Randomized bit dispersal of sensitive data sets
First Claim
1. A system for distributed storage and reconstruction of a data set containing sensitive information, said system comprising:
- an array of multiple stores; and
logic for randomly dispersing successive granular portions of data in said set into said stores, each said granular portion containing only information of a non-sensitive nature;
whereby extraction of sensitive information in said data set from unauthorized access to data contained in said stores is extremely unlikely to occur.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure storage of sensitive data sets in virtually insecure storage facilities is accomplished presently by storing small granular portions of the data (e.g. bits or bytes) in a randomly dispersed manner. The data sets contain information which requires secure handling. However, the granular portions are sufficiently small to ensure that they do not per se reveal any sensitive information, and they are so dispersed in storage that the probability of unauthorized access to useful information in any data set is extremely small. As an example of sensitive data subject to handling as presently contemplated, consider information pertaining to credit card accounts including cardholder, names and addresses associated with account numbers and cardholder identifying information such as social security numbers, etc. The present selection and dispersal of granular portions of this data effectively co-mingles portions of different data sets in storage in a random manner. Thus it would be extremely difficult if not impossible for a party acquiring unauthorized access to blocks of storage containing such data portions to be able to extract any useful or sensitive information therefrom.
122 Citations
22 Claims
-
1. A system for distributed storage and reconstruction of a data set containing sensitive information, said system comprising:
-
an array of multiple stores; and
logic for randomly dispersing successive granular portions of data in said set into said stores, each said granular portion containing only information of a non-sensitive nature;
whereby extraction of sensitive information in said data set from unauthorized access to data contained in said stores is extremely unlikely to occur. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for storing and reconstructing a set of data containing sensitive information, in a manner such that unauthorized access to the data as stored would not reveal any of said sensitive information, said method comprising:
-
transferring successive granular components of said set into randomly selected block queues in an array of multiple block queues;
each said component being void of said sensitive information;
each said block queue having capacity to store multiple said components;
monitoring said block queues to detect when they are full;
transferring content of each said full block queue to a randomly selected store in an array of multiple stores;
retaining metadata defining locations of said blocks of data in said stores and locations of individual said granular components within each said block; and
reassembling said data set by using said retained metadata to;
(a) retrieve blocks of data containing all of the randomly dispersed granular components of said data set;
(b) extract all of said randomly dispersed granular components of said data set from said retrieved data blocks; and
(c) rearrange the extracted components into their original format within said data set. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. For a data handling and storage system, in which granular portions of data sets containing sensitive information are randomly dispersed in stores subject to orderly retrieval and reconstruction of respective sets, software installable in said system via computer-readable media, said software comprising:
-
elements for controlling functions requisite to said random dispersal of said granular portions; and
elements for controlling functions requisite to said orderly retrieval of said granular portions and reconstruction of said data sets.
-
Specification