Distributing registry information in a dispersed storage network
First Claim
Patent Images
1. A method for distributing registry information to computing devices of a dispersed storage network (DSN), the method comprises:
- signing, by a managing unit of the DSN, the registry information with a certificate authority (CA) certificate to produce a signed registry information;
dispersed storage error encoding, by the managing unit, the signed registry information to produce a set of encoded registry information slices, wherein a decode threshold number of encoded registry information slices is needed to recover the signed registry information packet;
signing, by the managing unit, each encoded registry information slice with the CA certificate to produce a set of signed encoded registry information slices;
sending, by the managing unit, the set of signed encoded registry information slices to a set of storage units of the DSN for storage therein;
sending, by the managing unit, the CA certificate to a computing device of the computing devices;
retrieving, by the computing device, the decode threshold number of signed encoded registry information slices from at least some of the storage units of the set of storage units;
verifying, by the computing device, the CA certificate to produce a verified CA certificate;
verifying, by the computing device, each signed encoded registry information slice of the decode threshold number of signed encoded registry information slices based on the verified CA certificate to produce the decode threshold number of verified encoded registry information slices;
decoding, by the computing device, the decode threshold number of verified encoded registry information slices to recover the signed registry information; and
verifying, by the computing device, the signed registry information based on the verified CA certificate to recover the registry information.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module of a dispersed storage network (DSN) generating a signed registry information packet, dispersed storage error encoding the signed registry information packet to produce a set of encoded registry information slices, and generating a set of signed encoded registry information slice packets for storage in storage units of the DSN. The method continues with the processing module retrieving a decode threshold number of signed encoded registry information slice packets. For each of the decode threshold number of signed encoded registry information slice packets, the method continues with the processing module recovering an encoded registry information slice. The method continues with the processing module dispersed storage error decoding a decode threshold number of recovered encoded registry information slices to reproduce the signed registry information packet, validating the signed registry information packet, and extracting registry information when the signed registry information packet is valid.
95 Citations
10 Claims
-
1. A method for distributing registry information to computing devices of a dispersed storage network (DSN), the method comprises:
-
signing, by a managing unit of the DSN, the registry information with a certificate authority (CA) certificate to produce a signed registry information; dispersed storage error encoding, by the managing unit, the signed registry information to produce a set of encoded registry information slices, wherein a decode threshold number of encoded registry information slices is needed to recover the signed registry information packet; signing, by the managing unit, each encoded registry information slice with the CA certificate to produce a set of signed encoded registry information slices; sending, by the managing unit, the set of signed encoded registry information slices to a set of storage units of the DSN for storage therein; sending, by the managing unit, the CA certificate to a computing device of the computing devices; retrieving, by the computing device, the decode threshold number of signed encoded registry information slices from at least some of the storage units of the set of storage units; verifying, by the computing device, the CA certificate to produce a verified CA certificate; verifying, by the computing device, each signed encoded registry information slice of the decode threshold number of signed encoded registry information slices based on the verified CA certificate to produce the decode threshold number of verified encoded registry information slices; decoding, by the computing device, the decode threshold number of verified encoded registry information slices to recover the signed registry information; and verifying, by the computing device, the signed registry information based on the verified CA certificate to recover the registry information. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer readable storage device for storing operational instructions that enable distributing registry information to computing devices of a dispersed storage network (DSN), the computer readable storage device comprises:
-
a first memory section that stores operational instructions that, when executed by a managing unit of the DSN, causes the managing unit to; sign the registry information with a certificate authority (CA) certificate to produce a signed registry information; dispersed storage error encode the signed registry information to produce a set of encoded registry information slices, wherein a decode threshold number of encoded registry information slices is needed to recover the signed registry information packet; sign each encoded registry information slice with the CA certificate to produce a set of signed encoded registry information slices; send the set of signed encoded registry information slices to a set of storage units of the DSN for storage therein; and send the CA certificate to a computing device of the computing devices; a second memory section that stores operational instructions that, when executed by the computing device, causes the computing device to; retrieve the decode threshold number of signed encoded registry information slices from at least some of the storage units of the set of storage units; verify the CA certificate to produce a verified CA certificate; verify each signed encoded registry information slice of the decode threshold number of signed encoded registry information slices based on the verified CA certificate to produce the decode threshold number of verified encoded registry information slices; decode the decode threshold number of verified encoded registry information slices to recover the signed registry information; and verify the signed registry information based on the verified CA certificate to recover the registry information. - View Dependent Claims (7, 8, 9, 10)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneePure Storage, Inc.
-
Original AssigneeInternational Business Machines Corporation
-
InventorsLeggette, Wesley
-
Primary Examiner(s)Schwartz, Darren B
-
Application NumberUS15/721,093Publication NumberTime in Patent Office627 DaysField of SearchUS Class CurrentCPC Class CodesG06F 21/6218 to a system of files or obj...G06F 21/6254 by anonymising data, e.g. d...G06F 21/6272 by registering files or doc...G06F 2221/2141 Access rights, e.g. capabil...H04L 63/0823 using certificates cryptogr...H04L 63/101 Access control lists [ACL]H04L 63/104 Grouping of entitiesH04L 63/12 Applying verification of th...H04L 63/20 for managing network securi...H04L 67/1097 for distributed storage of ...
