Securing storage units in a dispersed storage network

US 10,389,683 B2
Filed: 08/26/2016
Issued: 08/20/2019
Est. Priority Date: 08/26/2016
Status: Active Grant

First Claim

Patent Images

1. A method for execution by a security module operating in a device of a dispersed storage network (DSN), the method comprises:

identifying a storage unit having a security risk based on an atypical functioning of the storage unit;

determining a security risk level for the identified storage unit based on a scale of the atypical functioning;

determining, based on the security risk level, a type of security response and a level of the security response;

when the type of security response is a storage unit security response and the level of the security response is a first local level, instructing the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and

when the type of security response is a DSN security response and the level of the security response is a first network level, instructing one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and

when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for execution by a security module operating in a device of a dispersed storage network (DSN). The method begins by identifying storage unit(s) having security risk(s) and determining the security risk(s). The method continues by determining a type of security response and a level of security response. When the security response is a storage unit security response and the level of the security response is a first local level, the method continues by instructing the identified storage unit to implement one or more of a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests. When security response is a DSN security response and level of the security response is a first network level, the method continues by instructing devices to perform at least one of revoking digital certificates of the identified storage unit and deleting access permissions of the identified storage unit.

Citations

18 Claims

1. A method for execution by a security module operating in a device of a dispersed storage network (DSN), the method comprises:
- identifying a storage unit having a security risk based on an atypical functioning of the storage unit;
  
  determining a security risk level for the identified storage unit based on a scale of the atypical functioning;
  
  determining, based on the security risk level, a type of security response and a level of the security response;
  
  when the type of security response is a storage unit security response and the level of the security response is a first local level, instructing the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and
  
  when the type of security response is a DSN security response and the level of the security response is a first network level, instructing one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and
  
  when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprises:
    - when the type of security response is the storage unit security response and the level of the security response is a second local level, instructing the identified storage unit to implement one or more of;
      
      deleting cached encryption keys;
      
      deleting user credentials; and
      
      resetting device local passwords to random passwords.
  - 3. The method of claim 1 further comprises:
    - when the type of security response is the storage unit security response and the level of the security response is a third local level, instructing the identified storage unit to implement one or more of;
      
      shutting down;
      
      terminating open connections;
      
      disabling network ports; and
      
      activating firewalls to block or restrict external communication.
  - 4. The method of claim 1 further comprises:
    - when the type of security response is the DSN security response and the level of the security response is a second network level, instructing the one or more devices of the DSN to perform at least one of;
      
      powering down the identified storage unit;
      
      powering down a device that includes the identified storage unit; and
      
      instructing other devices in the DSN not to communicate with or accept communication from at least one of the identified storage unit and the device that includes the identified storage unit.
  - 5. The method of claim 1 further comprises:
    - when the security risk is no longer detected, undoing the security response(s) to restore the identified storage unit to a non-security risk operating condition.
  - 6. The method of claim 1 further comprises:
    - when the type of security response is the storage unit security response and the level of the security response is the first local level, determining, while the storage unit is restricted in accordance with the one or more of a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests is active, whether the security risk level has escalated; and
      
      when the security risk level has escalated, changing the level of the security response to at least one of;
      
      a second local level and a third local level.
  - 7. The method of claim 1 further comprises:
    - when the type of security response is the DSN security response and the level of the security response is the first network level, determining, while the storage unit is restricted in accordance with revocation of the one or more digital certificates and deletion of the one or more access permissions, whether the security risk level has escalated; and
      
      when the security risk level has escalated, changing the level of the security response to a second network level.
  - 8. The method of claim 1 further comprises:
    - identifying the atypical functioning of the storage unit based on one or more of;
      
      atypical data access requests, atypical error rate, and atypical response rate, wherein the atypical data access requests includes access requests greater than an access request threshold that are not part of a set of access requests, wherein the atypical error rate includes a rate greater than an error rate threshold more than other storage units in the same set or the same site for corrupted data or missing data, and wherein the atypical response rate includes a greater than a response rate threshold of average off-line time compared to other storage units in the set or the same site;
      
      determining the security risk level for the identified storage unit based on the scale of the one or more of;
      
      the atypical data access requests, the atypical error rate, and the atypical response rate;
      
      determining the storage unit security response when the security risk level indicates potential compromise to data stored in the identified storage unit; and
      
      determining the DSN security response when the security risk level indicates potential compromise to process resources of the identified storage unit.

9. A computing device comprises:
- an interface;
  
  memory; and
  
  a processing module operably coupled to the memory and the interface, wherein the processing module is operable to;
  
  identify a storage unit having a security risk based on an atypical functioning of the storage unit;
  
  determine a security risk level for the identified storage unit based on a scale of the atypical functioning;
  
  determine, based on the security risk level, a type of security response and a level of the security response;
  
  when the type of security response is a storage unit security response and the level of the security response is a first local level, instruct the identified storage unit to implement a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests; and
  
  when the type of security response is a dispersed storage network (DSN) security response and the level of the security response is a first network level, instruct one or more devices of the DSN to perform revoking one or more digital certificates of the identified storage unit and deleting one or more access permissions of the identified storage unit; and
  
  when the type of the security response is both the DSN security response and the storage unit security response, instructing the identified storage unit to implement the storage unit security response and instructing the one or more devices of the DSN to perform the DSN security response.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The computing device of claim 9, wherein the processing module is further operable to:
    - when the type of security response is a storage unit security response and the level of the security response is a second local level, instruct the identified storage unit to implement one or more of;
      
      deleting cached encryption keys;
      
      deleting user credentials; and
      
      resetting device local passwords to random passwords.
  - 11. The computing device of claim 9, wherein the processing module is further operable to:
    - when the type of security response is a storage unit security response and the level of the security response is a third local level, instruct the identified storage unit to implement one or more of;
      
      shutting down;
      
      terminating open connections;
      
      disabling network ports; and
      
      activating firewalls to block or restrict external communication.
  - 12. The computing device of claim 9, wherein the processing module is further operable to:
    - when the type of security response is a DSN security response and the level of the security response is a second network level, instruct one or more devices of the DSN to perform at least one of;
      
      powering down the identified storage unit;
      
      powering down a device that includes the identified storage unit; and
      
      instructing other devices in the DSN not to communicate with or accept communication from at least one of the identified storage unit and the device that includes the identified storage unit.
  - 13. The computing device of claim 9, wherein the processing module is further operable to:
    - when the security risk is no longer detected, undo the security response(s) to restore the identified storage unit to a non-security risk operating condition.
  - 14. The computing device of claim 9, wherein the processing module is further operable to:
    - when the type of security response is the storage unit security response and the level of the security response is the first local level, determine, while the storage unit is restricted in accordance with the one or more of a read only mode, ceasing multiple phase write operations, and ceasing issuance of rebuild requests is active, whether the security risk level has escalated; and
      
      when the security risk level has escalated, change the level of the security response to at least one of;
      
      a second local level and a third local level.
  - 15. The computing device of claim 9, wherein the processing module is further operable to:
    - when the type of security response is the DSN security response and the level of the security response is the first network level, determine, while the storage unit is restricted in accordance with revocation of the one or more digital certificates unit and deletion of the one or more access permissions, whether the security risk level has escalated; and
      
      when the security risk level has escalated, changing the level of the security response to a second network level.
  - 16. The computing device of claim 9, wherein the processing module is further operable to:
    - identify the atypical functioning of the storage unit based on one or more of;
      
      atypical data access requests, atypical error rate, and atypical response rate, wherein the atypical data access requests includes access requests greater than an access request threshold that are not part of a set of access requests, wherein the atypical error rate includes a rate greater than an error rate threshold more than other storage units in the same set or the same site for corrupted data or missing data, and wherein the atypical response rate includes a greater than a response rate threshold of average off-line time compared to other storage units in the set or the same site;
      
      determine the security risk level for the identified storage unit based on the scale of the one or more of;
      
      the atypical data access requests, the atypical error rate, and the atypical response rate;
      
      determining the storage unit security response when the security risk level indicates potential compromise to data stored in the identified storage unit; and
      
      determining the DSN security response when the security risk level indicates potential compromise to process resources of the identified storage unit.
  - 17. The computing device of claim 9 further comprises:
    - the computing device being a storage unit.
  - 18. The computing device of claim 9 further comprises:
    - the computing device being one of;
      
      a managing unit; and
      
      an integrity processing unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Cilfone, Bart R.
Primary Examiner(s)
Tran, Ellen

Application Number

US15/249,037
Publication Number

US 20180063081A1
Time in Patent Office

1,089 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 63/101   Access control lists [ACL]

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

H04L 67/1097   for distributed storage of ...

Securing storage units in a dispersed storage network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Securing storage units in a dispersed storage network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links