INCREMENTAL SECURE BACKUP AND RESTORE OF USER SETTINGS AND DATA

US 20090006640A1
Filed: 06/28/2007
Published: 01/01/2009
Est. Priority Date: 06/28/2007
Status: Active Grant

First Claim

Patent Images

1. A method of performing a secure full backup of user settings and data comprising:

determining a set of objects to be backed up;

creating a manifest;

encrypting each object to be backed up to form an encrypted data;

forming a data stream for each object to be backed up to be sent to a host data processing system;

creating an object map for each object to be backed up;

updating the manifest with the object map;

sending the data stream for each object to be backed up to the host system, wherein the host system saves the data stream under the path hash for each object;

signing the manifest with a digital signature for authentication; and

sending the manifest to the host system, wherein the host system saves the signed manifest.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatuses for performing secure incremental backup and restore operations are disclosed.

198 Citations

View as Search Results

38 Claims

1. A method of performing a secure full backup of user settings and data comprising:
- determining a set of objects to be backed up;
  
  creating a manifest;
  
  encrypting each object to be backed up to form an encrypted data;
  
  forming a data stream for each object to be backed up to be sent to a host data processing system;
  
  creating an object map for each object to be backed up;
  
  updating the manifest with the object map;
  
  sending the data stream for each object to be backed up to the host system, wherein the host system saves the data stream under the path hash for each object;
  
  signing the manifest with a digital signature for authentication; and
  
  sending the manifest to the host system, wherein the host system saves the signed manifest.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein determining the set of objects to be backed up comprises walking a whitelist.
  - 3. The method of claim 1, wherein creating the object map comprises:
    - computing the path hash of the object to be backed up;
      
      computing the contents hash of the data stream for each object; and
      
      mapping the path hash to the contents hash for each object to be backed up.
  - 4. The method of claim 1, wherein the encrypting each object to be backed up comprises:
    - obtaining an object encryption key (OEK);
      
      concatenating the object path with object bytes for each object to be backed up; and
      
      encrypting the object path concatenated with the object bytes using the OEK to form the encrypted data.
  - 5. The method of claim 4, further comprising forming a wrapped object encryption key (WOEK) comprising:
    - obtaining a master encryption key (MEK);
      
      encrypting the MEK and saving the encrypted MEK in the manifest;
      
      obtaining an initialization vector (IV);
      
      concatenating the IV with the OEK; and
      
      encrypting the concatenated IV and OEK using the MEK.
  - 6. The method of claim 5, wherein forming the data stream for each object to be backed up comprises:
    - concatenating the IV with the WOEK; and
      
      concatenating the concatenated IV and WOEK with the encrypted data.
  - 7. The method of claim 1, wherein the MEK is a 16 byte value obtained from a randomized algorithm
  - 8. The method of claim 1, wherein the OEK is 16 byte value obtained from a randomized algorithm.
  - 9. The method of claim 1, wherein the IV is obtained from a randomized algorithm.

10. A method of performing a secure incremental backup of user settings and data comprising:
- receiving, over a network, an old manifest from a host data processing system including an object map of a set of encrypted objects stored on the host system, wherein the manifest includes a digital signature for authentication;
  
  performing the following for each object to be backed up if the digital signature is valid;
  
  creating a new manifest;
  
  comparing each object to be backed up with entries in the old manifest to determine a first set of objects that are new and a second set of objects that have been modified since a previous backup associated with the old manifest was performed;
  
  computing a path hash for each of the first and second set of objects;
  
  encrypting each of the first and second set of objects;
  
  computing a content hash for each of the encrypted objects;
  
  updating the new manifest;
  
  sending each of the encrypted objects to the host system; and
  
  signing and sending the new manifest to the host system, wherein the host system deletes a third set of files which have been deleted since the previous backup was performed.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The method of claim 10, wherein determining the second set of objects that have been added comprises identifying objects to be backed up that are not found in the old manifest.
  - 12. The method of claim 10, further comprising determining a set of objects that have been deleted since the previous backup was performed by comparing entries in the old manifest with entries in the new manifest.
  - 13. The method of claim 10, wherein updating the new manifest to reflect the changes comprises:
    - copying an entry from the old manifest into the new manifest for each object that has remained unchanged; and
      
      adding an entry in the new manifest for each encrypted object.
  - 14. The method of claim 10, wherein the path hash is computed by performing a hash function on the object path for each object to be backed up.
  - 15. The method of claim 10, wherein computing the contents hash of the encrypted objects comprises performing a hash function on a data stream to be sent to the host system for each object to be backed up.
  - 16. The method of claim 14 or 15, wherein the hash function is a one-way hash function.
  - 17. The method of claim 10, wherein comparing each object to be backed up with entries in the old manifest comprises:
    - computing the path hash of the objects to be backed up;
      
      computing the contents hash of the objects to be backed up; and
      
      comparing the computed path hash and contents hash values to entries in the old manifest.
  - 18. The method of claim 10, wherein comparing each object to be backed up with entries in the old manifest comprises comparing a set of metadata of the objects to be backed up with a corresponding set of metadata of entries in the old manifest.
  - 19. The method of claim 18, wherein the metadata is the modification date of the objects to be backed up.
  - 20. The method of claim 10, wherein the object map includes at least a mapping from the path hash to the contents hash for each object to be backed up.
  - 21. The method of claim 20, wherein the object map also includes a mapping from the path hash to the modification date for each object to be backed up.

22. A method of performing a secure restore of backed-up user settings and data comprising:
- receiving a manifest and an associated digital signature from a host data processing system where backed-up user data and settings are stored;
  
  determining a set of objects to be restored based on walking entries in the manifest;
  
  performing the following for each object to be restored if the digital signature is valid, wherein the secure restore fails if the digital signature is not valid;
  
  decrypting a master encryption key (MEK) saved in the manifest;
  
  receiving a data stream of encrypted data for each object to be restored from the host system;
  
  computing a contents hash of the data stream for each object to be restored; and
  
  performing the following for each object to be restored if the contents hash of the received encrypted data matches a corresponding entry in the manifest, wherein the secure restore fails if the contents hash of the encrypted data for each object does not match the corresponding entry in the manifest;
  
  decrypting the object to be restored;
  
  deconstructing an object data and an object path of the object from the decrypted data;
  
  saving the object data in a temporary storage location;
  
  computing a path hash for the object; and
  
  deleting the manifest entry corresponding to the path hash of the object to be restored.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The method of claim 22, further comprising walking the temporary storage locations and renaming each object to be restored to a final destination if there are no objects remaining in the manifest after every object to be restored has been processed.
  - 24. The method of claim 22, wherein decrypting the object to be restored comprises:
    - pulling an initialization vector (IV) off of a front of the received encrypted data;
      
      decrypting a wrapped object encryption key (WOEK) using the MEK to get a object encryption key (OEK); and
      
      decrypting the received encrypted data using the OEK to form the decrypted data.
  - 25. The method of claim 22, further comprising setting a modification date of the restored object to a modification date indicated in the manifest.
  - 26. The method of claim 22, wherein the path hash is computed by performing a hash function on the object path for each object to be restored.
  - 27. The method of claim 22, wherein computing the contents hash of the data stream comprises performing a hash function on the data stream for each object to be restored.
  - 28. The method of claim 26 or 27, wherein the hash function is a one-way hash function.

29. A means for performing a secure incremental backup of user settings and data comprising:
- means for receiving an old manifest including a object map of a set of encrypted objects stored on a host data processing system, wherein the manifest includes a digital signature for authentication;
  
  means for performing the following for each object to be backed up if the digital signature is valid;
  
  means for creating a new manifest;
  
  means for comparing each object to be backed up with entries in the old manifest to determine a set of objects that have changed since a previous backup associated with the old manifest was performed;
  
  means for updating the new manifest to reflect the changes;
  
  means for encrypting all changed objects;
  
  means for sending the encrypted objects to the host system; and
  
  means for signing and sending the new manifest to the host system, wherein the host system compares the old manifest to the new manifest and deletes a set of objects that are no longer in the new manifest.

30. A means for performing a secure restore of backed-up user settings and data comprising:
- means for receiving a manifest and an associated digital signature from a host system where backed-up user data and settings are stored;
  
  means for determining a set of objects to be restored based on walking entries in the manifest;
  
  means for performing the following for each object to be restored if the digital signature is valid, wherein the secure restore fails if the digital signature is not valid;
  
  means for decrypting a master encryption key (MEK) saved in the manifest;
  
  means for receiving a data stream of encrypted data for each object to be restored from the host system;
  
  means for computing a contents hash of the data stream for each object to be restored; and
  
  means for performing the following for each object to be restored if the contents hash of the received encrypted data matches a corresponding entry in the manifest, wherein the secure restore fails if the contents hash of the encrypted data for each object does not match the corresponding entry in the manifest;
  
  means for decrypting the object to be restored;
  
  means for deconstructing an object data and an object path of the object from the decrypted data;
  
  means for saving the object data in a temporary storage location;
  
  means for computing a path hash for the object; and
  
  means for deleting the manifest entry corresponding to the path hash of the object to be restored.

31. A machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform a secure incremental backup of user settings and data comprising:
- receiving, over a network, an old manifest from a host data processing system including an object map of a set of encrypted objects stored on the host system, wherein the manifest includes a digital signature for authentication;
  
  performing the following for each object to be backed up if the digital signature is valid;
  
  creating a new manifest;
  
  comparing each object to be backed up with entries in the old manifest to determine a first set of objects that are new and a second set of objects that have been modified since a previous backup associated with the old manifest was performed;
  
  computing a path hash for each of the first and second set of objects;
  
  encrypting each of the first and second set of objects;
  
  computing a content hash for each of the encrypted objects;
  
  updating the new manifest;
  
  sending each of the encrypted objects to the host system; and
  
  signing and sending the new manifest to the host system, wherein the host system deletes a third set of files which have been deleted since the previous backup was performed.

32. A machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform a secure restore of backed-up user settings and data comprising:
- receiving a manifest and an associated digital signature from a host data processing system where backed-up user data and settings are stored;
  
  determining a set of objects to be restored based on walking entries in the manifest;
  
  performing the following for each object to be restored if the digital signature is valid, wherein the secure restore fails if the digital signature is not valid;
  
  decrypting a master encryption key (MEK) saved in the manifest;
  
  receiving a data stream of encrypted data for each object to be restored;
  
  computing a contents hash of the data stream for each object to be restored; and
  
  performing the following for each object to be restored if the contents hash of the received encrypted data matches a corresponding entry in the manifest, wherein the secure restore fails if the contents hash of the encrypted data for each object does not match the corresponding entry in the manifest;
  
  decrypting the object to be restored;
  
  deconstructing an object data and an object path of the object from the decrypted data;
  
  saving the object data in a temporary storage location;
  
  computing a path hash for the object; and
  
  deleting the manifest entry corresponding to the path hash of the object to be restored.

33. A method of performing a secure incremental backup of user settings and data comprising:
- determining, at a host data processing system, if there is a valid manifest corresponding to a previous backup of a data processing device stored in a memory of the host system; and
  
  performing the following for each of a set of objects to be backed up if the manifest is valid;
  
  sending the manifest, including a digital signature for authentication, to a data processing device, wherein the data processing device validates the manifest and performs a secure incremental backup by backing up only those objects which have changed since a previous backup associated with the manifest was performed.

34. A method of performing a secure restore of backed-up user settings and data comprising:
- sending, from a host data processing system where a backup set is stored, a manifest and digital signature to a data processing device, wherein the data processing device validates the manifest using the digital signature; and
  
  sending a data stream of encrypted data for each object to be restored to the data processing device, wherein the data processing device hashes the data stream and determines whether each received data stream corresponds to an entry in the manifest, and wherein if the data stream for each object to be restored corresponds to an entry in the manifest, the data processing device decrypts and deconstructs the received data stream to form the object to be restored and stores the object into a final destination.

35. A machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform a secure incremental backup of user settings and data comprising:
- determining, at a host data processing system, if there is a valid manifest corresponding to a previous backup stored in a memory of the host system; and
  
  performing the following for each of a set of objects to be backed up if the manifest is valid;
  
  sending the manifest, including a digital signature for authentication, to a data processing device, wherein the data processing device validates the manifest and performs a secure incremental backup by backing up only those objects which have changed since a previous backup associated with the manifest was performed.

36. A machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform a secure restore of backed-up user settings and data comprising:
- sending, from a host data processing system where a backup set is stored, a manifest and digital signature to a data processing device, wherein the data processing device validates the manifest using the digital signature; and
  
  sending a data stream of encrypted data for each object to be restored to the data processing device, wherein the data processing device hashes the data stream and determines whether each received data stream corresponds to an entry in the manifest, and wherein if the data stream for each object to be restored corresponds to an entry in the manifest, the data processing device decrypts and deconstructs the received data stream to form the object to be restored and stores the object into a final destination.

37. A means for performing a secure incremental backup of user settings and data comprising:
- means for determining, at a host data processing system, if there is a valid manifest corresponding to a previous backup stored in a memory of the host system; and
  
  means for performing the following for each of a set of objects to be backed up if the manifest is valid;
  
  means for sending the manifest, including a digital signature for authentication, to a data processing device, wherein the data processing device validates the manifest and performs a secure incremental backup by backing up only those objects which have changed since a previous backup associated with the manifest was performed.

38. A means for performing a secure restore of backed-up user settings and data comprising:
- means for sending, from a host data processing system where a backup set is stored, a manifest and digital signature to a data processing device, wherein the data processing device validates the manifest using the digital signature; and
  
  means for sending a data stream of encrypted data for each object to be restored to the data processing device, wherein the data processing device hashes the data stream and determines whether each received data stream corresponds to an entry in the manifest, and wherein if the data stream for each object to be restored corresponds to an entry in the manifest, the data processing device decrypts and deconstructs the received data stream to form the object to be restored and stores the object into a final destination.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
BROUWER, MICHAEL LAMBERTUS HUBERTUS, Freedman, Gordon J., Adler, Mitchell D.

Granted Patent

US 8,209,540 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/231
CPC Class Codes

G06F 11/10   Adding special bits or symb...

G06F 11/1451   by selection of backup cont...

G06F 11/1458   Management of the backup or...

G06F 11/1469   Backup restoration techniques

G06F 21/6218   to a system of files or obj...

G06F 21/64   Protecting data integrity, ...

INCREMENTAL SECURE BACKUP AND RESTORE OF USER SETTINGS AND DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

198 Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

INCREMENTAL SECURE BACKUP AND RESTORE OF USER SETTINGS AND DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

198 Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links