Dispersed storage network with customized security and methods for use therewith
First Claim
1. A method for execution by one or more processing modules of one or more computing devices of a dispersed storage network (DSN), the method comprises:
- receiving an access request corresponding to a data segment of a data object stored in the DSN, wherein the data segment is dispersed storage error encoded into a set of encoded data slices, wherein a decode threshold number of encoded data slices of the set of encoded data slices is needed to recover the data segment, wherein the decoded threshold number is greater than one, and wherein the set of encoded data slices is stored or is to be stored in a plurality of dispersed storage units of the DSN;
determining connection security requirements corresponding to the access request;
determining a subset of the plurality of dispersed storage units based on the connection security requirements, wherein the subset includes at least the decode threshold number of dispersed storage units of the plurality of dispersed storage units;
determining, based on the connection security requirements, a connection security level for communicating with the subset of the plurality of dispersed storage units regarding the access request; and
communicating respective portions of the access request to corresponding dispersed storage units of the subset of the plurality of dispersed storage units in accordance with the connection security level for processing by the subset of the plurality of dispersed storage units;
wherein determining the connection security level includes determining a first connection security level for one of the subset of the plurality of dispersed storage units based on a first proximity of the one of the subset of the plurality of dispersed storage units from the one or more computing devices, and further includes determining a second connection security level for another one of the subset of the plurality of dispersed storage units based on a second proximity of the another one of the subset of the plurality of dispersed storage units from the one or more computing devices.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins with a processing module receiving an access request and determining security requirements corresponding to the access request. The method continues with the processing module determining a subset of a plurality of dispersed storage units based on the security requirements. The method continues with the processing module determining, based on the security requirements, a connection security level for communicating with the subset of the plurality of dispersed storage units regarding the access request. The method continues with the processing module communicating the access request to the subset of the plurality of dispersed storage units in accordance with the connection security level for processing by the subset of the plurality of dispersed storage units.
-
Citations
17 Claims
-
1. A method for execution by one or more processing modules of one or more computing devices of a dispersed storage network (DSN), the method comprises:
-
receiving an access request corresponding to a data segment of a data object stored in the DSN, wherein the data segment is dispersed storage error encoded into a set of encoded data slices, wherein a decode threshold number of encoded data slices of the set of encoded data slices is needed to recover the data segment, wherein the decoded threshold number is greater than one, and wherein the set of encoded data slices is stored or is to be stored in a plurality of dispersed storage units of the DSN; determining connection security requirements corresponding to the access request; determining a subset of the plurality of dispersed storage units based on the connection security requirements, wherein the subset includes at least the decode threshold number of dispersed storage units of the plurality of dispersed storage units; determining, based on the connection security requirements, a connection security level for communicating with the subset of the plurality of dispersed storage units regarding the access request; and communicating respective portions of the access request to corresponding dispersed storage units of the subset of the plurality of dispersed storage units in accordance with the connection security level for processing by the subset of the plurality of dispersed storage units; wherein determining the connection security level includes determining a first connection security level for one of the subset of the plurality of dispersed storage units based on a first proximity of the one of the subset of the plurality of dispersed storage units from the one or more computing devices, and further includes determining a second connection security level for another one of the subset of the plurality of dispersed storage units based on a second proximity of the another one of the subset of the plurality of dispersed storage units from the one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A dispersed storage (DS) processing unit for use in a dispersed storage network (DSN) comprises:
-
an interface; memory; and a processing module operably coupled to the interface and the memory, wherein the processing module is operable to; receive an access request corresponding to a data segment of a data object stored in the DSN, wherein the data segment is dispersed storage error encoded into a set of encoded data slices, wherein a decode threshold number of encoded data slices of the set of encoded data slices is needed to recover the data segment, wherein the decoded threshold number is greater than one, and wherein the set of encoded data slices is stored or is to be stored in a plurality of dispersed storage units of the DSN; determine connection security requirements corresponding to the access request; determine a subset of the plurality of dispersed storage units based on the connection security requirements, wherein the subset includes at least the decode threshold number of dispersed storage units of the plurality of dispersed storage units; determine, based on the connection security requirements, a connection security level for communicating with the subset of the plurality of dispersed storage units regarding the access request; and communicate respective portions of the access request to corresponding dispersed storage units of the subset of the plurality of dispersed storage units in accordance with the connection security level for processing by the subset of the plurality of dispersed storage units; wherein determining the connection security level includes determining a first connection security level for one of the subset of the plurality of dispersed storage units based on a first proximity of the one of the subset of the plurality of dispersed storage units from the DS processing unit, and further includes determining a second connection security level for another one of the subset of the plurality of dispersed storage units based on a second proximity of the another one of the subset of the plurality of dispersed storage units from the DS processing unit. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer readable storage medium comprises:
-
at least one memory section that stores operational instructions that, when executed by one or more processing modules of one or more computing devices of a dispersed storage network (DSN), causes the one or more computing devices to; receive an access request corresponding to a data segment of a data object stored in the DSN, wherein the data segment is dispersed storage error encoded into a set of encoded data slices, wherein a decode threshold number of encoded data slices of the set of encoded data slices is needed to recover the data segment, wherein the decoded threshold number is greater than one, and wherein the set of encoded data slices is stored or is to be stored in a plurality of dispersed storage units of the DSN; determine connection security requirements corresponding to the access request; determine a subset of the plurality of dispersed storage units based on the connection security requirements, wherein the subset includes at least the decode threshold number of dispersed storage units of the plurality of dispersed storage units; determine, based on the connection security requirements, a connection security level for communicating with the subset of the plurality of dispersed storage units regarding the access request; and communicate respective portions of the access request to corresponding dispersed storage units of the subset of the plurality of dispersed storage units in accordance with the connection security level for processing by the subset of the plurality of dispersed storage units; wherein determining the connection security level includes determining a first connection security level for one of the subset of the plurality of dispersed storage units based on a first proximity of the one of the subset of the plurality of dispersed storage units from the one or more computing devices, and further includes determining a second connection security level for another one of the subset of the plurality of dispersed storage units based on a second proximity of the another one of the subset of the plurality of dispersed storage units from the one or more computing devices. - View Dependent Claims (14, 15, 16, 17)
-
Specification