Distributive storage controller and method

US 7,337,331 B2
Filed: 03/06/2003
Issued: 02/26/2008
Est. Priority Date: 09/11/2002
Status: Active Grant

First Claim

Patent Images

1. A distributive storage controller for providing a data storage service to a plurality of computer devices connected to a network, the controller comprising:

(a) a storage controller that(1) receives a storage instruction of data to be stored from one of a plurality of connected computer devices,(2) checks an available data storage capacity of a storage unit of each of the computer devices,(3) divides and encrypts the data to be stored into a plurality of encrypted pieces, wherein during the division and encryption, the storage controller(i) removes a portion of each divided piece of data,(ii) generates the encrypted pieces from the segment remaining after the removal,(iii) stores each removed portion to a predetermined storage location on the network,(4) selects, for each of the plurality of encrypted pieces, one of the computer devices in which the storage unit has available data storage capacity for storing that encrypted piece based on the result of the checking,(5) transfers and stores each encrypted piece to the computer device selected for storing that encrypted piece, and(6) generates storage location information indicating which encrypted piece is stored in which computer device; and

(b) an extraction controller that(1) receives an extraction instruction of stored data from one of the plurality of connected computer devices,(2) identifies each computer device to which each encrypted piece of the stored data is stored referring to the storage location information,(3) retrieves and decrypts each encrypted piece from the computer device in which the encrypted piece is stored, wherein during the retrieval, the extraction controller(i) retrieves the removed portions from the predetermined storage location,(ii) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations,(iii) restores the original data,(4) restores the original data based on the retrieved and decrypted pieces, and(5) provides the restored original data to the one of the plurality of connected computer devices instructing the extraction.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An inexpensive data storage technique utilizing available capacity in individual computer devices connected to a network is provided. When a backup client (BC) (14) of a user PC receives a backup instruction for a file from a user, the backup client (14) requests backup to a backup control server (20). The backup control server (20) divides and encrypts the file to be backed up into a plurality of encrypted pieces, transfers the encrypted pieces to user PCs (10), and stores the encrypted piece in the HDDs (12) of the user PCs (10). When the destributively backed up file is to be extracted, the user PC 10 obtains each encrypted piece from the user PCs 10 on which they are stored, and combines and decrypts the encrypted pieces to restore the original file.

63 Citations

View as Search Results

22 Claims

1. A distributive storage controller for providing a data storage service to a plurality of computer devices connected to a network, the controller comprising:
- (a) a storage controller that(1) receives a storage instruction of data to be stored from one of a plurality of connected computer devices,(2) checks an available data storage capacity of a storage unit of each of the computer devices,(3) divides and encrypts the data to be stored into a plurality of encrypted pieces, wherein during the division and encryption, the storage controller(i) removes a portion of each divided piece of data,(ii) generates the encrypted pieces from the segment remaining after the removal,(iii) stores each removed portion to a predetermined storage location on the network,(4) selects, for each of the plurality of encrypted pieces, one of the computer devices in which the storage unit has available data storage capacity for storing that encrypted piece based on the result of the checking,(5) transfers and stores each encrypted piece to the computer device selected for storing that encrypted piece, and(6) generates storage location information indicating which encrypted piece is stored in which computer device; and
  
  (b) an extraction controller that(1) receives an extraction instruction of stored data from one of the plurality of connected computer devices,(2) identifies each computer device to which each encrypted piece of the stored data is stored referring to the storage location information,(3) retrieves and decrypts each encrypted piece from the computer device in which the encrypted piece is stored, wherein during the retrieval, the extraction controller(i) retrieves the removed portions from the predetermined storage location,(ii) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations,(iii) restores the original data,(4) restores the original data based on the retrieved and decrypted pieces, and(5) provides the restored original data to the one of the plurality of connected computer devices instructing the extraction.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The distributive storage controller according to claim 1, wherein the storage controller has location information indicating the physical location of each of the computer devices and selects the computer devices as storage locations of each of the encrypted pieces based on the location information in such a manner that the storage locations are physically separated.
  - 3. The distributive storage controller according to claim 1, wherein the storage controller(1) receives a request to transfer a stored encrypted piece from the computer device in which the encrypted piece is stored,(2) checks the available data storage capacity of the storage units of other computer devices,(3) selects one of the other computer devices as a transfer destination for the encrypted piece based on the result of the checking,(4) transfers the encrypted piece from the computer device in which the encrypted piece is stored to the selected transfer destination computer device, and(5) corrects the storage location information of the encrypted piece according to the transfer.
  - 4. The distributive storage controller according to claim 1, wherein the distributive storage controller is incorporated into one of the plurality of computer devices.
  - 5. The distributive storage controller according to claim 4, further comprising:
    - (a) a local storage controller that(1) receives a storage instruction of a file from a program executed on the computer device into which the distributive storage controller is incorporated,(2) stores a predetermined portion of the file to the storage unit of the computer device into which the distributive storage controller is incorporated, and(3) issues a storage instruction for the remaining portion as the data to be stored by the storage controller; and
      
      (b) a local extraction controller that(1) receives a read instruction of a file which has been stored by the local storage controller from a program executed on the computer device into which the distributive storage controller is incorporated,(2) reads the predetermined portion of the file from the storage unit of the computer device into which the distributive controller is incorporated,(3) supplies the read portion to the program,(4) issues an extraction instruction for the stored data corresponding to the remaining portion to the extraction controller, and(5) supplies the stored data restored by the extraction controller in response to the extraction instruction to the program.
  - 6. The distributive storage controller according to claim 5, wherein, while the local extraction controller is reading the predetermined portion from the storage unit and supplying the portion to the program, the extraction controller restores the stored data corresponding to the remaining portion.

7. A computer device connected to a network, the computer device comprising:
- a response module for returning a response including information on available data storage capacity of a storage unit of the computer device in response to a status inquiry received from a requesting device via the network,the storage unit storing data transmitted from the requesting device via the network to the computer device;
  
  a data provider which, in response to a data extraction request sent from the requesting device via the network, reads data related to the extraction request from the storage unit and transmits the data to the requesting device;
  
  a storage monitor for monitoring the available capacity of the storage unit, determining whether or not the available capacity is sufficient to store an encrypted piece of data, and issuing a transfer request for the stored encrypted piece to the requesting device when determining that the available capacity of the storage unit is insufficient; and
  
  a storage controller that divides and encrypts the data to be stored into a plurality of encrypted pieces, wherein, during the division and encryption, the storage controller(1) removes a portion of each divided piece of data,(2) generates the encrypted pieces from the segment remaining after the removal, and(3) stores each removed portion to a predetermined storage location on the network; and
  
  an extraction controller that retrieves the removed portions from the predetermined storage location, wherein during the retrieval, the extraction controller(1) retrieves the removed portions from the predetermined storage location,(2) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations, and(3) restores the original data.

8. A distributive storage system comprising:
- a plurality of computer devices connected to a network, each computer device including a storage unit that has a predetermined data storage capacity;
  
  (a) a storage controller which is connected to the network and which, upon receiving a storage instruction of data from a client device(1) checks an available data storage of the predetermined data storage capacity of the storage unit of each of the computer devices,(2) divides and encrypts the data into a plurality of encrypted pieces,(3) removes a portion of each divided piece of data,(4) generates the encrypted pieces from the segment remaining after the removal, and(5) stores each removed portion to a predetermined storage location on the network;
  
  (6) selects, for each encrypted piece, a computer device having the available data storage capacity for storing that encrypted piece from among the plurality of computer devices based on the result of the checking,(7) transfers and stores each of the encrypted pieces to the selected corresponding computer device, and(8) generates storage location information indicating which encrypted piece is stored in which computer device; and
  
  (b) an extraction controller which is connected to the network and which, upon receiving an extraction instruction of data from a client device,(1) identifies computer devices to which the encrypted pieces of the data are stored by referring to the storage location information,(2) obtains each encrypted piece from the corresponding computer device,(3) retrieves the removed portions from the predetermined storage location,(4) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations,(5) restores the original data based on the encrypted pieces, and(6) supplies the restored data to the client device.
- View Dependent Claims (9, 10, 11)
- - 9. The system according to claim 8, wherein:
    - each of the computer devices comprises a power supply controller for supplying power to the computer device in response to an activation instruction via the network; and
      
      the extraction controller comprises an activation controller for transmitting an activation instruction, when there is a computer device in which the power is switched off from among the computer devices identified from the storage location information, to the power supply controller of each of the computer devices in which the power is switched off.
  - 10. The system according to claim 8, wherein:
    - the computer device monitors the available capacity of the storage unit, determines whether or not the available capacity is sufficient, and, when determining that the available capacity is insufficient, issues a transfer request for the stored encrypted piece to the storage controller; and
      
      the storage controller, upon receiving a transfer request of the encrypted piece from the computer device, checks the status of the storage device of each of the other computer devices, selects a computer device as a transfer destination to which the piece is to be stored from among the other computer devices based on the results of the checking process, transfers the encrypted piece from the computer device issuing the transfer request to the transfer destination computer device, and corrects the storage location information of the data corresponding to the encrypted piece according to the transfer.
  - 11. The system according to claim 8, wherein:
    - the storage controller and the extraction controller are incorporated into at least one of the plurality of computer devices.

12. A method for controlling a distributive storage which provides a data storage service to a plurality of computer devices connected to a network, each computer device including a storage unit that has a predetermined data storage capacity, the method comprising:
- (a) upon reception of a storage instruction of data,(1) checking an available data storage of the predetermined data storage capacity of the storage unit of each of the computer devices,(2) dividing and encrypting the data into a plurality of encrypted pieces,(3) removing a portion of each divided piece of data,(4) generating the encrypted pieces from the segment remaining after the removal,(5) storing each removed portion to a predetermined storage location on the network;
  
  (6) selecting, for each encrypted piece, a computer device having the available data storage capacity for storing the selected encrypted piece from among the plurality of computer devices based on the result of the checking process,(7) transferring and storing each encrypted piece to the selected corresponding computer device, and(8) generating storage location information indicating which encrypted piece is stored in which computer device; and
  
  (b) upon reception of an extraction instruction of data,(1) identifying computer devices to which the encrypted pieces corresponding to the data are stored by referring to the storage location information,(2) retrieving the removed portions from each of the computer devices,(3) decrypting and integrating the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations, and(4) restoring the original data based on the encrypted pieces.
- View Dependent Claims (13, 14, 15)
- - 13. The method according to claim 12, wherein:
    - (a) comprises, in the dividing and encrypting process, removing a portion of each piece obtained by dividing the data, generating the encrypted pieces from the segments remaining after the removal process, and storing data of the fragments removed from the pieces to a predetermined storage location on the network, and(b) comprises obtaining the data of the fragments from the predetermined storage location and restoring the original data after integrating the group of encrypted pieces obtained from the computer devices and the data of the fragments.
  - 14. The method according to claim 12, wherein(a) comprises selecting, based on location information indicating the physical locations of the computer devices, computer devices as the storage locations for the encrypted pieces so that the storage destination computer devices are physically separated.
  - 15. A method according to claim 12, further comprising:
    - upon receiving a transfer request for the encrypted piece from any of the computer devices,checking the status of the storage device of each of the other computer devices,selecting one computer device as a transfer destination to which the piece is to be stored from among the other computer devices based on the result of the checking process,transferring the encrypted piece from the computer device issuing the transfer request to the transfer destination computer device, andcorrecting the storage location information for the data corresponding to the encrypted piece according to the transfer.

16. A method for controlling a computer device which is connected to a network and provided for a distributive storage service of data, the method comprising:
- returning a response including information of an available data storage capacity of a storage device in the computer device in response to a status inquiry sent from a requesting device via the network;
  
  storing data transmitted from the requesting device via the network to the storage device, wherein(a) during the division and encryption, the storage controller(1) removes a portion of each divided piece of data,(2) generates the encrypted pieces from the segment remaining after the removal, and(3) stores each removed portion to a predetermined storage location on the network; and
  
  in response to a data extraction request sent from the requesting device via the network, reading the data related to the extraction request from the storage device and transmitting the data to the requesting device, wherein(b) during the retrieval, the extraction controller(1) retrieves the removed portions from the predetermined storage location,(2) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations, and(3) restores the original data.
- View Dependent Claims (17)
- - 17. The method according to claim 16, further comprising:
    - monitoring the available capacity of the storage unit, determining whether or not the available capacity is sufficient, and, upon determining that available capacity of the storage unit is insufficient, issuing a transfer request of the stored encrypted piece to the requesting device.

18. A method for controlling a distributive storage system including a plurality of computer devices, a storage controller, and an extraction controller all of which are connected to a network, each of the plurality of computer devices including a storage unit that has a predetermined data storage capacity, the method comprising:
- (a) when the storage controller receives a storage instruction of data from a client device,(1) checking an available data storage of the predetermined data storage capacity of the storage unit of each of the computer devices,(2) dividing and encrypting the data into a plurality of pieces,(3) removing a portion of each divided piece of data,(4) generating the encrypted pieces from the segment remaining after the removal,(5) selecting, for each removed portion, a computer device having the available data storage capacity for storing that removed portion from among the plurality of computer devices based on the result of the checking process,(6) transferring and storing each removed portion to the selected corresponding computer device, and(7) generating storage location information indicating which removed portion is stored in which computer device; and
  
  (b) when the extraction controller receives an extraction instruction of data from a client device,(1) identifying computer devices to which the encrypted pieces corresponding to the data are stored by referring to the storage location information,(2) obtaining each of the removed portions from each computer device,(3) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations,(4) restores the original data,(5) supplying the restored data to the client device.
- View Dependent Claims (19, 20)
- - 19. The method according to claim 18, wherein:
    - when it is determined that the power of any of the computer devices from among the computer devices identified from the storage location information is switched off, the extraction controller transmits an activation instruction to the computer device.
  - 20. The method according to claim 18, wherein:
    - the computer device monitors the available capacity of the storage device, determines whether or not the available capacity is sufficient, and upon determining that the available capacity of the storage unit is insufficient, issues a transfer request for the stored encrypted piece to the storage controller;
      
      the storage controller, upon receiving the transfer request for the encrypted piece from the computer device, checks the status of the storage unit of each of the other computer devices, selects a computer device as a transfer destination to which the piece is to be stored from among the other computer devices based on the result of the checking process, transfers the encrypted piece from the computer device issuing the transfer request to the transfer destination computer device, and corrects the storage location information of the data corresponding to the encrypted piece according to the transfer.

21. A computer readable recording medium which records a program which, when executed, causes a computer system connected to a network to execute:
- (a) controlling a storage when receiving a storage instruction of data, to(1) check an available data storage of a predetermined data storage capacity of a storage unit of each of a predetermined plurality of computer devices on the network,(2) divide and encrypt the data into a plurality of encrypted pieces,(3) remove a portion of each divided piece of data,(4) generate the encrypted pieces from the segment remaining after the removal, and(5) stores each removed portion to a predetermined storage location on the network; and
  
  (6) select, for each encrypted piece, a computer device having the available data storage of the predetermined data storage capacity for storing that encrypted piece from among the plurality of computer devices based on the result of the checking process,(7) transfer and store the encrypted piece to the selected corresponding computer device, and(8) generate storage location information indicating which encrypted piece is stored to which computer device; and
  
  (b) controlling an extraction when receiving an extraction instruction for data, to(1) identify computer devices to which the encrypted pieces for the data are stored by referring to the storage location information,(2) obtain the encrypted pieces from the computer devices,(3) retrieves the removed portions from the predetermined storage location,(4) decrypts and integrates the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations,(5) restore the original data based on the encrypted pieces.

22. A computer readable recording medium which records a program which, when executed, causes a computer system connected to a network to execute:
- returning a response including information on the available data storage capacity of a storage unit within its own device in response to a status inquiry sent from a requesting device via the network;
  
  dividing and encrypting data, comprising;
  
  (1) removing a portion of each divided piece of data,(2) generating the encrypted pieces from the segment remaining after the removal, and(3) storing each removed portion to a predetermined storage location on the network; and
  
  storing data transmitted from the requesting device via the network to the storage unit;
  
  in response to an extraction request of data sent from the requesting device via the network, reading the data related to the extraction request from the storage unit and transmitting the data to the requesting device,retrieving the data, comprising;
  
  (1) retrieving the removed portions from the predetermined storage location,(2) decrypting and integrating the group of encrypted pieces obtained from the computer devices with the removed portions from the predetermined storage locations, and(3) restoring the original data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujifilm Business Innovation Corp. (Fujifilm Holdings Corporation)
Original Assignee
Fuji Xerox Company Limited (Xerox Holdings Corp.)
Inventors
Yoshida, Takeo
Primary Examiner(s)
Moise; Emmanuel L.
Assistant Examiner(s)
GERGISO, TECHANE

Application Number

US10/379,735
Publication Number

US 20040049700A1
Time in Patent Office

1,818 Days
Field of Search

713/193, 713/153, 711/162, 711/202
US Class Current

713/193
CPC Class Codes

G06F 11/1464   for networked environments

G06F 11/1469   Backup restoration techniques

G06F 21/62   Protecting access to data v...

G06F 2221/2107   File encryption

H04L 63/04   for providing a confidentia...

Distributive storage controller and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Distributive storage controller and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others