Data archiving system
First Claim
Patent Images
1. A computer-implemented method of auditing stored data in an auditable data storage system, comprising:
- recording, in a manifest, data associated with files received for storage in the auditable data storage system, each of the files received for storage having associated therewith a unique file identifier,wherein the step of recording includes storing the unique file identifier, a file size and a serial number associated with the each of the files received for storage, and retention information associated with each of the files, andwherein the unique file identifier is determined in accordance with at least two cryptographic hashes of the associated file, and includes a concatenation of at least two cryptographic hashes of the associated file;
closing the manifest;
storing the manifest as a file in the auditable data storage system;
creating a new manifest associated with files received for storage in the auditable data storage system, the new manifest recording, as a file entry, data, including a unique file identifier, associated with the closed manifest;
examining the new manifest to verify the existence of a unique file identifier for each file recorded in the new manifest;
determining that each file having associated data stored in the new manifest is present in the auditable storage system; and
verifying that each file having associated data stored in the manifest present in the system has not been altered by recomputing the unique file identifier and comparing the computed unique file identifier to the unique file identifier stored in the manifest.
8 Assignments
0 Petitions
Accused Products
Abstract
An encrypted file storage solution consists of a cluster of processing nodes, external data storage, and a software agent (the “File System Watcher”), which is installed on the application servers. Cluster sizes of one node up to many hundreds of nodes are possible. There are also remote “Key Servers” which provide various services to one or more clusters. The preceding describes a preferred embodiment, though in some cases it may be desirable to “collapse” some of the functionality into a smaller number of hardware devices, typically trading off cost versus security and fault-tolerance.
276 Citations
18 Claims
-
1. A computer-implemented method of auditing stored data in an auditable data storage system, comprising:
-
recording, in a manifest, data associated with files received for storage in the auditable data storage system, each of the files received for storage having associated therewith a unique file identifier, wherein the step of recording includes storing the unique file identifier, a file size and a serial number associated with the each of the files received for storage, and retention information associated with each of the files, and wherein the unique file identifier is determined in accordance with at least two cryptographic hashes of the associated file, and includes a concatenation of at least two cryptographic hashes of the associated file; closing the manifest; storing the manifest as a file in the auditable data storage system; creating a new manifest associated with files received for storage in the auditable data storage system, the new manifest recording, as a file entry, data, including a unique file identifier, associated with the closed manifest; examining the new manifest to verify the existence of a unique file identifier for each file recorded in the new manifest; determining that each file having associated data stored in the new manifest is present in the auditable storage system; and verifying that each file having associated data stored in the manifest present in the system has not been altered by recomputing the unique file identifier and comparing the computed unique file identifier to the unique file identifier stored in the manifest. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification