发明名称 |
Separate cryptographic keys for protecting different operations on data |
摘要 |
The disclosed embodiments provide a system that processes data. During operation, the system uses a first key to protect a write operation on the data. Next, the system uses a second key to protect a read operation on the data. |
申请公布号 |
US9563789(B1) |
申请公布日期 |
2017.02.07 |
申请号 |
US201615132491 |
申请日期 |
2016.04.19 |
申请人 |
Open Invention Network, LLC |
发明人 |
Thomas Geoffrey G.;Whaley John;Purtell, II Thomas Joseph |
分类号 |
G06F21/62 |
主分类号 |
G06F21/62 |
代理机构 |
Haynes and Boone, LLP |
代理人 |
Haynes and Boone, LLP |
主权项 |
1. A method, comprising:
using a first key to protect a write operation on data by encrypting, by computer, the data with a data key; using a second key to protect a read operation on the data by decrypting the data with the data key and verifying a signature associated with the data with the second key; using a third key to protect a write operation on metadata for the data by encrypting the metadata with a metadata key; using a fourth key to protect a read operation on the metadata by decrypting the metadata with the metadata key and verifying a signature associated with the metadata with the fourth key; and performing one of: generating the signature associated with the data with the first key or generating the signature associated with the metadata with the third key; wherein using the first key to protect the write operation further involves appending an amount of padding in the encrypted data to the encrypted data; wherein the write operation is protected prior to performing the write operation with a remote storage mechanism; and wherein the read operation is protected after performing the read operation with the remote storage mechanism. |
地址 |
Durham NC US |