Authenticating use of a dispersed storage network
First Claim
1. A method for authenticating, through use of a dispersed storage managing unit, a user device request to access a dispersed storage network (DSN), the method comprising:
- receiving, from a first proxy system element of the DSN, a first authentication request regarding executing a first portion of the user device request;
verifying the first authentication request by;
verifying that the first proxy system element is an authenticated proxy; and
when the first proxy system element is an authenticated proxy, verifying the user device is an authenticated user device;
when the first authentication request is validated, sending, to the first proxy system element, a first favorable response such that the first proxy system element is allowed to execute the first portion of the user device request when a permissions list authorizes the user device request;
receiving, from a second proxy system element, a second authentication request regarding executing a second portion of the user device request;
verifying the second authentication request by;
verifying that the second proxy system element is an authenticated proxy; and
when the second proxy system element is an authenticated proxy, verifying the user device is an authenticated user device; and
when the second authentication request is validated, sending, to the second proxy system element, a second favorable response such that the second proxy system element is allowed to execute the second portion of the user device request when the permissions list authorizes the user device request.
5 Assignments
0 Petitions
Accused Products
Abstract
At least one dispersed storage (DS) processing unit (14), at least one dispersed storage managing unit (18), and at least one dispersed storage unit (44) communicate with each other over a network (20) to authenticate and process a user data transaction within dispersed memory in a dispersed storage network. In a data operation, the DS processing unit (14) first received the request. The unit (14) uses stored security information (80 and 84) to validate that the user requesting the user transaction is a valid user. The unit (18) processes the user transaction to further authenticate that the user is valid and the user transaction requested by the user is proper. Finally, the unit (44) again received user transaction information and performs another authentication to ensure that the distributed network data slices can be properly processed by this user and this user transaction.
95 Citations
16 Claims
-
1. A method for authenticating, through use of a dispersed storage managing unit, a user device request to access a dispersed storage network (DSN), the method comprising:
-
receiving, from a first proxy system element of the DSN, a first authentication request regarding executing a first portion of the user device request; verifying the first authentication request by; verifying that the first proxy system element is an authenticated proxy; and when the first proxy system element is an authenticated proxy, verifying the user device is an authenticated user device; when the first authentication request is validated, sending, to the first proxy system element, a first favorable response such that the first proxy system element is allowed to execute the first portion of the user device request when a permissions list authorizes the user device request; receiving, from a second proxy system element, a second authentication request regarding executing a second portion of the user device request; verifying the second authentication request by; verifying that the second proxy system element is an authenticated proxy; and when the second proxy system element is an authenticated proxy, verifying the user device is an authenticated user device; and when the second authentication request is validated, sending, to the second proxy system element, a second favorable response such that the second proxy system element is allowed to execute the second portion of the user device request when the permissions list authorizes the user device request. - View Dependent Claims (2, 3, 4, 5, 6, 11, 12)
-
-
7. A dispersed storage managing unit adapted to be coupled to a network, the dispersed storage managing unit comprising:
-
input/output interface circuitry adapted to be coupled to the network; memory; and a processing module operably coupled to the memory and to the input/output interface circuitry, wherein the processing module is operable to; receive, from a first proxy system element of the DSN via the input/output interface circuitry, a first authentication request regarding executing a first portion of the user device request; verify the first authentication request by; verify that the first proxy system element is an authenticated proxy; and when the first proxy system element is an authenticated proxy, verify the user device is an authenticated user device; when the first authentication request is validated, send, to the first proxy system element via the input/output interface circuitry, a first favorable response such that the first proxy system element is allowed to execute the first portion of the user device request when a permissions list authorizes the user device request; receive, from a second proxy system element via the input/output interface circuitry, a second authentication request regarding executing a second portion of the user device request; verify the second authentication request by; verify that the second proxy system element is an authenticated proxy; and when the second proxy system element is an authenticated proxy, verify the user device is an authenticated user device; and when the second authentication request is validated, send, to the second proxy system element via the input/output interface circuitry, a second favorable response such that the second proxy system element is allowed to execute the second portion of the user device request when the permissions list authorizes the user device request. - View Dependent Claims (8, 9, 10, 13, 14, 15, 16)
-
Specification