METHOD AND APPARATUS FOR VERIFYING ARCHIVED DATA INTEGRITY IN INTEGRATED STORAGE SYSTEMS

US 20090240717A1
Filed: 03/20/2008
Published: 09/24/2009
Est. Priority Date: 03/20/2008
Status: Abandoned Application

First Claim

Patent Images

1. A system for managing and verifying integrity of a data object, the system comprising:

an archive storage system comprising a first interface operable to connect the archive storage system with a client computer, the archive storage system comprising an internal storage and a processor, the archive storage system operable to receive the data object from the client computer, to store, at least intermittently, the received data object in the internal storage and to generate and cause to be recorded a first integrity measure for the data object; and

an external storage system operatively coupled to the archive storage system;

wherein the archive storage is operable to;

migrate the data object to the external storage system upon an occurrence of a predetermined condition;

generate, upon reading of the data object by the client computer, a second integrity measure for the data object;

verify the integrity of the data object using the stored first integrity measure and the second integrity measure; and

notify the client computer if it is determined that the integrity of the data object has been compromised.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for detecting alteration or corruption of data archived in integrated storage system including an archive storage coupled to external storage devices. Before a data object is sent-from the archive storage to the external devices, the archive storage generates data integrity information for each object. The data integrity information may be a hash value that is recorded in memory of the archive storage or a digital signature that is sent to the external device together with the object. When an object is requested by a client computer, the archive storage checks the data integrity information before the object is sent to the client. If an integrity violation is detected, both the client computer and an administrator at a management server are notified. The integrity information is updated if a hash algorithm is updated or certificate corresponding to a key used to generate the digital signatures has expired.

Citations

26 Claims

1. A system for managing and verifying integrity of a data object, the system comprising:
- an archive storage system comprising a first interface operable to connect the archive storage system with a client computer, the archive storage system comprising an internal storage and a processor, the archive storage system operable to receive the data object from the client computer, to store, at least intermittently, the received data object in the internal storage and to generate and cause to be recorded a first integrity measure for the data object; and
  
  an external storage system operatively coupled to the archive storage system;
  
  wherein the archive storage is operable to;
  
  migrate the data object to the external storage system upon an occurrence of a predetermined condition;
  
  generate, upon reading of the data object by the client computer, a second integrity measure for the data object;
  
  verify the integrity of the data object using the stored first integrity measure and the second integrity measure; and
  
  notify the client computer if it is determined that the integrity of the data object has been compromised.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, wherein the first integrity measure and the second integrity measure are cryptographic hash values of the data object.
  - 3. The system of claim 1, wherein verifying comprises comparing the stored first integrity measure with the second integrity measure.
  - 4. The system of claim 1, wherein the generating, verifying and notifying are performed after the data object has been migrated to the external storage system and wherein prior to verifying, the data object is provided from the external storage system to the archive storage system.
  - 5. The system of claim 1, wherein the archive storage system is operable to prevent modification of the data object.
  - 6. The system of claim 1, wherein the archive storage system further comprises a memory operable to store management information, the management information comprising a hash algorithm identification information:
    - andwherein the system further comprises a management server coupled to the archive storage system and operable to manage the management information and to cause at least one of the first integrity measure and the second integrity measure to be updated.
  - 7. The system of claim 1, wherein the archive storage system comprises an external storage system interface operable to connect the external storage system and wherein the external storage system comprises at least one of a network attached storage, an optical disk storage, and a tape system.
  - 8. The system of claim 1, wherein the archive storage system further comprises a clock for providing a time information, wherein the occurrence of the predetermined condition is determined based on the time information.
  - 9. The system of claim 1, wherein the archive storage system further comprises a memory operable to store management information, the management information comprising:
    - a verification table providing a verification indicator for the external storage system;
      
      a migration table for defining the external storage system to which the data object migrates from the archive storage system; and
      
      an object table including a storage location and a creation of time of the data object, the storage location including an internal storage location on the archive storage system or an external storage location on the external storage system.
  - 10. The system of claim 9,wherein the verification indicator is a verification flag indicating whether the integrity verification is conducted when the data object is read from the external storage system by the archive storage system,wherein at least one of the first integrity measure and the second integrity measure comprises a hash value of the data object, andwherein the object table further includes a name of a hash algorithm corresponding to the hash value of the data object.
  - 11. The system of claim 9,wherein the verification indicator is a verification level indicating actions to be performed when the integrity verification is conducted for the data object being read from the external storage system into the archive storage system,wherein the first data integrity measure includes a signature being calculated as an encrypted hash value of the data object and a storage certificate comprising a decryption key, the signature and the storage certificate being migrated to the external storage device together with the data object, andwherein the object table further comprises the storage certificate expiration time.
  - 12. The system of claim 11, wherein the archive storage system further stores:
    - a root certificate comprising an authority key, wherein the archive storage system is operable to verify validity of the storage certificate by decrypting the storage certificate with the authority key.
  - 13. The system of claim 1, wherein the first integrity measure comprises a hash value of the data object signed with a storage system key;
    - wherein the second integrity measure comprises a hash value of the data object at a time when the data object is read from the external storage system and wherein verifying comprises decrypting the signed hash value of the data object using a decryption key from a storage certificate and comparing the decrypted hash value of the data object with the second integrity measure.

14. A method for managing a data object stored in a storage system comprising an archive storage system including a first interface operable to connect the archive storage system with a client computer and an external storage system operatively coupled to the archive storage system, the method comprising:
- generating and storing, upon receipt of the data object by the storage system from the client computer, a first integrity measure for the data object;
  
  migrating the data object to the external storage system upon an occurrence of a predetermined condition;
  
  generating, upon reading of the data object by the client computer, a second integrity measure for the data object;
  
  verifying the integrity of the data object using the stored first integrity measure and the second integrity measure; and
  
  notifying the client computer if it is determined that the integrity of the data object has been compromised.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 15. The method of claim 14, further comprising:
    - receiving a read request from a client computer for reading the data object; and
      
      providing the data object to the client computer when the integrity of the data object has been successfully verified.
  - 16. The method of claim 14, wherein the first integrity measure is a first cryptographic hash value and the second integrity measure is a second cryptographic hash value.
  - 17. The method of claim 16, further comprising:
    - receiving a hash update request, the hash update request identifying a new hash algorithm;
      
      if the first hash value is not identical to the second hash value, sending an integrity violation error to the management server; and
      
      if the second hash value is identical to the first hash value, then;
      
      calculating a new hash value for the data object using the new hash algorithm,storing the new hash value on the archive storage as the first hash value, andstoring the new hash algorithm on the archive storage as the hash algorithm.
  - 18. The method of claim 14, wherein verifying comprises comparing the stored first integrity measure with the second integrity measure.
  - 19. The method of claim 14, wherein the generating, verifying and notifying are performed after the data object has been migrated to the external storage system and wherein prior to verifying, the data object is provided from the external storage system to the archive storage system.
  - 20. The method of claim 14, further comprising preventing modification of the data object.
  - 21. The method of claim 14, further comprising causing at least one of the first integrity measure and the second integrity measure to be updated.
  - 22. The method of claim 14, wherein the first integrity measure comprises a first hash value of the data object signed with a storage system key;
    - wherein the second integrity measure comprises a second hash value of the data object at a time when the data object is read from the external storage system and wherein verifying comprises decrypting the signed first hash value of the data object using a decryption key from a storage certificate corresponding to the storage system key and comparing the decrypted first hash value of the data object with the second hash value.
  - 23. The method of claim 22, wherein verifying the integrity of the data object comprises using a root certificate to verify validity of the storage certificate.
  - 24. The method of claim 22, further comprising:
    - comparing a difference between a current time and the creation time with the migration time; and
      
      if the difference exceeds the migration time, then;
      
      calculating a first hash value for the data object;
      
      encrypting the first hash value using the storage system key stored on the archive storage to obtain a signed first hash value;
      
      recording an expiration time of the storage certificate corresponding to the storage system key on the archive storage;
      
      migrating the data object, the signed first hash value and the storage certificate to the external storage system; and
      
      recording a path to the external storage system on the archive storage.
  - 25. The method of claim 24, further comprising a signature update process comprising:
    - determining if the storage certificate has expired by examining the expiration time of the storage certificate;
      
      verifying the integrity of the data object; and
      
      if the integrity of the data object has been verified, then;
      
      calculating a new hash value for the data object;
      
      encrypting the new hash value to obtain a signed new data object hash value;
      
      recording a new expiration time of a new storage certificate on the archive storage; and
      
      writing the data object to the external device together with the signed new data object hash value and the new storage certificate.

26. A computer readable medium storing a set of instructions, which, when executed by one or more processors, cause the one or more processors to perform a method for managing a data object stored in a storage system comprising an archive storage system including a first interface operable to connect the archive storage system with a client computer and an external storage system operatively coupled to the archive storage system, the method comprising:
- generating and storing, upon receipt of the data object by the storage system from the client computer, a first integrity Measure for the data object;
  
  migrating the data object to the external storage system upon an occurrence of a predetermined condition;
  
  generating, upon reading of the data object by the client computer, a second integrity measure for the data object;
  
  verifying the integrity of the data object using the stored first integrity measure and the second integrity measure; and
  
  notifying the client computer if it is determined that the integrity of the data object has been compromised.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
MIMATSU, Yasuyuki

Application Number

US12/052,695
Publication Number

US 20090240717A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 11/0727   in a storage system, e.g. i...

G06F 11/0751   Error or fault detection no...

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

G11B 20/00862   wherein the remote server c...

METHOD AND APPARATUS FOR VERIFYING ARCHIVED DATA INTEGRITY IN INTEGRATED STORAGE SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR VERIFYING ARCHIVED DATA INTEGRITY IN INTEGRATED STORAGE SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links