IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8892905 B1

PDFFull Text
Date of Patent:
Nov. 18, 2014

Filed:

Mar. 21, 2007

Method and apparatus for performing selective encryption/decryption in a data storage system

Applicants:

Adam Y. Lee, San Jose, CA (US);

Varun Malhotra, Palo Alto, CA (US);

Daniel Manhung Wong, Sacramento, CA (US);

Tirthankar Lahiri, Palo Alto, CA (US);

Kiran Goyal, Foster City, CA (US);

Juan R. Loaiza, Woodside, CA (US);

Paul Youn, Redwood City, CA (US);

Inventors:

Adam Y. Lee, San Jose, CA (US);

Varun Malhotra, Palo Alto, CA (US);

Daniel ManHung Wong, Sacramento, CA (US);

Tirthankar Lahiri, Palo Alto, CA (US);

Kiran Goyal, Foster City, CA (US);

Juan R. Loaiza, Woodside, CA (US);

Paul Youn, Redwood City, CA (US);

Assignee:

Oracle International Corporation, Redwood Shores, CA (US);

Attorneys:

Shun Yao

Park, Vaughan, Fleming & Dowler LLP

Primary Examiner:

Kambiz Zand

Assistant Examiner:

Phy Anh Vu

Int. Cl.
CPC ...
G06Q 30/02 (2012.01); H04L 9/08 (2006.01);
U.S. Cl.
CPC ...
H04L 9/0894 (2013.01);
Abstract

One embodiment of the present invention provides a system for performing selective encryption/decryption in a data storage system. During operation, the system receives a data block from a storage medium at an input/output layer, wherein the input/output layer serves as an interface between the storage medium and a buffer cache. Next, the system determines whether the data block is an encrypted data block. If not, the system stores the data block in the buffer cache. Otherwise, if the data block is an encrypted data block, the system retrieves a storage-key, wherein the storage-key is associated with a subset of storage, which is associated with the encrypted data block. Using the storage-key, the system then decrypts the encrypted data block to produce a decrypted data block. Finally, the system stores the decrypted data block in the buffer cache, wherein the data block remains encrypted in the storage medium.

Find Patent Forward Citations

Loading…