Peer-to-peer caching network for user data
First Claim
1. A network for the distributed storage of data, including:
- a network operations center;
a router operatively connected to the network operations center;
a first leaf and a second leaf, each operatively connected to the router, each leaf including;
an applications server including a memory storing an application;
a database server including data for two users;
means for users to enter data to be stored at the database server;
means for data entered at a database server entered at one leaf to be downloaded to the other leaf;
means for at least partially isolating data so that data entered by one user may not be accessed by another user or data entered using one application may not be accessed by another application; and
a user table including information relating to locations at which user data is stored.
1 Assignment
0 Petitions
Accused Products
Abstract
A network topology is described which supports the peer-to-peer storage of user-generated applications data at multiple nodes in a virtual private network. In one embodiment, the network supports Application Service Provider applications.
In one embodiment, user data is redundantly stored at multiple locations. If a user logs-in to a location which does not store the user'"'"'s data, the network automatically causes that data to be downloaded from another node.
In one embodiment, data is stored in a hierarchical file structure which allows the isolation of data on an application, user or enterprise basis, with access to data being governed by mechanisms which limit the ability of a user or application to gain access to data generated by other users or other applications.
In one embodiment, data is synchronized between nodes whenever a user changes data at one node, by causing the data to be downloaded from that node to all other nodes holding the user'"'"'s data.
In one embodiment, the network includes means to insure that certain critical fields contain the same value across nodes.
-
Citations
7 Claims
-
1. A network for the distributed storage of data, including:
-
a network operations center;
a router operatively connected to the network operations center;
a first leaf and a second leaf, each operatively connected to the router, each leaf including;
an applications server including a memory storing an application;
a database server including data for two users;
means for users to enter data to be stored at the database server;
means for data entered at a database server entered at one leaf to be downloaded to the other leaf;
means for at least partially isolating data so that data entered by one user may not be accessed by another user or data entered using one application may not be accessed by another application; and
a user table including information relating to locations at which user data is stored.
-
-
2. A method for coordinating user data in a network for the distributed storage of data, including:
-
at a first database server located at a first leaf, identifying user data to be communicated to a second database server located at a second leaf;
at the first leaf, associating a first header with the data, the first header including information at least in part identifying the second database server;
at the first leaf, associating a second header with the data, the second header including information at least in part identifying a first router;
at the first leaf, encrypting the first header and the data using a first key;
at the first leaf, associating a third header with the data, the third header containing information at least in part identifying the first key;
transmitting the data, the encrypted first header, the second header, the third header and the encrypted data from the first leaf to the first router;
at the first router, using the third header to locate the first key;
at the first router, using the first key to decrypt the first header;
at the first router, using the decrypted first header in a process of identifying the second leaf;
at the first router, associating a fourth header with the data, the fourth header including information at least in part identifying the second leaf;
at the first router, encrypting the first header and the data using a second key;
at the first router, associating a fifth header with the data, the fifth header containing information at least in part identifying the second key;
transmitting the data, the encrypted first header, the fourth header, the fifth header and the encrypted data from the first router to the second leaf;
at the second leaf, using the fifth header to locate the second key;
at the second leaf, using the second key to decrypt the first header;
at the second leaf, using the decrypted first header to identify the second database server as the intended recipient of the data;
at the second leaf, using the second key to decrypt the data;
at the second leaf, storing the decrypted data at the second database server.
-
-
3. A distributed database for storage of user-generated data, including the following:
-
(1) a first partition, a first portion of which is stored at a first site and a second portion of which is stored at a second site, the first portion and the second portion containing at least some overlapping data, the first partition storing;
(a) a first application database containing first application data entered by multiple users, (b) a first user table identifying users whose data is stored in the first application database, including identifying each site at which each user'"'"'s data is stored and including time stamps indicating the most recent revision to each user'"'"'s data;
(2) a second partition, a first portion of which is stored at the first site and a second portion of which is stored at the second site, the first portion and the second portion containing at least some overlapping data, the second partition storing;
(a) a second application database containing second application data entered by multiple users, (b) a second user table identifying users whose data is stored in the second application database, including identifying each site at which each user'"'"'s data is stored and including time stamps indicating the most recent revision to each user'"'"'s data;
(3) means for isolating the first database and the second database such that the first database is not accessible to users of the second application and the second database is not accessible to users of the first application; and
(4) means for synchronizing data among sites such that data entered by a first user in the first database will be copied to other sites identified in the first user table as containing data for the first user.
-
-
4. A network node for the distributed storage of user data, including:
-
a switch controlling a first VLAN and a second VLAN, a load balancer for distributing user requests among application servers;
a first application server including a first virtual host, the first virtual host including a first application, a first stub program used for initiating communications with a database server and a first ticket used for securing communications with a database server;
a second application server including a second virtual host, the second virtual host including a second application, a second stub program used for initiating communications with a database server and a second ticket used for securing communications with a database server;
a first database server including a first partition storing data associated with the first application, a second partition storing data associated with a second application, a communications manager for managing communications with other database servers and a time stamp counter for associating time stamp information with communications; and
a second database server including the first partition storing data associated with the first application, a third partition storing data associated with a third application, a communications manager for managing communications with other database servers and a time stamp counter for associating time stamp information with communications.
-
-
5. A method of providing users access to data and applications stored at remote locations, including the following:
-
the user selecting an application;
the user being directed to a first site which stores the user'"'"'s data for that application, the first site being located remotely from the user'"'"'s site;
the user'"'"'s selection being communicated to an application server which contains a copy of the application;
the application server invoking the application;
the user logging-in to the application, including entering identification information;
the application generating a log-in query based at least in part on the identification information;
the application routing the log-in query to a database;
an administrative module intercepting the query;
the administrative module determining that the query constitutes an initial log-in and therefore requires intervention;
as a result of the determination, the administrative module delaying transmission of the query to the database while the administrative module uses the identification information to query a user table in order to determine whether the user'"'"'s data is located at the first site;
if the administrative module determines that the user'"'"'s data is located at the first site, the administrative module releasing the log-in query to the database and the database returning information to the application that the log-in attempt is authorized;
if the administrative module determines that the user'"'"'s data is not located at the first site, the administrative module using the user table to locate a second site which contains the user'"'"'s data, the administrative module then initiating a communication with the second site, the communication causing the second site to download a copy of the user'"'"'s data to the first site;
once the user'"'"'s data has downloaded to the first site, the administrative module releasing the log-in query to the database and the database returning information to the application that the log-in attempt is authorized.
-
-
6. A method of synchronizing user data among nodes of a network containing a distributed database of user data, including the following:
-
a user using an application to enter data;
the data being stored at a first network node;
at the first network node, an administrative module detecting the data entry;
at the first network node, the administrative module updating a user table with a time stamp associated with the data change;
in a first set of communications, the first network node communicating the time stamp to a set of nodes identified in the user table as storing application data entered by the user;
each of the nodes in the set of nodes receiving the time stamp communication and using the communication to update user table time stamp information associated with the user;
in a second set of communications, occurring after the first set of communications, the first node communicating the updated user data to each of the nodes in the set of nodes;
each of the nodes in the set of nodes receiving the updated user data and using the updated user data to replace at least a portion of the user'"'"'s data at each of the nodes.
-
-
7. A method of updating user data in a distributed database including the following:
-
at a first site, identifying a user request to change data in an application database field from a first value to a second value;
at the first site, determining that the first field is a synchronization field;
at the first site, determining whether the first field is locked;
if the first field is not locked, locking the first field at the first site;
at the first site, using a user table to identify other sites which also contain a copy of the database field;
sending a communication to the identified sites containing information regarding the first value of the database field;
at each of the identified sites, determining whether the current value of the database field matches the first value;
at each of the identified sites, initiating an error handling routine if the values do not match;
at each of the identified sites, if the values match, determining whether the database field is locked;
each identified sites at which the database field is locked returning an indication that the field was locked to the first site;
each identified site at which the database field is not locked locking the field and returning an indication that the field was not locked to the first site;
at the first site, determining whether more than half of the identified sites have returned an indication that the field was not locked;
if the determination indicates that more than half of the identified sites have returned an indication that the field was not locked, at the first site, changing the database field from the first value to the second value at the first site, unlocking the database field at the first site and sending a communication from the first site to each of the identified sites instructing them to store information reflecting the change in the database field at the first site;
if the determination indicates that more than half of the identified sites have not returned an indication that the field was not locked, the first site unlocking the database field and returning an error message to the application.
-
Specification