Techniques for securing and controlling access to data
First Claim
1. A computer-implemented method comprising:
- determining, at a server, whether a request received from a computing device for access to a portion of data stored by the server identifies the portion with an address at which the portion is stored or with a combination of a first pseudo-random number (PRN) of a first leaf node of a first PRN tree and an indication of a location of a second leaf node within a branching structure of a second PRN tree, the request received via a network coupled to the server, and the first and second leaf nodes corresponding to the portion;
based on the determination, pseudo-randomly generating a second PRN of the second leaf node from a PRN of a top branching node of the second PRN tree and taking a hash of a combination of the first PRN and the second PRN to derive the address; and
accessing the portion at the address to satisfy the request for access.
0 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments are directed to techniques for controlling access to data in a decentralized manner. An apparatus includes an apportioning component to divide an item of data into multiple portions based on an organizational structure of the item of data; a tree component to generate a PRN tree including a multitude of nodes and a branching structure based on the organizational structure, the multitude including at least one branching node and multiple leaf nodes that correspond to the multiple portions; a PRN component to generate a PRN for each node of the multitude, the PRN component to use a PRN of a branching node of the PRN tree to generate a PRN for a leaf node that depends therefrom; and a communications component to transmit the multiple portions and multiple addresses based on PRNs of leaf nodes of the PRN tree to a server. Other embodiments are described and claimed.
29 Citations
25 Claims
-
1. A computer-implemented method comprising:
-
determining, at a server, whether a request received from a computing device for access to a portion of data stored by the server identifies the portion with an address at which the portion is stored or with a combination of a first pseudo-random number (PRN) of a first leaf node of a first PRN tree and an indication of a location of a second leaf node within a branching structure of a second PRN tree, the request received via a network coupled to the server, and the first and second leaf nodes corresponding to the portion; based on the determination, pseudo-randomly generating a second PRN of the second leaf node from a PRN of a top branching node of the second PRN tree and taking a hash of a combination of the first PRN and the second PRN to derive the address; and accessing the portion at the address to satisfy the request for access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus, comprising:
-
a processor; and a first memory comprising instructions that when executed by the processor cause the processor to; determine whether a request received from a computing device for access to a portion of data stored in a second memory identifies the portion of data with an address at which the portion of data is stored or with a combination of a first pseudo-random number (PRN) of a first leaf node of a first PRN tree and an indication of a location of a second leaf node within a branching structure of a second PRN tree, the first and second leaf nodes corresponding to the portion of data, and the request received via a network coupled to the processor; generate a second PRN of the second leaf node from a PRN of a top branching node of the second PRN tree based at least in part on a determination that the request identifies the portion with a combination of the first PRN and an indication of the location of the second leaf node within the branching structure of the second PRN tree; take a hash of a combination of the first PRN and the second PRN to derive the address; and access the portion at the address to satisfy the request for access. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. At least one non-transitory computer-readable medium comprising a set of instructions that, in response to being executed by a processor circuit, cause the processor circuit to:
-
determine whether a request received from a computing device for access to a portion of data stored by a server identifies the portion with an address at which the portion is stored or with a combination of a first pseudo-random number (PRN) of a first leaf node of a first PRN tree and an indication of a location of a second leaf node within a branching structure of a second PRN tree, the request received via a network coupled to the server, and the first and second leaf nodes corresponding to the portion; based on the determination, pseudo-randomly generate a second PRN of the second leaf node from a PRN of a top branching node of the second PRN tree and take a hash of a combination of the first PRN and the second PRN to derive the address; and access the portion at the address to satisfy the request for access. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification