Audit object generation in a dispersed storage network

US 10,120,756 B2
Filed: 07/22/2016
Issued: 11/06/2018
Est. Priority Date: 08/17/2011
Status: Active Grant

First Claim

Patent Images

1. A method for execution by a dispersed storage and task (DST) processing unit that includes a processor, the method comprises:

obtaining audit records for an audit object;

determining when the audit object is complete, based on comparing a number of audit records of the audit object to an audit record threshold;

when the audit object is complete, aggregating the audit records of the audit object within the audit object by generating the audit object to include the audit records;

generating identifier (ID) information;

generating integrity information;

populating fields of the audit object with the audit records, the ID information, and the integrity information;

determining a name of the audit object; and

facilitating storage of the audit object and the name of the audit object in a dispersed storage network (DSN).

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for execution by a dispersed storage and task (DST) processing unit includes obtaining audit records for an audit object and determining when the audit object is complete. When the audit object is complete, aggregating the audit records of the audit object within the audit object by generating the audit object to include the audit records; generating identifier (ID) information and generating integrity information. Fields of the audit object are populated with the audit records, the ID information, and the integrity information and a name of the audit object is determined for storage of the audit object and the name of the audit object in a dispersed storage network (DSN).

81 Citations

View as Search Results

17 Claims

1. A method for execution by a dispersed storage and task (DST) processing unit that includes a processor, the method comprises:
- obtaining audit records for an audit object;
  
  determining when the audit object is complete, based on comparing a number of audit records of the audit object to an audit record threshold;
  
  when the audit object is complete, aggregating the audit records of the audit object within the audit object by generating the audit object to include the audit records;
  
  generating identifier (ID) information;
  
  generating integrity information;
  
  populating fields of the audit object with the audit records, the ID information, and the integrity information;
  
  determining a name of the audit object; and
  
  facilitating storage of the audit object and the name of the audit object in a dispersed storage network (DSN).
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the name of the audit object is determined based on a virtual DSN address associated with accessing the audit object when stored as a plurality of audit object slices in the DSN.
  - 3. The method of claim 1 wherein the name of the audit object includes at least one of:
    - a text string name, a sequence number or a timestamp when created or a timestamp associated with when the audit object may be deleted.
  - 4. The method of claim 1 wherein generating the integrity information includes at least one of:
    - utilizing an ID associated with the DST processing unit, querying another device of the DSN for the ID information or receiving the ID information.
  - 5. The method of claim 1 wherein generating the integrity information includes at least one of obtaining a certificate, generating a signature of the certificate, or calculating a hash of the audit object.
  - 6. The method of claim 1 wherein facilitating storage of the audit object and the name of the audit object includes at least one of:
    - sending the audit object and the name of the audit object to the DSN for storage or storing the audit object and the name of the audit object in the DSN.

7. A processing system of a dispersed storage and task (DST) processing unit comprises:
- at least one processor;
  
  a memory that stores operational instructions, that when executed by the at least one processor cause the processing system to;
  
  obtain audit records for an audit object;
  
  determine when the audit object is complete, based on comparing a number of audit records of the audit object to an audit record threshold;
  
  when the audit object is complete, aggregate the audit records of the audit object within the audit object by generating the audit object to include the audit records;
  
  generate identifier (ID) information;
  
  generate integrity information;
  
  populate fields of the audit object with the audit records, the ID information, and the integrity information;
  
  determine a name of the audit object; and
  
  facilitate storage of the audit object and the name of the audit object in a dispersed storage network (DSN).
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The processing system of claim 7 wherein the name of the audit object is determined based on a virtual DSN address associated with accessing the audit object when stored as a plurality of audit object slices in the DSN.
  - 9. The processing system of claim 7 wherein the name of the audit object includes at least one of:
    - a text string name, a sequence number or a timestamp when created or a timestamp associated with when the audit object may be deleted.
  - 10. The processing system of claim 7 wherein generating the integrity information includes at least one of:
    - utilizing an ID associated with the DST processing unit, querying another device of the DSN for the ID information or receiving the ID information.
  - 11. The processing system of claim 7 wherein generating the integrity information includes at least one of obtaining a certificate, generating a signature of the certificate, or calculating a hash of the audit object.
  - 12. The processing system of claim 7 wherein facilitating storage of the audit object and the name of the audit object includes at least one of:
    - sending the audit object and the name of the audit object to the DSN for storage or storing the audit object and the name of the audit object in the DSN.

13. A non-transitory computer readable storage medium comprises:
- at least one memory section that stores operational instructions that, when executed by a processing system of a dispersed storage network (DSN) that includes a processor and a memory, causes the processing system to;
  
  obtain audit records for an audit object;
  
  determine when the audit object is complete, based on comparing a number of audit records of the audit object to an audit record threshold;
  
  when the audit object is complete, aggregate the audit records of the audit object within the audit object by generating the audit object to include the audit records;
  
  generate identifier (ID) information;
  
  generate integrity information;
  
  populate fields of the audit object with the audit records, the ID information, and the integrity information;
  
  determine a name of the audit object; and
  
  facilitate storage of the audit object and the name of the audit object in a dispersed storage network (DSN).
- View Dependent Claims (14, 15, 16, 17)
- - 14. The processing system of claim 13 wherein the name of the audit object is determined based on a virtual DSN address associated with accessing the audit object when stored as a plurality of audit object slices in the DSN.
  - 15. The processing system of claim 13 wherein the name of the audit object includes at least one of:
    - a text string name, a sequence number or a timestamp when created or a timestamp associated with when the audit object may be deleted.
  - 16. The processing system of claim 13 wherein generating the integrity information includes at least one of:
    - utilizing an ID associated with a DST processing unit, querying another device of the DSN for the ID information or receiving the ID information.
  - 17. The processing system of claim 13 wherein generating the integrity information includes at least one of obtaining a certificate, generating a signature of the certificate, or calculating a hash of the audit object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pure Storage, Inc.
Original Assignee
International Business Machines Corporation
Inventors
Resch, Jason K., Leggette, Wesley B.
Primary Examiner(s)
Hoffman, Brandon S

Application Number

US15/217,585
Publication Number

US 20160328298A1
Time in Patent Office

837 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 11/00   Error detection; Error corr...

G06F 11/1076   Parity data used in redunda...

G06F 11/1446   Point-in-time backing up or...

G06F 11/1612   where the redundant compone...

G06F 15/17331   Distributed shared memory [...

G06F 21/6272   by registering files or doc...

G06F 21/64   Protecting data integrity, ...

G06F 2211/1028   Distributed, i.e. distribut...

G06F 3/06   Digital input from, or digi...

G06F 3/0604   Improving or facilitating a...

G06F 3/0619   in relation to data integri...

G06F 3/064   Management of blocks

G06F 3/067   Distributed or networked st...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 63/123   received data contents, e.g...

H04L 67/1097   for distributed storage of ...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0863   involving passwords or one-...

H04L 9/0869   involving random numbers or...

H04L 9/0877 : using additional device, e....

H04L 9/0894 : Escrow, recovery or storing...

H04L 9/32 : including means for verifyi...

H04L 9/321 : involving a third party or ...

H04L 9/3263 : involving certificates, e.g...

View All

Audit object generation in a dispersed storage network

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Audit object generation in a dispersed storage network

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links