News Column

Patent Issued for Content Deduplication in Enterprise Rights Management

September 2, 2014

By a News Reporter-Staff News Editor at Information Technology Newsweekly -- According to news reporting originating from Alexandria, Virginia, by VerticalNews journalists, a patent by the inventor Clifford, Thomas G. (Edina, MN), filed on March 31, 2009, was published online on August 19, 2014.

The assignee for this patent, patent number 8812874, is Symantec Corporation (Mountain View, CA).

Reporters obtained the following quote from the background information supplied by the inventors: "This invention relates to the operation of Enterprise Rights Management systems and more specifically, to enabling deduplication in an Enterprise Rights Management system.

"Organizations often maintain and handle sensitive data using computer systems and networks. Such data may be considered sensitive from a business and/or legal standpoint. For example, an organization such as a legal department may maintain confidential legal documents on its systems.

"Enterprise Rights Management (ERM) systems may be used to protect sensitive data from unauthorized access. In such systems, a file (or part of a file) that contains sensitive information may be encrypted and the encrypted data associated with one or more access rights. Various strong encryption algorithms may be used by ERM systems to perform this encryption such that a user that obtains the ERM-protected, encrypted file cannot decipher its contents without the proper decryption key. Encrypted data may be referred to herein as cipher text.

"In some ERM systems, a user may assign access rights to data using a publishing license. The publishing license may be combined with cipher text to produce ERM-protected data, which can only be accessed according to the access permissions.

"ERM-protected data may be stored alongside unprotected data on various storage systems. In some storage systems, such as backup storage systems or storage service systems, it may be desirable to reduce the amount of storage space required to store the data by deduplicating redundant data. For example, a storage client may be configured to detect an attempt to store data to a storage system that already holds a copy of the data. In response to detecting this, one example storage client may be configured to not copy the data to the storage system, but instead, to register its interest in the data with the storage system. Thus, with deduplication, only a single copy of the data is stored on the system at any given time, thereby reducing the storage space requirements for storing the data."

In addition to obtaining background information on this patent, VerticalNews editors also obtained the inventor's summary information for this patent: "In various embodiments, an enterprise rights management (ERM) system may be configured to enable data deduplication of ERM-protected data. According to some embodiments, an ERM-aware application may segment data (e.g., a file) into one or more segments and encrypt each data segment using a respective convergent encryption key that is dependent on the contents of the data segment. The ERM-aware application may store a respective decryption key for each data segment in a publishing license associated with the data. In some embodiments, the respective encryption key of each segment may be identical to its respective decryption key.

"In some embodiments, the particular segmentation applied to the data may depend on deduplication boundaries. For example, an ERM-aware application may query a deduplication system to discover which portions of the data are redundant and base its own segmentation boundaries on such data. In other embodiments, fixed segmentation boundaries may be used.

"In various embodiments, a deduplication system may deduplicate the ERM-protected data. Since data segments are encrypted in a manner dependent on their respective content, identical data segments may produce identical cipher-text, which may be deduplicated by a deduplication system."

For more information, see this patent: Clifford, Thomas G.. Content Deduplication in Enterprise Rights Management. U.S. Patent Number 8812874, filed March 31, 2009, and published online on August 19, 2014. Patent URL:

Keywords for this news article include: Symantec Corporation, Information Technology, Information and Data Encoding and Encryption.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: Information Technology Newsweekly

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters