Data-Centric Secure Data Technology, Archiving, and Storage System

US 20190207910A1
Filed: 12/29/2017
Published: 07/04/2019
Est. Priority Date: 12/29/2017
Status: Active Grant

First Claim

Patent Images

1. A system for secure data storage and retrieval, comprising:

a processor having network connections to a plurality of networked storage locations;

the processor receiving one or more data files from a user through a network connection;

encrypting said one or more data files and generating an identifier for each encrypted data component;

splitting said one or more encrypted data files into smaller data components;

calculating the transmission path cost from said processor to each of said plurality of networked storage archives;

storing each identifier for each encrypted data component in an electronic storage element associated with said processor;

storing each encrypted data component into one of the plurality of networked storage locations based upon a set of calculated storage and data transmission costs;

retrieving each encrypted data component upon user request;

combining said data components into said one or more encrypted data files, and decrypting each encrypted data file into the file originally received from a user;

verifying the data integrity of the one or more data files after said combining; and

delivering said one or more data files to the user in the original form and format.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Current data archiving and storage solutions seek to store data in the most accessible manner possible, often foregoing security for sake of user convenience. The technology, system, and methods proposed in this document seek to protect data in a highly resilient, secure manner, suitable for extremely long-term periods of time without loss of data integrity. The proposed solution includes methods for storing digital data, validating the integrity of the data on both sides of the transmission, encryption with keys that only the user has access to, splitting files into obfuscated slices for increased security, and determining the most effective storage location according to a novel cost metric.

16 Citations

View as Search Results

9 Claims

1. A system for secure data storage and retrieval, comprising:
- a processor having network connections to a plurality of networked storage locations;
  
  the processor receiving one or more data files from a user through a network connection;
  
  encrypting said one or more data files and generating an identifier for each encrypted data component;
  
  splitting said one or more encrypted data files into smaller data components;
  
  calculating the transmission path cost from said processor to each of said plurality of networked storage archives;
  
  storing each identifier for each encrypted data component in an electronic storage element associated with said processor;
  
  storing each encrypted data component into one of the plurality of networked storage locations based upon a set of calculated storage and data transmission costs;
  
  retrieving each encrypted data component upon user request;
  
  combining said data components into said one or more encrypted data files, and decrypting each encrypted data file into the file originally received from a user;
  
  verifying the data integrity of the one or more data files after said combining; and
  
  delivering said one or more data files to the user in the original form and format.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the encryption and decryption of the one or more data files are performed using two unique keys, where said two unique keys are generated when encryption or decryption is performed, combined using a hashing algorithm, and destroyed once encryption or decryption is complete.
  - 3. The system of claim 1, wherein the file splitting is performed by a set of algorithms where at least one of said set of algorithms splits said one or more data files into a number of smaller components of as equal size as possible, and where said at least one of said set of algorithms records the instructions needed to recombine said smaller components into the original file within said smaller components prior to storing said smaller components.
  - 4. The system of claim 3, wherein an algorithm performs the file splitting into a plurality of smaller components by calculating storage and data transmission costs which are at least partly comprised of dynamic values for location storage cost, transmission/bandwidth cost, transmission time, security entropy, frequency of access, and location responsiveness to determine the appropriate number of smaller components into which the one or more data files are split.
  - 5. The system of claim 1, wherein the file combining is performed by interpreting the keying data contained within each of said smaller components and merging the smaller components in the proper order to recreate the original file.
  - 6. The system of claim 1, wherein verifying the data integrity of the one or more data files is performed through use of a one-way hashing function, which is computed over a representative sample of the one or more data files comprising an arbitrary portion of the first part of the one or more data files, and an arbitrary portion of the last part of the one or more data files.
  - 7. The system of claim 1, where file storage locations are created and stored in the system with four key functions per location, which allows the system to treat each location in the same manner through upload, download, delete, and “
    - deleteLocation”
      
      functions.
  - 8. The system of claim 1, where said one or more data files are stored and retrieved from locations defined by an algorithm which calculates the most efficient storage location based at least in part on dynamic parameters of location storage cost, transmission/bandwidth cost, transmission time, security entropy, frequency of access, and location responsiveness.
  - 9. The system of claim 8, in which multiple (N) storage locations are determined for storage, and from which the system can retrieve and reassemble an entire file, even if N−
    - 1 of the storage locations are inaccessible, to achieve resiliency across different storage location providers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Stash America LLC
Original Assignee
Stash America LLC
Inventors
Darling, Janine, Evans, Christopher, Twomey, Paul

Granted Patent

US 10,630,652 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

H04L 63/0428   wherein the data content is...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04L 63/166   at the transport layer

H04L 67/1097   for distributed storage of ...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0891   Revocation or update of sec...

H04L 9/14   using a plurality of keys o...

H04L 9/3226   using a predetermined code,...

H04L 9/3239   involving non-keyed hash fu...

Data-Centric Secure Data Technology, Archiving, and Storage System

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Data-Centric Secure Data Technology, Archiving, and Storage System

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links