公开(公告)号：US11494498B2

公开(公告)日：2022-11-08

申请号：US16861056

申请日：2020-04-28

Applicant: Pure Storage, Inc.

Inventor： Par Botes ,  John Hayes ,  Ethan Miller

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  G06F21/78 ,  H04L9/08 ,  H04L9/14

Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.

公开(公告)号：USRE48448E1

公开(公告)日：2021-02-23

申请号：US15917339

申请日：2018-03-09

Applicant: Pure Storage, Inc.

Inventor： John Colgrove ,  John Hayes ,  Bo Hong ,  Ethan Miller

IPC: G06F12/00 ,  G06F11/30 ,  H04L29/08 ,  G06F11/10

Abstract: A system and method for dynamic RAID geometries. A computer system comprises client computers and data storage arrays coupled to one another via a network. A data storage array utilizes solid-state drives and Flash memory cells for data storage. A storage controller within a data storage array is configured to configure a first subset of the storage devices for use in a first RAID layout, the first RAID layout including a first set of redundant data. The controller further configures a second subset of the storage devices for use in a second RAID layout, the second RAID layout including a second set of redundant data. Additionally, when writing a stripe, the controller may select from any of the plurality of storage devices for one or more of the first RAID layout, the second RAID layout, and storage of redundant data by the additional logical device.

公开(公告)号：US10887086B1

公开(公告)日：2021-01-05

申请号：US16293569

申请日：2019-03-05

Applicant: PURE STORAGE, INC.

Inventor： John Colgrove ,  John Hayes ,  Ethan Miller

IPC: H04L9/08 ,  G06F21/62

Abstract: A system, method, and computer-readable storage medium for protecting a set of storage devices using a secret sharing scheme in combination with an external secret. An initial master secret is generated and then transformed into a final master secret using an external secret. A plurality of shares are generated from the initial master secret and distributed to the storage devices. The data of each storage device is encrypted with a device-specific key, and this key is encrypted using the final master secret. In order to read the data on a given storage device, the initial master secret reconstructed from a threshold number of shares and the external secret is retrieved. Next, the initial master secret is transformed into the final master secret using the external secret, and then the final master secret is used to decrypt the encrypted key of a given storage device.

公开(公告)号：US20200257808A1

公开(公告)日：2020-08-13

申请号：US16861056

申请日：2020-04-28

Applicant: Pure Storage, Inc.

Inventor： Par Botes ,  John Hayes ,  Ethan Miller

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/14 ,  H04L9/08 ,  G06F21/78

Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.

公开(公告)号：US10691812B2

公开(公告)日：2020-06-23

申请号：US15803613

申请日：2017-11-03

Applicant: Pure Storage, Inc.

Inventor： Par Botes ,  John Hayes ,  Ethan Miller

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  G06F21/78 ,  H04L9/08 ,  H04L9/14

Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.

公开(公告)号：US10574454B1

公开(公告)日：2020-02-25

申请号：US15402954

申请日：2017-01-10

Applicant: Pure Storage, Inc.

Inventor： Andrew Bernat ,  Ethan Miller

IPC: H04L9/08

Abstract: Periodically re-encrypting user data stored on a storage device, including: detecting that a data encryption key should be decommissioned; and for user data stored on the storage device that is encrypted with the data encryption key: reading the user data that is encrypted with the data encryption key from the storage device; re-encrypting the user data utilizing a current data encryption key; and writing the user data that is encrypted utilizing the current data encryption key to the storage device.

公开(公告)号：US10572460B2

公开(公告)日：2020-02-25

申请号：US15041307

申请日：2016-02-11

Applicant: Pure Storage, Inc.

Inventor： John Colgrove ,  Joern Engel ,  Christopher Golden ,  Ethan Miller ,  Naveen Neelakantam

IPC: G06F16/00 ,  G06F16/22 ,  G06F16/23 ,  G06F3/06

Abstract: Compressing data in dependence upon characteristics of a storage system, including: receiving an amount of processing resources available in the storage system; receiving an amount of space available in the storage system; and selecting, in dependence upon the priority for conserving the amount of processing resources and the amount of space, a data compression algorithm to utilize to compress the data.

公开(公告)号：US10452289B1

公开(公告)日：2019-10-22

申请号：US15417912

申请日：2017-01-27

Applicant: Pure Storage, Inc.

Inventor： John Colgrove ,  John Hayes ,  Bo Hong ,  Ethan Miller

IPC: G06F11/10 ,  G06F3/06 ,  G06F11/20

Abstract: A system and method for adaptive RAID geometries. A computer system comprises client computers and data storage arrays coupled to one another via a network. A data storage array utilizes solid-state drives and Flash memory cells for data storage. A storage controller within a data storage array is configured to determine a first RAID layout for use in storing data, and write a first RAID stripe to the device group according to the first RAID layout. In response to detecting a first condition, the controller is configured to determine a second RAID layout which is different from the first RAID layout, and write a second RAID stripe to the device group according to the second layout, whereby the device group concurrently stores data according to both the first RAID layout and the second RAID layout.

公开(公告)号：US10235093B1

公开(公告)日：2019-03-19

申请号：US15484243

申请日：2017-04-11

Applicant: Pure Storage, Inc.

Inventor： John Colgrove ,  Ethan Miller ,  John Hayes ,  Cary Sandvig ,  Christopher Golden ,  Jianting Cao

IPC: G06F3/06

Abstract: A system and method for creating and managing snapshots. Mediums are recorded and maintained, all of which are read-only except for the most recent mediums in use by a volume. Multiple volumes may be maintained, including a first volume which points to a first medium. When a snapshot of the first volume is taken, a second medium is created that points to the first medium. The first volume is also updated to point to the second medium. The first medium becomes the underlying medium of the second medium, and lookups are performed initially on the second medium and then on the first medium if the data is not located in the second medium.

公开(公告)号：US10180879B1

公开(公告)日：2019-01-15

申请号：US14967848

申请日：2015-12-14

Applicant: Pure Storage, Inc.

Inventor： John Colgrove ,  John Hayes ,  Bo Hong ,  Ethan Miller

IPC: G06F11/00 ,  G06F11/10 ,  G06F3/06

Abstract: A system and method for offset protection data in a RAID array. A computer system comprises client computers and data storage arrays coupled to one another via a network. A data storage array utilizes solid-state drives and Flash memory cells for data storage. A storage controller within a data storage array is configured to store user data in a first page of a first storage device of the plurality of storage devices; generate intra-device protection data corresponding to the user data, and store the intra-device protection data at a first offset within the first page. The controller is further configured to generate inter-device protection data corresponding to the first page, and store the inter-device protection data at a second offset within a second page in a second storage device of the plurality of storage devices, wherein the first offset is different from the second offset.