-
公开(公告)号:US20120072723A1
公开(公告)日:2012-03-22
申请号:US13237781
申请日:2011-09-20
CPC分类号: G06F21/6209 , G06F21/6218 , G06F2221/2107 , H04L9/085 , H04L9/0861 , H04L9/3231 , H04L9/3268 , H04L63/10 , H04L63/102 , H04L2209/24 , H04L2209/42 , H04L2209/56 , H04L2209/80
摘要: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The sharable file-level key is generated based on a workgroup key associated with the data file, as well as unique information associated with the data file. The sharable file-level key may be used to encrypt and split data using a Secure Parser. Systems and methods are also provided for sharing data without replicating the data on the machine of the end user. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data that was encrypted and split. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.
摘要翻译: 提供了系统和方法来创建和使用可共享的文件级密钥来保护数据文件。 可共享的文件级密钥是基于与数据文件相关联的工作组密钥以及与数据文件相关联的唯一信息生成的。 可共享文件级密钥可用于使用安全解析器加密和分割数据。 还提供了系统和方法用于共享数据,而不复制最终用户机器上的数据。 数据在外部/消费者网络和企业/生产者网络上进行加密和拆分。 使用由企业/生产者网络中的服务器生成的计算图像来提供对数据的访问,然后分发给外部/消费者网络的最终用户。 该计算图像可以包括提供指向被加密和分割的数据的指针的预加载文件。 为了外部/消费者网络的用户访问数据,不需要对企业/生产者网络上的数据进行访问或复制。
-
公开(公告)号:US08135134B2
公开(公告)日:2012-03-13
申请号:US12209703
申请日:2008-09-12
申请人: Rick L. Orsini , Mark S. O'Hare , Roger Davenport
发明人: Rick L. Orsini , Mark S. O'Hare , Roger Davenport
IPC分类号: H04L9/08 , G06F15/167 , G06F15/16 , H04L29/06
CPC分类号: H04L63/061 , G06F21/44 , G06F21/45 , G06F21/606 , H04L9/083 , H04L9/0844 , H04L9/085 , H04L9/32 , H04L9/3213 , H04L63/0807 , H04L63/0815 , H04L63/18
摘要: A common interface for managing cryptographic keys is provided. A request to manage a cryptographic key may be received in a first interface format, translated to a common interface format, and then executed remotely from the first interface. Return arguments may then be translated from the common interface format to a format compatible with the first interface and communicated securely to the first interface. The cryptographic keys may be used in connection with a secure data parser that secures data by randomly distributing data within a data set into two or more shares.
摘要翻译: 提供了一个管理加密密钥的通用界面。 管理加密密钥的请求可以以第一接口格式接收,转换为公共接口格式,然后从第一接口远程执行。 然后可以将返回参数从公共接口格式转换为与第一接口兼容的格式,并且安全地传送到第一接口。 加密密钥可以与安全数据解析器结合使用,该安全数据解析器通过将数据集中的数据随机分配到两个或多个共享中来保护数据。
-
33.发明授权公开(公告)号:US09165137B2
公开(公告)日:2015-10-20
申请号:US13212360
申请日:2011-08-18
CPC分类号: G06F21/53 , G06F9/45558 , G06F21/60 , G06F21/6281 , G06F2009/45587 , H04L63/0823
摘要: Systems and methods are provided for securing data in virtual machine computing environments. A request is received for a security operation from a first virtual machine operating in a host operating system of a first device. In response to receiving the request, a first security module executes the security operation, the first security module implemented in a kernel of the host operating system. The result of the security operation is provided to the first virtual machine.
摘要翻译: 提供了系统和方法来保护虚拟机计算环境中的数据。 从在第一设备的主机操作系统中操作的第一虚拟机接收到用于安全操作的请求。 响应于接收到请求,第一安全模块执行安全操作,第一安全模块在主机操作系统的内核中实现。 将安全操作的结果提供给第一虚拟机。
-
公开(公告)号:US08745379B2
公开(公告)日:2014-06-03
申请号:US13589894
申请日:2012-08-20
CPC分类号: H04L63/062 , G06F21/602 , H04L9/00 , H04L9/0816 , H04L9/085 , H04L9/3263 , H04L12/4641 , H04L63/0272 , H04L63/029 , H04L63/0428 , H04L63/061 , H04L63/08 , H04L63/0823
摘要: Two approaches are provided for distributing trust among a set of certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.
摘要翻译: 提供了两种方法来在一组证书颁发机构之间分配信任。 每种方法都可用于保护运动中的数据。 一种方法提供了方法和系统,其中安全数据解析器用于在两个设备之间的连接的初始协商(例如,密钥建立阶段)期间在一组证书颁发机构中分发信任。 另一种方法提供了使用安全数据解析器将数据包分散到共享中的方法和系统。 在通信信道内建立一组隧道,使用一套证书机构,在建立隧道期间开发的密钥用于加密每个隧道的数据共享,数据共享通过每个隧道传输 。 因此,在通信信道本身的结构中的一组认证机构中分配信任。
-
公开(公告)号:US20120221854A1
公开(公告)日:2012-08-30
申请号:US13468428
申请日:2012-05-10
申请人: Rick L. Orsini , Mark S. O'Hare , Roger Davenport , Steven Winick
发明人: Rick L. Orsini , Mark S. O'Hare , Roger Davenport , Steven Winick
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , G06F11/1092 , G06F17/30312 , G06F21/602 , G06F21/606 , G06F21/62 , G06F21/6218 , H04L9/085 , H04L9/3226 , H04L9/3263 , H04L63/04 , H04L63/08 , H04L63/0823 , H04L63/0876 , H04L67/108 , H04L69/14 , H04L2209/80
摘要: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.
-
公开(公告)号:US20120198241A1
公开(公告)日:2012-08-02
申请号:US13360385
申请日:2012-01-27
IPC分类号: G06F12/14
CPC分类号: G06F21/602 , G06F21/32 , H04L63/0428 , H04L67/1097
摘要: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.
摘要翻译: 提供了系统和方法来保护数据。 处理设备从数据集的多维表示的第一维度接收数据集并识别数据的第一子集。 处理设备使用第一加密技术来加密数据的第一子集,以产生数据的第一加密子集,并且用加密数据的第一子集替换数据集的多维表示中的第一数据子集。 处理设备然后从数据集的多维表示的第二维度识别数据的第二子集,其中第二数据子集包括加密数据的第一子集的至少一部分,并加密第二子集 使用第二加密技术的数据产生数据的第二加密子集。
-
公开(公告)号:US20120166576A1
公开(公告)日:2012-06-28
申请号:US13209167
申请日:2011-08-12
申请人: Rick L. Orsini , Mark S. O'Hare , Don Martin
发明人: Rick L. Orsini , Mark S. O'Hare , Don Martin
IPC分类号: G06F15/16
CPC分类号: G06F11/1458 , G06F9/3834 , G06F9/3863 , G06F11/1453 , G06F11/1469 , G06F11/1471 , G06F17/30212 , G06F2201/805 , H04L67/1095 , H04L67/1097
摘要: Systems and methods are provided for transmitting data to at least one storage system. A request is received to store a data set in a storage location. In response, a first plurality of shares is generated, each containing a distribution of data from the data set, and at least one share is stored in a local memory configured for backup in at least one remote storage system. At least one share is transmitted to the at least one remote storage system. Systems and methods are also provided for improving data availability. In response to a restoration event, if insufficient shares of data are available to reconstruct a data set, a read instruction in a journaling message is transmitted to a remote storage system requesting an additional share. The additional share is received and stored in a local storage, and the data set is reconstructed.
摘要翻译: 提供了用于将数据发送到至少一个存储系统的系统和方法。 接收到将数据集存储在存储位置中的请求。 作为响应,生成第一多个共享,每个共享包含来自数据集的数据分布,并且至少一个共享被存储在配置为在至少一个远程存储系统中进行备份的本地存储器中。 至少一个共享被发送到至少一个远程存储系统。 还提供了系统和方法来提高数据可用性。 响应于恢复事件,如果不足够的数据共享可用于重建数据集,则日志消息中的读取指令被发送到请求附加共享的远程存储系统。 附加共享被接收并存储在本地存储器中,并且重构数据集。
-
公开(公告)号:US20110296440A1
公开(公告)日:2011-12-01
申请号:US13117791
申请日:2011-05-27
申请人: Lawrence A. Laurich , Stephen Paul Sample , Michael H. Wang , Babu Rao Kandimalla , Rick L. Orsini , Mark S. O'Hare , Don Martin , Steven Mark Casselman
发明人: Lawrence A. Laurich , Stephen Paul Sample , Michael H. Wang , Babu Rao Kandimalla , Rick L. Orsini , Mark S. O'Hare , Don Martin , Steven Mark Casselman
IPC分类号: G06F9/44
CPC分类号: G06F13/102 , G06F3/061 , G06F3/0619 , G06F3/0646 , G06F3/0659 , G06F3/067 , G06F21/602 , G06F21/72 , G06F21/76 , G06F21/78 , G06F21/85 , H04L63/0428 , H04L63/08 , H04L63/20 , H04L67/06 , H04L67/1097 , H04L69/12 , H04L69/14
摘要: Data processing and an accelerator system therefore are described. An embodiment relates generally to a data processing system. In such an embodiment, a bus and an accelerator are coupled to one another. The accelerator has an application function block. The application function block is to process data to provide processed data to storage. A network interface is coupled to obtain the processed data from the storage for transmission.
摘要翻译: 因此,描述数据处理和加速器系统。 实施例一般涉及数据处理系统。 在这种实施例中,总线和加速器彼此耦合。 加速器有一个应用功能块。 应用功能块是处理数据以将处理后的数据提供给存储。 网络接口被耦合以从存储器获得经处理的数据以进行传输。
-
公开(公告)号:US20110202763A1
公开(公告)日:2011-08-18
申请号:US13024783
申请日:2011-02-10
申请人: Don Martin , Rick L. Orsini , Mark S. O'Hare
发明人: Don Martin , Rick L. Orsini , Mark S. O'Hare
CPC分类号: G06F12/1408 , G06F3/0619 , G06F3/0623 , G06F3/064 , G06F3/0664 , G06F3/0686 , G06F11/1402 , G06F11/1456 , G06F11/1464 , G06F11/1469 , G06F11/1474 , G06F21/62 , G06F2201/84 , G06F2212/1052 , G11B20/00086
摘要: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
摘要翻译: 提供了可以集成到用于安全地存储和传送数据的任何合适的系统中的安全数据解析器。 安全数据解析器解析数据,然后将数据分割成多个部分,这些部分被清楚地存储或通信。 原始数据的加密,数据的部分或两者可以用于额外的安全性。 安全数据解析器可以用于通过将原始数据分割成可以使用多个通信路径来传送的数据部分来保护运动中的数据。
-
公开(公告)号:US20080183992A1
公开(公告)日:2008-07-31
申请号:US11999575
申请日:2007-12-05
申请人: Don Martin , Rick L. Orsini , Mark S. O'Hare
发明人: Don Martin , Rick L. Orsini , Mark S. O'Hare
IPC分类号: G06F12/16
CPC分类号: G06F12/1408 , G06F3/0619 , G06F3/0623 , G06F3/064 , G06F3/0664 , G06F3/0686 , G06F11/1402 , G06F11/1456 , G06F11/1464 , G06F11/1469 , G06F11/1474 , G06F21/62 , G06F2201/84 , G06F2212/1052 , G11B20/00086
摘要: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
摘要翻译: 提供了可以集成到用于安全地存储和传送数据的任何合适的系统中的安全数据解析器。 安全数据解析器解析数据,然后将数据分割成多个部分,这些部分被清楚地存储或通信。 原始数据的加密,数据的部分或两者可以用于额外的安全性。 安全数据解析器可以用于通过将原始数据分割成可以使用多个通信路径来传送的数据部分来保护运动中的数据。
-
-
-
-
-
-
-
-
-
搜索结果
66 条记录 (耗时 0.078 秒)
