US Patent 11068606 Secured encrypted shared cloud storage

Secure shared access to encrypted data in a data store is facilitated by using a data control server (DCS) to maintain a data storage reference table (DSRT) for shared data units present in a shared data pool hosted by least one data storage device, and accessible to a plurality of computing entities. The DSRT specifies for each shared data unit identifier information, location information for accessing the shared data unit in the shared data pool, and a hash value which has been computed for the shared data unit. The DCS selectively facilitates a decryption operation by providing hash values which serves as a basis for deriving a decryption key for decrypting shared data units which have been identified.