Peer data protocol

US 20030115251A1
Filed: 02/13/2002
Published: 06/19/2003
Est. Priority Date: 02/23/2001
Status: Abandoned Application

First Claim

Patent Images

1. A system for securely storing a data object, comprising:

a computerized owning node that owns the data object;

a plurality of computerized neighbor nodes, wherein said owning node and said neighbor nodes are distinct and are collectively members of a network in which they have peer-to-peer status; and

a plurality of possessing nodes that store the data object, wherein said plurality of possessing nodes is a subset of said plurality of said neighbor nodes, thereby securely storing the data object away from its said owning node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Peer Data Protocol (PDP)(10) for securely storing a data object (20) on a peer-to-peer network (50) of nodes (14). An owning node (16) owns the data object (20), possessing nodes hold the data object (20), an indexing node (68) facilitates overall operation of the PDP (10), and a backup node (66) may optionally be provided to ensure that the data object (20) is available even when the possessing nodes (18) holding it are not. The possessing nodes (18) securely store the data object (20) remote from its owning node (16), yet themselves have no access to the contents of the data object (20) unless granted such by the owning node (16). To enhance the security of this scheme the possessing nodes (18) may be chosen from among a large pool of neighbor nodes (56), the data object (20) may be piece-wise stored across multiple of the possessing nodes (18), and the pieces may be share-wise stored across multiple of the possessing nodes (18) and analyzed for integrity before later use.

Citations

25 Claims

1. A system for securely storing a data object, comprising:
- a computerized owning node that owns the data object;
  
  a plurality of computerized neighbor nodes, wherein said owning node and said neighbor nodes are distinct and are collectively members of a network in which they have peer-to-peer status; and
  
  a plurality of possessing nodes that store the data object, wherein said plurality of possessing nodes is a subset of said plurality of said neighbor nodes, thereby securely storing the data object away from its said owning node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein a data piece derived from the data object is assigned to be stored by each said possessing node, wherein each said data piece is all or part of the data object and all said data pieces assemble into the whole of the data object.
  - 3. The system of claim 2, wherein multiple data copies derived from each said data piece are stored by different said possessing nodes, thereby permitting comparison to determine if security of any said data piece has been compromised.
  - 4. The system of claim 2, wherein multiple data shares derived from each said data piece with a sharing algorithm are assigned to different said possessing nodes for storage, wherein said data pieces may each be assembled from less than all of said multiple data from which they are respectively derived.
  - 5. The system of claim 4, wherein:
    - one-thousand said neighbor nodes are assigned to said owning node to be said plurality of neighbor nodes;
      
      twenty said data shares derived from each said data piece are assigned to said possessing nodes for storage; and
      
      at least three said data shares must be assembled.
  - 6. The system of claim 1, further comprising an indexing node to store information about said neighbor nodes, wherein said indexing node is also a member of said network.
  - 7. The system of claim 6, wherein said indexing node assigns said plurality of neighbor nodes to said owning node.
  - 8. The system of claim 7, wherein:
    - said neighbor nodes each log into said indexing node when joining said network; and
      
      said information stored by said indexing node includes the current known availability of respective said neighbor nodes.
  - 9. The system of claim 8, wherein said plurality of possessing nodes assigned to store the data object are chosen based on said information about availability of said neighbor nodes;
  - 10. The system of claim 9, wherein said indexing node provides said information about availability of said neighbor nodes to said owning node.
  - 11. The system of claim 10, wherein said owning node chooses said plurality of possessing nodes assigned to store the data object.
  - 12. The system of claim 1, further comprising a backup node that is also a member of said network, wherein said backup node stores a copy of the data object and is available as a server to provide said data pieces as an alternate for retrieving the data object than said possessing nodes.
  - 13. The system of claim 12, wherein:
    - said possessing nodes storing the data object each have a respective peer data piece derived from the data object; and
      
      said backup data piece is compared with said peer data piece.
  - 14. The system of claim 12, wherein:
    - said possessing nodes storing the data object each have a respective peer data piece derived from the data object; and
      
      said backup data piece is used in place of one said peer data piece.
  - 15. The system of claim 14, wherein said backup data piece is used in place of one said peer data piece when any said peer data piece is deemed untrustworthy or unavailable.

16. A method for securely storing a data object, the method comprising the steps of:
- (a) constructing a network of computerized nodes, wherein one said node is an owning node that owns the data object and a plurality of said nodes are neighbor nodes that are distinct from said owning node;
  
  (b) assigning a plurality of said nodes to be possessing nodes, wherein said plurality of possessing nodes is a subset of said plurality of said neighbor nodes;
  
  (c) storing the data object on said plurality of possessing nodes, thereby securely storing the data object away from its said owning node.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The method of claim 16, wherein said step (c) includes:
    - creating at least one data piece from the data object, wherein each said data piece is all or part of the data object and all said data pieces assemble into the whole of the data object; and
      
      storing said data pieces on different said possessing nodes.
  - 18. The method of claim 17, wherein said step (c) includes:
    - making multiple data copies of each said data piece;
      
      storing each said data cop y on a different said possessing node; and
      
      upon access to the data object, comparing said data copies to determine if security of any said data piece has been compromised.
  - 19. The method of claim 17, wherein said step (c) further includes:
    - deriving multiple data shares from each said data piece with a sharing algorithm, wherein said data pieces may each be assembled from less than all of said multiple data from which they are respectively derived; and
      
      storing said data shares on respective said possessing nodes.
  - 20. The method of claim 19, wherein said sharing algorithm is Shamir'"'"'s secret sharing algorithm one-thousand said neighbor nodes are assigned to said owning node to be said plurality of neighbor nodes, twenty said data shares derived from each said data piece are assigned to said possessing nodes for storage, and at least three said data shares must be assembled.
  - 21. The method of claim 16, further comprising:
    - (d) monitoring availability on said network of said neighbor nodes.
  - 22. The method of claim 21, wherein said step (a) further includes picking said plurality of neighbor nodes with respect to said owning node based on said availability.
  - 23. The method of claim 21, wherein said step (c) further includes selecting said plurality of possessing nodes from among said plurality of neighbor nodes based on said availability.
  - 24. The method of claim 23, wherein said owning node selects said plurality of possessing nodes to store the data object.
  - 25. The method of claim 16, further comprising:
    - (d) providing a backup server on said network; and
      
      (e) storing a backup copy of the data object on said backup server, thereby providing an alternate means for retrieving the data object than said possessing nodes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Horizon A Glimpse of Tomorrow Incorporated
Original Assignee
Horizon A Glimpse of Tomorrow Incorporated
Inventors
Williams, William R., Fredrickson, Jason A., Belshee, Arlo M., Saunders, Augustus

Application Number

US10/076,162
Publication Number

US 20030115251A1
Time in Patent Office

Days
Field of Search
US Class Current

709/201
CPC Class Codes

G06F 11/202   where processing functional...

H04L 63/0272   Virtual private networks

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/10   for controlling access to d...

H04L 63/12   Applying verification of th...

H04L 63/14   for detecting or protecting...

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/1046   Joining mechanisms

H04L 67/1068   Discovery involving direct ...

H04L 67/1076   Resource dissemination mech...

H04L 67/108   characterised by resources ...

H04L 69/329   in the application layer [O...

Peer data protocol

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Peer data protocol

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links