JP7238111B2 - 分散型ファイルシステムのための暗号化 - Google Patents
分散型ファイルシステムのための暗号化 Download PDFInfo
- Publication number
- JP7238111B2 JP7238111B2 JP2021517925A JP2021517925A JP7238111B2 JP 7238111 B2 JP7238111 B2 JP 7238111B2 JP 2021517925 A JP2021517925 A JP 2021517925A JP 2021517925 A JP2021517925 A JP 2021517925A JP 7238111 B2 JP7238111 B2 JP 7238111B2
- Authority
- JP
- Japan
- Prior art keywords
- key
- file
- data
- cluster
- file system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/08—Error detection or correction by redundancy in data representation, e.g. by using checking codes
- G06F11/10—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
- G06F11/1076—Parity data used in redundant arrays of independent storages, e.g. in RAID systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/182—Distributed file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/16—Error detection or correction of the data by redundancy in hardware
- G06F11/20—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
- G06F11/202—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant
- G06F11/2041—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant with more than one idle spare processing component
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/16—Error detection or correction of the data by redundancy in hardware
- G06F11/20—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
- G06F11/202—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant
- G06F11/2048—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where processing functionality is redundant where the redundant components share neither address space nor persistent storage
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/16—Error detection or correction of the data by redundancy in hardware
- G06F11/20—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
- G06F11/2097—Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements maintaining the standby controller/processing unit updated
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/815—Virtual
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/84—Using snapshots, i.e. a logical point-in-time copy of the data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Description
[0001]本出願は、2018年6月8日に出願の「Encryption for a Distributed Filesystem」と題する米国仮特許出願第62/682,198号、および2019年2月13日に出願の「Encryption for a Distributed Filesystem」と題する米国特許出願第16/274,541号の優先権を主張する。
[0003]「Distributed Erasure Coded Virtual Filesystem」と題する米国特許出願第15/243,519号が、本明細書によって全体として参照により本明細書に組み込まれる。
Claims (18)
- フロントエンドおよびバックエンドを備えるコンピューティングデバイスであって、前記フロントエンドが、データがシステムに入るときに前記データを暗号化するように動作可能であり、前記バックエンドが、複数のバケットを備える、コンピューティングデバイスと、
複数のストレージデバイスであって、
前記複数のバケットの各バケットが、複数のストレージブロックを備える障害保護されたストライプを構築するように動作可能であり、
障害保護されたストライプの各ストレージブロックが、前記複数のストレージデバイスの異なるストレージデバイス内にあり、
前記暗号化されたデータが、1つまたは複数の障害保護されたストライプ内のファイルに記憶される、
複数のストレージデバイスと
を備え、
前記コンピューティングデバイスが、複数のコンピューティングデバイスのクラスタ内にあり、
前記複数のコンピューティングデバイスの前記クラスタに前記コンピューティングデバイスが加わったときに、前記コンピューティングデバイスが、前記クラスタのリーダに長期鍵を登録する、システム。 - 前記フロントエンドが、データが前記システムを離れるときに前記データを復号するように動作可能である、請求項1に記載のシステム。
- 前記フロントエンドが、ファイル鍵に従って前記データを暗号化する、請求項1に記載のシステム。
- 前記ファイル鍵が、前記ファイルがコピーされたときにローテーションされる、請求項3に記載のシステム。
- 前記バックエンドにおいて前記複数のバケットによって構築された全ての障害保護されたストライプが、ファイルシステム鍵と関連付けられた共通のファイルシステム内にある、請求項3に記載のシステム。
- 前記ファイル鍵が、前記ファイルシステム鍵で暗号化される、請求項5に記載のシステム。
- 前記ファイル鍵が、前記ファイルシステム鍵がローテーションされたときに再暗号化される、請求項5に記載のシステム。
- 前記複数のコンピューティングデバイスの前記クラスタが、クラスタ鍵と関連付けられており、前記ファイルシステム鍵が、前記クラスタ鍵により暗号化される、請求項5から7のいずれか1項に記載のシステム。
- 前記データの転送の前に、セッション鍵が、前記長期鍵で署名された一過性鍵ペアを使用して交渉される、請求項1に記載のシステム。
- コンピューティングデバイス上のファイルシステムへの書込みアクセスのためにデータファイルを開くステップであって、
前記コンピューティングデバイスが、フロントエンド、バックエンド、および複数のストレージデバイスを備え
前記バックエンドが、複数のバケットを備え、
前記複数のバケットの各バケットが、複数のストレージブロックを備える障害保護されたストライプを構築するように動作可能であり、
障害保護されたストライプ内の前記複数のストレージブロックの各ストレージブロックが、前記複数のストレージデバイスの異なるストレージデバイス内にある、
ステップと、
前記フロントエンドがデータを暗号化するステップと、
前記複数のバケットのうちの1つまたは複数のバケットによって構築された1つまたは複数の障害保護されたストライプ内の前記データファイルに前記暗号化されたデータを書き込むステップと、
前記データファイルを閉じるステップと
を含み、
前記コンピューティングデバイスが、複数のコンピューティングデバイスのクラスタ内にあり、
前記複数のコンピューティングデバイスの前記クラスタに前記コンピューティングデバイスが加わったときに、前記クラスタのリーダに前記コンピューティングデバイスの長期鍵を登録するステップを含む、前記コンピューティングデバイスのプロセッサにより実行される方法。 - 前記フロントエンドが、データが読み込まれたときに前記データを復号するように動作可能である、請求項10に記載の方法。
- ファイル鍵に従って、前記フロントエンドが前記データを暗号化し、
前記方法が、前記データファイルが閉じられた後、メモリから前記ファイル鍵を消去するステップを含む
請求項10に記載の方法。 - 前記データファイルをコピーすることによって前記ファイル鍵をローテーションするステップを含む、請求項12に記載の方法。
- 前記バックエンドにおいて前記複数のバケットによって構築された全ての障害保護されたストライプが、ファイルシステム鍵と関連付けられた共通のファイルシステム内にある、請求項12に記載の方法。
- 前記ファイル鍵が保存されることになる場合、前記ファイル鍵は前記フロントエンドによって前記ファイルシステム鍵で暗号化される、請求項14に記載の方法。
- 前記ファイルシステム鍵がローテーションされたときに前記フロントエンドが前記ファイル鍵を再暗号化するステップを含む、請求項14に記載の方法。
- 前記複数のコンピューティングデバイスの前記クラスタが、クラスタ鍵と関連付けられており、前記ファイルシステム鍵が、前記クラスタ鍵により暗号化される、請求項14から16のいずれか1項に記載の方法。
- 前記長期鍵で署名された一過性鍵ペアを使用してセッション鍵を交渉するステップと、
前記フロントエンドが前記セッション鍵を使用して前記データを暗号化するステップと、
前記セッション鍵で暗号化された前記データを前記コンピューティングデバイスに転送するステップと
を含む、請求項10に記載の方法。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2023031014A JP2023071843A (ja) | 2018-06-08 | 2023-03-01 | 分散型ファイルシステムのための暗号化 |
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201862682198P | 2018-06-08 | 2018-06-08 | |
US62/682,198 | 2018-06-08 | ||
US16/274,541 | 2019-02-13 | ||
US16/274,541 US11042661B2 (en) | 2018-06-08 | 2019-02-13 | Encryption for a distributed filesystem |
PCT/IB2019/000686 WO2019234501A2 (en) | 2018-06-08 | 2019-06-04 | Encryption for a distributed filesystem |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2023031014A Division JP2023071843A (ja) | 2018-06-08 | 2023-03-01 | 分散型ファイルシステムのための暗号化 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2021527286A JP2021527286A (ja) | 2021-10-11 |
JP7238111B2 true JP7238111B2 (ja) | 2023-03-13 |
Family
ID=68765123
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2021517925A Active JP7238111B2 (ja) | 2018-06-08 | 2019-06-04 | 分散型ファイルシステムのための暗号化 |
JP2023031014A Pending JP2023071843A (ja) | 2018-06-08 | 2023-03-01 | 分散型ファイルシステムのための暗号化 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2023031014A Pending JP2023071843A (ja) | 2018-06-08 | 2023-03-01 | 分散型ファイルシステムのための暗号化 |
Country Status (5)
Country | Link |
---|---|
US (3) | US11042661B2 (ja) |
EP (1) | EP3814945A4 (ja) |
JP (2) | JP7238111B2 (ja) |
CN (1) | CN112243508A (ja) |
WO (1) | WO2019234501A2 (ja) |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11042661B2 (en) * | 2018-06-08 | 2021-06-22 | Weka.IO Ltd. | Encryption for a distributed filesystem |
US11409696B2 (en) | 2019-11-01 | 2022-08-09 | EMC IP Holding Company LLC | Methods and systems for utilizing a unified namespace |
US11392464B2 (en) | 2019-11-01 | 2022-07-19 | EMC IP Holding Company LLC | Methods and systems for mirroring and failover of nodes |
US11741056B2 (en) | 2019-11-01 | 2023-08-29 | EMC IP Holding Company LLC | Methods and systems for allocating free space in a sparse file system |
US11604610B2 (en) * | 2021-04-29 | 2023-03-14 | EMC IP Holding Company LLC | Methods and systems for storing data in a distributed system using offload components |
US11740822B2 (en) | 2021-04-29 | 2023-08-29 | EMC IP Holding Company LLC | Methods and systems for error detection and correction in a distributed storage system |
US11892983B2 (en) | 2021-04-29 | 2024-02-06 | EMC IP Holding Company LLC | Methods and systems for seamless tiering in a distributed storage system |
US11567704B2 (en) | 2021-04-29 | 2023-01-31 | EMC IP Holding Company LLC | Method and systems for storing data in a storage pool using memory semantics with applications interacting with emulated block devices |
US20220350933A1 (en) * | 2021-04-29 | 2022-11-03 | EMC IP Holding Company LLC | Methods and systems for securing data in a distributed storage system |
US11669259B2 (en) | 2021-04-29 | 2023-06-06 | EMC IP Holding Company LLC | Methods and systems for methods and systems for in-line deduplication in a distributed storage system |
US11579976B2 (en) | 2021-04-29 | 2023-02-14 | EMC IP Holding Company LLC | Methods and systems parallel raid rebuild in a distributed storage system |
CN113742289B (zh) * | 2021-09-02 | 2023-10-31 | 中金金融认证中心有限公司 | 一种用于文件系统的装置及对文件系统进行操作的方法 |
US11677633B2 (en) | 2021-10-27 | 2023-06-13 | EMC IP Holding Company LLC | Methods and systems for distributing topology information to client nodes |
US11762682B2 (en) | 2021-10-27 | 2023-09-19 | EMC IP Holding Company LLC | Methods and systems for storing data in a distributed system using offload components with advanced data services |
US11922071B2 (en) | 2021-10-27 | 2024-03-05 | EMC IP Holding Company LLC | Methods and systems for storing data in a distributed system using offload components and a GPU module |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008077366A (ja) | 2006-09-21 | 2008-04-03 | Hitachi Ltd | 記憶制御装置及び記憶制御装置の暗号化機能制御方法 |
JP2014529238A (ja) | 2011-08-25 | 2014-10-30 | ネットアップ,インコーポレイテッド | 安全なマルチキャストクラスタ内通信を提供するためのシステムおよび方法 |
JP2016057811A (ja) | 2014-09-09 | 2016-04-21 | 株式会社 日立産業制御ソリューションズ | 蓄積配信サーバ及び蓄積配信システム |
Family Cites Families (66)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09179768A (ja) * | 1995-12-21 | 1997-07-11 | Olympus Optical Co Ltd | ファイル暗号化システム及びファイル復号化システム |
US6487636B1 (en) | 2000-04-24 | 2002-11-26 | Hewlett-Packard Co. | Method and apparatus for mapping data in a heterogeneous disk array storage system |
US7200747B2 (en) * | 2001-10-31 | 2007-04-03 | Hewlett-Packard Development Company, L.P. | System for ensuring data privacy and user differentiation in a distributed file system |
US7681072B1 (en) | 2004-08-13 | 2010-03-16 | Panasas, Inc. | Systems and methods for facilitating file reconstruction and restoration in data storage systems where a RAID-X format is implemented at a file level within a plurality of storage devices |
EP1825412A1 (en) * | 2004-10-25 | 2007-08-29 | Rick L. Orsini | Secure data parser method and system |
US7447839B2 (en) | 2005-09-13 | 2008-11-04 | Yahoo! Inc. | System for a distributed column chunk data store |
US7793146B1 (en) | 2007-08-07 | 2010-09-07 | Panasas, Inc. | Methods for storing data in a data storage system where a RAID-X format or formats are implemented at a file level |
US8645749B2 (en) | 2009-02-04 | 2014-02-04 | Micron Technology, Inc. | Systems and methods for storing and recovering controller data in non-volatile memory devices |
US8458287B2 (en) | 2009-07-31 | 2013-06-04 | Microsoft Corporation | Erasure coded storage aggregation in data centers |
US9537650B2 (en) * | 2009-12-15 | 2017-01-03 | Microsoft Technology Licensing, Llc | Verifiable trust for data through wrapper composition |
US9135471B2 (en) * | 2010-03-10 | 2015-09-15 | Dell Products L.P. | System and method for encryption and decryption of data |
US8601600B1 (en) * | 2010-05-18 | 2013-12-03 | Google Inc. | Storing encrypted objects |
US9058291B2 (en) * | 2011-02-28 | 2015-06-16 | International Business Machines Corporation | Multiple erasure correcting codes for storage arrays |
US8433979B2 (en) * | 2011-02-28 | 2013-04-30 | International Business Machines Corporation | Nested multiple erasure correcting codes for storage arrays |
US8650435B2 (en) * | 2011-06-08 | 2014-02-11 | Dell Products L.P. | Enhanced storage device replacement system and method |
US9178698B1 (en) * | 2011-12-21 | 2015-11-03 | Google Inc. | Dynamic key management |
US8874995B2 (en) * | 2012-02-02 | 2014-10-28 | International Business Machines Corporation | Partial-maximum distance separable (PMDS) erasure correcting codes for storage arrays |
US8719594B2 (en) * | 2012-02-15 | 2014-05-06 | Unisys Corporation | Storage availability using cryptographic splitting |
US9209973B2 (en) * | 2012-11-20 | 2015-12-08 | Google Inc. | Delegate authorization in cloud-based storage system |
US9608813B1 (en) * | 2013-06-13 | 2017-03-28 | Amazon Technologies, Inc. | Key rotation techniques |
US9705674B2 (en) * | 2013-02-12 | 2017-07-11 | Amazon Technologies, Inc. | Federated key management |
US9953317B2 (en) * | 2013-03-13 | 2018-04-24 | Shopkeep.Com, Inc. | Method and system for secure key rotation |
US9098445B2 (en) * | 2013-03-14 | 2015-08-04 | Apple Inc. | Selection of redundant storage configuration based on available memory space |
US9600675B2 (en) * | 2014-02-23 | 2017-03-21 | Aitheras, Llc | Secure file transfer systems and methods |
US9087012B1 (en) | 2014-06-04 | 2015-07-21 | Pure Storage, Inc. | Disaster recovery at high reliability in a storage cluster |
US9582363B2 (en) | 2014-06-09 | 2017-02-28 | International Business Machines Corporation | Failure domain based storage system data stripe layout |
CN104601579A (zh) * | 2015-01-20 | 2015-05-06 | 成都市酷岳科技有限公司 | 一种保障信息安全的计算机系统及其方法 |
US9921910B2 (en) | 2015-02-19 | 2018-03-20 | Netapp, Inc. | Virtual chunk service based data recovery in a distributed data storage system |
US9807077B2 (en) * | 2015-03-10 | 2017-10-31 | Polyverse Corporation | Systems and methods for containerized data security |
US9916458B2 (en) * | 2015-03-31 | 2018-03-13 | EMC IP Holding Company LLC | Secure cloud-based storage of data shared across file system objects and clients |
US20170004131A1 (en) * | 2015-07-01 | 2017-01-05 | Weka.IO LTD | Virtual File System Supporting Multi-Tiered Storage |
EP3320456A4 (en) * | 2015-07-08 | 2018-07-18 | Cloud Crowding Corp. | System and method for secure transmission of signals from a camera |
US9448887B1 (en) * | 2015-08-22 | 2016-09-20 | Weka.IO Ltd. | Distributed erasure coded virtual file system |
US9766816B2 (en) * | 2015-09-25 | 2017-09-19 | Seagate Technology Llc | Compression sampling in tiered storage |
US9699244B2 (en) * | 2015-11-11 | 2017-07-04 | Weka.IO Ltd. | Load balanced network file accesses |
US11455097B2 (en) * | 2016-01-28 | 2022-09-27 | Weka.IO Ltd. | Resource monitoring in a distributed storage system |
US10460119B2 (en) * | 2016-02-26 | 2019-10-29 | Intuit Inc. | IDPS access-controlled and encrypted file system design |
MX2018011241A (es) * | 2016-03-15 | 2018-11-22 | Datomia Res Labs Ou | Administracion y seguridad de datos del sistema de almacenamiento distribuido. |
US10326744B1 (en) * | 2016-03-21 | 2019-06-18 | EMC IP Holding Company LLC | Security layer for containers in multi-tenant environments |
US10397189B1 (en) * | 2016-09-27 | 2019-08-27 | Amazon Technologies, Inc. | Peered virtual private network endpoint nodes |
CN106815528B (zh) * | 2016-12-07 | 2019-10-29 | 重庆软云科技有限公司 | 一种文件管理方法及装置、存储设备 |
US10453547B2 (en) * | 2017-06-16 | 2019-10-22 | Seagate Technologies Llc | Monitoring a memory for retirement |
US10659225B2 (en) * | 2017-06-30 | 2020-05-19 | Microsoft Technology Licensing, Llc | Encrypting existing live unencrypted data using age-based garbage collection |
US10545921B2 (en) * | 2017-08-07 | 2020-01-28 | Weka.IO Ltd. | Metadata control in a load-balanced distributed storage system |
US20190095296A1 (en) * | 2017-09-27 | 2019-03-28 | Hewlett Packard Enterprise Development Lp | Reading or Reconstructing Requested Data from RAID Volume |
US10394490B2 (en) * | 2017-10-23 | 2019-08-27 | Weka.IO Ltd. | Flash registry with write leveling |
US11385980B2 (en) * | 2017-11-13 | 2022-07-12 | Weka.IO Ltd. | Methods and systems for rapid failure recovery for a distributed storage system |
US11782875B2 (en) * | 2017-11-13 | 2023-10-10 | Weka.IO Ltd. | Directory structure for a distributed storage system |
US11561860B2 (en) * | 2017-11-13 | 2023-01-24 | Weka.IO Ltd. | Methods and systems for power failure resistance for a distributed storage system |
US11061622B2 (en) * | 2017-11-13 | 2021-07-13 | Weka.IO Ltd. | Tiering data strategy for a distributed storage system |
US11262912B2 (en) * | 2017-11-13 | 2022-03-01 | Weka.IO Ltd. | File operations in a distributed storage system |
US10936405B2 (en) * | 2017-11-13 | 2021-03-02 | Weka.IO Ltd. | Efficient networking for a distributed storage system |
US11301433B2 (en) * | 2017-11-13 | 2022-04-12 | Weka.IO Ltd. | Metadata journal in a distributed storage system |
US11216210B2 (en) * | 2017-11-13 | 2022-01-04 | Weka.IO Ltd. | Flash registry with on-disk hashing |
US11042661B2 (en) | 2018-06-08 | 2021-06-22 | Weka.IO Ltd. | Encryption for a distributed filesystem |
US10942807B2 (en) * | 2018-06-12 | 2021-03-09 | Weka.IO Ltd. | Storage system spanning multiple failure domains |
US11074668B2 (en) * | 2018-06-19 | 2021-07-27 | Weka.IO Ltd. | GPU based server in a distributed file system |
US11169746B2 (en) * | 2018-06-19 | 2021-11-09 | Weka.IO LTD | Expanding a distributed storage system |
US10976966B2 (en) * | 2018-06-29 | 2021-04-13 | Weka.IO Ltd. | Implementing coherency and page cache support in a distributed way for files |
US11169961B2 (en) * | 2018-06-29 | 2021-11-09 | Weka.IO Ltd. | Data migration in a distributive file system |
US11093444B2 (en) * | 2018-07-02 | 2021-08-17 | Weka.IO Ltd. | Access redirection in a distributive file system |
US11455275B2 (en) * | 2018-07-18 | 2022-09-27 | Weka.IO Ltd. | Storing a point in time coherently for a distributed storage system |
US11163723B2 (en) * | 2018-07-19 | 2021-11-02 | Weka.IO Ltd. | Pushing a point in time to a backend object storage for a distributed storage system |
US11023178B2 (en) * | 2018-07-24 | 2021-06-01 | Weka, Io Ltd | Implementing coherency and page cache support for a storage system spread across multiple data centers |
US11340823B2 (en) * | 2018-08-20 | 2022-05-24 | Weka.IO Ltd. | Authenticated stateless mount string for a distributed file system |
US11175986B1 (en) * | 2020-07-01 | 2021-11-16 | International Business Machines Corporation | Storage systems implementing offset erasure code stripes |
-
2019
- 2019-02-13 US US16/274,541 patent/US11042661B2/en active Active
- 2019-06-04 WO PCT/IB2019/000686 patent/WO2019234501A2/en unknown
- 2019-06-04 JP JP2021517925A patent/JP7238111B2/ja active Active
- 2019-06-04 EP EP19814618.5A patent/EP3814945A4/en active Pending
- 2019-06-04 CN CN201980036527.0A patent/CN112243508A/zh active Pending
-
2021
- 2021-05-11 US US17/317,086 patent/US11507681B2/en active Active
-
2022
- 2022-10-07 US US17/961,981 patent/US11914736B2/en active Active
-
2023
- 2023-03-01 JP JP2023031014A patent/JP2023071843A/ja active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008077366A (ja) | 2006-09-21 | 2008-04-03 | Hitachi Ltd | 記憶制御装置及び記憶制御装置の暗号化機能制御方法 |
JP2014529238A (ja) | 2011-08-25 | 2014-10-30 | ネットアップ,インコーポレイテッド | 安全なマルチキャストクラスタ内通信を提供するためのシステムおよび方法 |
JP2016057811A (ja) | 2014-09-09 | 2016-04-21 | 株式会社 日立産業制御ソリューションズ | 蓄積配信サーバ及び蓄積配信システム |
Also Published As
Publication number | Publication date |
---|---|
JP2023071843A (ja) | 2023-05-23 |
US11914736B2 (en) | 2024-02-27 |
US20230033729A1 (en) | 2023-02-02 |
US11042661B2 (en) | 2021-06-22 |
WO2019234501A3 (en) | 2020-05-07 |
EP3814945A4 (en) | 2022-03-09 |
CN112243508A (zh) | 2021-01-19 |
WO2019234501A2 (en) | 2019-12-12 |
US20190377892A1 (en) | 2019-12-12 |
US11507681B2 (en) | 2022-11-22 |
EP3814945A2 (en) | 2021-05-05 |
US20210294907A1 (en) | 2021-09-23 |
JP2021527286A (ja) | 2021-10-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7238111B2 (ja) | 分散型ファイルシステムのための暗号化 | |
US20190188079A1 (en) | Durable block storage in data center access nodes with inline erasure coding | |
US11086525B2 (en) | Resilient external memory | |
US10089009B2 (en) | Method for layered storage of enterprise data | |
US11693581B2 (en) | Authenticated stateless mount string for a distributed file system | |
US11262912B2 (en) | File operations in a distributed storage system | |
CN115867884A (zh) | 提供数据管理即服务 | |
US11579992B2 (en) | Methods and systems for rapid failure recovery for a distributed storage system | |
CN112262407A (zh) | 分布式文件系统中基于gpu的服务器 | |
US11422893B2 (en) | Storage system spanning multiple failure domains | |
US11994944B2 (en) | Efficient networking for a distributed storage system | |
CN112292661A (zh) | 扩展分布式存储系统 | |
WO2012074354A1 (en) | System architecture with cluster file for virtualization hosting environment | |
Zilber | TPT-RAID: a High Performance Box-Fault Tolerant Storage System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20211125 |
|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20221026 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20221028 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20230119 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20230130 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20230301 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 7238111 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |