公开(公告)号：WO2009056570A1

公开(公告)日：2009-05-07

申请号：PCT/EP2008/064682

申请日：2008-10-29

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION ,  IBM UNITED KINGDOM LIMITED ,  GARIMELLA, Neeta ,  KOJENOV, Alexei ,  MULLEN, Shawn ,  SHANKAR, Ravi ,  VIKSNE, John

Inventor： GARIMELLA, Neeta ,  KOJENOV, Alexei ,  MULLEN, Shawn ,  SHANKAR, Ravi ,  VIKSNE, John

IPC: G06F21/00

CPC classification number: G06F21/6218 ,  G06F21/6209

Abstract: The present invention provides a computer implemented method, data processing system, and computer program product to restore an encrypted file. A computer receives a command to restore an encrypted file, wherein the encrypted file was previously backed up. The computer identifies a user associated with the encrypted file. The computer looks up a first keystore of the user based on the user, the first keystore having an active private key. The computer determines that a public key of the encrypted file fails to match an active public key of the first keystore. The computer restores a second keystore of the user to form a restored private key, wherein the second keystore was previously backed up. The computer responsive to a determination that the public key of the encrypted file fails to match the active public key of the first keystore, decrypts the encrypted file encryption key based on the restored private key to form a file encryption key. The computer encrypts the file encryption key with the active private key of the first keystore.

Abstract translation: 本发明提供了一种计算机实现的方法，数据处理系统和用于恢复加密文件的计算机程序产品。 计算机接收恢复加密文件的命令，其中先前备份了加密文件。 计算机识别与加密文件相关联的用户。 计算机基于用户查找用户的第一密钥库，第一密钥库具有活动的私钥。 计算机确定加密文件的公钥不能匹配第一密钥库的活动公钥。 计算机恢复用户的第二密钥库以形成恢复的私钥，其中先前备份了第二密钥库。 该计算机响应于确定加密文件的公开密钥与第一密钥库的活动公钥匹配的确定，基于恢复的私钥对加密的文件加密密钥进行解密以形成文件加密密钥。 计算机使用第一个密钥库的活动私钥对文件加密密钥进行加密。

公开(公告)号：WO2007054428A3

公开(公告)日：2007-11-29

申请号：PCT/EP2006067708

申请日：2006-10-24

Applicant: IBM ,  IBM UK ,  AUGENSTEIN OLIVER ,  GARIMELLA NEETA ,  SMITH JAMES PATRICK ,  ZAREMBA CHRISTOPHER

Inventor： AUGENSTEIN OLIVER ,  GARIMELLA NEETA ,  SMITH JAMES PATRICK ,  ZAREMBA CHRISTOPHER

IPC: G06F3/06 ,  G06F11/14 ,  G06F11/20

CPC classification number: G06F11/1448 ,  G06F3/0601 ,  G06F11/1456 ,  G06F2003/0697 ,  Y10S707/99953 ,  Y10S707/99955

Abstract: Provided are techniques for storing local versions of a data set. A first number that indicates how many local versions of the data set are to be stored in local storage given an amount of available local storage is received. It is determined whether a second number that indicates a total number of local versions of the data set that the local storage is capable of storing exceeds the first number. In response to determining that the second number exceeds the first number, the amount of local storage that is capable of storing the first number of local versions of the data set is used.

Abstract translation: 提供了用于存储数据集的本地版本的技术。 第一个数字表示接收到一定数量的可用本地存储器时，将在本地存储器中存储多少个本地版本的数据集。 确定指示本地存储器能够存储的数据集的本地版本的总数量的第二数字是否超过第一数量。 响应于确定第二数量超过第一数量，使用能够存储数据集合的第一数量的本地版本的本地存储器的数量。

公开(公告)号：WO2011042260A1

公开(公告)日：2011-04-14

申请号：PCT/EP2010/062704

申请日：2010-08-31

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION ,  IBM UNITED KINGDOM LIMITED ,  AUVENSHINE, John, Jason ,  KLINGENBERG, Bernhard, Julius ,  GARIMELLA, Neeta ,  CLARK, Thomas, Keith

Inventor： AUVENSHINE, John, Jason ,  KLINGENBERG, Bernhard, Julius ,  GARIMELLA, Neeta ,  CLARK, Thomas, Keith

IPC: G06F21/00

CPC classification number: H04L63/0884 ,  G06F8/65 ,  G06F21/30 ,  G06F21/31 ,  G06F21/57 ,  G06F21/60 ,  G06F21/62 ,  G06F21/6218 ,  G06F2221/2141 ,  G06F2221/2145 ,  G06F2221/2149 ,  H04L63/083 ,  H04L63/10

Abstract: A root user identifier of a computing system is disabled. Thereafter, and in response to determining that a problem with the computing system requires root privileges to the computing system to solve, a code patch for installation on the computing system is received from a third party. The code patch is installed on the computing system, resulting in a user identifier temporarily having the root privileges to the computing system. The user identifier is different than the root user identifier is. A password for the user identifier is provided to the third party to permit the third party to solve the problem with the computing system using the root privileges, via the user identifier temporarily having the root privileges to the computing system. The code patch is computer code installable on the computing system.

Abstract translation: 计算系统的根用户标识符被禁用。 此后，响应于确定计算系统的问题需要计算系统的root权限来解决，则从第三方接收用于在计算系统上安装的代码补丁。 代码补丁安装在计算系统上，导致用户标识符暂时具有计算系统的root权限。 用户标识符与根用户标识符不同。 将用户标识符的密码提供给第三方，以允许第三方通过临时具有计算系统的根特权的用户标识符，使用根特权解决计算系统的问题。 代码补丁是可以在计算系统上安装的计算机代码。

公开(公告)号：WO2007054428A2

公开(公告)日：2007-05-18

申请号：PCT/EP2006/067708

申请日：2006-10-24

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION ,  IBM UNITED KINGDOM LIMITED ,  AUGENSTEIN, Oliver ,  GARIMELLA, Neeta ,  SMITH, James, Patrick ,  ZAREMBA, Christopher

Inventor： AUGENSTEIN, Oliver ,  GARIMELLA, Neeta ,  SMITH, James, Patrick ,  ZAREMBA, Christopher

CPC classification number: G06F11/1448 ,  G06F3/0601 ,  G06F11/1456 ,  G06F2003/0697 ,  Y10S707/99953 ,  Y10S707/99955

Abstract: Provided are techniques for storing local versions of a data set. A first number that indicates how many local versions of the data set are to be stored in local storage given an amount of available local storage is received. It is determined whether a second number that indicates a total number of local versions of the data set that the local storage is capable of storing exceeds the first number. In response to determining that the second number exceeds the first number, the amount of local storage that is capable of storing the first number of local versions of the data set is used.

Abstract translation: 提供了用于存储数据集的本地版本的技术。 指定接收到可用本地存储量的第一个数字，指示在本地存储器中存储多少个本地版本的数据集。 确定指示本地存储器能够存储的数据集的本地版本的总数的第二数量是否超过第一数量。 响应于确定第二数量超过第一数量，使用能够存储数据集的第一数量本地版本的本地存储器的量。