Dispersed storage network with slice refresh and methods for use therewith
First Claim
1. A method for use in a pre-data manipulator of a computing device, the method comprising:
- determining when a data slice of a dispersed storage network (DSN) is to be refreshed;
when the data slice of a dispersed storage network is to be refreshed, generating a data segment corresponding to the data slice based on a plurality of related slices of the dispersed storage network;
combining the data segment with a sentinel value to generate a combined data segment;
encrypting the combined data segment;
calculating a digest of the encrypted combined data segment;
encrypting an encryption key using the digest to produce a masked key;
appending the masked key to the encrypted combined data segment to generate an encrypted package; and
transmitting at least a portion of the encrypted package to a storage unit of the DSN.
5 Assignments
0 Petitions
Accused Products
Abstract
An integrity record is appended to data slices prior to being sent to multiple slice storage units. Each of the data slices includes a different encoded version of the same data segment. An integrity indicator of each data slice is computed, and the integrity record is generated based on each of the individual integrity indicators, and may be, for example, list or a hash of the combined integrity indicators. When retrieving data slices from storage, the integrity record can be stripped off, a new integrity indicator of the data slice calculated, and a new integrity record created. The new integrity record can be compared to the original integrity record, and used to verify the integrity of the data slices.
-
Citations
20 Claims
-
1. A method for use in a pre-data manipulator of a computing device, the method comprising:
-
determining when a data slice of a dispersed storage network (DSN) is to be refreshed; when the data slice of a dispersed storage network is to be refreshed, generating a data segment corresponding to the data slice based on a plurality of related slices of the dispersed storage network; combining the data segment with a sentinel value to generate a combined data segment; encrypting the combined data segment; calculating a digest of the encrypted combined data segment; encrypting an encryption key using the digest to produce a masked key; appending the masked key to the encrypted combined data segment to generate an encrypted package; and transmitting at least a portion of the encrypted package to a storage unit of the DSN. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A processing unit adapted to be coupled to a dispersed storage network (DSN), the processing unit comprising:
-
input/output interface circuitry adapted to be coupled to the DSN; memory; and a processing module operably coupled to the memory and to the input/output interface circuitry, wherein the processing module is operable to; determine when a data slice of a dispersed storage network (DSN) is to be refreshed; when the data slice of the dispersed storage network is to be refreshed, generate a data segment corresponding to the data slice based on a plurality of related slices of the dispersed storage network; combine the data segment with a sentinel value to generate a combined data segment; encrypt the combined data segment; calculate a digest of the encrypted combined data segment; encrypt an encryption key using the digest to produce a masked key; append the masked key to the encrypted combined data segment to generate an encrypted package; and transmit at least a portion of the encrypted package to a storage unit of the DSN. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer readable storage medium comprises:
at least one memory section that stores operational instructions that, when executed by one or more processing modules of one or more computing devices of a dispersed storage network (DSN), causes the one or more computing devices to; determine when a data slice of a dispersed storage network (DSN) is to be refreshed; when the data slice of a dispersed storage network is to be refreshed, generate a data segment corresponding to the data slice based on a plurality of related slices of the dispersed storage network; combine the data segment with a sentinel value to generate a combined data segment; encrypt the combined data segment; calculate a digest of the encrypted combined data segment; encrypt an encryption key using the digest to produce a masked key; append the masked key to the encrypted combined data segment to generate an encrypted package; and transmit at least a portion of the encrypted package to a storage unit of the DSN. - View Dependent Claims (16, 17, 18, 19, 20)
Specification