Method and apparatus for verifiably migrating WORM data
First Claim
Patent Images
1. A method comprising:
- providing a file system in a storage system to allow a user to designate data as write-once read-many (WORM) data, the WORM data being stored in a first set of storage media of the storage system; and
generating signature data from the WORM data, using which the integrity of the WORM data can be verified.
2 Assignments
0 Petitions
Accused Products
Abstract
A file system in a storage system allows a user to designate data as write-once read-many (WORM) data. The WORM data are stored in a first set of storage media of the storage system. Signature data are generated from the WORM data. Using the signature data, the integrity of the WORM data can be verified.
125 Citations
32 Claims
-
1. A method comprising:
-
providing a file system in a storage system to allow a user to designate data as write-once read-many (WORM) data, the WORM data being stored in a first set of storage media of the storage system; and
generating signature data from the WORM data, using which the integrity of the WORM data can be verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
using a file system of a storage server to provide a user with access to data stored by the storage server;
selecting a subset of the data stored by the storage server, the selected subset containing one or more data items, including at least one file;
creating a signature file for the selected subset, the signature file specifying the data items contained in the selected subset and the locations of said data items within the selected subset, the signature file further including metadata associated with each said data item, the metadata including a WORM state indication for at least one data item in the selected subset;
generating a cryptographic hash for each file in the selected subset and including each said cryptographic hash in the signature file in association with the corresponding file;
using a private key of a public-private key pair to generate a first digital signature of the signature file as a whole; and
associating the first digital signature with the signature file. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A storage system comprising:
-
a processor;
a storage interface, coupled to the processor, through which to communicate with a set of mass storage media;
a file system to provide user access to data stored in the set of mass storage media; and
a memory storing instructions which, when executed by the processor, cause the storage system to perform a process which includes;
creating a signature file corresponding to a data set stored in the set of mass storage media, the signature file specifying data items contained in the data set, locations of each data item within the data set, and metadata associated with the data items;
generating a cryptographic hash for each data item of a predetermined type in the data set and including each cryptographic hash in the signature file;
generating a digital signature of the signature file as a whole; and
associating the digital signature with the signature file. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
-
Specification