Browse Prior Art Database

A new architecture in hybird cloud to secure authorized business content

IP.com Disclosure Number: IPCOM000242936D
Publication Date: 2015-Sep-01
Document File: 9 page(s) / 252K

Publishing Venue

The IP.com Prior Art Database

Abstract

By utilizing the existing convergent encryption and data deduplication technology, a new hybird cloud architecture is proposed. This hybird cloud will be consisted by at least one private cloud platform and at least two public cloud platform/storage facilities. This can be used in enterprise to protect their sensitive and confidential property much cheaper than ever.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 42% of the total text.

Page 01 of 9

A new architecture in hybird cloud to secure authorized business content

Popularity of cloud application extremely changes the form of ecosystem of IT industry. With more and more users moving on to cloud platform, the storage requirement grows by the power of exponential.

Another aspect is security consideration. During the evolution of cloud, the requirement of data security attracts more and more attention.

Currently, public cloud service provider can have more cheaper fee for storage usage but less security guarantee and private cloud service normally can provide enough security assurance but stroage and other maintance efforts will be huge to afford.

By utilizing the existing convergent encryption and data deduplication technology, a new hybird cloud architecture is proposed. This hybird cloud will be consisted by at least one private cloud platform and at least two public cloud platform/storage facilities.

Data deduplication is a common technology that is used on cloud platform to help reduce the storage usage. Two API can then be exposed based on that tech to end users for performing data block level deduplication and file level deduplication. These APIs can only return the duplicated data address as an ID object after (1) it exists and (2) it passes PoW(proofs

proofs-
--of

of

file_dedup(Filefile)

Given consideration to deduplication success ratio and security concerns, this architecture starts by using convergent encryption technology to encrypt the data before uploading. A local encryption processer will be pulled from cloud side and do the encryption locally. The corresponding decryption hash and key files will only be saved to private cloud since its size will be very small but the content is very confiential.

Added to this, the private part of this hybird cloud can then perform deduplication to the encrypted data against public cloud storage . The encrypted data are firstly spilted into a fixed-length data blocks or variable data blocks. And then submit them to the chosen public cloud to do deduplication check. The result could be:


(1) No duplication at all

In this situation, all data will be spilt averagely and randomly before uploading to the public cloud storages. The private cloud storage will only save the linkage information for the address returned from public cloud.


(2) Only some duplications are found.

In this situation, the block number of duplication part will be divided by found duplication server number to save the addresses averagely and randomly in the private cloud storage. The rest of them will do the same as case (1).

API (1) public IDdata_dedup(bytesdata); (2) public ID ID

ARTs). Otherwise it will return a NULL pointer.

of-

--ownership

ownership, refer explaination on RELATED

1



Page 02 of 9


(3) All contents are found duplication.

In this situation, all block number will be divided by found duplication server number to save the addresses averagely and randomly in the private cloud.

After this, the pri...