Techniques and systems for durable encryption and deletion in data storage systems
First Claim
Patent Images
1. A computer-implemented method, comprising:
- in response to receiving a data storage request for data to be stored in a plurality of volumes of durable storage of a data storage system, storing the data by at least;
encrypting the data using an encryption key provided by a key management service to produce encrypted data;
and, redundancy coding, using a redundancy code, at least the encrypted data to generate a bundle of bundle-encoded shards, a quorum quantity of which is sufficient to reconstruct original data associated with the bundle, the bundle of bundle-encoded shards including at least;
an identity shard that contains an original form of the encrypted data, andencoded shards representing a redundancy coded form of the encrypted data;
and in response to receiving a deletion request to delete the data, rendering the data storage system incapable of producing the data using the identity shards by discarding the encryption key,wherein other data associated with the bundle is recoverable using the identity shard.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer system, such as a data storage system, implements techniques for deleting durably stored data without affecting the availability or durability of other data associated therewith. In some embodiments, data is encrypted prior to redundancy coding such that deletion of an encryption key used to encrypt the data renders that data inaccessible, but other data bundled in the same redundancy coded bundle remains available. In such embodiments, a shard containing deleted data may still be usable to regenerate other, non-deleted or live data still extant in the same bundle of shards.
211 Citations
22 Claims
-
1. A computer-implemented method, comprising:
-
in response to receiving a data storage request for data to be stored in a plurality of volumes of durable storage of a data storage system, storing the data by at least; encrypting the data using an encryption key provided by a key management service to produce encrypted data; and, redundancy coding, using a redundancy code, at least the encrypted data to generate a bundle of bundle-encoded shards, a quorum quantity of which is sufficient to reconstruct original data associated with the bundle, the bundle of bundle-encoded shards including at least; an identity shard that contains an original form of the encrypted data, and encoded shards representing a redundancy coded form of the encrypted data; and in response to receiving a deletion request to delete the data, rendering the data storage system incapable of producing the data using the identity shards by discarding the encryption key, wherein other data associated with the bundle is recoverable using the identity shard. - View Dependent Claims (2, 3, 4, 21, 22)
-
-
5. A system, comprising:
-
at least one computing device having one or more processors and memory including executable instructions that, as a result of being executed, implements one or more services to at least; process a data storage request by at least; encrypting data associated with the data storage request using an encryption key to produce encrypted data; and using a redundancy code, associating the encrypted data with a bundle of shards that includes sufficient information to regenerate data represented by the bundle of shards using a quantity of member shards that is less than a quantity of shards in the bundle, the bundle of shards including an identity shard that includes an original form of a portion of the encrypted data; and process a deletion request to delete the portion of the encrypted data by at least discarding the encryption key, wherein the identity shard is usable at least in part after the encryption key has been discarded to regenerate other data in the bundle than the portion. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium having stored thereon executable instructions that, if executed by one or more processors of a computer system, cause the computer system to at least:
-
store data associated with an incoming data storage request by at least; encrypting the data using at least one encryption key to produce encrypted data; generating shards from the encrypted data, using a redundancy code; and associating the shards into a bundle of shards that contains a quantity of members such that fewer shards than the quantity of members is sufficient to regenerate data associated with the bundle, the bundle of shards including an identity shard that includes an original form of a portion of the encrypted data; in response to a deletion request, delete the portion of the encrypted data associated with the deletion request by at least discarding the at least one encryption key; and regenerate, at least in part using the identity shard after the at least one encryption key has been discarded, other data in an associated bundle. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification