Zettaset Assigned Two Patents
Data-at-rest encryption and key management in unreliably connected environments, securing files using per-file key encryption
By Francis Pelletier | March 4, 2022 at 2:00 pmData-at-rest encryption and key management in unreliably connected environments
Zettaset, Inc., Mountain View, CA, has been assigned a patent (11,228,434) developed by Yankovskiy, Maksim, Mountain View, CA, and Murray, Eric A., Los Gatos, CA, for “data-at-rest encryption and key management in unreliably connected environments.“
The abstract of the patent published by the U.S. Patent and Trademark Office states: “Techniques are disclosed for securing data-at-rest at an internet-of-things (IoT) site with an unreliable or intermittent connectivity to the key manager operating at a corporate data center. The IoT site deploys one or more IoT devices/endpoints that generate IoT data according to the requirements of the site. The IoT data generated by these devices is collected/aggregated by one or more gateway devices. The gateways encrypt their data-at-rest gathered from the IoT devices using cryptographic keys. In the absence of a reliable connection to a backend corporate key manager, the design employs LAN key managers deployed locally at the IoT site. The gateways obtain keys from the LAN key managers to encrypt the IoT data before storing it in their local storage. The LAN key managers may periodically download keys from the corporate key manager or generate their own keys and then later synchronize with the corporate key manager.”
The patent application was filed on March 20, 2019 (16/359,964).
Securing files using per-file key encryption
Zettaset, Inc., Mountain View, CA, has been assigned a patent (11,108,753) developed by Murray, Eric A., Los Gatos, CA, for “securing files using per-file key encryption.“
The abstract of the patent published by the U.S. Patent and Trademark Office states: “A computer system and methods for securing files in a file system with storage resources accessible to an authenticable user using an untrusted client device in a semi-trusted client threat model. Each file is secured in the file system in one or more ciphertext blocks along with the file metadata. Each file is assigned a unique file key FK to encrypt the file. A wrapping key WK assigned to the file is used for encrypting the file key FK to produce a wrapped file key WFK. A key manager is in charge of generating and storing keys. The file is encrypted block by block to produce corresponding ciphertext blocks and corresponding authentication tags. The authentication tags are stored in the file metadata, along with an ID of the wrapping key WK, wrapped file key WFK, last key rotation time, an Access Control List, ACL, etc. The integrity of ciphertext blocks is ensured by authentication tags and the integrity of the metadata is ensured by a message authentication code (MAC).”
The patent application was filed on April 2, 2019 (16/372,766).
Subscribe to our free daily newsletter
