SECURE DATABASE BACKUP AND RECOVERY
First Claim
1. A method for secure database backup and recovery in a secure database network having N distributed data nodes, the method comprising:
- receiving a database backup file from a database system;
fragmenting the file into n fragments;
associating each fragment with a node of the N distributed data nodes that will not be used to store the fragment;
encrypting each fragment of the n fragments using a first key;
storing the n fragments on the N nodes whereby no fragment is stored on its associated node;
retrieving the n fragments a determined time later from the N nodes;
decrypting each fragment of the n fragments using the first key;
encrypting each fragment of the n fragments again with a different key;
storing the n fragments again on the N nodes whereby no fragment is stored on its associated node.
1 Assignment
0 Petitions
Accused Products
Abstract
As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.
11 Citations
7 Claims
-
1. A method for secure database backup and recovery in a secure database network having N distributed data nodes, the method comprising:
-
receiving a database backup file from a database system; fragmenting the file into n fragments; associating each fragment with a node of the N distributed data nodes that will not be used to store the fragment; encrypting each fragment of the n fragments using a first key; storing the n fragments on the N nodes whereby no fragment is stored on its associated node; retrieving the n fragments a determined time later from the N nodes; decrypting each fragment of the n fragments using the first key; encrypting each fragment of the n fragments again with a different key; storing the n fragments again on the N nodes whereby no fragment is stored on its associated node. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification