US 11,856,090 B2
Data protection optimization
Hong Qing Zhou, Shanghai (CN); Yan Lin Ren, Shanghai (CN); Zong Xiong Z X Wang, Beijing (CN); Zhang Li, Han Dian District (CN); and Xiao Ling Chen, Changping District (CN)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Jun. 24, 2021, as Appl. No. 17/356,742.
Prior Publication US 2022/0417007 A1, Dec. 29, 2022
Int. Cl. H04L 9/14 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/0825 (2013.01) [H04L 9/0822 (2013.01); H04L 9/0894 (2013.01); H04L 9/14 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A computer-implemented method for data protection, comprising:
obtaining, by one or more processors, an encrypted data key and a first encrypted protection key from a storage device;
sending, by one or more processors, the first encrypted protection key to a first device;
receiving, by one or more processors, a second encrypted protection key from the first device, wherein the second encrypted protection key is generated by the first device through:
decrypting the first encrypted protection key, resulting in a protection key, and encrypting the protection key using a first session key;
decrypting, by one or more processors, the second encrypted protection key using a second session key; and
decrypting, by one or more processors, the encrypted data key using the protection key to obtain a data key.