-
公开(公告)号:GB2601449B
公开(公告)日:2022-10-19
申请号:GB202202785
申请日:2020-07-31
Applicant: IBM
Inventor: DORON CHEN , ELIAD TSFADIA , DANNY HARNIK , MICHAEL FACTOR
Abstract: Embodiments of the present systems and methods may provide techniques to provide host side encryption while maintaining compression and deduplication benefits and providing communication between the host and the storage system that does not leak information about the data compressibility/deduplication properties. For example, in an embodiment, a method may comprise compressing, at a computer system, an original sector of data, generating a new sector of data including a first part including metadata and padding data, and a second part including the original sector of data that has been compressed and encrypted using a data encryption key (DEK), encrypting, at the computer system, the new sector of data using a data reduction key (DRK), and transmitting, at the computer system, the encrypted new sector of data to a storage system.
-
公开(公告)号:GB2580276B
公开(公告)日:2020-12-09
申请号:GB202007041
申请日:2018-10-12
Applicant: IBM
Inventor: JONATHAN FISCHER-TOUBOL , YOSEF SHATSKY , AFIEF HALUMI , ASAF PORAT-STOLER , SERGEY MARENKOV , TOM SIVAN , REUT COHEN , DANNY HARNIK , ETY KHAITZIN
IPC: G06F3/06 , G06F16/174
Abstract: A mechanism is provided for dispersed location-based data storage. A request is received to write a data file to a referrer memory region in a set of memory regions. For each data chunk of the data file, responsive to a comparison of a hash value for the data chunk to other hash values for other stored data chunks referenced in the referrer memory region indicating that the data chunk fails to exist in the referrer memory region, responsive to the data chunk existing in another memory region in the set of memory regions, responsive to the memory region failing to be one of the predetermined number N of owner memory regions associated with the referrer memory region, and responsive to the predetermined number N of owner memory regions failing to have been met, a reference to the data chunk is stored in the referrer memory region.
-
公开(公告)号:GB2579490B
公开(公告)日:2022-03-16
申请号:GB202001762
申请日:2018-07-05
Applicant: IBM
Inventor: DANNY HARNIK , PAULA KIM TA-SHMA , YARON WEINSBERG , MOSHIK HERSHCOVITCH
IPC: G06F21/62 , G06F12/14 , G06F21/00 , H04L9/40 , H04L67/1097
Abstract: A computer program product and a system comprising: a cluster of Secure Execution Platforms (SEPs) having connectivity to a data storage, each SEP of said cluster is configured to maintain, using a key, confidentiality of data while processing thereof; the key is shared among the SEPs of said cluster, the key is automatically generated by the cluster or portion thereof and is unavailable to any non-cluster entity; the data storage retains encrypted data that is encrypted using the key; a first SEP of the cluster is configured to encrypt client data using the key to obtain encrypted client data and store the encrypted client data in the data storage; and a second SEP of the cluster is configured to retrieve encrypted stored data from the data storage, decrypt the encrypted stored data using the key to obtain non-encrypted form of the encrypted stored data.
-
公开(公告)号:GB2626270A
公开(公告)日:2024-07-17
申请号:GB202405447
申请日:2022-08-31
Applicant: IBM
Inventor: GLEN JAQUETTE , DANNY HARNIK
IPC: H04L9/00
Abstract: Encrypting data blocks by receiving blocks of compressed data, determining a size, in bytes, of the compressed data, appending a trailer to the compressed data, the trailer associated with the size in bytes of the compressed data, encrypting the compressed data and trailer, yielding encrypted data, where a header of the encrypted data comprises a number of complete encrypted data blocks, and providing the encrypted data to a user.
-
Patent Agency Ranking
公开(公告)号:GB2580276A
公开(公告)日:2020-07-15
申请号:GB202007041
申请日:2018-10-12
Applicant: IBM
Inventor: JONATHAN FISCHER-TOUBOL , YOSEF SHATSKY , AFIEF HALUMI , ASAF PORAT-STOLER , SERGEY MARENKOV , TOM SIVAN , REUT COHEN , DANNY HARNIK , ETY KHAITZIN
IPC: G06F3/06 , G06F16/174
Abstract: A mechanism is provided for dispersed location-based data storage. A request is received to write a data file to a referrer memory region in a set of memory regions. For each data chunk of the data file, responsive to a comparison of a hash value for the data chunk to other hash values for other stored data chunks referenced in the referrer memory region indicating that the data chunk fails to exist in the referrer memory region, responsive to the data chunk existing in another memory region in the set of memory regions, responsive to the memory region failing to be one of the predetermined number N of owner memory regions associated with the referrer memory region, and responsive to the predetermined number N of owner memory regions failing to have been met, a reference to the data chunk is stored in the referrer memory region.
-
公开(公告)号:GB2579490A
公开(公告)日:2020-06-24
申请号:GB202001762
申请日:2018-07-05
Applicant: IBM
Inventor: DANNY HARNIK , PAULA KIM TA-SHMA , YARON WEINSBERG , MOSHIK HERSHCOVITCH
Abstract: A computer program product and a system comprising: a cluster of Secure Execution Platforms (SEPs) having connectivity to a data storage, each SEP of said cluster is configured to maintain, using a key, confidentiality of data while processing thereof; the key is shared among the SEPs of said cluster, the key is automatically generated by the cluster or portion thereof and is unavailable to any non-cluster entity; the data storage retains encrypted data that is encrypted using the key;a first SEP of the cluster is configured to encrypt client data using the key to obtain encrypted client data and store the encrypted client data in the data storage; and a second SEP of the cluster is configured to retrieve encrypted stored data from the data storage, decrypt the encrypted stored data using the key to obtain non-encrypted form of the encrypted stored data.
-
公开(公告)号:GB2601906A
公开(公告)日:2022-06-15
申请号:GB202116629
申请日:2021-11-18
Applicant: IBM
Inventor: GLEN ALAN JAQUETTE , WILLIAM J SCALES , DANNY HARNIK
Abstract: A method of compressing and protecting data, wherein after compression 914 of an uncompressed instance of data 904 it is determined that the compressed data 902 has size less than a predetermined threshold, and the data is encrypted 906 in response to this. A message authentication code (MAC) 916 is created for the encrypted data 908 and the MAC and a zero pad 912 are added to the data to create a formatted string. The uncompressed data may include plaintext, and the compressed data may be abandoned if its size is greater than the predetermined threshold. The length of a length field, the encrypted compressed data, the zero pad and the MAC may be equal to the length of the uncompressed data, i.e. the method may provide length preserving compression (LPC). The MAC may include a Galois message authentication code (GMAC), and may be used to verify the data integrity and authenticity of the formatted string.
-
公开(公告)号:GB2601449A
公开(公告)日:2022-06-01
申请号:GB202202785
申请日:2020-07-31
Applicant: IBM
Inventor: DORON CHEN , ELIAD TSFADIA , DANNY HARNIK , MICHAEL FACTOR
Abstract: Embodiments of the present systems and methods may provide techniques to provide host side encryption while maintaining compression and deduplication benefits and providing communication between the host and the storage system that does not leak information about the data compressibility/deduplication properties. For example, in an embodiment, a method may comprise compressing, at a computer system, an original sector of data, generating a new sector of data including a first part including metadata and padding data, and a second part including the original sector of data that has been compressed and encrypted using a data encryption key (DEK), encrypting, at the computer system, the new sector of data using a data reduction key (DRK), and transmitting, at the computer system, the encrypted new sector of data to a storage system.
-
公开(公告)号:GB2538206A
公开(公告)日:2016-11-09
申请号:GB201615112
申请日:2015-02-19
Applicant: IBM
Inventor: DMITRY YOSEF SOTNIKOV , DANNY HARNIK , PAULA KIM TA-SHMA , ELLIOT KOLODNER
Abstract: Machines, systems and methods for enhancing data recovery in a data storage system, the method comprising determining whether one or more data storage mediums in a data storage system are unavailable; determining data that are at a risk of loss, due to said one or more data storage mediums being unavailable; from among the data that is determined to be at the risk of loss, identifying data that is highly vulnerable to loss; and creating one or more temporary replicas of the data that is highly vulnerable to loss.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.018 seconds)
