	US 12,206,686 B2
	AIOps guided, quantum-safe zero trust data transfer methods in-motion with segmented, data transfer across an overlay network
Peter Chacko, Kolenchery (IN)
Filed by Peter Chacko, Kolenchery (IN)
Filed on Dec. 22, 2022, as Appl. No. 18/087,189.
Claims priority of application No. 202141058712 (IN), filed on Dec. 22, 2021.
Prior Publication US 2023/0247032 A1, Aug. 3, 2023
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01)

CPC H04L 63/1416 (2013.01) [H04L 63/166 (2013.01)]

7 Claims

1. A system to implement segmented content transport over exclusive path (EP) data overlay, the system comprising:

a plurality of Data Transport Controller (DTC) nodes located in a wide area network, spanning countries and continents;

a plurality of Storage Gateway (SG) nodes converting content into SP fragments and transferring SP fragments to DTC node;

a plurality of Secure Vault (SV) nodes storing the fragments, before or after being transported over the tunnel network; and

a universal security controller (USC) node, communicatively connected to DTC nodes for populating and updating content forwarding paths to DTC nodes, wherein the USC node exchange executable instructions with DTC nodes, SG nodes and SV nodes for Contextual Risk Mitigation (CRM) operation, wherein system is configured for:

receiving real time intrusion detection event (RIDE) parameters from SV nodes at SG nodes;

receiving RIDE parameters from SG nodes and DTC nodes at USC;

transferring real time intrusion mitigation (RIM) codes to SG nodes and DTC nodes from USC;

transferring RIM codes to SV nodes from SG nodes;

executing RIM code processing operations at DTC nodes, SG nodes and SV nodes;

receiving the content at an SG node through data input operation at DTC node;

creating SP Fragments, out of content at a first SG node;

storing SP fragments at a first set of SV nodes;

receiving the commands at SG Node, to transfer content to a destination DTC;

moving the SP fragments from the first set of SV nodes to a first DTC node though the SG node;

selecting an exclusive set of DTCs as the Content Forwarding Router (CFR) List, at first DTC node, for each SP fragment;

updating each SP Fragment with separately selected CFR List for each SP fragment, at the first DTC node;

executing de-duplicated segment forwarding (DSF) operation;

terminating DSF operation at the terminal DTC node;

waiting for the reception of minimal set SP fragments split-set;

exchanging content gap block request from first DTC node;

receiving content gap blocks from the first DTC node;

applying content reassembly (CR) operations for data output operation;

executing de-dup restore operation; and

moving the fragments data to a second set of SV nodes, wherein, SG nodes, DTC and USC are communicatively connected to one another, and SV nodes are communicatively connected to SG nodes, DTC nodes exchange security control commands, security parameters, configuration parameters with USC, and run CRM operations based on the received command parameters.