Distributed and scalable storage management using a storage-microservices server
US-2020036789-A1 · Jan 30, 2020 · US
Secure ingress and egress for data engines
US12056259B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12056259-B2 |
| Application number | US-202016995922-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 18, 2020 |
| Priority date | Aug 18, 2020 |
| Publication date | Aug 6, 2024 |
| Grant date | Aug 6, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Aspects include receiving a query at a data engine. The data engine includes data in a protected format stored in a secured database and a copy of the data in a clear format stored in a secured database replica. The query is received from a requestor. The query is processed at the secured database replica to generate a query response in the clear format. The query response is converted into the protected format. The converted query response in the protected format is provided to the requestor.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving a query at a data engine, the data engine comprising data in an encrypted format stored in a secured database and a copy of the data in an unencrypted format stored in a secured database replica, wherein the secured database is tuned to optimize processing of at least a first type of query, wherein the secured database replica is tuned to optimize processing of at least a second type of query, and wherein a database is tuned to optimize processing of a query type when the database is configured to run queries of the query type as quickly as possible, the receiving from a requestor; determining, based on a type of the query and based on at least one of quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query, that the query should be processed by the secured database replica; based on determining that the query should be processed by the secured database replica: processing the query at the secured database replica to generate a query response in the unencrypted format; converting the query response into the encrypted format; and providing the converted query response in the encrypted format to the requestor. 2. The method of claim 1 , wherein the query is characterized as being the second type of query. 3. The method of claim 1 , further comprising: receiving input data at the data engine, the input data in the encrypted format; and storing the input data in the encrypted format in the secured database. 4. The method of claim 3 , further comprising replicating the input data, the replicating comprising: converting the input data stored in the secured database into the unencrypted format; and storing the input data in the unencrypted format in the secured database replica. 5. The method of claim 3 , wherein the input data in unencrypted format is received from a client application. 6. The method of claim 3 , wherein the data engine further comprises a data security system that applies a security scheme to perform: the converting the query response into the encrypted format; converting the input data into the encrypted format; and converting the input data stored in the secured database into the unencrypted format. 7. The method of claim 1 , wherein the secured database and the secured database replica are relational databases. 8. The method of claim 7 , wherein contents of only a subset of columns in a row of the secured database are in the encrypted format. 9. The method of claim 1 , wherein the determining, based on a type of the query and based on at least one of the quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query, that the query should be processed by the secured database replica is further based on an amount of current usage of the two databases. 10. The method of claim 9 , wherein the determining, based on the type of query and based on at least one of the quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query is based on the type of query and based on each of the quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query. 11. A system comprising: one or more processors for executing computer-readable instructions, the computer-readable instructions controlling the one or more processors to perform operations stored in a memory, the operations comprising: receiving a query at a data engine, the data engine comprising data in a encrypted format stored in a secured database and a copy of the data in an unencrypted format stored in a secured database replica, wherein the secured database is tuned to optimize processing of at least a first type of query, wherein the secured database replica is tuned to optimize processing of at least a second type of query, and wherein a database is tuned to optimize processing of a query type when the database is configured to run queries of the query type as quickly as possible, the receiving from a requestor; determining, based on a type of the query and based on at least one of quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query, whether the query should be processed by the secured database replica or the secured database; based on determining that the query should be processed by the secured database replica: processing the query at the secured database replica to generate a query response in the unencrypted format; converting the query response into the encrypted format; and providing the converted query response in the encrypted format to the requestor. 12. The system of claim 11 , wherein the query is characterized as being a first type of query, and the secured database replica is tuned to optimize performance of one or more types of queries including the first type of query. 13. The system of claim 11 , wherein the operations further comprise: receiving input data at the data engine, the input data in the unencrypted format; converting the input data into the encrypted format; and storing the input data in the encrypted format in the secured database. 14. The system of claim 13 , wherein the operations further comprise replicating the input data, the replicating comprising: converting the input data stored in the secured database into the unencrypted format; and storing the input data in the unencrypted format in the secured database replica. 15. The system of claim 13 , wherein the input data in unencrypted format is received from a client application. 16. The system of claim 13 , wherein the data engine further comprises a data security system that applies a security scheme to perform: the converting the query response into the encrypted format; converting the input data into the encrypted format; and converting the input data stored in the secured database into the unencrypted format. 17. The system of claim 11 , wherein the secured database and the secured database replica are relational databases. 18. The system of claim 17 , wherein contents of only a subset of columns in a row of the secured database are in the encrypted format. 19. A computer program product comprising a computer-readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform operations comprising: receiving a query at a data engine, the data engine comprising data in an encrypted format stored in a secured database and a copy of the data in an unencrypted format stored in a secured database replica, wherein the secured database is tuned to optimize processing of at least a first type of query, wherein the secured database replica is tuned to optimize processing of at least a second type of query, and wherein a database is tuned to optimize processing of a query type when the database is configured to run queries of the query type as quickly as possible, the receiving from a requestor; determining, based on a type of the query and based on quality of service (QOS) targets, and on reliability, availability and serviceability (RAS) requirements associated with the query, whether the query should be processed by the secured database replica or the secured database; based on determining that the query should be processed by the secured database replica: proces
Assignees
Inventors
Classifications
where protection concerns the structure of data, e.g. records, types, queries · CPC title
- G06F16/27Primary
Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor · CPC title
Optimisations to support specific applications; Extensibility of optimisers · CPC title
Data format conversion from or to a database · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12056259B2 cover?
- Aspects include receiving a query at a data engine. The data engine includes data in a protected format stored in a secured database and a copy of the data in a clear format stored in a secured database replica. The query is received from a requestor. The query is processed at the secured database replica to generate a query response in the clear format. The query response is converted into the…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F16/27. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 06 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).