SECURE ONLINE DISTRIBUTED DATA STORAGE SERVICES
First Claim
1. A system for the distributed storage of electronic data, the system comprising:
- a communications interface and a non-transitory memory coupled with a processor;
the communications interface configured to receive input data blocks and user storage constraints from a user;
the memory having stored thereon;
one or more input data blocks comprising data fields;
user storage constraints; and
processor executable instructions that when executed by the processor comprise;
a shuffler configured to;
anonymize the data fields of each of the one or more input data blocks;
an encryptor configured to;
generate a cipher key and encrypt, using the cipher key, the anonymized data fields based on the user storage constraints to obtain a ciphertext file comprising ciphertext data blocks;
an erasure coder configured to;
generate coded chunks from the ciphertext data blocks and erasure coding details;
a distributor configured to;
distribute the coded chunks to two or more storage providers based on the user storage constraints; and
generate distribution details for the distributed coded chunks.
1 Assignment
0 Petitions
Accused Products
Abstract
The data vaporizer provides secure online distributed data storage services that securely store and retrieve data in a public distributed storage substrate such as public cloud. The data vaporizer vaporizes (e.g., fragmented into tiny chunks of configurable sizes) data and distributes the fragments to multiple storage nodes so that the data is not vulnerable to local disk failures, secures data so that even if some of the storage nodes are compromised, the data is undecipherable to the attacker, stores data across multiple cloud storage providers and/or parties using keys (e.g., tokens) provided by multiple parties (including the owners of the data) and maintains data confidentiality and integrity even where one or more data storage provider is compromised. The data vaporizer is configurable for different domain requirements including data privacy and anonymization requirements, encryption mechanisms, regulatory compliance of storage locations, and backup and recovery constraints.
472 Citations
21 Claims
-
1. A system for the distributed storage of electronic data, the system comprising:
-
a communications interface and a non-transitory memory coupled with a processor; the communications interface configured to receive input data blocks and user storage constraints from a user; the memory having stored thereon; one or more input data blocks comprising data fields; user storage constraints; and processor executable instructions that when executed by the processor comprise; a shuffler configured to;
anonymize the data fields of each of the one or more input data blocks;an encryptor configured to;
generate a cipher key and encrypt, using the cipher key, the anonymized data fields based on the user storage constraints to obtain a ciphertext file comprising ciphertext data blocks;an erasure coder configured to;
generate coded chunks from the ciphertext data blocks and erasure coding details;a distributor configured to;
distribute the coded chunks to two or more storage providers based on the user storage constraints; and
generate distribution details for the distributed coded chunks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for the distributed storage of electronic data comprising:
-
receiving into a non-transitory memory coupled with a processor, using a communications interface; one or more input data blocks comprising data fields; user storage constraints; anonymizing the data fields of each of the one or more input data blocks; generating a cipher key; encrypting, using the cipher key, the anonymized data fields based on the user storage constraints to obtain a ciphertext file comprising ciphertext data blocks; generating coded chunks from the ciphertext data blocks and erasure coding details; distributing the coded chunks to two or more storage providers based on the user storage constraints; and generating distribution details for the distributed coded chunks. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A product comprising:
-
a computer readable memory with processor executable instructions stored thereon, wherein the instructions when executed by the processor cause the processor to; receive, using a communications interface; one or more input data blocks comprising data fields; user storage constraints; anonymize the data fields of each the one or more input data blocks; generate a cipher key and encrypt, using the cipher key, the anonymized data fields based on the user storage constraints to obtain a ciphertext file comprising ciphertext data blocks; generate coded chunks from the ciphertext data blocks and erasure coding details; distribute the coded chunks to two or more storage providers based on the user storage constraints; and generate distribution details for the distributed coded chunks. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification