File backup with selective encryption
First Claim
Patent Images
1. A method for backing up a file, the method comprising:
- receiving, at a media agent hosted by a secondary computing device comprising one or more hardware processors, a command from a storage manager to backup a file at a secondary storage device, the storage manager comprising one or more hardware processors programmed to manage data within an information management system comprising a plurality of client computing devices and a plurality of secondary computing devices;
receiving the file at the media agent from a data agent hosted by a client computing device from the plurality of client computing devices, wherein the client computing device differs from the secondary computing device, wherein the media agent is programmed as an interface to the secondary storage device for the client computing device, and wherein the data agent is programmed as a data manager at the client computing device for managing data, including the file, stored at a primary storage device;
determining whether the file is an encrypted file;
in response to determining that the file is an encrypted file;
identifying an encryption algorithm used to encrypt the file;
storing metadata associated with the file, the metadata including an identity of the encryption algorithm; and
storing the file at the secondary storage device without performing an encryption process; and
in response to determining that the file is not an encrypted file;
encrypting the file to obtain an encrypted file; and
storing the encrypted file at the secondary storage device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for automatically encrypting files is disclosed. In some cases, the method may be performed by computer hardware comprising one or more processors. The method can include detecting access to a first file, which may be stored in a primary storage system. Further, the method can include determining whether the access comprises a write access. In response to determining that the access comprises a write access, the method can include accessing file metadata associated with the first file and accessing a set of encryption rules. In addition, the method can include determining whether the file metadata satisfies the set of encryption rules. In response to determining that the file metadata satisfies the set of encryption rules, the method can include encrypting the first file to obtain a first encrypted file and modifying an extension of the first encrypted file to include an encryption extension.
252 Citations
20 Claims
-
1. A method for backing up a file, the method comprising:
-
receiving, at a media agent hosted by a secondary computing device comprising one or more hardware processors, a command from a storage manager to backup a file at a secondary storage device, the storage manager comprising one or more hardware processors programmed to manage data within an information management system comprising a plurality of client computing devices and a plurality of secondary computing devices; receiving the file at the media agent from a data agent hosted by a client computing device from the plurality of client computing devices, wherein the client computing device differs from the secondary computing device, wherein the media agent is programmed as an interface to the secondary storage device for the client computing device, and wherein the data agent is programmed as a data manager at the client computing device for managing data, including the file, stored at a primary storage device; determining whether the file is an encrypted file; in response to determining that the file is an encrypted file; identifying an encryption algorithm used to encrypt the file; storing metadata associated with the file, the metadata including an identity of the encryption algorithm; and storing the file at the secondary storage device without performing an encryption process; and in response to determining that the file is not an encrypted file; encrypting the file to obtain an encrypted file; and storing the encrypted file at the secondary storage device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for backing up a file, the system comprising:
-
a primary storage device configured to store a set of files; a secondary storage device configured to store a backup of a file from the set of files; a storage manager comprising one or more hardware processors programmed to manage data within an information management system comprising a plurality of client computing devices and a plurality of secondary computing devices, the storage manager programmed to initiate the backup of the file, wherein initiating the backup of the file comprises sending a first backup command to a data agent; the data agent hosted by a client computing device from the plurality of client computing devices, wherein the client computing device differs from a secondary computing device, and wherein the data agent is programmed as a data manager at the client computing device for managing data, including the file, stored at the primary storage device, and wherein the data agent is further programmed to provide the file to a media agent responsive to receiving the first backup command; and the media agent hosted by the secondary computing device comprising one or more hardware processors, wherein the media agent is programmed as an interface to the secondary storage device for the client computing device, and wherein the media agent is further programmed to; receive the file from the data agent; determine whether the file is an encrypted file; in response to determining that the file is an encrypted file; identify an encryption algorithm used to encrypt the file; store metadata associated with the file, the metadata including an identity of the encryption algorithm; and store the file at the secondary storage device without performing an encryption process; and in response to determining that the file is not an encrypted file, encrypt the file to obtain an encrypted file and store the encrypted file at the secondary storage device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCommVault Systems Incorporated
-
Original AssigneeCommVault Systems Incorporated
-
InventorsErofeev, Andrei, Pawar, Rahul S.
-
Primary Examiner(s)Jhaveri, Jayesh
-
Application NumberUS14/042,095Publication NumberTime in Patent Office1,128 DaysField of SearchUS Class Current1/1CPC Class CodesG06F 11/1402 Saving, restoring, recoveri...G06F 11/1458 Management of the backup or...G06F 21/60 Protecting dataG06F 21/602 Providing cryptographic fac...G06F 21/62 Protecting access to data v...G06F 21/6209 to a single file or object,...G06F 21/6218 to a system of files or obj...G06F 21/70 Protecting specific interna...G06F 21/78 to assure secure storage of...G06F 2201/84 Using snapshots, i.e. a log...G06F 2221/2107 File encryptionH04L 9/0822 using key encryption keyH04L 9/0825 using asymmetric-key encryp...H04L 9/088 Usage controlling of secret...H04L 9/0891 Revocation or update of sec...H04L 9/0897 involving additional device...H04L 9/14 using a plurality of keys o...
