Secure rebuilding of an encoded data slice in a dispersed storage network
First Claim
1. A method comprises:
- identifying an encoded data slice to be rebuilt;
selecting a decode threshold number of dispersed storage (DS) units of a storage set of DS units associated with the encoded data slice to be rebuilt;
generating a decode threshold number of key pairs, wherein a key pair of the decode threshold number of key pairs corresponds to a DS unit of the decode threshold number of DS units;
sending partial rebuilding requests to the decode threshold number of DS units, wherein a partial rebuilding request of the partial rebuilding requests includes the key pair and identity of the corresponding DS unit;
receiving encrypted partial encoded data slices in response to the partial rebuilding requests, wherein an encrypted partial encoded data slice received from the corresponding DS unit includes a multiple encryption, using the key pair, of a partial encoded data slice; and
decoding the encrypted partial encoded data slices to rebuild the encoded data slice.
5 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a processing module identifying an encoded data slice to be rebuilt, selecting a decode threshold number of dispersed storage (DS) units of a storage set of DS units, generating a decode threshold number of key pairs, wherein a key pair of the decode threshold number of key pairs corresponds to a DS unit of the decode threshold number of DS units, and sending partial rebuilding requests to the decode threshold number of DS units, wherein a partial rebuilding request of the partial rebuilding requests includes the key pair. The method continues with the processing module receiving encrypted partial encoded data slices, wherein an encrypted partial encoded data slice received from the corresponding DS unit includes a multiple encryption, using the key pair, of a partial encoded data slice and decoding the encrypted partial encoded data slices to rebuild the encoded data slice.
92 Citations
18 Claims
-
1. A method comprises:
-
identifying an encoded data slice to be rebuilt; selecting a decode threshold number of dispersed storage (DS) units of a storage set of DS units associated with the encoded data slice to be rebuilt; generating a decode threshold number of key pairs, wherein a key pair of the decode threshold number of key pairs corresponds to a DS unit of the decode threshold number of DS units; sending partial rebuilding requests to the decode threshold number of DS units, wherein a partial rebuilding request of the partial rebuilding requests includes the key pair and identity of the corresponding DS unit; receiving encrypted partial encoded data slices in response to the partial rebuilding requests, wherein an encrypted partial encoded data slice received from the corresponding DS unit includes a multiple encryption, using the key pair, of a partial encoded data slice; and decoding the encrypted partial encoded data slices to rebuild the encoded data slice. - View Dependent Claims (2, 3, 4)
-
-
5. A method comprises:
-
receiving a partial rebuilding request, wherein the request includes a key pair; retrieving an encoded data slice associated with the partial encoded data slice request; generating a partial encoded data slice based on the partial rebuilding request and the encoded data slice associated with the request; multiple encrypting the partial encoded data slice using the key pair to produce an encrypted partial encoded data slice; and outputting the encrypted partial encoded data slice. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A rebuilding module comprises:
-
a first module for identifying an encoded data slice to be rebuilt; a second module for selecting a decode threshold number of dispersed storage (DS) units of a storage set of DS units associated with the encoded data slice to be rebuilt; a third module for generating a decode threshold number of key pairs, wherein a key pair of the decode threshold number of key pairs corresponds to a DS unit of the decode threshold number of DS units; a fourth module for sending partial rebuilding requests to the decode threshold number of DS units, wherein a partial rebuilding request of the partial rebuilding requests includes the key pair and identity of the corresponding DS unit; a fifth module for receiving encrypted partial encoded data slices in response to the partial rebuilding requests, wherein an encrypted partial encoded data slice received from the corresponding DS unit includes a multiple encryption, using the key pair, of a partial encoded data slice; and a sixth module for decoding the encrypted partial encoded data slices to rebuild the encoded data slice. - View Dependent Claims (11, 12, 13)
-
-
14. A rebuilding module comprises:
-
a first module for receiving a partial rebuilding request, wherein the request includes a key pair; a second module for retrieving an encoded data slice associated with the partial encoded data slice request; a third module for generating a partial encoded data slice based on the partial rebuilding request and the encoded data slice associated with the request; a fourth module for multiple encrypting the partial encoded data slice using the key pair to produce an encrypted partial encoded data slice; and a fifth module for outputting the encrypted partial encoded data slice. - View Dependent Claims (15, 16, 17, 18)
-
Specification