Secure data replication in a storage grid
First Claim
1. A method for secure data replication in a storage grid, comprising:
- producing a storage key from a key share of each of at least two storage clusters from a storage grid of at least three storage clusters;
producing a grid key from the storage key and an external secret;
producing once encrypted data from the grid key and data received for storage in the storage grid;
producing twice encrypted data, at a first one of the at least three storage clusters, from the storage key and the once encrypted data;
storing the twice encrypted data in the first one of the at least three storage clusters;
sending the once encrypted data to a second one of the at least three storage clusters;
producing a replicated version of the twice encrypted data, at the second one of the at least three storage clusters, from the once encrypted data as received at the second one of the at least three storage clusters; and
storing the replicated version of the twice encrypted data in the second one of the at least three storage clusters.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.
-
Citations
7 Claims
-
1. A method for secure data replication in a storage grid, comprising:
-
producing a storage key from a key share of each of at least two storage clusters from a storage grid of at least three storage clusters; producing a grid key from the storage key and an external secret; producing once encrypted data from the grid key and data received for storage in the storage grid; producing twice encrypted data, at a first one of the at least three storage clusters, from the storage key and the once encrypted data; storing the twice encrypted data in the first one of the at least three storage clusters; sending the once encrypted data to a second one of the at least three storage clusters; producing a replicated version of the twice encrypted data, at the second one of the at least three storage clusters, from the once encrypted data as received at the second one of the at least three storage clusters; and storing the replicated version of the twice encrypted data in the second one of the at least three storage clusters. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification