Codeless Logging in an Integration Platform
US-2020334135-A1 · Oct 22, 2020 · US
Storage system with encrypted data storage device telemetry data
US11616767B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11616767-B2 |
| Application number | US-202117182698-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 23, 2021 |
| Priority date | Dec 17, 2020 |
| Publication date | Mar 28, 2023 |
| Grant date | Mar 28, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for encrypted storage device telemetry data are described. Storage device telemetry data may be collected for a telemetry message, such as a non-volatile memory express (NVMe) telemetry command, and encrypted using a first encryption key. The first encryption key may be encrypted using one or multiple second encryption keys and the encrypted first encryption key may be added to the telemetry message. A client system may receive the telemetry message, decrypt the encrypted first encryption key, and use the first encryption key to decrypt the encrypted storage device telemetry data.
First claim
Opening claim text (preview).
The invention claimed is: 1. A system, comprising: a processor; a memory; an encryption engine, stored in the memory for execution by the processor, configured to: receive storage device telemetry data; determine, from the storage device telemetry data, a first data section and a second data section; encrypt, using a first encryption key, the first data section of the storage device telemetry data; encrypt, using a encryption key, the second data section of the storage device telemetry data; and encrypt, using a third encryption key, the first encryption key and the second encryption key; and a message handler, stored in the memory for execution by the processor, configured to: format a telemetry message, wherein the telemetry message includes: the encrypted first data section of the storage device telemetry data; the encrypted second data section of the storage device telemetry data; the encrypted first encryption key and the encrypted second encryption key; and a table of contents configured to indicate encryption keys used to encrypt each data section of a plurality of data sections of the storage device telemetry data, including the first data section and the second data section; and send the telemetry message to a first client system configured to decrypt: the first encryption key from the encrypted first encryption key based on the third encryption key; and the first data section of the storage device telemetry data from the encrypted first data section of the storage device telemetry data. 2. The system of claim 1 , wherein: the encryption engine is further configured to encrypt, using a fourth encryption key, the first encryption key; the telemetry message further includes the encrypted first encryption key based on the fourth encryption key; and the message handler is further configured to send the telemetry message to a second client system configured to decrypt: the first encryption key from the encrypted first encryption key based on the fourth encryption key; and the first data section of the storage device telemetry data from the encrypted first data section of the storage device telemetry data. 3. The system of claim 1 , wherein: the first encryption key is a symmetric key; the third encryption key is a public key of a public-private key pair; and the first client system includes a private encryption key for the public-private key pair of the third encryption key. 4. The system of claim 1 , further comprising a data storage device configured to: periodically collect telemetry data sets; and send each telemetry data set of a plurality of data sets to the encryption engine, wherein: the encryption engine is further configured to encrypt each telemetry data set; and the message handler is further configured to send each encrypted telemetry data set to the first client system. 5. The system of claim 4 , wherein: the data storage device includes: the processor; the memory; the encryption engine; and the message handler; the data storage device is further configured to generate a new first encryption key for each telemetry data set; and the encryption engine is further configured to encrypt each telemetry data set using a different first encryption key. 6. The system of claim 5 , wherein: the data storage device is further configured to use a non-volatile memory express (NVMe) storage protocol; and the message handler is further configured to use an NVMe telemetry command to send the telemetry message. 7. The system of claim 1 , wherein the encryption engine is further configured to encrypt the table of contents. 8. The system of claim 1 , wherein: the telemetry message further includes a sub-header comprising vendor specific protocol requirements for the telemetry message; and the encryption engine is further configured to encrypt the sub-header. 9. The system of claim 1 , further comprising the first client system, wherein the first client system comprises: a client processor; a client memory; a telemetry data manager, stored in the client memory for execution by the client processor, configured to: receive the telemetry message; determine the encrypted first data section of the storage device telemetry data; and determine the encrypted first encryption key based on the third encryption key; and a decryption engine, stored in the client memory for execution by the client processor, configured to decrypt: the first encryption key from the encrypted first encryption key based on the third encryption key; and the first data section of the storage device telemetry data from the encrypted first data section of the storage device telemetry data. 10. The system of claim 9 , wherein: the telemetry data manager is further configured to: store a private encryption key from a public-private key pair for the third encryption key; and display the first data section of the storage device telemetry data on a user interface; the storage device telemetry data includes at least one data type selected from: self-monitoring and reporting technology (SMART) data; non-volatile memory express (NVMe) data logs; dynamic storage device configuration data; event data logs; debug data; firmware management data; error data; and workload data; and the decryption engine is further configured to use the private encryption key to decrypt the first encryption key from the encrypted first encryption key. 11. A computer-implemented method, comprising: collecting storage device telemetry data; determining, from the storage device telemetry data, a first data section and a second data section; encrypting, using a first encryption key, the first data section of the storage device telemetry data; encrypting, using a second encryption key, the second data section of the storage device telemetry data; encrypting, using a third encryption key, the first encryption key and the second encryption key; formatting a telemetry message, wherein the telemetry message includes: the encrypted first data section of the storage device telemetry data; the encrypted second data section of the storage device telemetry data; the encrypted first encryption key and the encrypted second encryption key; and a table of contents configured to indicate encryption keys used to encrypt each data section of a plurality of data sections of the storage device telemetry data, including the first data section and the second data section; sending the telemetry message to a first client system; receiving, by the first client system, the telemetry message; decrypting, by the first client system, the first encryption key from the encrypted first encryption key based on the third encryption key; and decrypting, by the first client system, the first data section of the storage device telemetry data from the encrypted first data section of the storage device telemetry data. 12. The computer-implemented method of claim 11 , further comprising: encrypting, using a fourth encryption key, the first encryption key, wherein the telemetry message further includes the encrypted first encryption key based on the fourth encryption key; sending the telemetry message to a second client system; decrypting, by the second client system, the first encryption key from the encrypted first encryption key based on the fourth encryption key; and decrypting, by the second client system, the first data section of the storage device telemetry data from the encrypted first data section of the storage device telemetry data. 13. The computer-implemented method of claim 11 , further comprising: deter
Assignees
Inventors
Classifications
Data logging (G06F11/14, G06F11/2205 take precedence) · CPC title
using key encryption key · CPC title
applying encryption of the keys · CPC title
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
- H04L63/045Primary
wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption (cryptographic mechanisms or cryptographic arrangements using a plurality of keys or algorithms H04L9/14) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11616767B2 cover?
- Systems and methods for encrypted storage device telemetry data are described. Storage device telemetry data may be collected for a telemetry message, such as a non-volatile memory express (NVMe) telemetry command, and encrypted using a first encryption key. The first encryption key may be encrypted using one or multiple second encryption keys and the encrypted first encryption key may be added…
- Who is the assignee on this patent?
- Western Digital Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/045. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 28 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).