logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9787522 B1

PDFFull Text
Date of Patent:
Oct. 10, 2017

Filed:

Jun. 29, 2011

Data processing system having failover between hardware and software encryption of storage data

Applicants:

Cesareo Contreras, Northbridge, MA (US);

Atul Kabra, New Delhi, IN;

Michael E. Bappe, Loveland, CO (US);

Edith Epstein, Arlington, MA (US);

Helen S. Raizen, Jamaica Plain, MA (US);

Alexander Elpaev, Saint Petersburg, RU;

Inventors:

Cesareo Contreras, Northbridge, MA (US);

Atul Kabra, New Delhi, IN;

Michael E. Bappe, Loveland, CO (US);

Edith Epstein, Arlington, MA (US);

Helen S. Raizen, Jamaica Plain, MA (US);

Alexander Elpaev, Saint Petersburg, RU;

Assignee:

EMC IP Holding Company LLC, Hopkinton, MA (US);

Attorney:

BainwoodHuang

Primary Examiner:

Tri Tran

Int. Cl.
CPC ...
H04L 29/00 (2006.01); H04L 29/08 (2006.01); H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
H04L 29/067 (2013.01); H04L 29/08549 (2013.01);
Abstract

A computer of a data processing system includes a software encryption engine and path circuitry that initially provides one or more paths for conveying data of storage I/O requests to and from a storage device, the paths including an encrypting path having a hardware encrypting component. According to a failover technique, in a first operating state, (a) the data of the storage I/O requests is conveyed via the encrypting path with encryption and decryption of the data being performed by the hardware encrypting component, and (b) monitoring is performed for occurrence of an event indicating that the hardware encrypting component has become unavailable for encrypting and decrypting the data of the storage I/O requests. Upon occurrence of the event, if the path circuitry provides a non-encrypting path for conveying the data of the storage I/O requests to and from the storage device, then operation is switched to a second operating state in which the data of the storage I/O requests is conveyed via the non-encrypting path and is encrypted and decrypted by the software encryption engine. A failback technique provides for reverting to hardware-assisted encryption under proper circumstances.

Find Patent Forward Citations

Loading…