Secure database backup and recovery
US-2017046521-A1 · Feb 16, 2017 · US
Secure database backup and recovery
US9929861B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9929861-B2 |
| Application number | US-201715497311-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 26, 2017 |
| Priority date | Nov 6, 2014 |
| Publication date | Mar 27, 2018 |
| Grant date | Mar 27, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for secure database backup and recovery in a secure database network having N distributed data nodes, wherein N is an integer greater than 2, the method comprising: receiving a database backup file from a database system; fragmenting the file into n fragments, wherein n is an integer greater than 2; associating each fragment with a data node of the N distributed data nodes that will not be used to store the fragment; encrypting each fragment of the n fragments using a first key; storing the n fragments on the N distributed data nodes whereby no fragment is stored on its associated data node; retrieving the n fragments a determined time later from the N distributed data nodes; decrypting each fragment of the n fragments using the first key; encrypting each fragment of the n fragments again with a different key; storing the n fragments again on the N distributed data nodes whereby no fragment is stored on its associated data node; wherein after retrieving each fragment from a respective data node, said fragment is stored again on a different data node from the data node it was retrieved from, and wherein determining fragment data node location is performed by a sensor in the data node: that monitors communications traffic between data nodes and that listens for communications requests and sends back responses including stored fragments. 2. The method of claim 1 wherein storing and retrieval of the n fragments is performed by agents in the database system and sensors in the data nodes whereby fragment node location is not stored in the database system. 3. The method of claim 2 further comprising using a key generator and store to fragment the key; encrypt each key fragment; and store each encrypted key fragment with a backup fragment. 4. The method of claim 3 wherein database metadata is added to the fragment whereby database metadata is fragmented and distributed. 5. The method of claim 4 wherein the database metadata includes, but is not limited to, network configuration, database node locations and backup image expiration. 6. The method of claim 5 wherein the encryption is public/private key encryption.
Assignees
Inventors
Classifications
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
Management of the data involved in backup or backup restore · CPC title
to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself · CPC title
using striping · CPC title
Database-specific techniques · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9929861B2 cover?
- As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The pr…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F11/1464. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 27 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).