second virtual service is authenticated to a process in execution within the enterprise prior to receiving the encryption key data and wherein the process within the enterprise requests the encryption key data from the key manager for provision to the second virtual service.
- View Dependent Claims (12, 13, 14, 15)
- - 12. A method according to claim 11 wherein the second virtual service forms part of a disaster recovery system.
  - 13. A method according to claim 11 comprising:
    - providing a third virtual service for receiving data from the enterprise and for providing the data to the first virtual service for provision to the second virtual service.
  - 14. A method according to claim 11 comprising:
    - providing a third virtual service for receiving data from the enterprise and for providing the data to the first virtual service for processing thereof.
  - 15. A method according to claim 11 wherein the first virtual service is for execution within a first virtual machine and the second virtual service is for execution within a second other virtual machine.

16. A method comprising:
- providing a first virtual service in execution;
  
  providing a storage area network for storing of data of the first virtual service; and
  
  providing a second virtual service for receiving first data from the first virtual service for storage within the storage area network and for securing the first data to form secured first data and for storing the secured first data within the storage area network,wherein the second virtual service encrypts the first data using an encryption key data provided by an enterprise, the enterprise a same enterprise for whom the first virtual service is in execution,wherein the first virtual service is in execution exclusively for the same enterprise, and comprising a third virtual service for maintaining a secure communication with the enterprise, the third virtual service for being authenticated to the process in execution within the enterprise.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. A method according to claim 16 wherein the second virtual service and the third virtual service being authenticated comprises a process requiring manual provision of authentication data.
  - 18. A method according to claim 16 wherein the second virtual service and the third virtual service being authenticated comprises an automated virtual machine authentication method.
  - 19. A method according to claim 16 wherein the third virtual service comprises a wNode and wherein the second virtual service comprises an sNode.
  - 20. A method according to claim 16 comprising providing a fourth virtual service for execution within the enterprise, the fourth virtual service for performing an identical function to the first virtual service, the first virtual service for, upon failure of the fourth virtual service, performing said function.
  - 21. A method according to claim 16 wherein the first virtual service is for execution within a first virtual machine and the second virtual service is for execution within a second other virtual machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
Cloudlink Technologies, Inc. (Dell Technologies Inc.)
Inventors
Nossik, Misha, Dumitrescu, Razvan, Du, Lejin, You, Zhengping, Berfeld, Yuri
Primary Examiner(s)
LE, CHAU D

Application Number

US13/365,768
Publication Number

US 20120204030A1
Time in Patent Office

1,180 Days
Field of Search

713/155, 713/168, 718/1
US Class Current

713/168
CPC Class Codes

G06F 2009/45579   I/O management, e.g. provid...

G06F 2009/45587   Isolation or security of vi...

G06F 21/6218   to a system of files or obj...

G06F 9/45558   Hypervisor-specific managem...

H04L 9/0822   using key encryption key

H04L 9/0891   Revocation or update of sec...

H04L 9/0897   involving additional device...

Method and system for cloud based storage

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for cloud based storage

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links