Systems and methods for implementing an encrypted search index
First Claim
1. A system to execute within a host organization, wherein the system comprises:
- a processor and a memory to execute instructions at the system;
a search index stored on disk within the system comprised of a plurality of individual search index files, each of the individual search index files being accessible as a random access file, the search index having information stored therein, wherein at least one of the individual search index files constitutes a term dictionary or a term index type file having internal structure which allows a portion of the individual search index file to be updated, encrypted, and/or decrypted without affecting the internal structure of the individual search index file;
wherein the search index stores both customer data and non-customer data organized into sub-blocks, wherein sub-blocks having customer data therein do not contain non-customer data and wherein sub-blocks having non-customer data therein do not contain customer data;
a file input/output (TO) layer to encrypt the information being written into the individual search index file and to decrypt the information being read from the individual search index file, wherein the file IO layer encrypts and decrypts only a portion of the individual search index file in reply to an operation without requiring decryption or encryption of the individual search index file in its entirety; and
a query interface to execute the operation against the information stored in the memory in its decrypted form.
1 Assignment
0 Petitions
Accused Products
Abstract
A search index stored within the system having a plurality of individual search index files having information stored therein. At least one of the individual search index files constitutes a term dictionary or a term index type file having internal structure that allows a portion of the individual search index file to be updated, encrypted, and/or decrypted without affecting the internal structure of the individual search index file. A file input/output (IO) layer encrypts the information being written into the individual search index file and to decrypt the information being read from the individual search index file. The file TO layer encrypts and decrypts only a portion of the individual search index file in reply to an operation without requiring decryption or encryption of the individual search index file in its entirety. A query interface executes the operation against the information stored in the memory in its decrypted form.
-
Citations
24 Claims
-
1. A system to execute within a host organization, wherein the system comprises:
-
a processor and a memory to execute instructions at the system; a search index stored on disk within the system comprised of a plurality of individual search index files, each of the individual search index files being accessible as a random access file, the search index having information stored therein, wherein at least one of the individual search index files constitutes a term dictionary or a term index type file having internal structure which allows a portion of the individual search index file to be updated, encrypted, and/or decrypted without affecting the internal structure of the individual search index file; wherein the search index stores both customer data and non-customer data organized into sub-blocks, wherein sub-blocks having customer data therein do not contain non-customer data and wherein sub-blocks having non-customer data therein do not contain customer data; a file input/output (TO) layer to encrypt the information being written into the individual search index file and to decrypt the information being read from the individual search index file, wherein the file IO layer encrypts and decrypts only a portion of the individual search index file in reply to an operation without requiring decryption or encryption of the individual search index file in its entirety; and a query interface to execute the operation against the information stored in the memory in its decrypted form. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented method to execute within a host organization having at least a processor and a memory therein, wherein the computer-implemented method comprises:
-
storing a search index on disk within the host organization, the search index comprised of a plurality of individual search index files, each of the individual search index files being accessible as a random access file, the search index and having information stored therein, wherein at least one of the individual search index files constitutes a term dictionary or a term index type file having internal structure which allows a portion of the individual search index file to be updated, encrypted, and/or decrypted without affecting the internal structure of the individual search index file; wherein the search index stores both customer data and non-customer data organized into sub-blocks, wherein sub-blocks having customer data therein do not contain non-customer data and wherein sub-blocks having non-customer data therein do not contain customer data; encrypting the information being written into the search index via a file input/output (TO) layer and decrypting the customer information being read from the search index via the file IO layer, wherein the file IO layer encrypts and decrypts only a portion of the search index in reply to an operation without requiring decryption or encryption of the individual search index file in its entirety; and executing, via a query interface, the operation against the information stored in the memory in its decrypted form. - View Dependent Claims (18, 19, 20, 21)
-
-
22. Non-transitory computer readable storage media having instructions stored thereon that, when executed by a processor of a system, the instructions cause the system to perform operations comprising:
-
storing a search index on disk within the host organization, the search index comprised of a plurality of individual search index files, each of the individual search index files being accessible as a random access file, the search index having information stored therein, wherein at least one of the individual search index files constitutes a term dictionary or a term index type file having internal structure which allows a portion of the individual search index file to be updated, encrypted, and/or decrypted without affecting the internal structure of the individual search index file; wherein the search index stores both customer data and non-customer data organized into sub-blocks, wherein sub-blocks having customer data therein do not contain non-customer data and wherein sub-blocks having non-customer data therein do not contain customer data; encrypting the information being written into the search index via a file input/output (TO) layer and decrypting the customer information being read from the search index via the file IO layer, wherein the file IO layer encrypts and decrypts only a portion of the search index in reply to an operation without requiring decryption or encryption of the individual search index file in its entirety; and executing, via a query interface, the operation against the information stored in the memory in its decrypted form. - View Dependent Claims (23, 24)
-
Specification