Data consistency in an encrypted replication environment
First Claim
1. A computer-executable method for testing data consistency in a replicated data storage environment, wherein the replicated data storage environment includes data storage systems at a production site and a target site, wherein the target site is located within a cloud storage provider and each of the data storage systems includes one or more processors and memory, the computer-executable method comprising:
- receiving a request for a data consistency check of encrypted data stored at the second data storage system at the target site;
retrieving replicated signatures from the second data storage system at the target site, wherein the replicated signatures are based on encrypted data stored at the second data storage system, wherein the encrypted data is data that was encrypted with a production encryption key maintained only at the production site;
retrieving production signatures from a first data storage system from the production site, wherein retrieving production signatures comprises;
encrypting data from the first data storage system at the production site using the production encryption key maintained only at the production site; and
creating the production signatures based on the encrypted data from the production site; and
determining data consistency based on an analysis of the replicated signatures and the production signatures, wherein, to accurately verify consistency between the replicated signatures and the production signatures, the production encryption key maintained only at the production site is used for to encrypt both the encrypted data from the first data storage system and the encrypted data stored at the second data storage system.
8 Assignments
0 Petitions
Accused Products
Abstract
A System, Computer Program Product, and computer-executable method for testing data consistency in a replicated data storage environment, wherein the replicated data storage environment includes a production site and a target site, wherein the target site is located within a cloud storage provider, the System, Computer Program Product, and computer-executable method includes receiving a request for a data consistency check of encrypted data stored at the target site, retrieving replicated signatures from the target site, retrieving production signatures from the production site, and determining data consistency based on an analysis of the replicated signatures and the production signatures.
21 Citations
17 Claims
-
1. A computer-executable method for testing data consistency in a replicated data storage environment, wherein the replicated data storage environment includes data storage systems at a production site and a target site, wherein the target site is located within a cloud storage provider and each of the data storage systems includes one or more processors and memory, the computer-executable method comprising:
- receiving a request for a data consistency check of encrypted data stored at the second data storage system at the target site;
retrieving replicated signatures from the second data storage system at the target site, wherein the replicated signatures are based on encrypted data stored at the second data storage system, wherein the encrypted data is data that was encrypted with a production encryption key maintained only at the production site;
retrieving production signatures from a first data storage system from the production site, wherein retrieving production signatures comprises;
encrypting data from the first data storage system at the production site using the production encryption key maintained only at the production site; and
creating the production signatures based on the encrypted data from the production site; and
determining data consistency based on an analysis of the replicated signatures and the production signatures, wherein, to accurately verify consistency between the replicated signatures and the production signatures, the production encryption key maintained only at the production site is used for to encrypt both the encrypted data from the first data storage system and the encrypted data stored at the second data storage system.
- receiving a request for a data consistency check of encrypted data stored at the second data storage system at the target site;
-
2. The computer-executable method of claim 1, further comprising initiating a data consistency check at a host in communication with the replicated data storage environment.
-
3. The computer-executable method of claim 1, wherein the replicated data storage environment includes a Data Protection Appliance (DPA);
- configuring the DPA to conduct the data consistency check.
-
4. The computer-executable method of claim 3, wherein configuring comprises:
- creating a periodic event using the DPA, wherein the periodic event is enabled to initiate the data consistency check.
-
5. The computer-executable method of claim 1, wherein the replicated data storage environment is enabled to conduct the data consistency check on a periodic basis.
-
6. The computer-executable method of claim 1, wherein retrieving the signatures from the replica site comprises:
- reading data from the replica site; and
creating signatures for the read data using a hashing function.
- reading data from the replica site; and
-
7. A system, comprising:
- a replicated data storage environment, wherein the replicated data storage environment includes data storage systems at a production site and a target site; and
computer-executable program logic encoded in memory of one or more computers enabled to test for data consistency in the replicated data storage environment, wherein the computer-executable program logic is configured for the execution of;
receiving a request for a data consistency check of encrypted data stored at a first storage system at the target site;
retrieving replicated signatures from the target site, wherein the replicated signatures are based on encrypted data stored at a second storage system at the target site, wherein the encrypted data is data that was encrypted with a production encryption key maintained only at the production site;
retrieving production signatures from the production site, wherein retrieving production signatures comprises;
encrypting data from the production site using the production encryption key maintained only at the production site; and
creating the production signatures based on the encrypted data from the production site; and
determining data consistency based on an analysis of the replicated signatures and the production signatures, wherein, to accurately verify consistency between the replicated signatures and the production signatures, the production encryption key maintained only at the production site is used for to encrypt both the encrypted data from the first data storage system and the encrypted data stored at the second data storage system.
- a replicated data storage environment, wherein the replicated data storage environment includes data storage systems at a production site and a target site; and
-
8. The system of claim 7, wherein the computer-executable program logic is further configured for the execution of initiating a data consistency check at a host in communication with the replicated data storage environment.
-
9. The system of claim 7, wherein the computer-executable program logic is further configured for the execution of:
- wherein the replicated data storage environment includes a Data Protection Appliance (DPA); and
configuring the DPA to conduct the data consistency check.
- wherein the replicated data storage environment includes a Data Protection Appliance (DPA); and
-
10. The system of claim 9, wherein configuring comprises:
- 5 creating a periodic event using the DPA, wherein the periodic event is enabled to initiate the data consistency check.
-
11. The system of claim 7, wherein the replicated data storage environment is enabled to conduct the data consistency check on a periodic basis.
-
12. The system claim 7, wherein retrieving the signatures from the replica site comprises:
- reading data from the replica site; and
creating signatures for the read data using a hashing function.
- reading data from the replica site; and
-
13. A computer program product for testing data consistency in a replicated data storage environment, wherein the replicated data storage environment includes data storage systems a production site and a target site, wherein the target site is located within a cloud storage provider, the computer program product comprising:
- a non-transitory computer readable medium encoded with computer-executable code, the code configured to enable the execution of;
receiving a request for a data consistency check of encrypted data stored at a first data storage system at the target site;
retrieving replicated signatures from the target site, wherein the replicated signatures are based on encrypted data stored at a second data storage system at the target site, wherein the encrypted data is data that was encrypted with a production encryption key maintained only at the production site;
retrieving production signatures from the production site, wherein retrieving production signatures comprises;
encrypting data from the production site using the production encryption key maintained only at the production site; and
creating the production signatures based on the encrypted data from the production site; and
determining data consistency based on an analysis of the replicated signatures and the production signatures, wherein, to accurately verify consistency between the replicated signatures and the production signatures, the production encryption key maintained only at the production site is used for to encrypt both the encrypted data from the first data storage system and the encrypted data stored at the second data storage system.
- a non-transitory computer readable medium encoded with computer-executable code, the code configured to enable the execution of;
-
14. The computer program product of claim 13, wherein the code is further configured to initiating a data consistency check at a host in communication with the replicated data storage environment.
-
15. The computer program product of claim 13, wherein the code is further configured to wherein the replicated data storage environment includes a Data Protection Appliance (DPA);
- configuring the DPA to conduct the data consistency check.
-
16. The computer program product of claim 15, wherein configuring comprises:
- creating a periodic event using the DPA, wherein the periodic event is enabled to initiate the data consistency check.
-
17. The computer program product of claim 13, wherein retrieving the signatures from the replica site comprises:
- reading data from the replica site; and
creating signatures for the read data using a hashing function.
- reading data from the replica site; and
Specification