METHOD AND APPARATUS FOR VERIFYING ARCHIVED DATA INTEGRITY IN INTEGRATED STORAGE SYSTEMS
First Claim
1. A system for managing and verifying integrity of a data object, the system comprising:
- an archive storage system comprising a first interface operable to connect the archive storage system with a client computer, the archive storage system comprising an internal storage and a processor, the archive storage system operable to receive the data object from the client computer, to store, at least intermittently, the received data object in the internal storage and to generate and cause to be recorded a first integrity measure for the data object; and
an external storage system operatively coupled to the archive storage system;
wherein the archive storage is operable to;
migrate the data object to the external storage system upon an occurrence of a predetermined condition;
generate, upon reading of the data object by the client computer, a second integrity measure for the data object;
verify the integrity of the data object using the stored first integrity measure and the second integrity measure; and
notify the client computer if it is determined that the integrity of the data object has been compromised.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for detecting alteration or corruption of data archived in integrated storage system including an archive storage coupled to external storage devices. Before a data object is sent-from the archive storage to the external devices, the archive storage generates data integrity information for each object. The data integrity information may be a hash value that is recorded in memory of the archive storage or a digital signature that is sent to the external device together with the object. When an object is requested by a client computer, the archive storage checks the data integrity information before the object is sent to the client. If an integrity violation is detected, both the client computer and an administrator at a management server are notified. The integrity information is updated if a hash algorithm is updated or certificate corresponding to a key used to generate the digital signatures has expired.
-
Citations
26 Claims
-
1. A system for managing and verifying integrity of a data object, the system comprising:
-
an archive storage system comprising a first interface operable to connect the archive storage system with a client computer, the archive storage system comprising an internal storage and a processor, the archive storage system operable to receive the data object from the client computer, to store, at least intermittently, the received data object in the internal storage and to generate and cause to be recorded a first integrity measure for the data object; and an external storage system operatively coupled to the archive storage system; wherein the archive storage is operable to; migrate the data object to the external storage system upon an occurrence of a predetermined condition; generate, upon reading of the data object by the client computer, a second integrity measure for the data object; verify the integrity of the data object using the stored first integrity measure and the second integrity measure; and notify the client computer if it is determined that the integrity of the data object has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for managing a data object stored in a storage system comprising an archive storage system including a first interface operable to connect the archive storage system with a client computer and an external storage system operatively coupled to the archive storage system, the method comprising:
-
generating and storing, upon receipt of the data object by the storage system from the client computer, a first integrity measure for the data object; migrating the data object to the external storage system upon an occurrence of a predetermined condition; generating, upon reading of the data object by the client computer, a second integrity measure for the data object; verifying the integrity of the data object using the stored first integrity measure and the second integrity measure; and notifying the client computer if it is determined that the integrity of the data object has been compromised. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer readable medium storing a set of instructions, which, when executed by one or more processors, cause the one or more processors to perform a method for managing a data object stored in a storage system comprising an archive storage system including a first interface operable to connect the archive storage system with a client computer and an external storage system operatively coupled to the archive storage system, the method comprising:
-
generating and storing, upon receipt of the data object by the storage system from the client computer, a first integrity Measure for the data object; migrating the data object to the external storage system upon an occurrence of a predetermined condition; generating, upon reading of the data object by the client computer, a second integrity measure for the data object; verifying the integrity of the data object using the stored first integrity measure and the second integrity measure; and notifying the client computer if it is determined that the integrity of the data object has been compromised.
-
Specification