Securing backing storage data passed through a network
First Claim
1. A method to secure data read from a storage device before the data is passed to a network, comprising:
- reading data from the storage device before the data is passed to the network;
examining, with an electronic device, the data read from the storage device to identify header information that indicates whether the data is either compressed or uncompressed;
identifying the data as either compressed or uncompressed based on the examination of the header information;
evaluating the data to determine whether the data read from the storage device is in encrypted form or whether the data read from the storage device is in unencrypted form;
passing the data read from the storage device without further encryption in response to determination that the data read from the storage device is in encrypted form so as to avoid double encryption of the data;
encrypting the data read from the storage device in response to determination that the data read from the storage device is not in encrypted form;
passing the encrypted data to the network; and
storing the encrypted data in a cache.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques described herein generally relate to methods, data processing devices and computer readable media to ensure that data stored in a remote backing storage device are in encrypted form before that data is transferred to another device or over a network. In some examples, the methods, data processing devices and computer readable media may be arranged to encrypt the data passed to the network when the data stored in the backing storage device is in unencrypted form. Also disclosed are methods, data processing devices and computer readable media that identify when the data stored in the backing storage device is in unencrypted form, including methods that may detect that the data may appear to be in encrypted form as a result of the data being compressed.
-
Citations
21 Claims
-
1. A method to secure data read from a storage device before the data is passed to a network, comprising:
-
reading data from the storage device before the data is passed to the network; examining, with an electronic device, the data read from the storage device to identify header information that indicates whether the data is either compressed or uncompressed; identifying the data as either compressed or uncompressed based on the examination of the header information; evaluating the data to determine whether the data read from the storage device is in encrypted form or whether the data read from the storage device is in unencrypted form; passing the data read from the storage device without further encryption in response to determination that the data read from the storage device is in encrypted form so as to avoid double encryption of the data; encrypting the data read from the storage device in response to determination that the data read from the storage device is not in encrypted form; passing the encrypted data to the network; and storing the encrypted data in a cache. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A remote data storage system that includes data security, the remote data storage system comprising:
-
a storage device configured to store data in encrypted form unencrypted form, or combinations thereof; and an electronic device coupled to the storage device, the electronic device configured to examine data read from the storage device before the data is passed to a network, the electronic device further configured to identify the data read from the storage device as either stored in encrypted form or stored in unencrypted form, wherein the electronic device is further configured to encrypt the data read from the storage device before the data read from the storage device is output from the remote data storage system to the network, in response to the data read from the storage device being identified as stored in unencrypted form and in response to identification of an authorized user by an input device coupled to the electronic device, and wherein the electronic device is further configured to examine the data read from the storage device to identify header information that indicates whether the data read from the storage device is either compressed or uncompressed and further configured to identify the data read from the storage device as either compressed or uncompressed based on the examination of the header information. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A data processor system to secure data transferred over a network, comprising:
-
a remote data storage system, the remote storage system comprising; a storage device configured to store certain data in encrypted form, unencrypted form, or a combination thereof; and an electronic device coupled to the storage device, the electronic device configured to identify the certain data stored in the storage device as either encrypted or unencrypted and pass the certain data to the network encrypted, the electronic device further configured to only encrypt the certain data prior to passage of the certain data to the network responsive to identification of the certain data as unencrypted such that the certain data is not double encrypted, the electronic device further configured to examine the certain data to identify header information that indicates whether the certain data is either compressed or uncompressed and configured to identify the certain data as either compressed or uncompressed based on the examination of the header information; and a computer system communicatively coupled to the remote data storage system, the computer system comprising; a processor; a data cache coupled to the processor and configured to store the certain data from the network for use by the processor. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification