Method and system for data retention

US 9,195,665 B2
Filed: 04/28/2006
Issued: 11/24/2015
Est. Priority Date: 04/28/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method of data retention executed by a computer archive system, comprising:

committing, by the computer archive system, to a plurality of documents by building a hash-based directed acyclic graph (HDAG) using information from the plurality of documents;

publishing a hash of a root node of the HDAG;

deleting, by the computer archive system, a particular one of the plurality of documents;

providing, by the computer archive system, a proof of authorized deletion of the particular document in response to an audit request, wherein the proof of authorized deletion includes a deletion request received by the computer archive system, the deletion request specifying deletion of the particular document;

maintaining a list of current and past deletion policies for authorization of deletion requests, the list of current and past deletion policies facilitating a determination of which policy is in effect at a given time; and

verifying that the deletion request is authorized, wherein verifying that the deletion request is authorized includes verifying that the deletion request complies with a designated deletion policy in effect at the time of the deletion request as designated by the list of current and past deletion policies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention relate to a system and method of document retention with policy-controlled deletion. Embodiments of the present invention comprise committing to a plurality of documents, deleting one of the plurality of documents, and providing a proof of authorized deletion of the one of the plurality of documents in response to an audit request.

21 Citations

View as Search Results

14 Claims

1. A method of data retention executed by a computer archive system, comprising:
- committing, by the computer archive system, to a plurality of documents by building a hash-based directed acyclic graph (HDAG) using information from the plurality of documents;
  
  publishing a hash of a root node of the HDAG;
  
  deleting, by the computer archive system, a particular one of the plurality of documents;
  
  providing, by the computer archive system, a proof of authorized deletion of the particular document in response to an audit request, wherein the proof of authorized deletion includes a deletion request received by the computer archive system, the deletion request specifying deletion of the particular document;
  
  maintaining a list of current and past deletion policies for authorization of deletion requests, the list of current and past deletion policies facilitating a determination of which policy is in effect at a given time; and
  
  verifying that the deletion request is authorized, wherein verifying that the deletion request is authorized includes verifying that the deletion request complies with a designated deletion policy in effect at the time of the deletion request as designated by the list of current and past deletion policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the designated deletion policy is for a specified data category and is selected from a plurality of deletion policies corresponding to a plurality of data categories.
  - 3. The method of claim 1, further comprising automatically deleting data in response to a time deletion policy.
  - 4. The method of claim 1, further comprising logging instances of document deletion.
  - 5. The method of claim 1, further comprising:
    - receiving a request to switch to a new deletion policy; and
      
      verifying that the request to switch is authorized.
  - 6. The method of claim 1, further comprising storing the deletion request for use as part of the proof of authorized deletion.
  - 7. The method of claim 1, further comprising, sending a client the hash of the root node of the HDAG and hashes of the pointers to the children nodes so the client can verify commitment of the plurality of documents.

8. A method of data retention executed by a computer archive system, comprising:
- committing, by the computer archive system, to a plurality of documents by building a hash-based directed acyclic graph (HDAG) using information from the plurality of documents;
  
  publishing a hash of a root node of the HDAG;
  
  deleting, by the computer archive system, a particular one of the plurality of documents;
  
  providing, by the computer archive system, a proof of authorized deletion of the particular document in response to an audit request, wherein the proof of authorized deletion includes a deletion request received by the computer archive system, the deletion request specifying deletion of the particular document; and
  
  providing the HDAG with a hash pointer to a first deletion policy, wherein the first deletion policy is replaced by a second deletion policy having a time stamp later than the first deletion policy upon receiving authorization.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, wherein the first deletion policy is implemented as a HDAG having a plurality of nodes.
  - 10. The method of claim 8, wherein the deletion request included in the proof is a version of the deletion request digitally signed by the client.
  - 11. The method of claim 8, wherein the audit request includes a request for the particular document, the method further comprising:
    - sending, to the client, the proof of authorized deletion including the deletion request, in response to the request for the particular document.

12. A method of data retention executed by a computer archive system, the method comprising:
- receiving, at the computer archive system, a document from a client;
  
  assigning, by the computer archive system, the document an identification;
  
  creating, by the computer archive system, a hash-based directed acyclic graph (HDAG) based on information relating to the document and the identification;
  
  sending to the client a hash of a root node of the HDAG; and
  
  generating a proof of deletion of the document, wherein the proof includes a deletion request received by the computer archive system, the deletion request specifying deletion of the document, wherein the HDAG includes a hash-pointer that points to a first deletion policy, wherein the first deletion policy can be replaced by a second deletion policy having a time stamp later than the first deletion policy upon receiving authorization.
- View Dependent Claims (13)
- - 13. The method of claim 12, wherein the client is sent a path to a node containing the document.

14. A method of assured document retention with controlled deletion, comprising:
- committing to a plurality of documents, wherein committing to the plurality of documents comprises building and publishing a hash-based directed acyclic graph using information from the plurality of documents, the hash-based directed acyclic graph having a hash pointer to a first deletion policy, wherein the first deletion policy can be replaced by a second deletion policy having a time stamp later than the first deletion policy and having proper authorization;
  
  deleting one of the plurality of documents;
  
  storing a deletion request for use as part of a proof of authorized deletion;
  
  maintaining a list of current and past deletion policies for authorization of deletion requests;
  
  verifying that the deletion request is authorized, wherein verifying that the deletion request is authorized includes verifying that the deletion request complies with a deletion policy in the list of current and past deletion policies;
  
  receiving an audit request for retrieval of the one of the plurality of documents after the one of the plurality of documents has been deleted;
  
  providing the proof of authorized deletion of the one of the plurality of documents in response to the audit request;
  
  receiving a request to switch to a new deletion policy;
  
  verifying that the request to switch is authorized, wherein verifying that the request to switch is authorized includes retrieving information from a stored copy of the designated deletion policy in effect at the time of the request to switch as designated by the list of current and past deletion policies; and
  
  adding the new deletion policy to the list of current and past deletion policies so that the new deletion policy is in effect.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Eshghi, Kave, Lillibridge, Mark D.
Primary Examiner(s)
Yalew, Fikremariam A

Application Number

US11/414,481
Publication Number

US 20070276843A1
Time in Patent Office

3,497 Days
Field of Search

713/176, 707/100
US Class Current

1/1
CPC Class Codes

G06F 16/113 Details of archiving lifecy...

G06F 16/125 characterised by the use of...

Method and system for data retention

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for data retention

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links