Securing encoding data slices using an integrity check value list
First Claim
1. A computing device comprising:
- an interface configured to interface and communicate with a dispersed storage network (DSN);
memory that stores operational instructions; and
processing circuitry operably coupled to the interface and to the memory, wherein the processing circuitry is configured to execute the operational instructions to;
retrieve a read threshold number of integrity check value list (ICVL) encoded data slices (EDSs) of a set of ICVL EDSs from at least some storage units (SUs) of a set of SUs based on a request;
determine whether an appended ICVL of each ICVL EDS of the read threshold number of ICVL EDSs substantially match;
based on determination that the appended ICVL of one of the ICVL EDSs of the read threshold number of ICVL EDSs does not substantially match the appended ICVL of other ICVL EDSs of the read threshold number of ICVL EDSs;
determine a likely cause for the appended ICVL of the one of the ICVL EDSs not substantially matching the appended ICVL of the other ICVL EDSs; and
based on determination that the likely cause is an inaccurate ICVL appended to the one of the ICVL EDSs;
calculate a new integrity check value for an EDS portion of the one of the ICVL EDSs;
extract an integrity check value from the appended ICVL of one of the other ICVL EDSs to produce an extracted integrity check value;
compare the new integrity check value with the extracted integrity check value; and
based on determination that the new integrity check value substantially matches the extracted integrity check value, utilize the EDS in decoding of the read threshold number of EDSs to recover a data segment of a data object.
3 Assignments
0 Petitions
Accused Products
Abstract
A method includes retrieving a read threshold number of integrity check value list (ICVL) encoded data slices of a set of ICVL encoded data slices. The method further includes determining whether an appended ICVL of each ICVL encoded data slice of the read threshold number of ICVL encoded data slices substantially match. When the appended ICVL of one of the ICVL encoded does not substantially match the appended ICVL of other ICVL encoded data slices, the method further includes determining a likely cause for the mismatch. When the likely cause is missing a revision update, the method further includes initiate rebuilding of the encoded data slice portion. The method further includes generating an integrity check value for the rebuilt encoded data slice and updating the integrity check value list. The method further includes appending the updated integrity check value list to the rebuilt encoded data slice.
-
Citations
20 Claims
-
1. A computing device comprising:
-
an interface configured to interface and communicate with a dispersed storage network (DSN); memory that stores operational instructions; and processing circuitry operably coupled to the interface and to the memory, wherein the processing circuitry is configured to execute the operational instructions to; retrieve a read threshold number of integrity check value list (ICVL) encoded data slices (EDSs) of a set of ICVL EDSs from at least some storage units (SUs) of a set of SUs based on a request; determine whether an appended ICVL of each ICVL EDS of the read threshold number of ICVL EDSs substantially match; based on determination that the appended ICVL of one of the ICVL EDSs of the read threshold number of ICVL EDSs does not substantially match the appended ICVL of other ICVL EDSs of the read threshold number of ICVL EDSs; determine a likely cause for the appended ICVL of the one of the ICVL EDSs not substantially matching the appended ICVL of the other ICVL EDSs; and based on determination that the likely cause is an inaccurate ICVL appended to the one of the ICVL EDSs; calculate a new integrity check value for an EDS portion of the one of the ICVL EDSs; extract an integrity check value from the appended ICVL of one of the other ICVL EDSs to produce an extracted integrity check value; compare the new integrity check value with the extracted integrity check value; and based on determination that the new integrity check value substantially matches the extracted integrity check value, utilize the EDS in decoding of the read threshold number of EDSs to recover a data segment of a data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computing device comprising:
-
an interface configured to interface and communicate with a dispersed storage network (DSN); memory that stores operational instructions; and processing circuitry operably coupled to the interface and to the memory, wherein the processing circuitry is configured to execute the operational instructions to; retrieve a read threshold number of integrity check value list (ICVL) encoded data slices (EDSs) of a set of ICVL EDSs from at least some storage units (SUs) of a set of SUs based on a request; determine whether an appended ICVL of each ICVL EDS of the read threshold number of ICVL EDSs substantially match; generate a set of integrity check values for a set of EDSs, wherein a data segment of a data object is dispersed storage error encoded to produce the set of EDSs; generate an ICVL from the set of integrity check values; append the ICVL to each EDS of the set of EDSs to produce the set of ICVL EDSs; send the set of ICVL EDSs to the set of SUs of the DSN for storage therein; based on determination that the appended ICVL of one of the ICVL EDSs of the read threshold number of ICVL EDSs does not substantially match the appended ICVL of other ICVL EDSs of the read threshold number of ICVL EDSs; determine a likely cause for the appended ICVL of the one of the ICVL EDSs not substantially matching the appended ICVL of the other ICVL EDSs; and based on determination that the likely cause is an inaccurate ICVL appended to the one of the ICVL EDSs; calculate a new integrity check value for an EDS portion of the one of the ICVL EDSs; extract an integrity check value from the appended ICVL of one of the other ICVL EDSs to produce an extracted integrity check value; compare the new integrity check value with the extracted integrity check value; and based on determination that the new integrity check value substantially matches the extracted integrity check value, utilize the EDS in decoding of the read threshold number of EDSs to recover the data segment of the data object; and based on determination that the appended ICVL of one of the ICVL EDSs of the read threshold number of ICVL EDSs substantially matches the appended ICVL of other ICVL EDSs of the read threshold number of ICVL EDSs, process the request. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method for execution by a computing device, the method comprising:
-
retrieving, via an interface configured to interface and communicate with a dispersed storage network (DSN), a read threshold number of integrity check value list (ICVL) encoded data slices (EDSs) of a set of ICVL EDSs from at least some storage units (SUs) of a set of SUs within the DSN based on a request; determining whether an appended ICVL of each ICVL EDS of the read threshold number of ICVL EDSs substantially match; based on determination that the appended ICVL of one of the ICVL EDSs of the read threshold number of ICVL EDSs does not substantially match the appended ICVL of other ICVL EDSs of the read threshold number of ICVL EDSs; determining a likely cause for the appended ICVL of the one of the ICVL EDSs not substantially matching the appended ICVL of the other ICVL EDSs; and based on determination that the likely cause is an inaccurate ICVL appended to the one of the ICVL EDSs; calculating a new integrity check value for an EDS portion of the one of the ICVL EDSs; extracting an integrity check value from the appended ICVL of one of the other ICVL EDSs to produce an extracted integrity check value; comparing the new integrity check value with the extracted integrity check value; and based on determination that the new integrity check value substantially matches the extracted integrity check value, utilizing the EDS in decoding of the read threshold number of EDSs to recover a data segment of a data object. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification