Authenticating a data access request to a dispersed storage network
First Claim
1. A non-transitory computer readable storage medium comprises:
- a first memory section storing operational instructions that, when executed by a data access module of a dispersed storage network (DSN), causes the data access module to;
send a data access request to a data storage module of the DSN;
a second memory section storing operational instructions that, when executed by the data storage module, causes the data storage module to;
send an authentication request to an authenticating module of the DSN, wherein the authentication request includes at least a portion of the data access request;
a third memory section storing operational instructions that, when executed by the authenticating module, causes the authenticating module to;
output a verification request destined for a data accessing module, wherein the verification request includes a verification code that is generated based on the authentication request;
the first memory section further storing operational instructions that, when executed by the data access module, causes the data access module to;
output a verification response destined for the authenticating module, wherein the verification response includes a modified verification code that is generated based on the verification code and a credential;
the third memory section further storing operational instructions that, when executed by the authenticating module, causes the authenticating module to;
output an authentication response to the data storage module, wherein the authentication response is generated based on the verification response; and
the second memory section further storing operational instructions that, when executed by the data storage module, causes the data storage module to;
facilitate the data access request when the authentication response is favorable.
4 Assignments
0 Petitions
Accused Products
Abstract
A method begins by a data accessing module of a dispersed storage network (DSN) sending a data access request to a data storage module. The method continues with the data storage module sending an authentication request to an authenticating module. The method continues with the authenticating module outputting a verification request destined for the data accessing module, wherein the verification request includes a verification code that is generated based on the authentication request. The method continues with the data accessing module outputting a verification response that includes a modified verification code that is generated based on the verification code and a credential. The method continues with the authenticating module outputting an authentication response to the data storage module, wherein the authentication response is generated based on the verification response. The method continues with the data storage module facilitating the data access request when the authentication response is favorable.
-
Citations
15 Claims
-
1. A non-transitory computer readable storage medium comprises:
-
a first memory section storing operational instructions that, when executed by a data access module of a dispersed storage network (DSN), causes the data access module to; send a data access request to a data storage module of the DSN; a second memory section storing operational instructions that, when executed by the data storage module, causes the data storage module to; send an authentication request to an authenticating module of the DSN, wherein the authentication request includes at least a portion of the data access request; a third memory section storing operational instructions that, when executed by the authenticating module, causes the authenticating module to; output a verification request destined for a data accessing module, wherein the verification request includes a verification code that is generated based on the authentication request; the first memory section further storing operational instructions that, when executed by the data access module, causes the data access module to; output a verification response destined for the authenticating module, wherein the verification response includes a modified verification code that is generated based on the verification code and a credential; the third memory section further storing operational instructions that, when executed by the authenticating module, causes the authenticating module to; output an authentication response to the data storage module, wherein the authentication response is generated based on the verification response; and the second memory section further storing operational instructions that, when executed by the data storage module, causes the data storage module to; facilitate the data access request when the authentication response is favorable. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer implemented method comprises:
-
receiving, from a storage unit, an authentication request regarding a data access request by a device of a dispersed storage network (DSN); verifying that the device is authorized to access the storage unit per the data access request; and sending an authorization response to the storage unit regarding the device'"'"'s authorization to access the storage unit per the data access request. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory computer readable storage medium comprises:
-
a first memory section storing operational instructions that, when executed by a processing module of a dispersed storage network (DSN), causes the processing module to; receive, from a storage unit, an authentication request regarding a data access request by a device of a dispersed storage network (DSN); a second memory section storing operational instructions that, when executed by the processing module, causes the processing module to; verify that the device is authorized to access the storage unit per the data access request; and a third memory section storing operational instructions that, when executed by the processing module, causes the processing module to; send an authorization response to the storage unit regarding the device'"'"'s authorization to access the storage unit per the data access request. - View Dependent Claims (13, 14, 15)
-
Specification