Trusted time stamping storage system
First Claim
1. A method for providing trusted time stamping for commands for a data storage system, the method comprising:
- determining a command executed in the data storage system;
hashing information for the command to generate a hash value;
sending the hash value and a request for a time stamp to a time stamping authority;
receiving a time stamp token and a time stamping authority certificate from the time stamping authority, the time stamp token comprising a time stamp and the hash value, the time stamp and hash value providing trusted time stamping mechanism for the command;
storing the time stamp token command and the command in a command log in the data storage system; and
validating the time stamp token stored in the data storage system, including;
accessing the information for the command;
hashing the accessed information to generate a second hash value;
retrieving the hash value of the time stamp token by utilizing information associated with the time stamping authority certificate;
comparing the second hash value to the hash value found in the time stamp token which is stored in the data storage system; and
validating the time stamp token based on the comparison;
wherein determining a command includes determining whether the command should be time stamped based on a predetermined rule; and
wherein the predetermined rule is to which logical volume of the data storage system the command is directed.
0 Assignments
0 Petitions
Accused Products
Abstract
Data stored in a data storage system is hashed to generate a hash value. The hash value and a request for a time stamp are then sent to a time stamping authority. A time stamp token and/or a time stamp certificate is received from the time stamping authority. The time stamp token includes a time stamp and the hash value, and may be encrypted using a private key of the time stamping authority. The time stamp token and/or time stamp certificate is then stored with, for example, a reference to the data being stored in the data storage system. The time stamp token and/or time stamp certificate may then be used to validate the data being stored and the time stamp.
40 Citations
60 Claims
-
1. A method for providing trusted time stamping for commands for a data storage system, the method comprising:
-
determining a command executed in the data storage system; hashing information for the command to generate a hash value; sending the hash value and a request for a time stamp to a time stamping authority; receiving a time stamp token and a time stamping authority certificate from the time stamping authority, the time stamp token comprising a time stamp and the hash value, the time stamp and hash value providing trusted time stamping mechanism for the command; storing the time stamp token command and the command in a command log in the data storage system; and validating the time stamp token stored in the data storage system, including; accessing the information for the command; hashing the accessed information to generate a second hash value; retrieving the hash value of the time stamp token by utilizing information associated with the time stamping authority certificate; comparing the second hash value to the hash value found in the time stamp token which is stored in the data storage system; and validating the time stamp token based on the comparison; wherein determining a command includes determining whether the command should be time stamped based on a predetermined rule; and wherein the predetermined rule is to which logical volume of the data storage system the command is directed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 40, 41, 54, 55, 56)
-
-
15. A storage system for providing trusted time stamping for commands being executed in the storage system, the storage system comprising
a processor and a memory which has modules to be executed by the processor, the modules including: -
a command determiner configured to determine a command being executed in the storage system; a hasher configured to hash information for the command to generate a hash value; a time stamp requester configured to send the hash value and a request for a time stamp to a time stamping authority; a receiver configured to receive a time stamp token and a time stamping authority certificate from the time stamping authority, the time stamp token comprising a time stamp and the hash value, the time stamp token providing trusted time stamping for the command, wherein the storage system is configured to store the time stamp token and the command in a command log in the data storage system; and a validator configured to validate the time stamp token stored in the data storage system, including; accessing the information for the command; hashing the accessed information to generate a second hash value; retrieving the hash value of the time stamp token by utilizing information associated with the time stamping authority certificate, comparing the second hash value to the hash value found in the time stamp token which is stored in the data storage system; and validating the time stamp token based on the comparison; wherein the command determiner is configured to determine whether the command should be time stamped based on a predetermined rule; and wherein the predetermined rule is to which logical volume of the data storage system the command is directed. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 42, 43, 57)
-
-
27. A method for validating a time stamp generated for a command being executed in a data storage system, the method comprising:
-
receiving a request to validate a time stamp token received from a time stamping authority; receiving a time stamping authority certificate from the time stamping authority; accessing the time stamp token being stored in a command log in the data storage system; validating the time stamp token; determining a hash value included with the time stamp token by utilizing information associated with the time stamping authority certificate; accessing the command being stored in the command log in the data storage system that was time stamped using the time stamp token; hashing the information for the command to generate a second hash value; comparing the hash value included in the time stamp token with the second hash value; validating the information for the command based on the comparison; and if the time stamp token and the data are validated, validating the time stamp; wherein, before the time stamp is generated for the command, a predetermined rule is used to determine whether the command should be time stamped; and wherein the predetermined rule is to which logical volume of the data storage system the command is directed. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 44, 45, 58, 59, 60)
-
-
46. A method for providing trusted time stamping for commands for a data storage system, the method comprising:
-
determining a command executed in the data storage system; hashing information for the command to generate a hash value; sending the hash value and a request for a time stamp to a time stamping authority; receiving a time stamp token and a time stamping authority certificate from the time stamping authority, the time stamp token comprising a time stamp and the hash value; storing the time stamp token, the time stamp and hash value providing trusted time stamping mechanism for the command, and the command in a command log in the data storage system; and validating the time stamp token stored in the data storage system, including; accessing the information for the command; hashing the accessed information to generate a second hash value; retrieving the hash value of the time stamp token by utilizing information associated with the time stamping authority certificate; comparing the second hash value to the hash value found in the time stamp token which is stored in the data storage system; and validating the time stamp token based on the comparison; wherein determining a command includes determining whether command should be time stamped based on a predetermined rule; and wherein the predetermined rule is whether the command is a command that proves when the data storage system starts to be used. - View Dependent Claims (47, 48, 49)
-
-
50. A method for providing trusted time stamping for commands for a data storage system, the method comprising:
-
determining a command executed in the data storage system; hashing information for the command to generate a hash value; sending the hash value and a request for a time stamp to a time stamping authority; receiving a time stamp token and a time stamping authority certificate from the time stamping authority, the time stamp token comprising a time stamp and the hash value; storing the time stamp token, the time stamp and hash value providing trusted time stamping mechanism for the command, and the command in a command log in the data storage system; and validating the time stamp token stored in the data storage system, including; accessing the information for the command; hashing the accessed information to generate a second hash value;
retrieving the hash value of the time stamp token by utilizing information associated with the time stamping authority certificate;comparing the second hash value to the hash value found in the time stamp token which is stored in the data storage system; and validating the time stamp token based on the comparison; wherein determining a command includes determining whether command should be time stamped based on a predetermined rule; and wherein the predetermined rule is whether the command is a specific storage management command. - View Dependent Claims (51, 52, 53)
-
Specification