公开(公告)号：US11210007B2

公开(公告)日：2021-12-28

申请号：US16386803

申请日：2019-04-17

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Parag Deshmukh

IPC: G06F17/00 ,  G06F3/06 ,  H04L9/06 ,  G06F17/18 ,  H04L9/08 ,  G06F16/215 ,  G06F16/901 ,  G06F21/60

Abstract: Techniques are provided for deduplicating encrypted data. For example, a device has data to store in an encrypted state within a remote data store. A key is used to encrypt the data to create encrypted data. The data is hashed to create hashed data and the encrypted data is hashed to create hashed encrypted data. A probabilistic data structure of the data is generated. The key is encrypted based upon the data to create an encrypted key. The encrypted data is transmitted to the remote data store, along with metadata comprising the hashed data, the hashed encrypted data, the probabilistic data structure, and the encrypted key. The metadata may be used to implement deduplication for subsequent requests, to store data within the remote data store, with respect to the encrypted data.

公开(公告)号：US20250036597A1

公开(公告)日：2025-01-30

申请号：US18917175

申请日：2024-10-16

Applicant: NetApp, Inc.

Inventor： Ritika ,  Jagadish Vasudeva ,  Vani Vully ,  Raj Kamal ,  Deepak Dangi ,  Parag Deshmukh

IPC: G06F16/174 ,  G06F3/06

Abstract: Systems and methods for reducing read application in a virtual storage system are provided. According to one embodiment, heuristic data may be tracked and utilized in real-time by a file system of the virtual storage system at the level of granularity of a volume, thereby allowing a fast path flag to be enabled/disabled at a volume level during various phases of operation of a workload. The heuristic data for a given volume may be indicative of a correlation between (i) data blocks stored on the given volume being located within a compressible zone of a zoned checksum scheme and (ii) the respective data blocks containing compressed data and a corresponding checksum. Based on the heuristic data, read requests may be selectively directed to the read path (e.g., a fast path or a slow path) expected to mitigate read amplification when data compression is enabled for a zoned checksum scheme.

公开(公告)号：US12124413B2

公开(公告)日：2024-10-22

申请号：US17708284

申请日：2022-03-30

Applicant: NetApp, Inc.

Inventor： Ritika ,  Jagadish Vasudeva ,  Vani Vully ,  Raj Kamal ,  Deepak Dangi ,  Parag Deshmukh

IPC: G06F16/174 ,  G06F3/06

CPC classification number: G06F16/1744 ,  G06F3/0613 ,  G06F3/064 ,  G06F3/0665 ,  G06F3/0689

Abstract: Systems and methods for reducing read application in a virtual storage system are provided. According to one embodiment, heuristic data may be tracked and utilized in real-time by a file system of the virtual storage system at the level of granularity of a volume, thereby allowing a fast path flag to be enabled/disabled at a volume level during various phases of operation of a workload. The heuristic data for a given volume may be indicative of a correlation between (i) data blocks stored on the given volume being located within a compressible zone of a zoned checksum scheme and (ii) the respective data blocks containing compressed data and a corresponding checksum. Based on the heuristic data, read requests may be selectively directed to the read path (e.g., a fast path or a slow path) expected to mitigate read amplification when data compression is enabled for a zoned checksum scheme.

公开(公告)号：US11662930B2

公开(公告)日：2023-05-30

申请号：US17676342

申请日：2022-02-21

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

CPC classification number: G06F3/0641 ,  G06F3/067 ,  G06F3/0608 ,  H04L9/0838 ,  H04L9/0891

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.

公开(公告)号：US20220171557A1

公开(公告)日：2022-06-02

申请号：US17676342

申请日：2022-02-21

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.

公开(公告)号：US20230315691A1

公开(公告)日：2023-10-05

申请号：US17708284

申请日：2022-03-30

Applicant: NetApp, Inc.

Inventor： Ritika ,  Jagadish Vasudeva ,  Vani Vully ,  Raj Kamal ,  Deepak Dangi ,  Parag Deshmukh

IPC: G06F16/174 ,  G06F16/188

CPC classification number: G06F16/1744 ,  G06F16/188

Abstract: Systems and methods for reducing read application in a virtual storage system are provided. According to one embodiment, heuristic data may be tracked and utilized in real-time by a file system of the virtual storage system at the level of granularity of a volume, thereby allowing a fast path flag to be enabled/disabled at a volume level during various phases of operation of a workload. The heuristic data for a given volume may be indicative of a correlation between (i) data blocks stored on the given volume being located within a compressible zone of a zoned checksum scheme and (ii) the respective data blocks containing compressed data and a corresponding checksum. Based on the heuristic data, read requests may be selectively directed to the read path (e.g., a fast path or a slow path) expected to mitigate read amplification when data compression is enabled for a zoned checksum scheme.

公开(公告)号：US20230315315A1

公开(公告)日：2023-10-05

申请号：US17708271

申请日：2022-03-30

Applicant: NetApp, Inc.

Inventor： Ritika ,  Jagadish Vasudeva ,  Vani Vully ,  Raj Kamal ,  Deepak Dangi ,  Parag Deshmukh

IPC: G06F3/06

CPC classification number: G06F3/064 ,  G06F3/0664 ,  G06F3/0659 ,  G06F3/0619 ,  G06F3/0689

Abstract: Systems and methods for reducing read application in a virtual storage system are provided. According to one embodiment, read amplification is reduced when AZCS compression is being utilized by avoiding restarting of a read process via a slow path via a RAID layer of the virtual storage system when a data block associated with a read request and obtained via a first fast path read has been found not to be compressed. Instead, a second fast path read may be performed to obtain the corresponding checksum. Alternatively, or additionally, heuristics may be used to predict the odds of the data block being compressed. For example, when information encoded within a PVBN of the data block that identifies the PVBN as being within a compressed AZCS zone has shown to be sufficiently/insufficiently predictive of the data block being compressed, then a flag may be set to enable/disable fast path reads.

公开(公告)号：US20210389893A1

公开(公告)日：2021-12-16

申请号：US17461220

申请日：2021-08-30

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Parag Deshmukh

IPC: G06F3/06 ,  H04L9/06 ,  G06F17/18 ,  H04L9/08 ,  G06F16/215 ,  G06F16/901 ,  G06F21/60

Abstract: Techniques are provided for deduplicating encrypted data. For example, a device has data to store in an encrypted state within a remote data store. A key is used to encrypt the data to create encrypted data. The data is hashed to create hashed data and the encrypted data is hashed to create hashed encrypted data. A probabilistic data structure of the data is generated. The key is encrypted based upon the data to create an encrypted key. The encrypted data is transmitted to the remote data store, along with metadata comprising the hashed data, the hashed encrypted data, the probabilistic data structure, and the encrypted key. The metadata may be used to implement deduplication for subsequent requests, to store data within the remote data store, with respect to the encrypted data.

公开(公告)号：US20230297264A1

公开(公告)日：2023-09-21

申请号：US18324355

申请日：2023-05-26

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

CPC classification number: G06F3/0641 ,  G06F3/0608 ,  G06F3/067 ,  H04L9/0838 ,  H04L9/0891

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.

公开(公告)号：US11256433B2

公开(公告)日：2022-02-22

申请号：US16354562

申请日：2019-03-15

Applicant: NetApp Inc.

Inventor： Srinivasan Narayanamurthy ,  Dnyaneshwar Nagorao Pawar ,  Jagadish Vasudeva ,  Parag Deshmukh ,  Siddhartha Nandi

IPC: G06F3/06 ,  H04L9/08

Abstract: Techniques are provided for aggregate inline deduplication and volume granularity encryption. For example, data that is exclusive to a volume of a tenant is encrypted using an exclusive encryption key accessible to the tenant. The exclusive encryption key of that tenant is inaccessible to other tenants. Shared data that has been deduplicated and shared between the volume and another volume of a different tenant is encrypted using a shared encryption key of the volume. The shared encryption key is made available to other tenants. In this way, data can be deduplicated across multiple volumes of different tenants of a storage environment, while maintaining security and data privacy at a volume level.