Systems and methods for transformation of logical data objects for storage
First Claim
1. A method for reading encrypted data from an encrypted logical object comprising a plurality of encrypted storage sections, said method comprising:
- receiving, by a processor, a request to read a range of data stored in the encrypted logical object at a particular point in time;
identifying, in a plurality of log records associated with a plurality of encrypted storage sections, all entries related to the range of data in a first encrypted storage section before the particular point in time and including the particular point in time;
selecting each last updated entry from all the entries related to the range of data in the first encrypted storage section;
decrypting encrypted data associated with each selected last updated entry related to the range of data in the first encrypted storage section to generated first decrypted data; and
transmitting the first decrypted data within the range to a requestor.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for encrypting a plaintext logical data object for storage in a storage device operable with at least one storage protocol, creating, reading, writing, optimization and restoring thereof. Encrypting the plaintext logical data object comprises creating in the storage device an encrypted logical data object comprising a header and one or more allocated encrypted sections with predefined size; encrypting one or more sequentially obtained chunks of plaintext data corresponding to the plaintext logical data object thus giving rise to the encrypted data chunks; and sequentially accommodating the processed data chunks into said encrypted sections in accordance with an order said chunks received, wherein said encrypted sections serve as atomic elements of encryption/decryption operations during input/output transactions on the logical data object.
142 Citations
20 Claims
-
1. A method for reading encrypted data from an encrypted logical object comprising a plurality of encrypted storage sections, said method comprising:
-
receiving, by a processor, a request to read a range of data stored in the encrypted logical object at a particular point in time; identifying, in a plurality of log records associated with a plurality of encrypted storage sections, all entries related to the range of data in a first encrypted storage section before the particular point in time and including the particular point in time; selecting each last updated entry from all the entries related to the range of data in the first encrypted storage section; decrypting encrypted data associated with each selected last updated entry related to the range of data in the first encrypted storage section to generated first decrypted data; and transmitting the first decrypted data within the range to a requestor. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for reading data from an encrypted logical object, said system comprising:
-
a processor; and a storage device coupled to said processor, wherein the storage device is configured to store computer code that, when executed by the processor, causes the processor to; receive a request to read a range of data stored in the encrypted logical object at a particular point in time, identify, in a plurality of log records associated with a plurality of encrypted storage sections, all entries related to the range of data in a first encrypted storage section before the particular point in time and including the particular point in time, select each last updated entry from all the entries related to the range of data in the first encrypted storage section, decrypt encrypted data associated with each selected last updated entry related to the range of data in the first encrypted storage section to generated first decrypted data, and transmit the first decrypted data within the range to a requestor. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product comprising a non-transitory computer-readable medium including a computer-readable program code embodied therein for reading data from an encrypted logical object comprising a plurality of encrypted storage sections, said computer program product comprising:
-
computer code for receiving, by a processor, a request to read a range of data stored in the encrypted logical object at a particular point in time; computer code for identifying, in a plurality of log records associated with a plurality of encrypted storage sections, all entries related to the range of data in a first encrypted storage section before the particular point in time and including the particular point in time; computer code for selecting each last updated entry from all the entries related to the range of data in the first encrypted storage section; computer code for decrypting encrypted data associated with each selected last updated entry related to the range of data in the first encrypted storage section to generated first decrypted data; and computer code for transmitting the first decrypted data within the range to a requestor. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification