Token-based storage service
First Claim
Patent Images
1. A system comprising:
- one or more computing nodes configured as a repository of key-value data;
one or more memories having stored thereon computer-readable instructions that, upon execution by a computing device, cause the system at least to;
receive a first request to store a data item;
in response to the first request to store the data item, generate a first token comprising a namespace and a first identifier, and store, in the repository of key-value data, a first association between the first token and the data item, and a second association between the first token and metadata indicative of an owner of the data item;
validate a request to retrieve the data item, based at least in part on using a copy of the first token included in the request to retrieve the data item and access the metadata indicative of the owner of the data item; and
in response to a second request to store a version of the data item, add the first token to a list of invalid tokens and generate a second token comprising the namespace and a second identifier, and store, in the repository of key-value data, associations between the second token, the version of the data item, and the metadata indicative of the owner of the data item.
1 Assignment
0 Petitions
Accused Products
Abstract
A token-based storage service may comprise a repository of key-value data. In response to a request to store a data item, the storage service may generate a token comprising a namespace and a unique identifier. The token may be used as a key to store and retrieve the data item from the repository. Requests to access the data may be validated based on ownership information stored with the data item and information indicative of the origin of the request for access. In response to a request to store a new version of the data item, a new token may be generated.
80 Citations
19 Claims
-
1. A system comprising:
-
one or more computing nodes configured as a repository of key-value data; one or more memories having stored thereon computer-readable instructions that, upon execution by a computing device, cause the system at least to; receive a first request to store a data item; in response to the first request to store the data item, generate a first token comprising a namespace and a first identifier, and store, in the repository of key-value data, a first association between the first token and the data item, and a second association between the first token and metadata indicative of an owner of the data item; validate a request to retrieve the data item, based at least in part on using a copy of the first token included in the request to retrieve the data item and access the metadata indicative of the owner of the data item; and in response to a second request to store a version of the data item, add the first token to a list of invalid tokens and generate a second token comprising the namespace and a second identifier, and store, in the repository of key-value data, associations between the second token, the version of the data item, and the metadata indicative of the owner of the data item. - View Dependent Claims (2, 3, 4)
-
-
5. A method of providing access to a multi-tenant collection of data maintained in a repository of key-value data, the method comprising:
-
generating a first token in response to a first request to store a data item, the first token comprising a namespace and a first identifier; storing, in the repository of key-value data, a first association between the first token and the data item; validating a request to access the data item by at least comparing information indicative of an origin of the request to access the data item to information indicative of an owner of the data item; generating a second token in response to a second request to store a second version of the data item, the second token comprising the namespace and a second identifier generated in response to the second request; storing, in the repository of key-value data, a second association between the second token and the second version of the data item; and storing information adding the first token to a list of tokens that are invalid for retrieving the data item. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium having stored thereon instructions that, upon execution by a computing device, cause the computing device at least to:
-
receive a first request to store a data item; form, in response to the first request, a first token comprising a namespace and a first identifier; store, in a repository of key-value data, associations between the first token, the data item, and information indicative of an owner of the data item; determine that a request to access the data item is authorized by at least comparing information indicative of an origin of the request to access the data item to the information indicative of the owner of the data item; generate a second token in response to a second request to store a second version of the data item, the second token comprising the namespace and a second identifier generated in response to the second request; store, in the repository of key-value data, associations between the second token, the second version of the data item, and the information indicative of the owner of the data item; and store information indicative of the first token being invalid, wherein storing the information comprises adding the first token to a list of invalid tokens. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification