On-disk file format for serverless distributed file system with signed manifest of file modifications
First Claim
1. In a distributed file system that stores encrypted files across multiple computers, a method comprising:
- modifying one or more of the encrypted files;
computing a hash value of each modified encrypted file, one or more of the modified encrypted files comprising file data and a metadata stream that comprises a header and an indexing structure, the indexing structure comprising one or more hashes of the file and a structure to access the one or more hashes of the file;
collecting the hash values into a group;
computing a hash value of the group; and
digitally signing the hash value of the group of hash values.
2 Assignments
0 Petitions
Accused Products
Abstract
In a serverless distributed file system, the writer of a file can provide file authentication information to a verifying machine without having to compute a new digital signature every time a written file is closed. Periodically, the writer compiles a list of the hash values of all files that have been written over a recent interval, computes a hash of the list, and signs the hash. This signed list of hash values is known as a manifest, akin to a shipping manifest that enumerates the items in a shipment. The advantage of using a signed manifest is that the writer need only perform a single signature computation in order to authenticate the writes to multiple files, rather than having to compute a separate signature for each file, as it would if a signature were embedded in each file.
-
Citations
7 Claims
-
1. In a distributed file system that stores encrypted files across multiple computers, a method comprising:
-
modifying one or more of the encrypted files; computing a hash value of each modified encrypted file, one or more of the modified encrypted files comprising file data and a metadata stream that comprises a header and an indexing structure, the indexing structure comprising one or more hashes of the file and a structure to access the one or more hashes of the file; collecting the hash values into a group; computing a hash value of the group; and digitally signing the hash value of the group of hash values. - View Dependent Claims (2, 3, 4)
-
-
5. One or more computer readable storage media comprising computer-executable instructions that, when executed, direct a computing device to:
-
modify individual files stored in a serverless distributed file system; divide one or more of the files into a plurality of data blocks; compute a hash value of each of the data blocks, one or more of the modified files comprising file data that includes the data blocks and a metadata stream that comprises a header and an indexing structure, the indexing structure comprising one or more hashes of the data blocks and a structure to access the one or more hashes of the data blocks; collect the hash values into a group; and digitally signing the group of hash values. - View Dependent Claims (6, 7)
-
Specification