System and method for performing a trust-preserving migration of data objects from a source to a target

US 20070079126A1
Filed: 10/05/2005
Published: 04/05/2007
Est. Priority Date: 10/05/2005
Status: Active Grant

First Claim

Patent Images

1. A processor-implemented method for migrating data objects from a source system to a target system, comprising:

maintaining a secure summary information of the data objects at the source system;

receiving a request to migrate the data objects to the target system;

sending the data objects from the source system to the target system;

sending the maintained secure summary information from the source system to the target system;

calculating a summary information of the data objects received at the target system; and

comparing the calculated summary information with the secure summary information received at the target system, to verify the integrity and completeness of the data objects received at the target system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data migration system performs a tamper-resistant data migration for regulatory compliance systems. The system generates a secure hash for the data object, adds a timestamp to the hash, produces a signature for the data object using a private key, and includes the signature in a signature summary of data objects. Immediately prior to data migration, the system signs the signature summary of the set of data objects to be migrated. The signature of the data object maintains integrity of the data object by preventing undetectable modification to a data object during migration. The signed signature summary maintains completeness by preventing undetectable removal of a data object from or insertion of a data object into the set of data objects during migration.

Citations

24 Claims

1. A processor-implemented method for migrating data objects from a source system to a target system, comprising:
- maintaining a secure summary information of the data objects at the source system;
  
  receiving a request to migrate the data objects to the target system;
  
  sending the data objects from the source system to the target system;
  
  sending the maintained secure summary information from the source system to the target system;
  
  calculating a summary information of the data objects received at the target system; and
  
  comparing the calculated summary information with the secure summary information received at the target system, to verify the integrity and completeness of the data objects received at the target system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the secure summary information maintained at the source system is a function of a signature of the data objects covered by the summary information;
    - and wherein the signature of each object of the data objects is based on at least a secure one-way hash of a content and associated attributes of the object.
  - 3. The method of claim 1, wherein the secure summary information is maintained inside at least one secure subsystem in the source system so that the secure summary information is protected from tampering even if the content of the source system, other than the secure subsystem, is compromised.
  - 4. The method of claim 1, wherein the summary information for the data objects received by the target system is included in the target system secure summary information for subsequent migration of data from the target system.
  - 5. The method of claim 1, wherein the data objects at the source system are partitioned into groups;
    - and wherein a separate secure summary information is maintained for each group.
  - 6. The method of claim 1, wherein the secure summary information maintained at the source system is calculated cumulatively as data objects are added.
  - 7. The method of claim 2, wherein the secure summary information maintained at the source system covers the signature for each data object that has been removed.
  - 8. The method of claim 2, wherein the secure summary information maintained at the source system is signed using a secret key, and is verified using a corresponding public key.
  - 9. The method of claim 8, wherein signing the secure summary information is performed in a secure subsystem implemented using a tamper-proof hardware.
  - 10. The method of claim 7, wherein the signature of each object includes a timestamp indicating the time of creation of the data object.
  - 11. The method of claim 8, wherein the secure summary information is maintained inside a secure subsystem;
    - and wherein the secret key is generated inside the secure subsystem during initialization and is not accessible outside the secure subsystem as the public key is published.
  - 12. The method of claim 10, wherein the signature of each object includes a retention period indicating the time at which the object becomes eligible for removal.

13. A computer program product having a plurality of executable instruction codes stored on a processor-useable medium, for migrating data objects from a source system to a target system, comprising:
- a program code for maintaining secure summary information of the data objects at the source system;
  
  a program code for receiving a request to migrate the data objects to a target system;
  
  a program code for sending the data objects from the source system to the target system;
  
  a program code for sending the maintained secure summary information from the source system to the target system;
  
  a program code for calculating summary information of the data objects received at the target system; and
  
  a program code for comparing the calculated summary information with the secure summary information received at the target system to verify the integrity and completeness of the data objects received at the target system.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The computer program product of claim 13, wherein the secure summary information maintained at the source system is a function of the signature of the data objects that the summary information covers;
    - and wherein the signature of each data object is based on a secure one-way hash of the content and associated attributes of the data object.
  - 15. The computer program product of claim 13, wherein the secure summary information is maintained inside a secure subsystem in the source system so that the summary information is protected from tampering.
  - 16. The computer program product of claim 13, wherein the summary information for the data objects received by the target system is included in the target system secure summary information for subsequent migration of data from the target system.
  - 17. The computer program product of claim 13, wherein the data objects at the source system are partitioned into groups;
    - and wherein a separate secure summary information is maintained for each group.
  - 18. The computer program product of claim 13, wherein the secure summary information maintained at the source system is calculated cumulatively as data objects are added.
  - 19. The computer program product of claim 14, wherein the secure summary information maintained at the source system includes the signature for each data object that has been removed.

20. A processor-implemented system for migrating data objects from a source system to a target system, comprising:
- the source system maintaining a secure summary information of the data objects;
  
  the source system receiving a request to migrate the data objects to the target system;
  
  the source system sending the data objects to the target system;
  
  sending the maintained secure summary information from the source system to the target system;
  
  the target system calculating a summary information of the data objects received at the target system; and
  
  the target system comparing the calculated summary information with the secure summary information received at the target system, to verify the integrity and completeness of the data objects received at the target system.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The system of claim 20, wherein the secure summary information maintained at the source system is a function of a signature of the data objects covered by the summary information;
    - and wherein the signature of each object of the data objects is based on at least a secure one-way hash of a content and associated attributes of the object.
  - 22. The system of claim 20, wherein the secure summary information is maintained inside at least one secure subsystem in the source system so that the secure summary information is protected from tampering even if the content of the source system, other than the secure subsystem, is compromised.
  - 23. The system of claim 20, wherein the summary information for the data objects received by the target system is included in the target system secure summary information for subsequent migration of data from the target system.
  - 24. The system of claim 20, wherein the data objects at the source system are partitioned into groups;
    - and wherein a separate secure summary information is maintained for each group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Ma, Xiaonan, Hsu, Windsor

Granted Patent

US 7,996,679 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/606 by securing the transmissio...

G06F 21/64 Protecting data integrity, ...

System and method for performing a trust-preserving migration of data objects from a source to a target

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for performing a trust-preserving migration of data objects from a source to a target

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links