GENERAL PURPOSE DISTRIBUTED ENCRYPTED FILE SYSTEM
First Claim
1. A method, which comprises:
- generating a block key on a first client machine;
encrypting a data block on said first client machine with said block key;
encrypting said block key on said first client machine with a public key associated with a user;
associating said encrypted block key with said encrypted data block as crypto metadata;
caching said encrypted data block and said crypto metadata on said first client machine;
sending said encrypted data block and said crypto metadata from said first client machine to a network file system server; and
,clearing said cached encrypted data block and said crypto metadata upon receipt of a return code indicating successful writes of said encrypted data block and said crypto metadata by said network file system server.
0 Assignments
0 Petitions
Accused Products
Abstract
A general purpose distributed encrypted file system generates a block key on a client machine. The client machine encrypts a file using the block key. Then, the client encrypts the block key on the first client machine with a public key of a keystore associated with a user and associates the encrypted block key with the encrypted data block as crypto metadata. The client machine caches the encrypted data block and the crypto metadata and sends the encrypted data block and the crypto metadata to a network file system server. When the client machine receives a return code from the network file system server indicating successful writes of the encrypted data block and the crypto metadata, the client machine clears the cached encrypted data block and the crypto metadata.
39 Citations
10 Claims
-
1. A method, which comprises:
-
generating a block key on a first client machine; encrypting a data block on said first client machine with said block key; encrypting said block key on said first client machine with a public key associated with a user; associating said encrypted block key with said encrypted data block as crypto metadata; caching said encrypted data block and said crypto metadata on said first client machine; sending said encrypted data block and said crypto metadata from said first client machine to a network file system server; and
,clearing said cached encrypted data block and said crypto metadata upon receipt of a return code indicating successful writes of said encrypted data block and said crypto metadata by said network file system server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification