Immutable logging of access requests to distributed file systems
First Claim
Patent Images
1. A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising:
- receiving, with one or more processors, a request to access a distributed data store, wherein;
the request is a request to read from or write to a unit of content pertaining to a workload application;
the distributed data store stores a plurality of units of content that are each distributed among multiple computing entities hosting different subsets of data of the distributed data store;
each computing entity among the multiple computing entities corresponds to a different host at a different user-space instance of one or more different computing devices; and
each unit of content requires information from a plurality of computing entities to read the respective unit of content;
when writing each unit of content, different portions of information required to access the respective unit of content are written to different ones of the multiple computing entities such that no single one of the multiple computing entities stores all of the information required to access the respective unit of content;
causing, with one or more processors of a computing device configured to participate in combining the information from the plurality of computing entities to access units of content, logging of the request in an entry in a tamper-evident log, wherein the tamper-evident log defines one or more sequences of cryptographic hash values based on earlier logged entries;
storing, with one or more processors, the tamper-evident log in memory;
determining, with one or more processors, whether the tamper-evident log evinces tampering of log entries based on consistency of at least one of the sequences of cryptographic hash values with at least some entries in the tamper-evident log;
determining, with one or more processors, a risk metric based on other access requests documented in the tamper-evident log and the request;
storing, with one or more processors, the risk metric in memory;
determining, with one or more processors, that the risk metric satisfies a threshold; and
in response to the determination, disabling, with one or more processors, a user account associated with the request, wherein disabling a user account associated with the request comprises disabling the user account during an active session in which the user account is authenticated in real time with the determination, wherein;
the tamper-evident log comprises a blockchain having cryptographic hash pointers between sequential blocks of the blockchain and Merkle trees within blocks of the blockchain, the cryptographic hash pointers being based on a cryptographic hash function that implements a Merkle-Damgå
rd hash function;
determining an authoritative entry among a distributed set of instances of the blockchain does not require a proof-of-work from computing devices implementing each of the set of instances;
a given entry in the tamper-evident log comprises;
an identifier of a user account having credentials by which authorization to perform a corresponding database access operation is requested; and
a timestamp of the corresponding database access operation; and
the given entry further specifies a database application program interface command by which the corresponding access operation is expressed.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a process including: receiving a request to access a distributed data store, wherein the distributed data store stores a plurality of units of content that are each distributed among multiple computing entities hosting different subsets of data of the distributed data store; and causing, with one or more processors of a computing device configured to participate in combining the information from the plurality of computing entities to access units of content, logging of the request in an entry in a tamper-evident log.
26 Citations
22 Claims
-
1. A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising:
-
receiving, with one or more processors, a request to access a distributed data store, wherein; the request is a request to read from or write to a unit of content pertaining to a workload application; the distributed data store stores a plurality of units of content that are each distributed among multiple computing entities hosting different subsets of data of the distributed data store; each computing entity among the multiple computing entities corresponds to a different host at a different user-space instance of one or more different computing devices; and each unit of content requires information from a plurality of computing entities to read the respective unit of content; when writing each unit of content, different portions of information required to access the respective unit of content are written to different ones of the multiple computing entities such that no single one of the multiple computing entities stores all of the information required to access the respective unit of content; causing, with one or more processors of a computing device configured to participate in combining the information from the plurality of computing entities to access units of content, logging of the request in an entry in a tamper-evident log, wherein the tamper-evident log defines one or more sequences of cryptographic hash values based on earlier logged entries; storing, with one or more processors, the tamper-evident log in memory; determining, with one or more processors, whether the tamper-evident log evinces tampering of log entries based on consistency of at least one of the sequences of cryptographic hash values with at least some entries in the tamper-evident log; determining, with one or more processors, a risk metric based on other access requests documented in the tamper-evident log and the request; storing, with one or more processors, the risk metric in memory; determining, with one or more processors, that the risk metric satisfies a threshold; and in response to the determination, disabling, with one or more processors, a user account associated with the request, wherein disabling a user account associated with the request comprises disabling the user account during an active session in which the user account is authenticated in real time with the determination, wherein; the tamper-evident log comprises a blockchain having cryptographic hash pointers between sequential blocks of the blockchain and Merkle trees within blocks of the blockchain, the cryptographic hash pointers being based on a cryptographic hash function that implements a Merkle-Damgå
rd hash function;determining an authoritative entry among a distributed set of instances of the blockchain does not require a proof-of-work from computing devices implementing each of the set of instances; a given entry in the tamper-evident log comprises; an identifier of a user account having credentials by which authorization to perform a corresponding database access operation is requested; and a timestamp of the corresponding database access operation; and the given entry further specifies a database application program interface command by which the corresponding access operation is expressed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method, comprising:
-
receiving, with one or more processors, a request to access a distributed data store, wherein; the request is a request to read from or write to a unit of content pertaining to a workload application; the distributed data store stores a plurality of units of content that are each distributed among multiple computing entities hosting different subsets of data of the distributed data store; each computing entity among the multiple computing entities corresponds to a different host at a different user-space instance of one or more different computing devices; and each unit of content requires information from a plurality of computing entities to read the respective unit of content; when writing each unit of content, different portions of information required to access the respective unit of content are written to different ones of the multiple computing entities such that no single one of the multiple computing entities stores all of the information required to access the respective unit of content; causing, with one or more processors of a computing device configured to participate in combining the information from the plurality of computing entities to access units of content, logging of the request in an entry in a tamper-evident log, wherein the tamper-evident log defines one or more sequences of cryptographic hash values based on earlier logged entries; storing, with one or more processors, the tamper-evident log in memory; determining, with one or more processors, whether the tamper-evident log evinces tampering of log entries based on consistency of at least one of the sequences of cryptographic hash values with at least some entries in the tamper-evident log; determining, with one or more processors, a risk metric based on other access requests documented in the tamper-evident log and the request; storing, with one or more processors, the risk metric in memory; determining, with one or more processors, that the risk metric satisfies a threshold; and in response to the determination, disabling, with one or more processors, a user account associated with the request, wherein disabling a user account associated with the request comprises disabling the user account during an active session in which the user account is authenticated in real time with the determination, wherein; the tamper-evident log comprises a blockchain having cryptographic hash pointers between sequential blocks of the blockchain and Merkle trees within blocks of the blockchain, the cryptographic hash pointers being based on a cryptographic hash function that implements a Merkle-Damgå
rd hash function;determining an authoritative entry among a distributed set of instances of the blockchain does not require a proof-of-work from computing devices implementing each of the set of instances; a given entry in the tamper-evident log comprises; an identifier of a user account having credentials by which authorization to perform a corresponding database access operation is requested; and a timestamp of the corresponding database access operation; and the given entry further specifies a database application program interface command by which the corresponding access operation is expressed. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification