| 发明名称 | Storage encryption | ||
| 摘要 | Storage associated with a virtual machine or other type of device may be migrated between locations (e.g., physical devices, network locations, etc.). To maintain the security of the storage, a system may manage the encryption of the storage area such that a storage area is encrypted with a first encryption key that may be maintained through the migration. A header of the storage area, on the other hand, may be encrypted using a second encryption key and the first encryption key may be stored therein. Upon transfer, the header may be re-encrypted to affect the transfer of security. | ||
| 申请公布号 | US9509501(B2) | 申请公布日期 | 2016.11.29 |
| 申请号 | US201514679363 | 申请日期 | 2015.04.06 |
| 申请人 | Citrix Systems, Inc. | 发明人 | Bursell Michael |
| 分类号 | G06F12/14;H04L9/08;G06F9/48;G06F21/62;G06F9/455;G06F21/60;H04L9/14;G06F3/06 | 主分类号 | G06F12/14 |
| 代理机构 | Banner & Witcoff, Ltd. | 代理人 | Banner & Witcoff, Ltd. |
| 主权项 | 1. A non-transitory computer-readable medium storing instructions that, when executed by a processor of an apparatus, cause the apparatus to: encrypt a storage area provisioned for a virtual or actual machine with a first encryption key, the storage area storing data; store the first encryption key in a header of the storage area, wherein the header and the data stored in the storage area are logically separate from one another; generate a second encryption key and store the second encryption key in the header; encrypt the header and the first encryption key stored therein with the second encryption key; and migrate the storage area, including: decrypting the first encryption key with the second encryption key;encrypting the first encryption key with a third encryption key; andremoving the second encryption key from the header after encrypting the first encryption key with the third encryption key. | ||
| 地址 | Fort Lauderdale FL US | ||