Patents by Inventor Thomas G. Clifford
Thomas G. Clifford has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10761760Abstract: Disclosed herein are methods, systems, and processes to improve the duplication of data between disparate deduplication systems. Source fingerprints are generated for data blocks using a source fingerprint algorithm at a source deduplication system. The source fingerprints and previously-generated source fingerprints are used to determine whether the data blocks are new or modified. If the data blocks are new or modified, target fingerprints are generated for the data blocks using a target fingerprint algorithm associated with a target deduplication system. The target fingerprints are sent to the target deduplication system.Type: GrantFiled: June 10, 2019Date of Patent: September 1, 2020Assignee: Veritas Technologies LLCInventor: Thomas G. Clifford
-
Publication number: 20190294357Abstract: Disclosed herein are methods, systems, and processes to improve the duplication of data between disparate deduplication systems. Source fingerprints are generated for data blocks using a source fingerprint algorithm at a source deduplication system. The source fingerprints and previously-generated source fingerprints are used to determine whether the data blocks are new or modified. If the data blocks are new or modified, target fingerprints are generated for the data blocks using a target fingerprint algorithm associated with a target deduplication system. The target fingerprints are sent to the target deduplication system.Type: ApplicationFiled: June 10, 2019Publication date: September 26, 2019Inventor: Thomas G. Clifford
-
Patent number: 10318203Abstract: Disclosed herein are methods, systems, and processes to improve the duplication of data between disparate deduplication systems. Source fingerprints are generated for data blocks using a source fingerprint algorithm at a source deduplication system. The source fingerprints and previously-generated source fingerprints are used to determine whether the data blocks are new or modified. If the data blocks are new or modified, target fingerprints are generated for the data blocks using a target fingerprint algorithm associated with a target deduplication system. The target fingerprints are sent to the target deduplication system.Type: GrantFiled: April 16, 2018Date of Patent: June 11, 2019Assignee: Veritas Technologies LLCInventor: Thomas G. Clifford
-
Patent number: 9946486Abstract: Disclosed herein are methods, systems, and processes to improve the duplication of data between disparate deduplication systems. Source fingerprints are generated for data blocks using a source fingerprint algorithm at a source deduplication system. The source fingerprints and previously-generated source fingerprints are used to determine whether the data blocks are new or modified. If the data blocks are new or modified, target fingerprints are generated for the data blocks using a target fingerprint algorithm associated with a target deduplication system. The target fingerprints are sent to the target deduplication system.Type: GrantFiled: November 29, 2016Date of Patent: April 17, 2018Assignee: Veritas Technologies LLCInventor: Thomas G. Clifford
-
Patent number: 9798627Abstract: Various systems and methods to display information regarding duplication operations and to configure duplication operations. For example, information regarding policies that can be included in a duplication operation is presented via a display. The display receives selection of one or more of the policies. In response to the selection, the display updates to reflect how much of a bucket has been allocated and how much is available, where the bucket specifies an amount of time and is calculated as a function of a duplication window duration.Type: GrantFiled: May 25, 2012Date of Patent: October 24, 2017Assignee: Veritas Technologies LLCInventor: Thomas G. Clifford
-
Patent number: 9292371Abstract: A computer-implemented method for preventing failures of nodes in clusters may include (1) identifying a node that is part of a cluster of nodes and that communicates, via a heartbeat sent at a regular interval to the cluster, that the node is functional and connected to the cluster, (2) calculating a current workload for the node based on a utilization of computing resources on the node, (3) determining, based on the current workload, that the node is functional and connected but is in an excessive load condition and a failure to send the heartbeat within the regular interval is due to the excessive load condition, and (4) setting a new interval for the heartbeat of the node that is longer than the regular interval in response to determining that the node cannot send the heartbeat at the regular interval. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: December 11, 2013Date of Patent: March 22, 2016Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 9274897Abstract: Various systems and methods for seeding a storage device. For example, a method involves accessing a policy that identifies a number of clients. The method then involves selecting a most recent backup image for each of the clients and copying the most recent backup images from a source storage device to a target storage device. Once a most recent backup image has been copied from the source storage device to the target storage device for each of the clients, the method switches a destination value in the policy from the source storage device to the target storage device.Type: GrantFiled: May 25, 2012Date of Patent: March 1, 2016Assignee: Symantec CorporationInventors: Thomas G. Clifford, Shelley A. Schmokel
-
Patent number: 9183094Abstract: Various systems and methods for configuring a duplication operation. For example, a method involves specifying a duplication window, a source storage device, and a target storage device. When a duplication operation is executed, data is copied from the source storage device to the target storage device during the duplication window. The method also involves calculating a predicted duplication rate, where the predicted duplication rate is an estimate of a rate at which data can be copied from the source storage device to the target storage device.Type: GrantFiled: May 25, 2012Date of Patent: November 10, 2015Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 8863304Abstract: A method and apparatus for remediating backup data to control access to sensitive data is described. In one embodiment, the method for facilitating sensitive data remediation from backup images without a separate data store includes examining the backup images to identify sensitive data and modifying remediation information associated with the sensitive data, wherein the remediation information restricts access to the sensitive data to at least one corresponding access group.Type: GrantFiled: March 26, 2009Date of Patent: October 14, 2014Assignee: Symantec CorporationInventors: Kuldeep Sureshrao Nagarkar, Gaurav Malhotra, Thomas G. Clifford, Bruce Wootton, Aleksey Tsibulya
-
Patent number: 8812874Abstract: A system and method is disclosed for implementing an enterprise rights management (ERM) system that enables effective data deduplication of ERM-protected data. An ERM-aware application may segment data, such as a file, into one or more data segments. The chosen segmentation boundaries may depend on data already stored on a target storage system and/or on a segmentation scheme used by a target deduplication system. An ERM-aware application may derive a respective convergent encryption key for each data segment, the convergent encryption key being dependent on the contents of the data segment, and encrypt the data segment using that key. The ERM-aware application may include the respective convergent decryption keys (which may be identical to the respective convergent encryption keys) in a publishing license of the ERM-protected file.Type: GrantFiled: March 31, 2009Date of Patent: August 19, 2014Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 8713300Abstract: A system and method for efficient transfer of encrypted data over a low-bandwidth network. A backup server and a client computer are coupled to one another via a first network. The backup server is coupled to a remote data storage via another network, such as the Internet, also referred to as a cloud. The backup server encrypts received data for backup from the client computer. Cryptography segment and sub-segment sizes may be chosen that are aligned on a byte boundary with one another and with selected backup segment and sub-segment sizes used by backup software on the remote data storage. A selected cryptography algorithm has a property of allowing a given protected sub-segment with the cryptography sub-segment size to be decrypted by initially decrypting an immediate prior protected sub-segment that has the same cryptography sub-segment size. Therefore, the size of data transmitted via the cloud may be smaller than the cryptography segment size.Type: GrantFiled: January 21, 2011Date of Patent: April 29, 2014Assignee: Symantec CorporationInventors: Thomas G. Clifford, Jeremy D. Swift
-
Publication number: 20130318313Abstract: Various systems and methods for configuring a duplication operation. For example, a method involves specifying a duplication window, a source storage device, and a target storage device. When a duplication operation is executed, data is copied from the source storage device to the target storage device during the duplication window. The method also involves calculating a predicted duplication rate, where the predicted duplication rate is an estimate of a rate at which data can be copied from the source storage device to the target storage device.Type: ApplicationFiled: May 25, 2012Publication date: November 28, 2013Inventor: Thomas G. Clifford
-
Publication number: 20130318463Abstract: Various systems and methods to display information regarding duplication operations and to configure duplication operations. For example, information regarding policies that can be included in a duplication operation is presented via a display. The display receives selection of one or more of the policies. In response to the selection, the display updates to reflect how much of a bucket has been allocated and how much is available, where the bucket specifies an amount of time and is calculated as a function of a duplication window duration.Type: ApplicationFiled: May 25, 2012Publication date: November 28, 2013Inventor: Thomas G. Clifford
-
Patent number: 8572758Abstract: A system and method is disclosed for implementing a data loss prevention (DLP) system configured to protect sensitive data in conjunction with corresponding content indexing (CI) metadata. In response to detecting a data loss risk, such as to data at rest (e.g., stored on a file system) and/or to data in motion (e.g., data being transmitted across a network) the system may perform any number of data loss prevention actions, including sequestering the data. The system may utilize an interface to a content indexing system in order to discover CI metadata associated with the data and sequester the CI metadata associated with the data. One or more common sequestration rules may be applied to the sequestration of the data and of the metadata. For example, the data and metadata may be encrypted using the same key and/or sequestered in the same location.Type: GrantFiled: March 30, 2009Date of Patent: October 29, 2013Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 8566617Abstract: The payload of a set of storage devices is encrypted using a payload key that is stored within the set of storage devices itself. However, the payload key is obtainable only if a user has access to n of the storage devices. A first set of keys can be distributed among a set of n storage devices, such that each key is usable to encrypt and/or decrypt a key stored on a different one of the n storage devices. The first set of keys is usable to encrypt portions of the information needed to regenerate another key (e.g., the payload key or a key used to encrypt the payload key). A different portion of the information needed to regenerate the other key is stored on each of the n storage devices. Accordingly, the other key cannot be obtained unless the user has access to all n storage devices.Type: GrantFiled: October 10, 2011Date of Patent: October 22, 2013Assignee: Symantec Operating CorporationInventor: Thomas G. Clifford
-
Patent number: 8543784Abstract: Various techniques for coordinating the resource allocation and management capabilities of a backup application with the power saving features provided by a storage array are disclosed. One method involves accessing power management information associated with a logical storage unit (LSU) and image property information that indicates a future pattern of access to a backup image. The method also involves selecting the LSU, based upon both the power management information and the image property information, and then causing the backup image to be written to the LSU. Another method, performed by a backup module, involves receiving power management information associated with a storage array, selecting a logical storage unit (LSU) implemented on the storage array, based upon the power management information, and performing a backup storage management operation on the LSU, in response to selecting the LSU.Type: GrantFiled: December 31, 2007Date of Patent: September 24, 2013Assignee: Symantec Operating CorporationInventors: Thomas G. Clifford, Donald C. Peterson, Shelley A Schmokel
-
Patent number: 8504785Abstract: Techniques for controlling data backup operations are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for data backup. The method may include receiving a minimum write speed for a plurality of tape drives. The method may further include controlling data writes for the plurality of tape drives such that data may be attempted to be written to each tape drive at or above the minimum write speed for each tape drive.Type: GrantFiled: March 10, 2009Date of Patent: August 6, 2013Assignee: Symantec CorporationInventors: Thomas G. Clifford, Donald C. Peterson
-
Patent number: 8503680Abstract: The traditional data retention attribute is used to intelligently select appropriate data encryption keys. Key life cycles are calibrated with data retention periods, such that encryption keys and the corresponding data are both available at the same time. A data management system passes a data retention period to a key management system as part of a request for a key. The key management system uses the received data retention period as a factor in selecting a key, such that the key life cycle is calibrated to the data retention period. The data management system then utilizes the key in encryption operations concerning corresponding data.Type: GrantFiled: August 26, 2008Date of Patent: August 6, 2013Assignee: Symantec CorporationInventors: Thomas G. Clifford, Wendy Ann Shavor
-
Patent number: 8479304Abstract: Various methods and systems for selectively protecting against chosen plaintext attacks when encrypting data for storage on an untrusted storage system are disclosed. One method involves generating an encryption key for use in encrypting data and generating an identifier for the data. Generation of the encryption key is based upon a hash of the data to be encrypted, and generation of the identifier is based upon the data to be encrypted and/or the encryption key. The method also involves detecting whether an encrypted copy of the data is already stored by a storage system, based upon the identifier. The method also detects whether a higher level of security has been specified for the data and, if so, modifies the data to be encrypted or the encryption key, based upon a client-specific value, prior to generating the identifier.Type: GrantFiled: March 31, 2009Date of Patent: July 2, 2013Assignee: Symantec CorporationInventor: Thomas G. Clifford
-
Patent number: 8438630Abstract: A system and method is disclosed for implementing a data loss prevention (DLP) system capable of detecting transmission attempts involving encrypted data. In response to detecting that the data is encrypted, such a DLP system may perform any number of configurable DLP actions, such as blocking the data transmission attempt and/or sequestering the data. The DLP system may determine that the data is encrypted, based at least in part, on a value of a compressibility measure of the data, such as a compression ratio. The DLP system may leverage other operating system and/or file system capabilities, such as file extensions, magic numbers, or other utilities. The DLP system may determine if the data is compressed rather than encrypted by attempting to decompress the file.Type: GrantFiled: March 30, 2009Date of Patent: May 7, 2013Assignee: Symantec CorporationInventor: Thomas G. Clifford