Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment

US 7,899,189 B2
Filed: 12/09/2004
Issued: 03/01/2011
Est. Priority Date: 12/09/2004
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus for transparent end-to-end security of storage data in a client-server environment, the apparatus comprising:

a key generator that generates a random storage key for each storage construct associated with a storage session, the randomly generated storage key uniquely associated with one storage construct;

an encryption module that encrypts the storage construct according to a first encryption algorithm using the randomly generated storage key, the encryption module encrypting the randomly generated storage key using a transmission key and a second encryption algorithm known to a receiver;

a communication interface that transmits the encrypted storage construct and the encrypted randomly generated storage key to the receiver without transmitting the transmission key, the encrypted storage construct stored on the first storage device on the receiver without decrypting the encrypted storage construct, the storage construct remaining encrypted as long as the storage construct is stored on the receiver, the randomly generated storage key stored on a second storage device physically distinct from the first storage device;

a security module on the receiver that decrypts the encrypted randomly generated storage key using the transmission key, the security module re-encrypting the decrypted randomly generated storage key using a native key known exclusively to the receiver such that the randomly generated storage key stored on the second storage device is re-encrypted;

an association module associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;

the association module further receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from a client;

the security module decrypting the re-encrypted randomly generated storage key with the native key and re-encrypting the decrypted randomly generated storage key with a transmission key known to the client in response to the request for the storage construct from the client; and

the encryption module key generator, communication interface, and security module comprise one or more of hardware and executable code, the executable code stored on one or more computer readable media.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention includes one or more clients in communication with a server. The client desires to send a storage construct to the server for storage. The client negotiates a transmission key with the server. The client generates a storage key associated specifically with the storage construct. The client encrypts the storage construct using the storage key and encrypts the storage key using the transmission key. The encrypted storage construct and encrypted storage key are sent to the server. The server decrypts the storage key using the transmission key. The server stores the storage construct on a storage device separate from a storage device storing the storage key. Preferably, any changes to the storage construct location, the storage key location, or the storage construct name are tracked and proper modifications are made to an association relating the location of the storage construct and the location for the corresponding storage key.

33 Citations

View as Search Results

22 Claims

1. An apparatus for transparent end-to-end security of storage data in a client-server environment, the apparatus comprising:
- a key generator that generates a random storage key for each storage construct associated with a storage session, the randomly generated storage key uniquely associated with one storage construct;
  
  an encryption module that encrypts the storage construct according to a first encryption algorithm using the randomly generated storage key, the encryption module encrypting the randomly generated storage key using a transmission key and a second encryption algorithm known to a receiver;
  
  a communication interface that transmits the encrypted storage construct and the encrypted randomly generated storage key to the receiver without transmitting the transmission key, the encrypted storage construct stored on the first storage device on the receiver without decrypting the encrypted storage construct, the storage construct remaining encrypted as long as the storage construct is stored on the receiver, the randomly generated storage key stored on a second storage device physically distinct from the first storage device;
  
  a security module on the receiver that decrypts the encrypted randomly generated storage key using the transmission key, the security module re-encrypting the decrypted randomly generated storage key using a native key known exclusively to the receiver such that the randomly generated storage key stored on the second storage device is re-encrypted;
  
  an association module associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  the association module further receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from a client;
  
  the security module decrypting the re-encrypted randomly generated storage key with the native key and re-encrypting the decrypted randomly generated storage key with a transmission key known to the client in response to the request for the storage construct from the client; and
  
  the encryption module key generator, communication interface, and security module comprise one or more of hardware and executable code, the executable code stored on one or more computer readable media.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus of claim 1, further comprising a negotiation module configured to negotiate the transmission key, the first encryption algorithm, and the second encryption algorithm between the sender and the receiver, wherein the negotiation module comprises one or more of hardware and executable code, the executable code stored on one or more computer readable media.
  - 3. The apparatus of claim 1, wherein the storage construct comprises a file within a file system of the sender.
  - 4. The apparatus of claim 1, further comprising a configuration module configured to define a symmetric transmission key identical to the transmission key used by the receiver, wherein the configuration module comprises one or more of hardware and executable code, the executable code stored on one or more computer readable media.

5. An apparatus for transparent end-to-end security of storage data in a client-server environment, the apparatus comprising:
- a communication interface that receives an encrypted storage construct and an encrypted randomly generated storage key from a sender, the storage construct encrypted by the sender according to a first encryption algorithm using the randomly generated storage key randomly generated by the sender, the randomly generated storage key uniquely associated with one storage construct, the randomly generated storage key encrypted using a unique transmission key and a second encryption algorithm shared with the sender;
  
  a negotiation module that generates the transmission key according to a preconfigured protocol, the preconfigured protocol comprising randomly generating a first half of the transmission key at a sending apparatus, randomly generating a second half of the transmission key at a receiver, communicating the first half of the transmission key with the receiver and communicating the second half of the transmission key with the sending apparatus, the first half of the transmission key and the second half of the transmission key comprising the transmission key such that the transmission key is known to both the sender and the receiver once the transmission key is generated;
  
  a storage module that stores the encrypted storage construct without decrypting the encrypted storage construct, the encrypted storage construct stored on a first storage device, the storage module maintaining the encryption of the encrypted storage construct as long as the encrypted storage construct is stored on the first storage device, the storage module storing the randomly generated storage key on a second storage device physically distinct from the first storage device;
  
  a security module on the receiver that decrypts the encrypted randomly generated storage key using the transmission key, the security module re-encrypting the decrypted randomly generated storage key using a native key known exclusively to the receiver such that the randomly generated storage key stored on the second storage device is re-encrypted;
  
  an association module associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  the association module further receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from the sender;
  
  the security module decrypting the re-encrypted randomly generated storage key with the native key and re-encrypting the decrypted randomly generated storage key with a transmission key known to the sender in response to the request for the storage construct from the sender; and
  
  the communication interface, the negotiation module, the storage module, and the association module comprise one or more of hardware and executable code, the executable code stored on one or more computer readable media.
- View Dependent Claims (6)
- - 6. The apparatus of claim 5, wherein the transmission key is a symmetric encryption key suitable for use with symmetric encryption algorithms to encrypt and decrypt data.

7. A system for transparent end-to-end security of storage data in a client-server environment, the system comprising:
- a plurality of backup-archive clients comprising a first user interface that receive a transmission key keyed into the first user interface, each client generating a unique randomly generated storage key for a specific storage construct, each client encrypting the storage construct according to a first encryption algorithm using the randomly generated storage key, each client encrypting the randomly generated storage key using the transmission key and a second encryption algorithm, wherein the storage construct comprises a physical file defined on a host of at least one of the backup-archive clients;
  
  a storage server comprising a second user interface that receives an identical transmission key keyed into the second user interface, the storage server receiving the encrypted storage construct and the encrypted randomly generated storage key from one of the clients, the storage server storing the encrypted storage construct on a first storage device separate from a second storage device that stores the randomly generated storage key, the storage server maintaining the encryption of the encrypted storage construct as long as the encrypted storage construct is stored on the storage server;
  
  a security module on the storage server that decrypts the encrypted randomly generated storage key using the transmission key, the security module re-encrypting the decrypted randomly generated storage key using a native key known exclusively to the storage server such that the randomly generated storage key stored on the second storage device is re-encrypted;
  
  an association module associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  the association module further receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from a client;
  
  the security module decrypting the re-encrypted randomly generated storage key with the native key and re-encrypting the decrypted randomly generated storage key with a transmission key known to the client in response to the request for the storage construct from the client; and
  
  a network that operatively connects the backup-archive clients and the storage server for network communications without communicating the transmission key between the backup-archive clients and the storage server.
- View Dependent Claims (8, 9, 10)
- - 8. The system of claim 7, wherein the association module is further configured to modify the association in response to relocation of at least one of the randomly generated storage key and the encrypted storage construct.
  - 9. The system of claim 7, wherein the association module comprises a relational database.
  - 10. The system of claim 7, wherein the transmission key is a symmetric encryption key suitable for use with symmetric encryption algorithms to encrypt and decrypt data.

11. A computer readable storage medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform operations for transparent end-to-end security of storage data in a client-server environment, the operations comprising:
- an operation to generate a unique randomly generated storage key for a specific storage construct;
  
  an operation to encrypt the storage construct according to a first encryption algorithm using the randomly generated storage key;
  
  an operation to encrypt the randomly generated storage key using a transmission key and a second encryption algorithm known to a sender and a receiver;
  
  an operation to transmit the encrypted storage construct and the encrypted randomly generated storage key from the sender to the receiver without transmitting the transmission key from the sender to the receiver;
  
  an operation to decrypt the randomly generated storage key using the transmission key;
  
  an operation to store the encrypted storage construct on a first storage device and the randomly generated storage key on a second storage device physically distinct from the first storage device, the encryption of the storage construct maintained as long as the storage construct is stored on the first storage device;
  
  an operation to associate the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location. a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  an operation to receive the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from a client;
  
  an operation for re-encrypting the decrypted randomly generated storage key using a native key known exclusively to the receiver such that the randomly generated storage key stored on the second storage device is re-encrypted; and
  
  an operation for decrypting the re-encrypted randomly generated storage key with the native key and re-encrypting the decrypted randomly generated storage key with a second transmission key known to the client in response to the request for the storage construct from the client.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The computer readable storage medium of claim 11, further comprising an operation to modify the association that comprises the randomly generated storage key location and the storage construct location in response to changing the location of at least one of the randomly generated storage key and the encrypted storage construct.
  - 13. The computer readable storage medium of claim 11, wherein the storage construct comprises a file within a file system of the sender.
  - 14. The computer readable storage medium of claim 11, further comprising an operation to configure the sender and the receiver with an identical symmetric transmission key.
  - 15. The computer readable storage medium of claim 11, further comprising an operation to determine at least one of the randomly generated storage key size and the first encryption algorithm based on a security policy associated with the storage construct.
  - 16. The computer readable storage medium of claim 15, wherein the sender determines the randomly generated storage key size based on a local security policy.
  - 17. The computer readable storage medium of claim 11, wherein the sender generates the randomly generated storage key based at least in part on data associated with the storage construct.
  - 18. The computer readable storage medium of claim 11, wherein at least one of the first storage device and the second storage device comprises a removable computer-readable medium.
  - 19. The computer readable storage medium of claim 11, further comprising,an operation to transmit the encrypted randomly generated storage key and encrypted storage construct to the client, wherein the second transmission key and the transmission key are different keys;
    - an operation to decrypt the randomly generated storage key using the second transmission key at the client; and
      
      an operation to decrypt the storage construct using the decrypted randomly generated storage key and store the decrypted storage construct on the client without user interaction.

20. A method for deploying computing infrastructure, comprising integrating computer readable code tangibly embodied on a computer readable storage medium into a computing system, wherein the code in combination with the computing system is capable of performing the following:
- randomly generating a unique storage key for a specific storage construct;
  
  encrypting the storage construct according to an first encryption algorithm using the randomly generated storage key;
  
  encrypting the randomly generated storage key using a transmission key and a second encryption algorithm known to a sender and a receiver;
  
  transmitting the encrypted storage construct and the encrypted randomly generated storage key from the sender to the receiver without transmitting the transmission key;
  
  decrypting the randomly generated storage key using the transmission key;
  
  re-encrypting the randomly generated storage key using a native key known exclusively to the receiver;
  
  storing the encrypted storage construct on a first storage device and maintaining the encryption of the storage construct as long as the storage construct is stored on the first storage device, and storing the re-encrypted randomly generated storage key on a second storage device physically distinct from the first storage device; and
  
  associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from a client;
  
  decrypting the re-encrypted randomly generated storage key using the native key and re-encrypting the storage key with a transmission key known to the client in response to the request for the storage construct from the client.
- View Dependent Claims (21)
- - 21. The method of claim 20, further comprising modifying the association that defines the randomly generated storage key location and the storage construct location in response to changing the location of at least one of the randomly generated storage key and the encrypted storage construct.

22. An apparatus for transparent end-to-end security of storage data in a client-server environment, the apparatus comprising:
- means for randomly generating a unique storage key for a specific storage construct;
  
  means for encrypting the storage construct according to a first encryption algorithm using the randomly generated storage key;
  
  means for encrypting the randomly generated storage key using a transmission key and a second encryption algorithm known to a sender and a receiver;
  
  means for transmitting the encrypted storage construct and the encrypted randomly generated storage key from the sender to the receiver without transmitting the transmission key from the sender to the receiver;
  
  means for decrypting the randomly generated storage key using the transmission key;
  
  means for re-encrypting the randomly generated storage key using a native key known exclusively to the receiver;
  
  means for storing the encrypted storage construct on a first storage device, the encryption of the storage construct maintained as long as the storage construct is stored on the first storage device;
  
  means for associating the randomly generated storage key and the storage construct in a data construct comprising the randomly generated storage key, a storage construct name, a storage construct location, a randomly generated storage key location, a randomly generated storage key size, and an identifier for the first encryption algorithm;
  
  means for receiving the storage construct name, and the storage construct location to identify the randomly generated storage key in a request for the storage construct from the sender;
  
  means for storing the re-encrypted randomly generated storage key on a second storage device physically distinct from the first storage device; and
  
  means for decrypting the re-encrypted randomly generated storage using the native key and re-encrypting the decrypted randomly generated storage key with a transmission key known to the sender in response to the request for the storage construct from the sender.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Warren, Donald, Dawson, Colin Scott, Zaremba, Christopher, Hattrup, Glen, Hannigan, Kenneth Eugene, Hochberg, Avishai Haim
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
SCHWARTZ, DARREN B

Application Number

US11/008,403
Publication Number

US 20060126850A1
Time in Patent Office

2,273 Days
Field of Search

713/150, 713/153, 713164-171, 380/200, 380/210, 380/223, 380/226, 380/255, 380/259, 380277-279, 380281-286, 705/50, 705/64, 705/71
US Class Current

380/284
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 9/0894 Escrow, recovery or storing...

Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links