Auditor Assisted Extraction And Verification Of Client Data Returned From A Storage Provided While Hiding Client Data From The Auditor
First Claim
1. A processor-implemented method, comprising:
- initializing an auditor with a verification data set that confirms that an initial version of a data set stored by a storage provider on behalf of a client is intact;
extracting and receiving a second version of the data set by the auditor from the storage provider, wherein the second version hides information specified by the data set from the auditor;
determining by the auditor whether the second version matches the initial version by applying a checking function on the second version and the verification data set;
returning the second version to the client in response to the initial version matching the second version, wherein the auditor is prevented from recovering the information specified by the data set, and the client is relieved from having to store any state related to the initial and second versions needed to recover the information specified by the data set; and
in response to the initial version not matching the second version, outputting data indicative of data corruption.
4 Assignments
0 Petitions
Accused Products
Abstract
Various approaches for extracting client'"'"'s data from a storage provider are presented. In one approach, an auditor is initialized with a verification data set that confirms that an initial version of a data set stored by the storage provider is intact. The auditor extracts a second version of the data set from the storage provider; the second version hides information specified by the data set from the auditor. The auditor determines whether the second version matches the initial version. The second version is returned to the client if the initial version matches the second version. The auditor is prevented from recovering the information specified by the data set using the state information, and the client need not store any state information related to the initial and second versions needed to recover the information specified by the data set. If the initial version does not match the second version, the auditor outputs data indicative of data corruption.
-
Citations
20 Claims
-
1. A processor-implemented method, comprising:
-
initializing an auditor with a verification data set that confirms that an initial version of a data set stored by a storage provider on behalf of a client is intact; extracting and receiving a second version of the data set by the auditor from the storage provider, wherein the second version hides information specified by the data set from the auditor; determining by the auditor whether the second version matches the initial version by applying a checking function on the second version and the verification data set; returning the second version to the client in response to the initial version matching the second version, wherein the auditor is prevented from recovering the information specified by the data set, and the client is relieved from having to store any state related to the initial and second versions needed to recover the information specified by the data set; and in response to the initial version not matching the second version, outputting data indicative of data corruption. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An apparatus, comprising:
-
means for initializing an auditor with a verification data set that confirms that an initial version of a data set stored by a storage provider on behalf of a client is intact; means for receiving a second version of the data set by the auditor from the storage provider, wherein the second version hides information specified by the data set from the auditor; means for determining by the auditor whether the second version matches the initial version by applying a checking function on the second version and the verification data set; means for returning the second version to the client in response to the initial version matching the second version, wherein the auditor is prevented from recovering the information specified by the data set, and the client is relieved from having to store any state related to the initial and second versions needed to recover the information specified by the data set; and means, responsive to the initial version not matching the second version, for outputting data indicative of data corruption.
-
-
15. An article of manufacture, comprising:
a processor-readable program storage medium configured with instructions for extracting data stored by a storage provider on behalf of a client, wherein execution of the instructions by one or more processors causes the one or more processors to perform operations including, initializing an auditor with a verification data set that confirms that an initial version of a data set stored by the storage provider on behalf of the client is intact; extracting and receiving a second version of the data set by the auditor from the storage provider, wherein the second version hides information specified by the data set from the auditor; determining by the auditor whether the second version matches the initial version by applying a checking function on the second version and the verification data set; returning the second version to the client in response to the initial version matching the second version, wherein the auditor is prevented from recovering the information specified by the data set, and the client is relieved from having to store any state related to the initial and second versions needed to recover the information specified by the data set; and in response to the initial version not matching the second version, outputting data indicative of data corruption. - View Dependent Claims (16, 17, 18, 19, 20)
Specification