ACCESS CONTROL IN A DISPERSED STORAGE NETWORK
First Claim
1. A method comprises:
- receiving a data storage request that includes data;
determining dispersed storage error encoding parameters for storage of the data;
dispersed storage error encoding the data in accordance with the dispersed storage error encoding parameters to produce a set of encoded data slices;
establishing access control information for each encoded data slice of the set encoded data slices in accordance with the dispersed storage error encoding parameters to produce a set of access control information;
for each of the encoded data slices in the set of encoded data slices, appending a corresponding one of the set of access control information to produce a set of appended slices; and
outputting the set of appended slices to a set of dispersed storage (DS) units.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module receiving a data storage request that includes data and determining dispersed storage error encoding parameters for dispersed error encoding storage of data. The method continues with the processing module dispersed storage error encoding the data in accordance with the dispersed storage error encoding parameters to produce a set of encoded data slices and establishing access control information for each encoded data slice of the set encoded data slices in accordance with the dispersed storage error encoding parameters to produce a set of access control information. The method continues with the processing module appending a corresponding one of the set of access control information to each of the set of encoded data slices to produce a set of appended slices and outputting the set of appended slices to a set of dispersed storage units.
163 Citations
18 Claims
-
1. A method comprises:
-
receiving a data storage request that includes data; determining dispersed storage error encoding parameters for storage of the data; dispersed storage error encoding the data in accordance with the dispersed storage error encoding parameters to produce a set of encoded data slices; establishing access control information for each encoded data slice of the set encoded data slices in accordance with the dispersed storage error encoding parameters to produce a set of access control information; for each of the encoded data slices in the set of encoded data slices, appending a corresponding one of the set of access control information to produce a set of appended slices; and outputting the set of appended slices to a set of dispersed storage (DS) units. - View Dependent Claims (2, 3, 4)
-
-
5. In a dispersed storage network (DSN) that includes a plurality of dispersed storage (DS) units, a method for execution by each of the plurality of DS units comprises:
-
receiving a slice access request message that includes a slice name, a type of access request, and a requester identifier (ID); obtaining access control information based on at least one of the slice name and the requestor ID; determining whether the slice access request message is allowable based on the access control information; and when the slice access request message is allowable, accessing an encoded data slice of a set of encoded data slices in accordance with the slice access request message. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A computer comprises:
-
an interface; a memory; and a processing module operable to; receive, via the interface, a data storage request that includes data; determine dispersed storage error encoding parameters for storage of data; dispersed storage error encode the data in accordance with the dispersed storage error encoding parameters to produce a set of encoded data slices; establish access control information for each encoded data slice of the set encoded data slices in accordance with the dispersed storage error encoding parameters to produce a set of access control information; for each of the encoded data slices in the set of encoded data slices, append a corresponding one of the set of access control information to produce a set of appended slices; and output, via the interface, the set of appended slices to a set of dispersed storage (DS) units. - View Dependent Claims (11, 12, 13)
-
-
14. A dispersed storage (DS) unit of a plurality of DS units in a dispersed storage network (DSN) comprises:
-
an interface; a memory; and a processing module operable to; receive, via the interface, a slice access request message that includes a slice name, a type of access request, and a requester identifier (ID); obtain access control information based on at least one of the slice name and the requestor ID; determine whether the slice access request message is allowable based on the access control information; and access, via the memory, an encoded data slice of a set of encoded data slices in accordance with the slice access request message when the slice access request message is allowable. - View Dependent Claims (15, 16, 17, 18)
-
Specification