Traffic-based Detection of a Security Threat to a Storage System
US-2021216625-A1 · Jul 15, 2021 · US
Fragment and shuffle erasure coding technique
US12505230B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12505230-B2 |
| Application number | US-202217663424-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 14, 2022 |
| Priority date | May 14, 2022 |
| Publication date | Dec 23, 2025 |
| Grant date | Dec 23, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A fragment and shuffle erasure coding operation is disclosed. In a transformative operation, encrypted fragments are generated from an input file. The transformative operation includes one or more iterations of chunking the file and mixing the chunks to generate a mixed sequence. The mixed sequence is sliced into encrypted fragments. The encrypted fragments are shuffled in a storage system such that physical locations of the encrypted fragments change over time.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method, comprising: receiving a file into an erasure coding engine, wherein the file is stored in a storage system; generating, by the erasure coding engine, encrypted fragments from the file in a transformative operation that includes chunking the file at least once into chunks, mixing an order of the chunks for each chunking and forming a sequence, and slicing the sequence into the encrypted fragments; performing a shuffling operation, by the erasure coding engine, to shuffle the encrypted fragments in the storage system to change physical storage locations of at least some of the encrypted fragments; and maintaining a shuffle index that maps logical locations of the encrypted fragments in the storage system to physical locations of the encrypted fragments in the storage system. 2 . The method of claim 1 , wherein the transformative operation includes generating first chunks, mixing the first chunks into a first sequence, generating second chunks from the first chunks in the first sequence, and mixing the second chunks into a second sequence. 3 . The method of claim 2 , wherein the transformative operation includes performing encryption. 4 . The method of claim 2 , wherein each of the encrypted fragments includes a piece from each of the first chunks. 5 . The method of claim 1 , further comprising shuffling the encrypted fragments such that the encrypted fragments are stored on multiple storage nodes of the storage system. 6 . The method of claim 5 , wherein the erasure coding engine operates on a specific node in the storage system. 7 . The method of claim 5 , wherein the erasure coding engine includes multiple instances operating at multiple nodes in the storage system. 8 . The method of claim 1 , further comprising shuffling the encrypted fragments to protect against eavesdropping, traffic analysis, and network pattern recognition. 9 . The method of claim 1 , further comprising performing the shuffling operation after generating the encrypted fragments, after a predetermined amount of time, and/or after a number of data accesses in the storage system. 10 . A non-transitory storage medium having stored therein instructions that are executable by one or more hardware processors to perform operations comprising: receiving a file into an erasure coding engine, wherein the file is stored in a storage system; generating, by the erasure coding engine, encrypted fragments from the file in a transformative operation that includes chunking the file at least once into chunks, mixing an order of the chunks for each chunking and forming a sequence, and slicing the sequence into the encrypted fragments; and performing a shuffling operation, by the erasure coding engine, to shuffle the encrypted fragments in the storage system to change physical storage locations of at least some of the encrypted fragments; and performing the shuffling operation after generating the encrypted fragments, after a predetermined amount of time, and/or after a number of data accesses in the storage system. 11 . The non-transitory storage medium of claim 10 , wherein the transformative operation includes generating first chunks, mixing the first chunks into a first sequence, generating second chunks from the first chunks in the first sequence, and mixing the second chunks into a second sequence. 12 . The non-transitory storage medium of claim 11 , wherein the transformative operation includes performing encryption. 13 . The non-transitory storage medium of claim 11 , wherein each of the encrypted fragments includes a piece from each of the first chunks. 14 . The non-transitory storage medium of claim 10 , further comprising shuffling the encrypted fragments such that the encrypted fragments are stored on multiple storage nodes of the storage system. 15 . The non-transitory storage medium of claim 14 , wherein the erasure coding engine operates on a specific node in the storage system. 16 . The non-transitory storage medium of claim 14 , wherein the erasure coding engine includes multiple instances operating at multiple nodes in the storage system. 17 . The non-transitory storage medium of claim 10 , further comprising shuffling the encrypted fragments to protect against eavesdropping, traffic analysis, and network pattern recognition. 18 . The non-transitory storage medium of claim 10 , further comprising maintaining a shuffle index that maps logical locations of the encrypted fragments in the storage system to physical locations of the encrypted fragments in the storage system.
Assignees
Inventors
Classifications
Details of conversion of file system types or formats · CPC title
- G06F21/602Primary
Providing cryptographic facilities or services · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12505230B2 cover?
- A fragment and shuffle erasure coding operation is disclosed. In a transformative operation, encrypted fragments are generated from an input file. The transformative operation includes one or more iterations of chunking the file and mixing the chunks to generate a mixed sequence. The mixed sequence is sliced into encrypted fragments. The encrypted fragments are shuffled in a storage system such…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/602. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 23 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).