DISTRIBUTED DATA STORAGE BY MEANS OF AUTHORISATION TOKEN

US 20170293766A1
Filed: 09/15/2015
Published: 10/12/2017
Est. Priority Date: 09/17/2014
Status: Active Grant

First Claim

Patent Images

1. A method for storing data, wherein the method comprises the following steps in order to store a file:

automatically generating a distribution schedule, which contains instructions for generating file fragments of the file by means of an error correction method and identifiers of a number of memory services, in the non-volatile storage media of which the generated file fragments are to be stored, by a file management server or by a user computer system;

performing the error correction method specified in the distribution schedule for generation of the file fragments from the file by the user computer system, wherein at least one of the file fragments contains error correction bits;

sending an authorisation enquiry of the user computer system for storing the file fragments in the memory services identified in the distribution schedule to the file management server via a network;

in response to receipt of the authorisation enquiry, requesting an authorisation token by the file management server from each of the memory services identified in the distribution schedule and forwarding the authorisation tokens obtained in response to the request to the user computer system by the file management server, andstoring the generated file fragments via the network in the storage media of the identified memory devices by means of authorisation verification by the authorisation tokens, with the user computer system bypassing the file management server;

wherein metadata, which allow the reconstruction of the file from the stored file fragments, are stored in the user computer system and/or the file management server and are protected against access by the memory services.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for storing data, wherein the method, in order to store a file (101), comprises: —automatic generation (602) of a distribution schedule (416); —performance (604) of an error correction method, which is specified in the distribution schedule, for generating file fragments from the file by a user computer system; —sending (606) of an authorisation enquiry (420) for storing the file fragments in the memory services (SD2, SD4-SD6) identified in the distribution schedule from the user computer system to a file management server via a network; —in response to reception of the authorisation enquiry by the file management server, requesting (608, 424) of an authorisation token by the file management server from each of the memory services identified in the distribution schedule and forwarding (610) of the authorisation token (428) obtained in response to the request to the user computer system by the file management server; and—storage (612) of the generated file fragments in the storage media (SM2, SM4-SM6) of the identified memory services by means of authorisation verification by the authorisation token by means of the user computer system bypassing the file management server; wherein metadata (312) that permit the reconstruction of the file from the stored file fragments are stored in the user computer system and/or the file management server and are protected against access by the memory services.

85 Citations

View as Search Results

18 Claims

1. A method for storing data, wherein the method comprises the following steps in order to store a file:
- automatically generating a distribution schedule, which contains instructions for generating file fragments of the file by means of an error correction method and identifiers of a number of memory services, in the non-volatile storage media of which the generated file fragments are to be stored, by a file management server or by a user computer system;
  
  performing the error correction method specified in the distribution schedule for generation of the file fragments from the file by the user computer system, wherein at least one of the file fragments contains error correction bits;
  
  sending an authorisation enquiry of the user computer system for storing the file fragments in the memory services identified in the distribution schedule to the file management server via a network;
  
  in response to receipt of the authorisation enquiry, requesting an authorisation token by the file management server from each of the memory services identified in the distribution schedule and forwarding the authorisation tokens obtained in response to the request to the user computer system by the file management server, andstoring the generated file fragments via the network in the storage media of the identified memory devices by means of authorisation verification by the authorisation tokens, with the user computer system bypassing the file management server;
  
  wherein metadata, which allow the reconstruction of the file from the stored file fragments, are stored in the user computer system and/or the file management server and are protected against access by the memory services.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method according to claim 1, comprising the following steps:
    - providing a configuration, which contains requirements of a user with regard to the speed, the geographical location, the security and/or the costs of an IT infrastructure to be used for the storing of data and also requirements with regard to the availability of the data to be stored;
      
      providing a memory service catalogue, which comprises specifications of a multiplicity of available memory services, wherein the specification of each of the memory services contains details with regard to the speed, the geographical location, the security and/or the costs of an IT infrastructure of the memory service used for the storing of the data;
      
      in order to generate the distribution schedule, automatically evaluating the configuration and the memory service catalogue so as to identify, depending on the specifications of the available memory services and depending on the user requirements, an error correction method from a multiplicity of error correction methods that meets the requirements with regard to the availability of the data to be stored and so as to identify the plurality of memory services identified in the distribution schedule from the multiplicity of available memory services that are suitable for storing the file in accordance with the user-specific requirements with regard to the speed, geographical location, security and/or costs of the IT infrastructure to be used for the storing of data; and
      
      ;
      
      using the identified error correction method as the error correction method of the distribution schedule.
  - 3. The method according to claim 1, further comprising the following steps:
    - generating the metadata by the user computer system, wherein the user computer system is assigned to a user, wherein the metadata include;
      
      paths to all memory locations in the storage media of the memory services in which the file fragments of the file are to be stored or have already been stored; and
      
      /ora symmetric key, which allows a decryption of the file fragment encrypted with this symmetric key; and
      
      /orfor each of the file fragments, a hash value of the file fragment calculated by the user computer system; and
      
      /orthe original file name of the file stored in a distributed manner, and/orconfiguration data of the error correction method;
      
      a mapping of the original file name to the hash values and paths of the generated file fragments;
      
      storing the metadata in the user computer system;
      
      transferring the metadata to the file management server; and
      
      using the metadata by the file management server to control the access of a further user to the file.
  - 4. The method according to claim 3,wherein metadata of a multiplicity of files stored in a distributed manner in the memory services are stored in the user computer system and the method comprises a use of said metadata by a client application of the user computer for generation of a client-based view of the files stored in a distributed manner;
    - and/orwherein metadata of a multiplicity of files stored in the memory services in a distributed manner are stored in the file management server and the method comprises a use of said metadata by a web portal hosted on the file management server for generation of a network-based view of the files stored in a distributed manner,wherein the client-based and/or the network-based view is configured to dynamically reconstruct the original file names from the metadata and, by selection of one of the files stored in a distributed manner, to initiate a dynamic and automatic reconstruction of the file content of the selected file by the user computer system or by a further authorised user computer system, wherein the memory services in which fragments of the selected file are stored are hidden by the view.
  - 5. The method according to claim 2,wherein the determination of the error correction method which meets the user requirements with regard to the availability of the file includes a determination of the anticipated total size of all file fragments to be generated by the error correction method, wherein for each of the file fragments to be generated, a memory service is identified which, in accordance with its specifications, meets the requirements with regard to the speed, geographical location, security and/or costs under consideration of the anticipated total size;
    - and/orwherein, if the determined error correction method would prompt the generation of file fragments of which the total size does not make it possible to identify a sufficient number of memory services which, in accordance with their specifications, meet the requirements with regard to the speed, security and/or costs under consideration of the total size, automatically determining another error correction method, which is configured to generate file fragments of which the anticipated total size is sufficiently small so that, for each file fragment to be generated, a memory service can be identified which, in accordance with its specifications, meets the requirements with regard to the speed, geographical location, security and/or costs under consideration of the anticipated total size; and
      
      /orwherein, in order to meet the user requirements with regard to a maximum duration of the data transfer for the transfer of the file via the network, the determined error correction method is automatically configured so that, as a result of this method, a sufficiently large number of the generated file fragments is generated, such that with parallel transfer of these file fragments to the plurality of memory services or from the plurality of memory services identified in the distribution schedule the transfer time for all file fragments lies below the maximum duration.
  - 6. The method according to claim 2, wherein the user computer system is assigned to a user, wherein the configuration also contains one or more of the following data items in user-configurable form:
    - a minimum trust level, which specifies a minimum level of reliability of an authentication method by means of which a further user must authenticate himself to the file management server so as to be allowed to access the file stored in the memory media of the identified memory services.
  - 7. The method according to claim 1, also comprising the steps of:
    - calculating a hash value of the entire file by the user computer system;
      
      encrypting each of the file fragments of the file by the user computer system, wherein the hash value is used as a symmetric key for encryption of the file fragments by the user computer system;
      
      generating the metadata, wherein the metadata include the calculated hash value of the total file and hash values of the file fragments, by the user computer system;
      
      encrypting the generated metadata, which include the symmetric key, or at least the symmetric key, by a public key, which is assigned to the user computer system of a user or a further user computer system of a further user authorised to access the file, wherein a private key together with the public key forms an asymmetric cryptographic key pair, wherein the public key in the file management server is linked to a user profile of the user assigned to the public key; and
      
      wherein the file fragments are stored in encrypted form in the storage media of the identified memory services.
  - 8. The method according to claim 1, wherein the file management server manages a public key of a further user computer system of a further user, further comprising the steps of:
    - authenticating the further user to the file management server;
      
      after successful authentication, checking, by the file management server, whether the further user is authorised for read access to the file;
      
      if the analysis reveals that the further user is authorised for read access to the file and has successfully authenticated himself, generating a further version of the metadata, wherein the further version of the metadata allows a reconstruction of the file from the file fragments, wherein the further version of the metadata is generated specifically for the file and specifically for the further user computer system, wherein the generation of the further version of the metadata of the file includes;
      
      sending, by the file management server, the public key of the further user computer system to the user computer system which generated the file and encrypted fragments thereof using its symmetric key;
      
      encrypting the symmetric key using the public key of the further user computer system by the user computer system which generated the file;
      
      combining the encrypted symmetric key with further data by the user computer system which generated the file, in order to create the further version of the metadata;
      
      sending the further version of the metadata to the file management server;
      
      forwarding the further version of the metadata by the file management server to the further user computer system in order to enable the further user computer system to decrypt the symmetric key using its private key, which together with the public key forms an asymmetric cryptographic key pair.
  - 9. The method according to claim 1, also comprising the steps of:
    - authenticating the user computer system to the file management server,upon receipt of the authorisation enquiry of the user computer system for storage of the file fragments, checking, by the file management server, whether the user to whom the user computer system is assigned has access rights in order to store the file by means of the identified memory services;
      
      wherein the file management server requests the authorisation token only following successful authentication and only if the user has the access rights.
  - 10. The method according to claim 1:
    - wherein the authorisation tokens which are transmitted in response to the request of the file management server from each of memory services identified in the distribution schedule to the file management server are selectively generated only for the authorisation enquiry to store the file and have only temporary validity; and
      
      /orwherein the authorisation tokens are formed as URLs, which each enable direct write access to a storage space on the storage medium of one of the memory services identified by the URL.
  - 11. The method according to claim 1, wherein a signing key is managed by the file management server in a form stored in a protected manner, said method also comprising the steps of:
    - providing a signature validation key to each of the memory services, wherein the signature validation key is designed to validate the signatures generated by the signing key;
      
      signing of the authorisation tokens received from each of the identified memory services with the signing key by the file management server, wherein the authorisation tokens are forwarded in signed form to the user computer system,wherein each of the signed authorisation tokens enables a receiver of this signed authorisation token to access a storage space on the storage medium of the corresponding memory service identified by the authorisation token only when the memory service in question identifies the signature as being valid.
  - 12. The method according to claim 1, also comprising the steps of:
    - receiving an access enquiry of a further user computer system for access to the file stored in a distributed manner, wherein the access enquiry is received by the file management server;
      
      identifying the memory services that have stored file fragments of the file on the basis of the metadata of the file by the file management server,checking, by the file management server, whether a further user, to whom the further user computer system is assigned, has access rights for the type of requested access to the file;
      
      authenticating the further user computer system to the file management server,following successful authentication and if the further user has access rights for the file, requesting a further authorisation token by the file management server form each of the identified memory services and forwarding the further authorisation tokens obtained in response to this request to the further user computer system by the file management server, wherein the further authorisation tokens allow the further user computer system to have the requested access to the file fragments stored by the memory services in direct form.
  - 13. The method according to claim 8, also comprising the steps of:
    - checking by the file management server whether the authentication method used to authenticate the further user to the file management server is sufficiently reliable to meet the minimum trust level for the requested access configured by the user;
      
      wherein the request for the further authorisation token is only sent from the file management server to the identified memory services when the further user has successfully authenticated himself to the file management server, has access rights for the requested file, and the used authentication method has a trust level that is at least as high as the minimum trust level specified in the configuration of the user.
  - 14. The method according to claim 12,wherein the configuration of the user contains a specification of a type of computer which is alone authorised to access data that the user has stored in the storage media of the identified services;
    - andwherein the request of the further authorisation token is only sent from the file management server to the identified memory services if the further user computer system, from which the further user has sent the access enquiry to the file management server, meets said specification of the sole authorised computer type.
  - 15. The method according to claim 12, further comprising the steps of:
    - managing a user profile of the further user by the file management server, wherein the user profile contains a public key, which together with a private decryption key forms an asymmetric cryptographic key pair, wherein the private decryption key is stored in a protected manner in the further user computer system and serves to decrypt the metadata of the file or to decrypt parts of the metadata; and
      
      if the user has authenticated himself successfully to the file management server and if the further user has the access rights for the file, sending the public key by the file management server to the user computer system for encryption of the metadata or of parts of the metadata by the user computer system and receiving and forwarding the metadata of the file wholly or partially encrypted using the sent public key by the file management server to the further user computer system so as to enable the further user computer system to decrypt the forwarded metadata using the private decryption key and to reconstruct the file from the file fragments
  - 16. A computer-readable storage medium with computer-readable instructions which, with execution by a processor, prompt the processor to perform the method in accordance with claim 1.

17. A user computer system comprising a processor, a network interface for operatively coupling the user computer system to a multiplicity of memory services and to a file management server via a network, wherein the user computer system comprises a memory medium with a client application that can be executed by the processor, wherein the client application is configured to execute the following method for storing a file:
- using a distribution schedule, which contains instructions for generating file fragments of the file by means of an error correction method and identifiers of a number of memory services in the non-volatile storage media of which the generated file fragments are to be stored, wherein the file management server does not provide a memory service;
  
  performing the error correction method specified in the distribution schedule for generating the file fragments of the file, wherein at least one of the file fragments includes error correction bits;
  
  sending an authorisation enquiry of the user computer system for storing the file fragments in the memory services identified in the distribution schedule to the file management server via the network;
  
  in response to the sending of the authorisation enquiry, receiving authorisation tokens from the file management server for each of the memory services identified in the distribution schedule; and
  
  storing the generated file fragments via the network in the storage media of the identified memory services by means of authorisation verification by the authorisation tokens, with the user computer system bypassing the file management server, wherein metadata, which allow the reconstruction of the file from the stored file fragments, are protected against access by the memory services.

18. A file management server comprising a processor, a network interface for operatively coupling the file management server to at least one user computer system and to a multiplicity of memory services via a network, wherein the file management server comprises a storage medium with a file management application which can be executed by the processor, wherein the file management application is configured to execute the following method for storing a file:
- receiving an authorisation enquiry of the user computer system to store file fragments of a file via the network in a plurality of the memory services, wherein the file management server does not provide a memory service; and
  
  in response to the receipt of the authorisation enquiry, requesting an authorisation token from each of the plurality of memory services and forwarding the authorisation tokens obtained in response to the request to the user computer system, wherein metadata, which allow the reconstruction of the file from the stored file fragments, are protected against access by the memory services.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bundesdruckerei GmbH (Government of Germany)
Original Assignee
Bundesdruckerei GmbH (Government of Germany)
Inventors
SCHNJAKIN, Maxim, BERGER, Philipp, GRAUPNER, Hendrik

Granted Patent

US 10,534,920 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/1076   Parity data used in redunda...

G06F 16/182   Distributed file systems

G06F 21/335   for accessing specific reso...

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06F 2221/2107   File encryption

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 67/1097   for distributed storage of ...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0861   Generation of secret inform...

H04L 9/3239   involving non-keyed hash fu...

DISTRIBUTED DATA STORAGE BY MEANS OF AUTHORISATION TOKEN

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

85 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

DISTRIBUTED DATA STORAGE BY MEANS OF AUTHORISATION TOKEN

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

85 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links