摘要 |
A digital escrow pattern is provided for backup data services including searchable encryption techniques for backup data, such as synthetic full backup data, stored at remote site or in a cloud service, distributing trust across multiple entities to avoid a single point of data compromise. In one embodiment, an operational synthetic full is maintained with encrypted data as a data service in a cryptographically secure manner that addresses integrity and privacy requirements for external or remote storage of potentially sensitive data. The storage techniques supported include backup, data protection, disaster recovery, and analytics on second copies of primary device data. Some examples of cost-effective cryptographic techniques that can be applied to facilitate establishing a high level of trust over security and privacy of backup data include, but are not limited to, size-preserving encryption, searchable-encryption, or Proof of Application, blind fingerprints, Proof of Retrievability, and others.
|