Trusted storage systems and methods

US 7,152,165 B1
Filed: 07/17/2000
Issued: 12/19/2006
Est. Priority Date: 07/16/1999
Status: Active Grant

First Claim

Patent Images

1. A method for protecting the secrecy and integrity of data stored on a non-volatile storage medium, the method comprising:

receiving a block of data for storage on the non-volatile storage medium;

generating at least one piece of meta-data relating to the block of data;

calculating a first cryptographic hash of at least a portion of the block of data;

calculating a second cryptographic hash of the meta-data;

encrypting the block of data and encrypting the meta-data to form one or more uniform blocks of encrypted data;

storing a cryptographic key in a substantially secret storage medium, the key being operable to decrypt the one or more uniform blocks of encrypted data;

storing the one or more uniform blocks of encrypted data on the non-volatile storage medium.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed for providing a trusted database system that leverages a small amount of trusted storage to secure a larger amount of untrusted storage. Data are encrypted and validated to prevent unauthorized modification or access. Encryption and hashing are integrated with a low-level data model in which data and meta-data are secured uniformly. Synergies between data validation and log-structured storage are exploited.

Citations

15 Claims

1. A method for protecting the secrecy and integrity of data stored on a non-volatile storage medium, the method comprising:
- receiving a block of data for storage on the non-volatile storage medium;
  
  generating at least one piece of meta-data relating to the block of data;
  
  calculating a first cryptographic hash of at least a portion of the block of data;
  
  calculating a second cryptographic hash of the meta-data;
  
  encrypting the block of data and encrypting the meta-data to form one or more uniform blocks of encrypted data;
  
  storing a cryptographic key in a substantially secret storage medium, the key being operable to decrypt the one or more uniform blocks of encrypted data;
  
  storing the one or more uniform blocks of encrypted data on the non-volatile storage medium.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method as in claim 1, further comprising:
    - receiving a request for the block of data;
      
      retrieving the cryptographic key from the secret storage medium;
      
      retrieving the one or more uniform blocks of encrypted data from the non-volatile storage medium;
      
      decrypting the one or more uniform blocks of encrypted data to yield a decrypted version of the block of data and a decrypted version of the meta-data;
      
      calculating a third cryptographic hash by hashing the decrypted version of the block of data;
      
      calculating a fourth cryptographic hash by hashing the decrypted version of the meta-data;
      
      comparing the third cryptographic hash with the first cryptographic hash; and
      
      granting the request for the block of data if the third cryptographic hash is equal to the first cryptographic hash.
  - 3. A method as in claim 1, wherein the one or more uniform blocks of data are stored on the non-volatile storage medium in a log-structured file.
  - 4. A method as in claim 1, further comprising:
    - generating a hierarchical location map for use in locating the one or more uniform blocks of encrypted data on the non-volatile storage medium, the location map comprising one or more nodes, a first node of which contains the first cryptographic hash and an indicator specifying the location on the non-volatile storage medium of the portion of the block of data to which the first cryptographic hash corresponds.
  - 5. A method as in claim 4, further comprising:
    - computing a third cryptographic hash by hashing data contained in said first node;
      
      encrypting the data contained in said first node;
      
      storing the data contained in said first node on the non-volatile storage medium.
  - 6. A method as in claim 5, further comprising:
    - storing the third cryptographic hash in a second node of said hierarchical location map;
      
      storing in said second node of said hierarchical location map an indicator specifying the location on the non-volatile storage medium of the first node.

7. A method of managing the storage of a plurality of data blocks on a storage medium, the method comprising:
- storing the plurality of data blocks on the storage medium;
  
  generating a hierarchical location map for locating individual ones of said plurality of blocks, the hierarchical location map including a plurality of nodes, wherein a first node type includes;
  
  one or more hash values of subordinate nodes or data blocks; and
  
  one or more location indicators specifying the location at which subordinate nodes or data blocks are stored on said storage medium; and
  
  wherein a second node type includes;
  
  a hash value of a subordinate node;
  
  a location indicator specifying the location at which the subordinate node is stored on said storage medium;
  
  a cryptographic key for decrypting data contained in one or more subordinate nodes.
- View Dependent Claims (8, 9, 10)
- - 8. A method as in claim 7, in which the plurality of data blocks are stored on the storage medium in a log-structured file.
  - 9. A method as in claim 7, in which the second node type further includes:
    - an indicator of the type of cryptographic algorithm used to encrypt the data contained in one or more subordinate nodes.
  - 10. A method as in claim 9, in which the location map contains at least a first and second node of the second node type, and in which the first and second nodes of the second node type contain different cryptographic keys, and indicators specifying different cryptographic algorithms.

11. A secure database system, the system comprising:
- an interface module for receiving data to be stored in the secure database;
  
  a data management module for generating indexing information relating to the data to be store in the secure database;
  
  a validation module operable to compute a hash of at least a portion of the data to be stored in the secure database and to compute a hash of at least a portion of the indexing information;
  
  a cryptographic module operable to encrypt at least a portion of the data to be stored in the secure database and to encrypt at least a portion of the indexing information;
  
  a storage medium operable to receive chunks of encrypted data and encrypted indexing information, and to store the chunks.

12. A data storage system, comprising:
- a bulk storage device;
  
  a trusted processing environment;
  
  a computer-implemented database management system, comprising;
  
  computer code for authenticating an application program that attempts to interface with the database management system;
  
  computer code for receiving requests to store or retrieve data from an authenticated application program;
  
  computer code for generating indexing information pertaining to data received from the authenticated application program;
  
  computer code for generating hash values by hashing the data received from the authenticated application program, and for hashing the indexing information pertaining to the data received from the authenticated application program;
  
  computer code for encrypting the data received from the authenticated application program, and for encrypting the indexing information pertaining to the data received from the authenticated application program;
  
  computer code for storing the encrypted data and the encrypted indexing information on the bulk storage medium;
  
  computer code for retrieving the encrypted data and the encrypted indexing information from the bulk storage medium;
  
  computer code for decrypting the encrypted data and the encrypted indexing information;
  
  computer code for authenticating the decrypted data and the decrypted indexing information using said hash values;
  
  wherein the computer codes for said database management system are loaded into the trusted processing environment, and are used to manage the storage and retrieval of data received from the authenticated application program.
- View Dependent Claims (13)
- - 13. A system as in claim 12, in which the trusted processing environment comprises an integrated circuit contained in a tamper-resistant case, and in which the integrated circuit includes:
    - a volatile memory unit for storing at least a portion of the computer codes of said computer-implemented database management system.

14. A computer program product for managing data received from an application program, the computer program product including:
- computer code for receiving requests to store or retrieve data from the application program;
  
  computer code for generating indexing information pertaining to data received from the application program;
  
  computer code for generating hash values by hashing the data received from the application program, and for hashing the indexing information pertaining to the data received from the application program;
  
  computer code for encrypting the data received from the application program, and for encrypting the indexing information pertaining to the data received from the application program;
  
  computer code for storing the encrypted data and the encrypted indexing information on a storage medium;
  
  computer code for retrieving the encrypted data and the encrypted indexing information from the storage medium;
  
  computer code for decrypting the encrypted data and the encrypted indexing information;
  
  computer code for authenticating the decrypted data and the decrypted indexing information using said hash values; and
  
  a computer readable storage medium for containing said computer codes.
- View Dependent Claims (15)
- - 15. A computer program product as in claim 14, in which the computer readable medium is one of:
    - CD-ROM, DVD, MINIDISC, floppy disk, magnetic tape, flash memory, ROM, RAM, system memory, hard drive, optical storage, and a data signal embodied in a carrier wave.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Maheshwari, Umesh, Sibert, W. Olin, Vingralek, Radek
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
GURSHMAN, GRIGORY

Application Number

US09/617,148
Time in Patent Office

2,346 Days
Field of Search

713/176
US Class Current

713/193
CPC Class Codes

G06F 16/90 Details of database functio...

G06F 21/6218 to a system of files or obj...

Trusted storage systems and methods

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted storage systems and methods

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links