摘要 |
A key value storage (KVS) system comprising: a client-side agent configured to encrypt data; three nodes hosted respectively in three cloud service providers, wherein each node comprises: a management node configured to receive encrypted data from the client-side agent, a homomorphic encryption (HE) key manager configured to fetch a public key of a given object in the KVS system, a homomorphic encryption and processing engine configured to execute commands over the encrypted data without decrypting it, a homomorphic memory store, a hypervisor configured to monitor performance of the management node in order to assess the quality of service of the management node; and wherein each node serves on a rotating basis in a master node role, a secondary node role, or a back-up node role, wherein the nodes rotate their roles when the master node's hypervisor detects a reduced quality of service of the master node's management node. |
主权项 |
1. A key value storage (KVS) system comprising:
a client-side agent configured to encrypt data, wherein only the client-side agent can decrypt the data; first, second, and third nodes hosted respectively in first, second, and third cloud service providers, wherein each of the first, second, and third nodes comprises:
a management node configured to receive encrypted data from the client-side agent,a homomorphic encryption (HE) key manager communicatively coupled to the management node and configured to fetch a public key of a given object in the KVS system to enable object key to public key mapping,a homomorphic encryption and processing engine communicatively coupled to the management node and configured to execute commands over the encrypted data without decrypting it,a homomorphic memory store communicatively coupled to the management node,a hypervisor communicatively coupled to the management node and configured to monitor performance of the management node in order to assess the quality of service of the management node; and wherein each of the first, second, or third nodes serves on a rotating basis in a master node role, a secondary node role, or a back-up node role, wherein the first, second, and third nodes rotate their roles when the master node's hypervisor detects a reduced quality of service of the master node's management node. |