Policy-based storage in a dispersed storage network
First Claim
Patent Images
1. A method comprises:
- storing, by a computing device, a plurality of slice retrieval information for various instances of an access policy, wherein the various instances of the access policy comprises a set of instances of the access policy that each indicate a subset of a set of pillars of a vault that are available during a corresponding one of a plurality of time periods, wherein a read threshold number of the set of pillars of the vault are not available in any single one of the plurality of time periods;
receiving, by the computing device, a first data access request;
generating, by the computing device, a first timestamp for the first data access request, wherein the first timestamp is generated by associating a first current time with the first data access request;
determining, by the computing device, a first instance of the various instances of the access policy based on the first timestamp corresponding to a first time period of the plurality of time periods;
determining, by the computing device, a first one of the plurality of slice retrieval information based on the first instance;
retrieving, by the computing device, a first set of encoded data slices of a data segment in accordance with the first one of the plurality of slice retrieval information, wherein the first set of encoded data slices includes less than a read threshold number of encoded data slices;
receiving, by the computing device, a second data access request;
generating, by the computing device, a second timestamp for the second data access request, wherein the second timestamp is generated by associating a second current time with the second data access request;
determining, by the computing device, a second instance of the various instances of the access policy based on the second timestamp corresponding to a second time period of the plurality of time periods;
determining, by the computing device, a second one of the plurality of slice retrieval information based on the second instance;
retrieving, by the computing device, a second set of encoded data slices of the data segment in accordance with the second one of the plurality of slice retrieval information, wherein the second set of encoded data slices includes less than the read threshold number of encoded data slices; and
recovering, by the computing device, the data segment by utilizing the first set of encoded data slices and the second set of encoded data slices, wherein a union of the first set of encoded data slices and the second set of encoded data slices includes at least the read threshold number of encoded slices.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for execution by a dispersed storage and task (DST) processing unit operates to receive a write threshold number of slices of a data object and an access policy; determine a current timestamp that indicates a current time value; and store the write threshold number of slices, the access policy, and the timestamp in a plurality of storage units of a dispersed storage network (DSN).
85 Citations
20 Claims
-
1. A method comprises:
-
storing, by a computing device, a plurality of slice retrieval information for various instances of an access policy, wherein the various instances of the access policy comprises a set of instances of the access policy that each indicate a subset of a set of pillars of a vault that are available during a corresponding one of a plurality of time periods, wherein a read threshold number of the set of pillars of the vault are not available in any single one of the plurality of time periods; receiving, by the computing device, a first data access request; generating, by the computing device, a first timestamp for the first data access request, wherein the first timestamp is generated by associating a first current time with the first data access request; determining, by the computing device, a first instance of the various instances of the access policy based on the first timestamp corresponding to a first time period of the plurality of time periods; determining, by the computing device, a first one of the plurality of slice retrieval information based on the first instance; retrieving, by the computing device, a first set of encoded data slices of a data segment in accordance with the first one of the plurality of slice retrieval information, wherein the first set of encoded data slices includes less than a read threshold number of encoded data slices; receiving, by the computing device, a second data access request; generating, by the computing device, a second timestamp for the second data access request, wherein the second timestamp is generated by associating a second current time with the second data access request; determining, by the computing device, a second instance of the various instances of the access policy based on the second timestamp corresponding to a second time period of the plurality of time periods; determining, by the computing device, a second one of the plurality of slice retrieval information based on the second instance; retrieving, by the computing device, a second set of encoded data slices of the data segment in accordance with the second one of the plurality of slice retrieval information, wherein the second set of encoded data slices includes less than the read threshold number of encoded data slices; and recovering, by the computing device, the data segment by utilizing the first set of encoded data slices and the second set of encoded data slices, wherein a union of the first set of encoded data slices and the second set of encoded data slices includes at least the read threshold number of encoded slices. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A processing system of a dispersed storage (DS) processing unit comprises:
-
at least one processor; a memory that stores operational instructions, that when executed by the at least one processor cause the processing system to; store a plurality of slice retrieval information for various instances of an access policy, wherein the various instances of the access policy comprises a set of instances of the access policy that each indicate a subset of a set of pillars of a vault that are available during a corresponding one of a plurality of time periods, wherein a read threshold number of the set of pillars of the vault are not available in any single one of the plurality of time periods; receive a first data access request; generate a first timestamp for the first data access request, wherein the first timestamp is generated by associating a first current time with the first data access request; determine a first instance of the various instances of the access policy based on the first timestamp corresponding to a first time period of the plurality of time periods; determine, a first one of the plurality of slice retrieval information based on the first instance; retrieve a first set of encoded data slices of a data segment in accordance with the first one of the plurality of slice retrieval information, wherein the first set of encoded data slices includes less than a read threshold number of encoded data slices; receive a second data access request; generate a second timestamp for the second data access request, wherein the second timestamp is generated by associating a second current time with the second data access request; determine a second instance of the various instances of the access policy based on the second timestamp corresponding to a second time period of the plurality of time periods; determine a second one of the plurality of slice retrieval information based on the second instance; retrieve a second set of encoded data slices of the data segment in accordance with the second one of the plurality of slice retrieval information, wherein the second set of encoded data slices includes less than the read threshold number of encoded data slices; and recover the data segment by utilizing the first set of encoded data slices and the second set of encoded data slices, wherein a union of the first set of encoded data slices and the second set of encoded data slices includes at least the read threshold number of encoded slices. - View Dependent Claims (9, 10, 11, 12, 13, 14)
wherein at least one of the encoded data slices of the first set of encoded data slices is determined in accordance with the first data access request based on the first one of the plurality of slice retrieval information, and wherein the at least one of the encoded data slices is retrieved from the local memory of the DS processing unit; and wherein the at least one of the encoded data slices retrieved from the local memory of the DS processing unit includes the encoded data slice retrieved for the previous data access request.
-
-
13. The processing system of claim 12, wherein the processor is operable to store another one of the plurality of slice retrieval information by:
-
retrieving, for a second previous data access request, a slice name in accordance with another instance of the access policy; and storing, within local memory of the DS processing unit, the slice name for the another one of the plurality of slice retrieval information, wherein the another one of the plurality of slice retrieval information corresponds to another instance of the access policy.
-
-
14. The processing system of claim 13, wherein the processor is further operable to:
-
determine, in accordance with a third data access request, available storage units based on the first one of the plurality of slice retrieval information; and retrieve one or more of the encoded data slices from the available storage units.
-
-
15. A non-transitory computer readable storage medium comprises:
-
at least one memory section that stores operational instructions that, when executed by a processing system of a dispersed storage network (DSN) that includes a processor and a memory, causes the processing system to; store a plurality of slice retrieval information for various instances of an access policy, wherein the various instances of the access policy comprises a set of instances of the access policy that each indicate a subset of a set of pillars of a vault that are available during a corresponding one of a plurality of time periods, wherein a read threshold number of the set of pillars of the vault are not available in any single one of the plurality of time periods; receive a first data access request; generate a first timestamp for the first data access request, wherein the first timestamp is generated by associating a first current time with the first data access request; determine a first instance of the various instances of the access policy based on the first timestamp corresponding to a first time period of the plurality of time periods; determine, a first one of the plurality of slice retrieval information based on the first instance; retrieve a first set of encoded data slices of a data segment in accordance with the first one of the plurality of slice retrieval information, wherein the first set of encoded data slices includes less than a read threshold number of encoded data slices; receive a second data access request; generate a second timestamp for the second data access request, wherein the second timestamp is generated by associating a second current time with the second data access request; determine a second instance of the various instances of the access policy based on the second timestamp corresponding to a second time period of the plurality of time periods; determine a second one of the plurality of slice retrieval information based on the second instance; retrieve a second set of encoded data slices of the data segment in accordance with the second one of the plurality of slice retrieval information, wherein the second set of encoded data slices includes less than the read threshold number of encoded data slices; and recover the data segment by utilizing the first set of encoded data slices and the second set of encoded data slices, wherein a union of the first set of encoded data slices and the second set of encoded data slices includes at least the read threshold number of encoded slices. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification