DELETION OF CONTENT IN STORAGE SYSTEMS
First Claim
1. A computerized system comprising:
- a storage system for storing a plurality of objects and a plurality of attribute values associated to the plurality of objects; and
a key management means for deleting a key;
wherein the plurality of attribute values are organized according to a set of N, N≧
1, and a plurality of attribute types so that for each of said attribute type is an object that can be associated with an attribute value;
wherein each of said attribute type is also associated to a graph;
wherein each node of the graph is associated to the key;
wherein the key is wrapped with a key associated to a rent node of each node except for a root node and is associated to one attribute value for the attribute type corresponding to the graph;
wherein each of the plurality of objects is encrypted based on one or more keys; and
wherein each of said one or more keys is associated to one attribute value that is associated with each of the plurality of objects.
4 Assignments
0 Petitions
Accused Products
Abstract
The invention notably relates to a computerized system (301) comprising a storage system (302, 308) storing objects and attribute values associated to the objects. The attribute values are organized according to a set of N attribute types, N≧1, such that, for each of said attribute types, an object can be associated with an attribute value. Each of said attribute types is associated to a respective graph. Each node of the respective graph is associated to a key. Said key is wrapped with a key associated to a parent node of said each node except for a root node. Also, said key is associated to one attribute value for the attribute type associated to the respective graph. Each of the objects is stored encrypted based on one or more keys. Each of said one or more keys is associated to one attribute value that is associated with said each of the objects. Such a system improves the deletion of objects stored on a storage system of a computerized system.
26 Citations
13 Claims
-
1. A computerized system comprising:
-
a storage system for storing a plurality of objects and a plurality of attribute values associated to the plurality of objects; and a key management means for deleting a key; wherein the plurality of attribute values are organized according to a set of N, N≧
1, and a plurality of attribute types so that for each of said attribute type is an object that can be associated with an attribute value;wherein each of said attribute type is also associated to a graph; wherein each node of the graph is associated to the key; wherein the key is wrapped with a key associated to a rent node of each node except for a root node and is associated to one attribute value for the attribute type corresponding to the graph; wherein each of the plurality of objects is encrypted based on one or more keys; and wherein each of said one or more keys is associated to one attribute value that is associated with each of the plurality of objects. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of securely managing objects stored in the computerized system, the method comprising:
-
storing a plurality of objects and a plurality of attribute values associated to the plurality of objects; and deleting a key of a graph, to prevent from deriving each key previously wrapped with the key that is deleted again and from accessing any object which is encrypted based on at least the key that is deleted; wherein the plurality of attribute values are organized according to a set of N, N≧
1, and a plurality of attribute types so that for each of said attribute type is an object that can be associated with an attribute value;wherein each of said attribute type is also associated to a graph; wherein each node of the graph is associated to the key; wherein the key is wrapped with a key associated to a parent node of each node except for a root node and is associated to one attribute value for the attribute type corresponding to the graph; wherein each of the plurality of objects is encrypted based on one or more keys; and wherein each of said one or more keys is associated to one attribute value that is associated with each of the plurality of objects. - View Dependent Claims (11)
-
-
12. A computer readable non-transitory article of manufacture tangibly embodying computer readable instructions which, when executed, cause a computer to carry out the steps of a method comprising:
-
storing a plurality of objects and a plurality of attribute values associated to the plurality of objects; and deleting a key of a graph, to prevent from deriving each key previously wrapped with the key that is deleted again and accessing an object which is encrypted based on at least the key that is deleted; wherein the plurality of attribute values are organized according to a set of N, N≧
1, a plurality of attribute types so that for each of said attribute type is an object that can be associated with an attribute value;wherein each of said attribute type is also associated to a graph; wherein each node of the graph is associated to the key; wherein the key is wrapped with a key associated to a parent node of each node except for a root node and associated to one attribute value for the attribute type corresponding to the graph; wherein each of the plurality of objects is encrypted based on one or more keys; and wherein each of said one or more keys is associated to one attribute value that is associated with each of the plurality of objects. - View Dependent Claims (13)
-
Specification