	US 12,081,664 B2
	Cloud-native global file system with constant-time rekeying
Daphne M. Shaw, Newton, MA (US)
Assigned to Nasuni Corporation, Boston, MA (US)
Filed by Nasuni Corporation, Boston, MA (US)
Filed on Jun. 1, 2021, as Appl. No. 17/335,564.
Application 17/335,564 is a continuation of application No. 16/936,622, filed on Jul. 23, 2020, granted, now 11,025,422, issued on Jun. 1, 2021.
Claims priority of provisional application 62/877,361, filed on Jul. 23, 2019.
Prior Publication US 2021/0297250 A1, Sep. 23, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/08 (2006.01); G06F 16/172 (2019.01); G06F 16/182 (2019.01); G06F 21/60 (2013.01); G06F 21/62 (2013.01)

CPC H04L 9/0891 (2013.01) [G06F 16/172 (2019.01); G06F 16/182 (2019.01); G06F 21/602 (2013.01); G06F 21/6227 (2013.01); H04L 9/0825 (2013.01); H04L 9/085 (2013.01); H04L 9/0894 (2013.01)]

8 Claims

1. A storage-as-a-service system to provide storage for an enterprise, comprising:

at least one file system interface associated with the enterprise, wherein the file system interface is software executable on hardware and configured to represent, to the enterprise, a local file system whose data is stored in an object store associated with a cloud-based storage service provider;

the file system interface associated with a volume manager, the volume manager is software executable on hardware and configured to receive a public key pair for a volume, the public key pair comprising a private key and its associated public key, and in response: generate an intermediate key using the public key, add the intermediate key to a volume metadata file, and selectively share the volume metadata file including the intermediate key with one or more remote systems that share the volume managed by a global lock; and

the file system interface using the intermediate key to encrypt one or more objects for storage in the object store.