Just an Idea for simple utility that helps to take Secure and Selective Backup/Restore on Cloud
- File versioning facilitates rollback/restoration for a specific point in time.
- Takes backup of critical files irrespective of traditional / hosted / cloud environment.
- Hybrid Encryption: AES and RSA Encryption for Faster and effective solution.
- Dependency Injection: To introduce customized encryption mechanism to secure data.
- SHA-2, a set of cryptographic hash functions will be used in addition to encryption technique to maintain integrity of the data.
- Once Private Cloud storage will exceed capacity, backup files will be automatically stored on Public Cloud rather than Private Cloud.
- Obsolete backups can be removed after specified time period by Obsolete Backup Manager.
- Backup files will be stored in multiple regions.
- Completely processed files can be stored in Public or Private Cloud else they will be removed.
- Backup drills can be performed to verify the restoration process.
- Restore Utility can be locked if process fails thrice.
- Enables selective backup: Only the user specified files and directories are backed up.
- Scope covers Files, Databases and Emails.
- Net result is faster and Secure backup.
- Cost effective
- Easy backup management
User identifies selective backups to be taken.
The backups may pertain to File or Email or
The files may exist in Traditional or Hosted or
SHA-2, a set of cryptographic hash functions
will be used to calculate cryptographic hash value for backup files.
Compression of Backup files
Compressed backup files will be encrypted with
AES-128bit. AES is a faster encryption technique. The algorithm described by
AES is a symmetric-key algorithm, meaning the same key is used for both
encrypting and decrypting the data.
The algorithm described by RSA is an asymmetric-key
algorithm, meaning the different key is used for both encrypting and decrypting
the data. We will generate Public and Private Key. AES symmetric-key will be
encrypted with the use of Public Key. Private Key will be made available to
Essentially, AES encrypted data and RSA
encrypted AES keys will be stored on cloud. If user doesn’t have private key,
he/she can’t decrypt the AES keys and thus encrypted data won’t be of any use
to person who doesn’t have the Private Key.
the processing is completed; Backup data (Full + Incremental) will be copied to
local machine as well as Public Cloud. Backup files will be available on
Private Cloud. If Storage space is not available on Private Cloud; backup files
will be stored on Public Cloud.
backups are removed after specified time period.
files will be stored in multiple regions.
processed files will be stored in Public or Private Cloud else they will be
datasets will be fetched from the local (For current month’s data restore) or
Backup files will be decrypted.
With the use of Private Key, AES symmetric keys
will be decrypted. With decrypted AES key, backup files will be decrypted.
All decrypted files will be uncompressed.
Cryptographic hash value will be computed on
files and verified against the original one.
If message digest calculation fails then it can
be considered and integrity has been compromised at some level and that restoration
will be discarded.
we have all backup files after integrity verification; restoration process will
drills will be performed to verify the restoration process.
Utility will be locked if process fails thrice.
Labels: AWS, IAAS