Just an Idea for simple utility that helps to take Secure and Selective Backup/Restore on Cloud
- File versioning facilitates rollback/restoration for a specific point in time.
- Takes backup of critical files irrespective of traditional / hosted / cloud environment.
- Hybrid Encryption: AES and RSA Encryption for Faster and effective solution.
- Dependency Injection: To introduce customized encryption mechanism to secure data.
- SHA-2, a set of cryptographic hash functions will be used in addition to encryption technique to maintain integrity of the data.
- Once Private Cloud storage will exceed capacity, backup files will be automatically stored on Public Cloud rather than Private Cloud.
- Obsolete backups can be removed after specified time period by Obsolete Backup Manager.
- Backup files will be stored in multiple regions.
- Completely processed files can be stored in Public or Private Cloud else they will be removed.
- Backup drills can be performed to verify the restoration process.
- Restore Utility can be locked if process fails thrice.
- Enables selective backup: Only the user specified files and directories are backed up.
- Scope covers Files, Databases and Emails.
- Net result is faster and Secure backup.
- Cost effective
- Easy backup management
1. User identifies selective backups to be taken.
2. The backups may pertain to File or Email or Database.
3. The files may exist in Traditional or Hosted or Cloud Environment.
a. SHA-2, a set of cryptographic hash functions will be used to calculate cryptographic hash value for backup files.
b. Compression of Backup files
c. Hybrid Encryption
i. Compressed backup files will be encrypted with AES-128bit. AES is a faster encryption technique. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data.
ii. The algorithm described by RSA is an asymmetric-key algorithm, meaning the different key is used for both encrypting and decrypting the data. We will generate Public and Private Key. AES symmetric-key will be encrypted with the use of Public Key. Private Key will be made available to user.
iii. Essentially, AES encrypted data and RSA encrypted AES keys will be stored on cloud. If user doesn’t have private key, he/she can’t decrypt the AES keys and thus encrypted data won’t be of any use to person who doesn’t have the Private Key.
5. Once the processing is completed; Backup data (Full + Incremental) will be copied to local machine as well as Public Cloud. Backup files will be available on Private Cloud. If Storage space is not available on Private Cloud; backup files will be stored on Public Cloud.
6. Obsolete backups are removed after specified time period.
7. Backup files will be stored in multiple regions.
8. Completely processed files will be stored in Public or Private Cloud else they will be removed.
1. Backup datasets will be fetched from the local (For current month’s data restore) or cloud environment.
a. Backup files will be decrypted.
i. With the use of Private Key, AES symmetric keys will be decrypted. With decrypted AES key, backup files will be decrypted.
b. All decrypted files will be uncompressed.
c. Cryptographic hash value will be computed on files and verified against the original one.
i. If message digest calculation fails then it can be considered and integrity has been compromised at some level and that restoration will be discarded.
3. Once we have all backup files after integrity verification; restoration process will be done.
4. Backup drills will be performed to verify the restoration process.
5. Restore Utility will be locked if process fails thrice.