Systems and methods for validating ownership of deduplicated data
First Claim
1. A computer-implemented method for validating ownership of deduplicated data, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying a request from a remote client to store a data object in a data store that already comprises an instance of the data object;
in response to the request, verifying that the remote client possesses the data object by issuing, to the remote client;
a random offset;
a random value that is different than the random offset;
a randomized challenge, the randomized challenge comprising a request for an authentication token demonstrating possession of the data object, the authentication token comprising a hash of a combination of the random value and a random sample of the data object, wherein the random sample is based on the random offset;
in response to the randomized challenge, receiving the authentication token from the remote client;
in response to receiving the authentication token from the remote client, storing the data object in the data store on behalf of the remote client.
7 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for validating ownership of deduplicated data may include (1) identifying a request from a remote client to store a data object in a data store that already includes an instance of the data object, (2) in response to the request, verifying that the remote client possesses the data object by (i) issuing a randomized challenge to the remote client, the randomized challenge including a random value which, when combined with at least a portion of the data object, produces an authentication token demonstrating possession of the data object and, in response to the randomized challenge, (ii) receiving the authentication token from the remote client; and, in response to receiving the authentication token from the remote client, (3) storing the data object in the data store on behalf of the remote client. Various other methods and systems are also disclosed.
46 Citations
20 Claims
-
1. A computer-implemented method for validating ownership of deduplicated data, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying a request from a remote client to store a data object in a data store that already comprises an instance of the data object; in response to the request, verifying that the remote client possesses the data object by issuing, to the remote client; a random offset; a random value that is different than the random offset; a randomized challenge, the randomized challenge comprising a request for an authentication token demonstrating possession of the data object, the authentication token comprising a hash of a combination of the random value and a random sample of the data object, wherein the random sample is based on the random offset; in response to the randomized challenge, receiving the authentication token from the remote client; in response to receiving the authentication token from the remote client, storing the data object in the data store on behalf of the remote client. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method for validating ownership of deduplicated data, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying a request from a remote client to retrieve a data object from a data store; in response to the request, verifying that the remote client is authorized to retrieve the data object by identifying an ownership relation between the remote client and the data object, the ownership relation having been previously generated on the data store based on; issuing a random offset to the remote client; issuing a random value that is different than the random offset to the remote client; issuing a randomized challenge to the remote client, the randomized challenge comprising a request for an authentication token demonstrating possession of the data object, the authentication token comprising a hash of a combination of the random value and a random sample of the data object, wherein the random sample is based on the random offset; in response to the randomized challenge, receiving the authentication token from the remote client; in response to identifying the ownership relation between the remote client and the data object, fulfilling the request from the remote client to retrieve the data object from the data store by transmitting the data object to the remote client. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system for validating ownership of deduplicated data, the system comprising:
-
an identification module programmed to identify a request from a remote client to store a data object in a data store that already comprises an instance of the data object; a challenge module programmed to, in response to the request, verify that the remote client possesses the data object by issuing, to the remote client; a random offset; a random value that is different than the random offset; a randomized challenge, the randomized challenge comprising a request for an authentication token demonstrating possession of the data object, the authentication token comprising a hash of a combination of the random value and a random sample of at lest a portion of the data object, wherein the random sample is based on the random offset; an authentication module programmed to, in response to the randomized challenge, receive the authentication token from the remote client; a storage module programmed to, in response to receiving the authentication token from the remote client, store the data object in the data store on behalf of the remote client; at least one processor configured to execute the identification module, the challenge module, the authentication module, and the storage module. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification