Method and apparatus for accelerating connections in a cloud network

摘要

Various embodiments provide a method and apparatus of providing accelerated encrypted connections in a cloud network supporting transmission of data including per-user encrypted data. Transmission of encrypted data from an application server uses an encryption scheme that encrypts static data using a first encryption scheme that derives keys from the content itself and encrypts dynamic data, such as dynamic website content with personalized user data, using a second encryption scheme.

主权项

1. An apparatus for providing encryption of a target file in an acceleration connection system, the apparatus comprising:
a data storage; an I/O interface; and a processor communicatively connected to the data storage and the I/O interface, the processor being configured to: communicatively connect to a first client, a second client and at least two acceleration middle boxes via the I/O interface; separate the target file into a first static file chunk and a first dynamic file chunk in response to a request from the first client; separate the target file into a second static file chunk and a second dynamic file chunk in response to a request from the second client, wherein the second static file chunk is the same as the first static file chunk; create a first encrypted static file chunk of the first static file chunk based on a first encryption scheme, the first encryption scheme deriving keys from the content of the first static file chunk; create a first encrypted dynamic file chunk of the first dynamic file chunk based on a second encryption scheme; create a second encrypted static file chunk of the second static file chunk based on the first encryption scheme; create a second encrypted dynamic file chunk of the second dynamic file chunk based on the second encryption scheme; transmit the first encrypted static file chunk and the first encrypted dynamic file chunk to the first client via the at least two acceleration middle boxes; and transmit the second encrypted static file chunk and the second encrypted dynamic file chunk to the second client via the at least two acceleration middle boxes; wherein the first client and the second client are different; wherein the first encryption scheme and the second encryption scheme are different; wherein the first encrypted static file chunk and the second encrypted static file chunk are the same; wherein the first encryption scheme is selected to allow the at least two acceleration middle boxes to de-duplicate the first and second encrypted static file chunk using an acceleration scheme; and wherein the first encryption scheme and second encryption scheme are selected to allow the first client to retrieve the target file based on the first encrypted static file chunk and the first encrypted dynamic file chunk and the second client to retrieve the target file based on the second encrypted static file chunk and the second encrypted dynamic file chunk.