WEAKLY-CONSISTENT DISTRIBUTED COLLECTION COMPROMISED REPLICA RECOVERY

US 20080162589A1
Filed: 12/29/2006
Published: 07/03/2008
Est. Priority Date: 12/29/2006
Status: Abandoned Application

First Claim

Patent Images

1. A computer implemented method of recovering from a compromise of a replica in a weakly-consistent distributed collection, the method comprising the steps of:

(a) identifying versions of objects in the collection in a replica data store of the collection created by the compromised replica;

(b) identifying versions in the replica data store of the collection that were influenced by the compromised replica; and

(c) expunging the versions from the replica data store identified in said step (a) and said step (b).

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is disclosed for recovery from a compromise of a replica in a weakly-consistent distributed collection. The system employs a collection manager for revoking a compromised replica, and one or more archival replicas for storing time-stamped versions. Upon a compromise, versions tainted by the compromised replica may be expunged from the collection. Thereafter, versions determined to be unaffected by the compromise may be returned to the collection using the time-stamped versions stored in the one or more archival replicas.

72 Citations

View as Search Results

20 Claims

1. A computer implemented method of recovering from a compromise of a replica in a weakly-consistent distributed collection, the method comprising the steps of:
- (a) identifying versions of objects in the collection in a replica data store of the collection created by the compromised replica;
  
  (b) identifying versions in the replica data store of the collection that were influenced by the compromised replica; and
  
  (c) expunging the versions from the replica data store identified in said step (a) and said step (b).
- View Dependent Claims (2, 3, 4, 5)
- - 2. A computer implemented method as recited in claim 1, wherein said step (a) and (b) comprise the step of checking an influence list, stored in association with respective versions in the collection, the influence list indicating creation or update by replicas in the collection.
  - 3. A computer implemented method as recited in claim 1, further comprising the step (d) of receiving an indication of a time of the compromise.
  - 4. A computer implemented method as recited in claim 3, further comprising the step (e) of recovering a version expunged in said step (c) where the version was influenced by the compromised replica prior to the time of the compromise indicated in said step (d).
  - 5. A computer implemented method as recited in claim 4, wherein said step (e) of recovering an expunged version comprises the steps:
    - (e1) rewriting an historical record of the expunged version to remove reference to the compromised version; and
      
      (e2) restoring the record of the expunged version to the data store.

6. A computer implemented method of recovering from a compromise of a replica indicated to have occurred at a time t in a weakly-consistent distributed collection, the method comprising the steps of:
- (a) expunging all versions that were tainted by the compromised replica from a data store of a replica; and
  
  (b) restoring a version that was expunged in said step (a) to the data store where the expunged version was not influenced by the compromised replica at or after time t.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. A computer implemented method as recited in claim 6, further comprising the step (c) of storing an archival record of versions received within a replica at a time prior to time t.
  - 8. A computer implemented method as recited in claim 7, further comprising the step (d) of maintaining an historical record in association with the expunged version of which replicas created and/or updated the version.
  - 9. A computer implemented method as recited in claim 7, said step (b) of restoring the expunged version to the data store comprises the step of:
    - (b1) retrieving the archival record of the expunged version stored in said step (c);
      
      (b2) rewriting the historical record associated with the archival record of the expunged version to remove reference to the compromised replica; and
      
      (b3) restoring the archival record of the expunged version to the data store.
  - 10. A computer implemented method as recited in claim 7, further comprising the step (e) of restoring a version to the data store that was discarded from the data store after being superseded by a tainted version.
  - 11. A computer implemented method as recited in claim 10, said step (e) of restoring a discarded version comprising the steps of:
    - (e1) retrieving the archival record of the discarded version stored in said step (c); and
      
      (e2) restoring the archival record of the discarded version to the data store.
  - 12. A computer implemented method as recited in claim 10, said step (e) of restoring a discarded version comprising the steps of:
    - (e1) retrieving the archival record of the discarded version stored in said step (c);
      
      (e2) determining whether the discarded version in the archival record was influenced by the compromised replica at a time t or later, and(e3) restoring the archival record of the discarded version to the data store if it is determined in said step (e2) that the discarded version was not influenced by the compromised replica at a time t or later.
  - 13. A computer implemented method as recited in claim 12, further comprising the steps of:
    - (e4) determining whether the discarded version is superseded by a version existing in the data store after said step (a) of expunging tainted versions from the data store, and(e5) restoring the archival record of the discarded version to the data store if it is determined in said step (e2) that the discarded version was not influenced by the compromised replica at a time t or later, and if it is determined in said step (e4) that the discarded version is not superseded by a version existing in the data store after said step (a) of expunging tainted versions from the data store.

14. A system for recovering from a compromise of a replica of a plurality of replicas in a weakly-consistent distributed collection, comprising:
- a collection manager for establishing authorization policy to control sharing of versions between the plurality of replicas; and
  
  an archival replica in the plurality of replicas, the archival replica including a data store and an archive of versions admitted into the data store together with a time stamp of when the versions were admitted to the data store.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. A system as recited in claim 14, wherein upon an update of a version by a replica of the plurality of replicas, the updating replica signs the update using cryptography for other replicas to validate the signature of the updating replica.
  - 16. A system as recited in claim 15, wherein the collection manager issues policy via cryptographically signed statements.
  - 17. A system as recited in claim 14, further comprising a taint mechanism for expunging versions from one or more of the plurality of replicas determined by the taint mechanism to have been influenced by the compromised replica at or after the indicated time of the compromise.
  - 18. A system as recited in claim 14, further comprising a recovery mechanism for recovering versions from the archive into the data store after ensuring that the versions were not influenced by the compromised replica at or after the indicated time of the compromise.
  - 19. A system as recited in claim 18, wherein the collection manager is further capable of generating a replica authorized to replace a compromised replica that is revoked.
  - 20. A system as recited in claim 19, wherein the recovery mechanism is capable of rewriting an influence list associated with tainted versions to replace a reference in the influence list to the compromised replica with a reference to the replica generated by the collection manager to replace the compromised replica.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Terry, Douglas, Saraswati, Venugopalan Ramasubramanian, Rodeheffer, Thomas L., Wobber, Edward P.

Application Number

US11/618,090
Publication Number

US 20080162589A1
Time in Patent Office

Days
Field of Search
US Class Current

707/202
CPC Class Codes

G06F 11/1469   Backup restoration techniques

G06F 11/2094   Redundant storage or storag...

G06F 21/6218   to a system of files or obj...

G06F 2221/2151   Time stamp

WEAKLY-CONSISTENT DISTRIBUTED COLLECTION COMPROMISED REPLICA RECOVERY

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

72 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

WEAKLY-CONSISTENT DISTRIBUTED COLLECTION COMPROMISED REPLICA RECOVERY

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others