Secure array of remotely encrypted storage devices
First Claim
1. A network of storage devices for use in a distributed file system, the system including clients sharing data stored on the devices, each device comprising:
- a media for storing data as data objects, the media having a list of subscribers that are authorized to create the data objects on the device;
a device owner for controlling access to the data objects, the owner having an owner key for authenticating data requests and responses, and a nonce for determining freshness of the requests; and
a request processor for processing the data requests and returning the responses to the clients.
2 Assignments
0 Petitions
Accused Products
Abstract
A network storage device is disclosed for use in a secure array of such devices to support a distributed file system. Each device is an independent repository of remotely encrypted data objects to be accessed by authorized network clients. All encryption is done by the clients, rather than by the devices. In order for the system to revoke access to an object on the device, the object must be re-encrypted. Each storage device has a device owner for controlling access to the device'"'"'s data. All data requests from the clients and responses to them are authenticated using keys derived from the owner key and hashed message authentication codes.
-
Citations
1 Claim
-
1. A network of storage devices for use in a distributed file system, the system including clients sharing data stored on the devices, each device comprising:
-
a media for storing data as data objects, the media having a list of subscribers that are authorized to create the data objects on the device; a device owner for controlling access to the data objects, the owner having an owner key for authenticating data requests and responses, and a nonce for determining freshness of the requests; and a request processor for processing the data requests and returning the responses to the clients.
-
Specification
-
- Resources
-
Current AssigneeHGST Netherlands B.V. (Western Digital Corporation)
-
Original AssigneeInternational Business Machines Corporation
-
InventorsReed, Benjamin Clay, Long, Darrell, Chron, Edward Gustav, Burns, Randal Chilton
-
Primary Examiner(s)Heckler, Thomas M.
-
Application NumberUS08/927,775Time in Patent Office691 DaysField of Search707/9, 707/10, 707/103, 713/201US Class Current726/4CPC Class CodesG06F 21/6209 to a single file or object,...G06F 2221/2151 Time stampH04L 2209/60 Digital content management,...H04L 9/0891 Revocation or update of sec...H04L 9/3242 involving keyed hash functi...H04L 9/3297 involving time stamps, e.g....
