Access control in a dispersed storage network
First Claim
1. A method comprises:
- dispersed storage error encoding data in accordance with dispersed storage error encoding parameters to produce a plurality of sets of encoded data slices;
determining access control information for the plurality of sets of encoded data slices;
determining whether one or more encoded data slices of the plurality of sets of encoded data slices has individual access control information;
when the one or more encoded data slices has individual access control information;
creating a plurality of sets of appended slices by;
appending corresponding individual access control information to each of the one or more encoded data slices;
appending a representation of the access control information to remaining encoded data slices of the plurality of sets of encoded data slices; and
outputting the plurality of sets of appended slices to storage units of a dispersed storage network.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins dispersed storage error encoding data in accordance with dispersed storage error encoding parameters to produce a plurality of set of encoded data slices. The method continues by determining access control information for the plurality of sets of encoded data slices. The method continues by determining whether one or more encoded data slices of the plurality of sets of encoded data slices has individual access control information. The method continues when the one or more encoded data slices has individual access control information by creating a plurality of sets of appended slices, which is done by appending corresponding individual access control information to each of the one or more encoded data slices and appending a representation of the access control information to remaining encoded data slices of the plurality of sets of encoded data slices. The method continues by outputting the appended slices.
-
Citations
19 Claims
-
1. A method comprises:
-
dispersed storage error encoding data in accordance with dispersed storage error encoding parameters to produce a plurality of sets of encoded data slices; determining access control information for the plurality of sets of encoded data slices; determining whether one or more encoded data slices of the plurality of sets of encoded data slices has individual access control information; when the one or more encoded data slices has individual access control information; creating a plurality of sets of appended slices by; appending corresponding individual access control information to each of the one or more encoded data slices; appending a representation of the access control information to remaining encoded data slices of the plurality of sets of encoded data slices; and outputting the plurality of sets of appended slices to storage units of a dispersed storage network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computing device comprises:
-
an interface; memory; and a processing module operably coupled to the interface and the memory, wherein the processing module is operable to; dispersed storage error encode data in accordance with dispersed storage error encoding parameters to produce a plurality of sets of encoded data slices; determine access control information for the plurality of sets of encoded data slices; determine whether one or more encoded data slices of the plurality of sets of encoded data slices has individual access control information; when the one or more encoded data slices has individual access control information; create a plurality of sets of appended slices by; appending corresponding individual access control information to each of the one or more encoded data slices; appending a representation of the access control information to remaining encoded data slices of the plurality of sets of encoded data slices; and output, via the interface, the plurality of sets of appended slices to storage units of a dispersed storage network. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer readable memory device comprises:
-
a first memory section that stores operational instructions that, when executed by a processing module of a first computing device, causes the processing module of the first computing device to; dispersed storage error encode data in accordance with dispersed storage error encoding parameters to produce a plurality of sets of encoded data slices; a second memory section that stores operational instructions that, when executed by the processing module of the first computing device, causes the processing module of the first computing device to; determine access control information for the plurality of sets of encoded data slices; determine whether one or more encoded data slices of the plurality of sets of encoded data slices has individual access control information; when the one or more encoded data slices has individual access control information; create a plurality of sets of appended slices by; appending corresponding individual access control information to each of the one or more encoded data slices; appending a representation of the access control information to remaining encoded data slices of the plurality of sets of encoded data slices; and output, via interface of the first computing device, the plurality of sets of appended slices to storage units of a dispersed storage network; and a third memory section that stores operational instructions that, when executed by a processing module of a second computing device, causes the processing module of the second computing device to; receive a slice access request message that includes a slice name, a type of access request, and a requester identifier (ID) regarding an encoded data slice of the plurality of sets of encoded data slices; obtain access control information for the encoded data slice based on at least one of the slice name and the requester ID; determine whether the slice access request message is allowable based on the access control information for the encoded data slice; and when the slice access request message is allowable, accessing the encoded data slice in accordance with the slice access request message. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification