Secure data parser method and system
First Claim
Patent Images
1. A method for securely storing and retrieving data, the method comprising:
- generating, using an electronic computing system that includes processing circuitry, a plurality of shares by performing a cryptographic operation on a data set and distributing the data set in the plurality of shares such that the data set can be reconstructed using any subset of the shares that includes at least a minimum number less than all of shares;
storing the plurality of shares at a plurality of storage devices;
receiving, at the electronic computing system, request to retrieve the data set;
identifying from the plurality of storage devices a set of fastest-responding storage devices necessary to retrieve the minimum number of shares, wherein the set of fastest-responding storage devices are identified based at least in part on the response time of the storage devices;
retrieving from the set of fastest-responding storage devices, the minimum number of shares;
reconstructing the data set using the minimum number of shares; and
sending the data set responsive to the request.
4 Assignments
0 Petitions
Accused Products
Abstract
A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.
-
Citations
20 Claims
-
1. A method for securely storing and retrieving data, the method comprising:
-
generating, using an electronic computing system that includes processing circuitry, a plurality of shares by performing a cryptographic operation on a data set and distributing the data set in the plurality of shares such that the data set can be reconstructed using any subset of the shares that includes at least a minimum number less than all of shares; storing the plurality of shares at a plurality of storage devices; receiving, at the electronic computing system, request to retrieve the data set; identifying from the plurality of storage devices a set of fastest-responding storage devices necessary to retrieve the minimum number of shares, wherein the set of fastest-responding storage devices are identified based at least in part on the response time of the storage devices; retrieving from the set of fastest-responding storage devices, the minimum number of shares; reconstructing the data set using the minimum number of shares; and sending the data set responsive to the request. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An electronic computing system for securely storing and retrieving data, the electronic computing system comprising:
-
a processing unit; and a system memory comprising instructions that, when executed by the processing unit, cause the processing unit to; generate a plurality of shares by performing a cryptographic operation on a data set and distributing the data set in the plurality of shares such that the data set can be reconstructed using any subset of the shares that includes at least a minimum number less than all of the shares and such that the data set cannot be reconstructed using any subset of the shares that includes fewer than the minimum number of the shares; store the plurality of shares at a plurality of storage devices; receive, via the primary interface, a request to retrieve the data set; identify, from the plurality of storage devices, a set of fastest-responding storage devices necessary to retrieve the minimum number of shares, wherein the set of fastest-responding storage devices are identified based at least in part on the response time of the storage devices, retrieve from the set of fastest-responding storage devices the minimum number of shares; reconstruct the data set using exclusively the minimum number of shares; and send the data set responsive to the request. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium comprising instructions that, when executed at an electronic computing device, cause the electronic computing device to:
-
receive a request to write a data set to a storage location; generate a plurality of shares by performing a cryptographic operation on the data set and distributing the data set in the plurality of shares such that the data set can be reconstructed using any subset of the shares that includes at least a minimum number less than all of the shares and such that the data set cannot be reconstructed using any subset of the shares that includes fewer than the minimum number of the shares; store the plurality of shares at a plurality of storage devices; receive a request to retrieve the data set; identify, from the plurality of storage devices, a set of fastest-responding storage devices necessary to retrieve the minimum number of shares, wherein the set of fastest-responding storage devices are identified based at least in part on the response time of the storage devices; retrieve from the set of fastest-responding storage devices, the minimum number of shares; reconstruct the data set using exclusively the minimum number of shares; and send the data set responsive to the request. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification