| 发明名称 |
OPTIMIZABLE FULL-PATH ENCRYPTION IN A VIRTUALIZATION ENVIRONMENT |
| 摘要 |
An approach for full-path data encryption, where user virtualized computers (e.g., user VMs) are configured to communicate with other virtualized computers or VMs using IPsec protocol encryption standards. The user VMs may send a first encryption or authorization key to the other VMs, which the other VMs may use to authenticate the user VMs and encrypt and decrypt data stored to storage devices using a second encryption key. In some approaches, the other VMs may interpret or decrypt the data sent via IPsec and then perform data optimizations (e.g., compression, deduplication) on the data before decrypting/encrypting with the second key. |
| 申请公布号 |
US2016359622(A1) |
申请公布日期 |
2016.12.08 |
| 申请号 |
US201615172952 |
申请日期 |
2016.06.03 |
| 申请人 |
Nutanix, Inc. |
发明人 |
BUNCH Alexander Michael;CUI Miao;KULKARNI Ajay Prakash;TURSHMID Peter Alan |
| 分类号 |
H04L9/08;H03M7/30;G06F3/06 |
主分类号 |
H04L9/08 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for optimizable full-path encryption in a virtualization environment, comprising:
receiving a network communication encrypted via an internet layer security protocol, the network communication structured as a data storage access request, the network communication comprising a first key; decrypting the network communication via the internet layer security protocol; decrypting a second key using the first key; performing one or more data optimization operations on the decrypted network communication; encrypting the network communication using the second key; and storing the encrypted network communication as encrypted data in one or more data storage devices. |
| 地址 |
San Jose CA US |
