System and method for combining deduplication and encryption of data

摘要

The embodiments herein relate to data management and, more particularly, to global deduplication and encryption of data in data management systems. The user equipments (UE) are grouped under certain deduplication groups based on certain parameters such as rate of data exchange, frequency of data exchange, social closeness, work closeness, similarity of data and interests and so on, between those UEs. Further, specific deduplication and encryption parameters such as encryption method, encryption key, signature computation method, block computation method and so on are assigned to each group. Further, deduplication and encryption of data in each group is performed using the deduplication and encryption modes and parameters assigned to each group. The deduplication and encryption of data is performed in at least one of the UEs and/or a server. Further, the parameters used for deduplication and encryption are stored in specific databases and are encrypted for better security.

主权项

1. A method for performing deduplication and encryption on data, said method comprising:
grouping at least a plurality of user equipment to at least one deduplication group by a controller module; assigning deduplication parameters to the at least one group by said controller module; assigning at least one encryption method and one encryption key to each of said user equipment by said controller module, wherein the at least one encryption method assigned to each of said user equipment is configured to be at least one of unique for each group and unique for certain groups in a network, wherein the encryption key assigned to each of said user equipment is at least one of a user key, a group key, a group key of said at least one group, and a combination of at least said user key, said group key, and said group key of said at least one group; creating at least a block of data from said data to be deduplicated and encrypted; computing at least unique signatures of said block of data by using at least an output of a signature computation function, wherein said output is used to verify at least authenticity of said block of data; deduplicating at least said block of data by a deduplication and encryption module, wherein said deduplication parameters assigned to each of the at least one group are configured to be either one of different and the same; performing deduplication on said block of data by using at least rolling checksum based block computation; and encrypting said deduplicated data by said deduplication and encryption module, wherein said at least one encryption method and encryption key assigned to each of said user equipment are chosen based on the deduplication parameters of at least one of said at least one group.