Archive with timestamps and deletion management

US 7,363,326 B2
Filed: 01/07/2004
Issued: 04/22/2008
Est. Priority Date: 02/26/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method for archiving digital records in a data storage system which protects records from premature deletion and allows the existence and content of a record at a point in time to be proven, while supporting a deletion mechanism which, if applied to the record, does not allow its existence to be proven even if the content is guessed correctly, the method comprising:

for each record in a set of records;

determining a content fingerprint based on the content of the record;

choosing a number that is distinct from the content fingerprint;

determining a record identifier for the record based at least in part on the number;

storing the record and the number; and

assigning an expiration time to the record, before which time both modification and deletion are prohibited;

selecting a plurality of the set of records;

constructing, using a cryptographic hash, a timestamp fingerprint that is based at least in part on all of the content fingerprints, and all of the record identifiers, of the records of the plurality; and

recording the timestamp fingerprint in a manner that allows both the time of the recording and the value of the timestamp fingerprint at the time of the recording to be later proven;

wherein a client of the data storage system reassigns the expiration time of a one of the plurality of the set of records to a later time but no action taken by the client can cause the expiration time to be changed to an earlier time or cause the one of the plurality to be deleted at an earlier time than the expiration time;

wherein after the expiration time of the one of the plurality of the set of records has passed, the one of the plurality is deleted and the number of the one of the plurality is also deleted; and

wherein, for each record in the set of records, the choosing of the number is done in a manner designed to make it impracticable to reconstruct or guess the number if the number has been deleted.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method by which a disk-based distributed data storage system is organized for protecting historical records of stored data entities. The method comprises recording distinct states of an entity, corresponding to different moments of time, as separate entity versions coexisting within the distributed data storage system, and assigning expiration times to the entity versions independently within each of a plurality of storage sites according to a shared a set of rules, before which times deletion is prohibited.

Citations

12 Claims

1. A method for archiving digital records in a data storage system which protects records from premature deletion and allows the existence and content of a record at a point in time to be proven, while supporting a deletion mechanism which, if applied to the record, does not allow its existence to be proven even if the content is guessed correctly, the method comprising:
- for each record in a set of records;
  
  determining a content fingerprint based on the content of the record;
  
  choosing a number that is distinct from the content fingerprint;
  
  determining a record identifier for the record based at least in part on the number;
  
  storing the record and the number; and
  
  assigning an expiration time to the record, before which time both modification and deletion are prohibited;
  
  selecting a plurality of the set of records;
  
  constructing, using a cryptographic hash, a timestamp fingerprint that is based at least in part on all of the content fingerprints, and all of the record identifiers, of the records of the plurality; and
  
  recording the timestamp fingerprint in a manner that allows both the time of the recording and the value of the timestamp fingerprint at the time of the recording to be later proven;
  
  wherein a client of the data storage system reassigns the expiration time of a one of the plurality of the set of records to a later time but no action taken by the client can cause the expiration time to be changed to an earlier time or cause the one of the plurality to be deleted at an earlier time than the expiration time;
  
  wherein after the expiration time of the one of the plurality of the set of records has passed, the one of the plurality is deleted and the number of the one of the plurality is also deleted; and
  
  wherein, for each record in the set of records, the choosing of the number is done in a manner designed to make it impracticable to reconstruct or guess the number if the number has been deleted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 wherein the data storage system is a distributed data storage system and the record is stored at each of a plurality of storage sites of the distributed data storage system.
  - 3. The method of claim 2 wherein the client communicates with the distributed data storage system over a network.
  - 4. The method of claim 3 wherein the client deposits the record into the distributed data storage system.
  - 5. The method of claim 3 wherein an action taken by the client causes the initial expiration time to be assigned to the record.
  - 6. The method of claim 2 wherein the choice of sites at which the record is stored is determined at least in part by a hash of the content of the record.
  - 7. The method of claim 2 wherein a storage site is a data server computer connected to a network.
  - 8. The method of claim 2 wherein each of the plurality of storage sites is located in a different city.
  - 9. The method of claim 1 wherein the plurality of the set of records comprises records stored during some interval of time.
  - 10. The method of claim 1 wherein the recording step comprises publishing the timestamp fingerprint in a newspaper or communicating the timestamp fingerprint to a digital timestamping service.
  - 11. The method of claim 1 wherein a timestamp record is stored, the timestamp record comprising a cryptographic hash constructed for each record of the plurality.
  - 12. The method of claim 11 wherein, for each record of the plurality, the cryptographic hash is based at least in part on both the content fingerprint of the record and on the record identifier for the record.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Burnside Acquisition, LLC
Inventors
Margolus, Norman H.
Primary Examiner(s)
Fleurantin; Jean B.
Assistant Examiner(s)
Ehichioya; Fred I

Application Number

US10/752,838
Publication Number

US 20040167901A1
Time in Patent Office

1,567 Days
Field of Search

707/103.R, 707/203, 707/204, 707/206, 707/6, 707/7, 707/201, 382/116, 382/124, 382/125, 705/59, 709/203, 709/213, 713/165, 713/167, 713/186, 713/202, 726/5, 380/44
US Class Current

707/663
CPC Class Codes

G06F 16/122   using management policies b...

G06F 16/125   characterised by the use of...

G06F 16/2358   Change logging, detection, ...

Y10S 707/99931   Database or file accessing

Y10S 707/99936   Pattern matching access

Y10S 707/99937   Sorting

Y10S 707/99939   Privileged access

Y10S 707/99942   Manipulating data structure...

Y10S 707/99952   Coherency, e.g. same view t...

Y10S 707/99953   Recoverability

Archive with timestamps and deletion management

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Archive with timestamps and deletion management

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links