-
公开(公告)号:US10447474B2
公开(公告)日:2019-10-15
申请号:US12551145
申请日:2009-08-31
申请人: Wesley Leggette , Jason K. Resch
发明人: Wesley Leggette , Jason K. Resch
摘要: A computing system retrieves securely stored encrypted and encoded data from a dispersed data storage system. The computing system includes a processing module and a plurality of storage units. The processing module includes an error decoder and a decryptor and to decode and decrypt the encrypted and encoded data retrieved from the dispersed data storage system utilizing a read command to the storage units. The storage units retrieve the encrypted and encoded data and send the encrypted and encoded data to the processing module when receiving the read command.
-
公开(公告)号:US09092385B2
公开(公告)日:2015-07-28
申请号:US13587224
申请日:2012-08-16
申请人: Jason K. Resch , Wesley Leggette
发明人: Jason K. Resch , Wesley Leggette
IPC分类号: H04L9/32 , G06F11/16 , H04L9/08 , G06F3/06 , G06F11/00 , G06F15/173 , H04L29/06 , G06F21/00 , H04L9/00 , G06F11/14
CPC分类号: H04L9/0894 , G06F3/06 , G06F3/0604 , G06F3/067 , G06F11/00 , G06F11/1446 , G06F11/1612 , G06F15/17331 , G06F21/00 , G06F2211/1028 , H04L9/00 , H04L9/085 , H04L9/0863 , H04L9/0869 , H04L9/0877 , H04L9/32 , H04L9/321 , H04L9/3263 , H04L29/06 , H04L2209/16
摘要: A method begins by a dispersed storage (DS) processing module generating a temporary public-private key pair, a restricted use certificate, and a temporary password for a device. The method continues with the DS processing encoding a temporary private key to produce a set of encoded private key shares and encoding the restricted use certificate to produce a set of encoded certificate shares. The method continues with the DS processing module outputting the set of encoded private key shares and the set of encoded certificate shares to a set of authentication units. The method continues with the DS processing module outputting the temporary password to the device such that, when the device retrieves the set of encoded private key shares and the set of encoded certificate shares, the device is able to recapture the temporary private key and the restricted use certificate for accessing a dispersed storage network (DSN).
摘要翻译: 方法由分散存储(DS)处理模块开始,该模块生成用于设备的临时公私密钥对,限制使用证书和临时密码。 该方法继续处理编码临时私钥的DS处理,以产生一组编码的私钥共享并对受限使用证书进行编码以产生一组编码的证书共享。 该方法继续,DS处理模块将编码的私钥共享集合和编码的证书共享集合输出到一组认证单元。 该方法继续DS处理模块向设备输出临时密码,使得当设备检索编码的私钥共享集合和编码的证书共享集合时,该设备能够重新捕获临时私钥并且被限制 使用证书访问分散的存储网络(DSN)。
-
93.发明授权Utilizing a dispersed storage network access token module to store data in a dispersed storage network memory 有权利用分散的存储网络访问令牌模块将数据存储在分散的存储网络存储器中公开(公告)号:US09081714B2
公开(公告)日:2015-07-14
申请号:US13347140
申请日:2012-01-10
申请人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
发明人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
IPC分类号: G06F11/10 , G06F11/14 , G06F11/00 , G06F3/06 , G06F15/173 , H04L9/08 , H04L29/08 , G06F21/80
CPC分类号: G06F11/1076 , G06F3/06 , G06F3/0604 , G06F3/0619 , G06F3/0665 , G06F3/067 , G06F11/00 , G06F11/1008 , G06F11/1402 , G06F11/1446 , G06F11/1448 , G06F15/17331 , G06F21/805 , H04L9/085 , H04L67/1097
摘要: A method for storing data begins with determining, by a computing device, where to store the data and continues with managing, by a dispersed storage network (DSN) access token module, a pairing between the DSN access token module and the computing device. The method continues with sending, by the computing device, at least a portion of the data to the DSN access token module and encoding, by the DSN access token module, the at least a portion of the data using a dispersed storage error encoding function to produce one or more sets of encoded data slices. The method continues with sending, by the DSN access token module, the one or more sets of encoded data slices and storage information to the computing device and sending, by the computing device, the one or more sets of encoded data slices to the DSN memory for storage therein.
摘要翻译: 用于存储数据的方法开始于由计算设备确定在哪里存储数据,并继续通过分散的存储网络(DSN)访问令牌模块来管理DSN访问令牌模块和计算设备之间的配对。 该方法继续由计算设备将数据的至少一部分发送到DSN访问令牌模块,并且由DSN访问令牌模块使用分散的存储错误编码功能对该数据的至少一部分进行编码, 产生一组或多组编码数据片。 该方法继续由DSN访问令牌模块将一组或多组编码数据片段和存储信息发送到计算设备,并由计算设备将一组或多组编码数据片段发送到DSN存储器 用于存储。
-
94.发明授权Retrieval of encoded data slices and encoded instruction slices by a computing device 有权通过计算设备检索编码数据片和编码指令片公开(公告)号:US08910022B2
公开(公告)日:2014-12-09
申请号:US13372650
申请日:2012-02-14
申请人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
发明人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
CPC分类号: G06F11/1076 , G06F3/067 , G06F11/1004 , G06F11/1008 , G06F11/1448 , G06F15/177 , H04L63/0428 , H04L67/1097 , G06F11/1412 , G06F11/1402
摘要: A computing device includes a central processing unit (CPU) and a memory system module. The CPU includes a data dispersed storage error coding (DSEC) module operable to DSEC decode a set of encoded ingress data slices to recapture ingress data and DSEC encode egress data to produce a set of encoded egress data slices, an instruction DSEC module operable to DSEC decode a set of encoded instruction slices to recapture an instruction, and an arithmetic logic unit (ALU) operable to, execute the instruction on the ingress data and execute the instruction to produce the egress data. The memory system module is operable to coordinate retrieval of the set of encoded ingress data slices from memory, coordinate retrieval of the set of encoded instruction slices from the memory, and coordinate storage of the set of encoded egress data slices in the memory.
摘要翻译: 计算设备包括中央处理单元(CPU)和存储器系统模块。 CPU包括数据分散存储错误编码(DSEC)模块,可操作以DSEC对一组编码的入口数据片段进行解码,以重新采集入口数据和DSEC编码出口数据以产生一组编码的出口数据片段,指令DSEC模块可操作以用于DSEC 解码一组编码指令片以重新获取指令;以及算术逻辑单元(ALU),可操作以执行关于入口数据的指令并执行产生出口数据的指令。 存储器系统模块可操作以协调从存储器检索编码入口数据片段的集合,协调从存储器检索编码指令片段集合,以及将编码出口数据片段集合存储在存储器中。
-
95.发明授权Configuring a generic computing device utilizing specific computing device operation information 有权使用特定的计算设备操作信息配置通用计算设备公开(公告)号:US08868695B2
公开(公告)日:2014-10-21
申请号:US13372611
申请日:2012-02-14
申请人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
发明人: Gary W. Grube , Timothy W. Markison , Greg Dhuse , Jason K. Resch , Ilya Volvovski , Wesley Leggette
IPC分类号: G06F15/177
CPC分类号: G06F11/1076 , G06F3/067 , G06F11/1004 , G06F11/1008 , G06F11/1448 , G06F15/177 , H04L63/0428 , H04L67/1097 , G06F11/1412 , G06F11/1402
摘要: A method begins with the specific computing device token sending a distributed storage network (DSN) access request to DSN memory via the generic computing device. The DSN access request identifies specific computing device operation information that is stored as one or more of-sets of encoded data slices in the DSN memory. The method continues with the specific computing device token receiving the one or more of sets of encoded data slices from the DSN memory via the generic computing device and decoding the one or more of sets of encoded data slices to retrieve the specific computing device operation information. The method continues with enabling the generic computing device to function as a specific computing device in accordance with the specific computing device operation information.
摘要翻译: 一种方法开始于特定计算设备令牌通过通用计算设备向DSN存储器发送分布式存储网络(DSN)访问请求。 DSN访问请求识别作为DSN存储器中的一组或多组编码数据片段存储的特定计算设备操作信息。 该方法继续特定计算设备令牌经由通用计算设备从DSN存储器接收一组或多组编码数据片,并解码一组或多组编码数据片以检索特定的计算设备操作信息。 该方法继续使得通用计算设备能够根据特定计算设备操作信息用作特定计算设备。
-
公开(公告)号:US08744071B2
公开(公告)日:2014-06-03
申请号:US12551117
申请日:2009-08-31
申请人: Wesley Leggette , Jason K. Resch
发明人: Wesley Leggette , Jason K. Resch
IPC分类号: H04L9/28
CPC分类号: G06F21/78 , G06F11/1012 , H03M13/15 , H03M13/1515 , H03M13/23 , H04L9/085 , H04L9/0894 , H04L63/045 , H04L2209/16 , H04L2209/34 , H04L2463/062
摘要: A computing system securely stores data to a dispersed data storage system. The computing system includes a processing module and a plurality of storage units. The processing module includes an encryptor and error encoder to encrypt and encode the data for dispersal utilizing a write command to the storage units. The storage units store the encrypted and encoded data when receiving the write command and the encrypted and encoded data.
摘要翻译: 计算系统将数据安全地存储到分散的数据存储系统。 计算系统包括处理模块和多个存储单元。 处理模块包括加密和错误编码器,用于对数据进行加密和编码,以便利用对存储单元的写入命令进行扩散。 存储单元在接收到写命令和加密和编码数据时存储加密和编码数据。
-
公开(公告)号:US08627091B2
公开(公告)日:2014-01-07
申请号:US13413232
申请日:2012-03-06
申请人: Greg Dhuse , Jason K. Resch , Wesley Leggette
发明人: Greg Dhuse , Jason K. Resch , Wesley Leggette
IPC分类号: H04L9/32 , H04L9/08 , H04N21/8358
CPC分类号: H04L67/1004 , G06F11/1076 , H04L9/085 , H04L9/0891 , H04L9/0894 , H04L9/3247 , H04L67/1097 , H04L67/2847 , H04L2209/34 , H04N21/8358
摘要: A method begins by a module to generate a secure signature on an item by selecting a first key representation index of a set of key representation indexes, wherein a first mathematical encoding of a private key generates a first plurality of key shares as a first key representation. The method continues with the module determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of a first set of dispersed storage (DS) units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions and when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions.
摘要翻译: 一种方法由模块开始,以通过选择一组密钥表示索引的第一密钥表示索引来生成项目上的安全签名,其中私钥的第一数学编码生成第一多个密钥共享作为第一密钥表示 。 该方法继续,模块确定是否已经基于第一密钥表示索引响应于对于项目的签名请求已经接收到第一多个签名贡献,其中第一组分散存储(DS)单元中的一个执行第一 数学签名函数,使用项目上的第一组多个密钥共享中的一个来产生第一多个签名贡献的签名贡献;以及当已经接收到第一多个签名贡献时,从该第一个多个签名贡献产生该项目上的安全签名 的签名贡献。
-
公开(公告)号:US08627065B2
公开(公告)日:2014-01-07
申请号:US13288076
申请日:2011-11-03
申请人: Wesley Leggette , Jason K. Resch , Bart Cilfone
发明人: Wesley Leggette , Jason K. Resch , Bart Cilfone
IPC分类号: H04L29/06
CPC分类号: H04L63/0823 , G06F3/0605 , G06F3/0614 , G06F3/0643 , G06F3/0647 , G06F3/067 , G06F11/1076 , G06F12/06 , G06F2211/1057
摘要: A method begins by a processing module receiving a certificate chain and determining whether at least one of one or more signed certificates of the chain has a valid signature. When the at least one of the one or more signed certificates has a valid signature, the method continues with the processing module identifying one or more certificate authorities (CA) to produce identified CAs, accessing registry information that includes one or more realm identifiers (IDs) and a plurality of trusted CA IDs, determining whether one or more of the identified CAs is a trusted CA, and when the one or more of the identified CAs is a trusted CA, indicating that the certificate chain is valid, identifying a realm ID based on a trusted CA ID, and generating certificate chain validation information to include the realm ID, trusted CAs, and the indication of the validity of the certificate chain.
摘要翻译: 一种方法由接收证书链的处理模块开始,并确定链中的一个或多个签名证书中的至少一个是否具有有效签名。 当所述一个或多个签名证书中的至少一个具有有效签名时,该方法继续处理模块识别一个或多个证书颁发机构(CA)以产生所识别的CA,访问包括一个或多个域标识符(ID)的注册表信息 )和多个可信CAID,确定所识别的CA中的一个或多个是否是受信任的CA,以及当所识别的CA中的一个或多个是指示证书链有效的可信CA时,识别领域ID 基于可信任的CA ID,以及生成证书链验证信息以包括领域ID,受信任的CA以及证书链的有效性的指示。
-
公开(公告)号:US20120311395A1
公开(公告)日:2012-12-06
申请号:US13464048
申请日:2012-05-04
申请人: Wesley Leggette , Jason K. Resch
发明人: Wesley Leggette , Jason K. Resch
CPC分类号: G06F21/6227 , G06F3/0604 , G06F3/0644 , G06F3/067 , G06F11/10 , G06F11/1076 , G06F11/2089 , G06F12/1408 , G06F15/17331 , G06F17/30283 , G06F21/602 , G06F21/6218 , G06F21/64 , G06F2212/263 , G06F2221/2107 , H04L9/085 , H04L9/0861 , H04L2209/24 , H04L2209/34
摘要: A method begins by a dispersed storage (DS) processing module generating preliminary dispersed storage network (DSN) storage information for data to be stored in a DSN. The method continues with the DS processing module accessing DSN storage information regarding other data stored in the DSN and comparing the preliminary DSN storage information for the data with the DSN storage information regarding the other data. When at least a portion of the data has compatible preliminary DSN storage information with DSN storage information of at least a portion of the other data, the method continues with the DS processing module generating DSN storage information for remaining portions of the data to produce remaining portions DSN storage information and generating DSN storage information for the data based on the DSN storage information of the at least the portion of the other data and the remaining portions DSN storage information.
摘要翻译: 一种分散存储(DS)处理模块开始的方法是生成用于要存储在DSN中的数据的预分散存储网络(DSN)存储信息。 该方法继续DS处理模块访问与存储在DSN中的其他数据相关的DSN存储信息,并将数据的初步DSN存储信息与其他数据的DSN存储信息进行比较。 当数据的至少一部分具有与其他数据的至少一部分的DSN存储信息兼容的初始DSN存储信息时,DS处理模块继续生成用于数据剩余部分的DSN存储信息以产生剩余部分 DSN存储信息,并且基于其他数据的至少一部分的DSN存储信息和剩余部分DSN存储信息来生成数据的DSN存储信息。
-
公开(公告)号:US20120254619A1
公开(公告)日:2012-10-04
申请号:US13413232
申请日:2012-03-06
申请人: Greg Dhuse , Jason K. Resch , Wesley Leggette
发明人: Greg Dhuse , Jason K. Resch , Wesley Leggette
IPC分类号: H04L9/32
CPC分类号: H04L67/1004 , G06F11/1076 , H04L9/085 , H04L9/0891 , H04L9/0894 , H04L9/3247 , H04L67/1097 , H04L67/2847 , H04L2209/34 , H04N21/8358
摘要: A method begins by a module to generate a secure signature on an item by selecting a first key representation index of a set of key representation indexes, wherein a first mathematical encoding of a private key generates a first plurality of key shares as a first key representation. The method continues with the module determining whether a first plurality of signature contributions have been received in response to a signature request for the item based on the first key representation index, wherein one of a first set of dispersed storage (DS) units executes a first mathematical signature function using one of the first plurality of key shares on the item to produce a signature contribution of the first plurality of signature contributions and when the first plurality of signature contributions have been received, generating the secure signature on the item from the first plurality of signature contributions.
摘要翻译: 一种方法由模块开始,以通过选择一组密钥表示索引的第一密钥表示索引来生成项目上的安全签名,其中私钥的第一数学编码生成第一多个密钥共享作为第一密钥表示 。 该方法继续,模块确定是否已经基于第一密钥表示索引响应于对于项目的签名请求已经接收到第一多个签名贡献,其中第一组分散存储(DS)单元中的一个执行第一 数学签名函数,使用项目上的第一组多个密钥共享中的一个来产生第一多个签名贡献的签名贡献;以及当已经接收到第一多个签名贡献时,从该第一个多个签名贡献产生该项目上的安全签名 的签名贡献。
-
-
-
-
-
-
-
-
-
搜索结果
226 条记录 (耗时 0.049 秒)
