Secure array of remotely encrypted storage devices
First Claim
1. A network of storage devices for use in a distributed file system, the system including clients sharing data stored on the devices, each device comprising:
- a media for storing data as data objects, the media having a list of subscribers that are authorized to create the data objects on the device;
a device owner for controlling access to the data objects, the owner having an owner key for authenticating data requests and responses, and a nonce for determining freshness of the requests; and
a request processor for processing the data requests and returning the responses to the clients.
2 Assignments
0 Petitions
Accused Products
Abstract
A network storage device is disclosed for use in a secure array of such devices to support a distributed file system. Each device is an independent repository of remotely encrypted data objects to be accessed by authorized network clients. All encryption is done by the clients, rather than by the devices. In order for the system to revoke access to an object on the device, the object must be re-encrypted. Each storage device has a device owner for controlling access to the device'"'"'s data. All data requests from the clients and responses to them are authenticated using keys derived from the owner key and hashed message authentication codes.
-
Citations
1 Claim
-
1. A network of storage devices for use in a distributed file system, the system including clients sharing data stored on the devices, each device comprising:
-
a media for storing data as data objects, the media having a list of subscribers that are authorized to create the data objects on the device; a device owner for controlling access to the data objects, the owner having an owner key for authenticating data requests and responses, and a nonce for determining freshness of the requests; and a request processor for processing the data requests and returning the responses to the clients.
-
Specification