Securing storage units in a dispersed storage network
First Claim
1. A method for execution by a security module operating in a device of a dispersed storage network (DSN), the method comprises:
- identifying a storage unit having a security risk based on an atypical functioning of the storage unit;
determining a security risk level for the identified storage unit based on a scale of the atypical functioning;
determining, based on the security risk level, a type of security response and a level of the security response;
when the type of security response is a storage unit security response and the level of the security response is a first local level, instructing the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and
when the type of security response is a DSN security response and the level of the security response is a first network level, instructing one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and
when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for execution by a security module operating in a device of a dispersed storage network (DSN). The method begins by identifying storage unit(s) having security risk(s) and determining the security risk(s). The method continues by determining a type of security response and a level of security response. When the security response is a storage unit security response and the level of the security response is a first local level, the method continues by instructing the identified storage unit to implement one or more of a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests. When security response is a DSN security response and level of the security response is a first network level, the method continues by instructing devices to perform at least one of revoking digital certificates of the identified storage unit and deleting access permissions of the identified storage unit.
-
Citations
18 Claims
-
1. A method for execution by a security module operating in a device of a dispersed storage network (DSN), the method comprises:
-
identifying a storage unit having a security risk based on an atypical functioning of the storage unit; determining a security risk level for the identified storage unit based on a scale of the atypical functioning; determining, based on the security risk level, a type of security response and a level of the security response; when the type of security response is a storage unit security response and the level of the security response is a first local level, instructing the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and when the type of security response is a DSN security response and the level of the security response is a first network level, instructing one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computing device comprises:
-
an interface; memory; and a processing module operably coupled to the memory and the interface, wherein the processing module is operable to; identify a storage unit having a security risk based on an atypical functioning of the storage unit; determine a security risk level for the identified storage unit based on a scale of the atypical functioning; determine, based on the security risk level, a type of security response and a level of the security response; when the type of security response is a storage unit security response and the level of the security response is a first local level, instruct the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and when the type of security response is a dispersed storage network (DSN) security response and the level of the security response is a first network level, instruct one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification