Entity authentication for pre-authenticated links
US-2024396898-A1 · Nov 28, 2024 · US
Protecting the integrity and privacy of data with storage leases
US9165155B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9165155-B2 |
| Application number | US-201113282847-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 27, 2011 |
| Priority date | Oct 27, 2010 |
| Publication date | Oct 20, 2015 |
| Grant date | Oct 20, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Storage leases specify access restrictions and time periods, restricting access to their associated data during the storage lease time period. Storage leases may be assigned to individual data storage blocks or groups of data storage blocks in a data storage device. A data storage device may include any arbitrary number of different storage leases assigned to different portions of its data storage blocks. Storage lease-enabled devices may provide security certificates to verify that data access operations have been performed as requested and that their storage leases are being enforced. Storage lease-enabled devices compare storage lease information for data units with the current time using a clock isolated from access by storage clients or time certificates from one or more trusted time servers. Storage leases may be used in combination with backup applications, file systems, database systems, peer-to-peer data storage, and cloud storage systems.
First claim
Opening claim text (preview).
The invention claimed is: 1. A non-transitory computer-readable storage medium including instructions adapted to direct a computer to perform an operation, the operation comprising: receiving a first storage operation from a storage client, wherein the first storage operation is associated with first stored data; in response to receiving the first storage operation, accessing first storage lease information stored in one or more exclusive lease blocks specifying a first specific time and a second specific time of restricted access for the first stored data, the second specific time being after the first specific time, wherein the first storage lease information is stored in one or more lease blocks on the non-transitory computer-readable storage medium; wherein the one or more exclusive lease blocks are a portion of the non-transitory computer-readable storage medium configured to only store first storage lease information; comparing the first storage lease information retrieved from the one or more exclusive lease blocks with a current time reference; allowing the storage client to access the first stored data in response to the current time reference being before the first specific time specified by the first storage lease information and in response to determining the one or more data blocks associated with the first storage operation are associated with the first storage lease information; and restricting the storage client from either reading or overwriting the first stored data in response to the one or more data blocks associated with the first storage operation are not associated with the first storage lease information, or the current time reference being after the first specific time and before the second specific time specified by the first storage lease information. 2. The non-transitory computer-readable storage medium of claim 1 , wherein the first storage lease information includes a timestamp. 3. The non-transitory computer-readable storage medium of claim 2 , wherein the timestamp indicates the end of the first specific time period for restricted access to the first stored data. 4. The non-transitory computer-readable storage medium of claim 2 , wherein the timestamp indicates the beginning of the first specific time period for restricted access to the first stored data. 5. The non-transitory computer-readable storage medium of claim 1 , wherein allowing the first storage operation comprises: determining a storage space-time rate based on an amount of data consumed and a second time period of restricted storage access for at least one previously performed storage operation; comparing the storage space-time rate with a storage space-time rate limit; and allowing the first storage operation in response to the storage space-time rate being less than the storage space-time rate limit. 6. The non-transitory computer-readable storage medium of claim 1 , comprising: generating a security certificate in response to the completion of at least the first storage operation, wherein the security certificate indicates completion of at least the first storage operation. 7. The non-transitory computer-readable storage medium of claim 6 , wherein the security certificate includes a cryptographic hash based on at least the first storage operation. 8. The non-transitory computer-readable storage medium of claim 1 , wherein the current time reference is received from an internal clock isolated from the storage client. 9. The non-transitory computer-readable storage medium of claim 1 , wherein the current time reference is received from at least one external time server. 10. The non-transitory computer-readable storage medium of claim 9 , wherein the current time reference is received as at least one cryptographically signed time certificate. 11. The non-transitory computer-readable storage medium of claim 1 , wherein the current time reference is based at least in part on a measurement of a periodic process of a storage device. 12. The non-transitory computer-readable storage medium of claim 1 , wherein the first storage operation includes a data write operation. 13. The non-transitory computer-readable storage medium of claim 12 , wherein the first storage operation includes new storage lease information, the operation comprising: in response to allowing the first storage operation, updating the first storage lease information with the new storage lease information. 14. The non-transitory computer-readable storage medium of claim 1 , wherein the first storage operation includes a data read operation. 15. The non-transitory computer-readable storage medium of claim 1 , wherein the first storage lease information is associated with a first storage block including the first stored data. 16. The non-transitory computer-readable storage medium of claim 1 , comprising: in response to the current time reference being between the first specific time and the second specific time, providing a response message to the storage client indicating that the first storage operation was not performed. 17. The non-transitory computer-readable storage medium of claim 1 , wherein the restricted access to the first stored data includes at least one of reading or writing of the first stored data.
Assignees
Inventors
Classifications
- G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Time limited access, e.g. to a computer or data · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9165155B2 cover?
- Storage leases specify access restrictions and time periods, restricting access to their associated data during the storage lease time period. Storage leases may be assigned to individual data storage blocks or groups of data storage blocks in a data storage device. A data storage device may include any arbitrary number of different storage leases assigned to different portions of its data stor…
- Who is the assignee on this patent?
- Druschel Peter, Rodrigues Rodrigo, Post Ansley, and 3 more
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6218. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Oct 20 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).