公开(公告)号：US07574598B2

公开(公告)日：2009-08-11

申请号：US11150801

申请日：2005-06-10

申请人： John R. Douceur ,  William J. Bolosky ,  Marvin M. Theimer

发明人： John R. Douceur ,  William J. Bolosky ,  Marvin M. Theimer

IPC分类号： H04L29/06

CPC分类号： H04L9/3236 ,  H04L9/3247 ,  Y10S707/99953 ,  Y10S707/99955

摘要： Cryptographic protocols and methods of employing the same are described. The described protocols advantageously enable two or more identical encryptable objects that are coded for encryption with different keys to be identified as identical without access to either the unencrypted objects or the keys that are used in the encryption process. Additionally, the protocols enable two or more identical encryptable objects to be processed with different encryption keys, yet be stored in a manner so that the total required storage space is proportional to the space that is required to store a single encryptable object, plus a constant amount for each distinct encryption key. In various embodiments, the encryptable objects comprise files and the cryptographic protocols enable encrypted files to be used in connection with single instance store (SIS) systems.

摘要翻译： 描述了使用它们的密码协议和方法。 所描述的协议有利地使得被编码用于具有不同密钥的加密的两个或更多个相同的可加密对象被识别为相同，而不访问加密过程中使用的未加密对象或密钥。 另外，这些协议允许使用不同的加密密钥来处理两个或多个相同的可加密对象，但是以一定的方式存储，使得所需的总存储空间与存储单个可加密对象所需的空间成正比，加上常数 每个不同加密密钥的数量。 在各种实施例中，可加密对象包括文件，并且加密协议使加密文件能够与单实例存储（SIS）系统相关联使用。

公开(公告)号：US07310644B2

公开(公告)日：2007-12-18

申请号：US09876377

申请日：2001-06-06

申请人： Atul Adya ,  William J. Bolosky ,  John R. Douceur ,  Marvin M. Theimer

发明人： Atul Adya ,  William J. Bolosky ,  John R. Douceur ,  Marvin M. Theimer

IPC分类号： G06F17/30

CPC分类号： G06F17/30156

摘要： Potentially identical objects (such as files) across multiple computers are located. In one embodiment, a computer generates object information for an object stored on the computer. The object information can be generated in a variety of manners (e.g., based on hashing the object, based on characteristics of the object, and so forth). The object information is then transferred to one or more database server computers, where the object information can be compared to object information from other computers to determine whether the object is potentially identical to another object on one of the other computers.

摘要翻译： 位于多个计算机上的潜在相同对象（如文件）。 在一个实施例中，计算机生成存储在计算机上的对象的对象信息。 可以以各种方式生成对象信息（例如，基于对象的散列，基于对象的特征等）。 然后将对象信息传送到一个或多个数据库服务器计算机，其中可以将对象信息与来自其他计算机的对象信息进行比较，以确定对象是否与其他计算机之一上的另一个对象潜在地相同。

公开(公告)号：US06983365B1

公开(公告)日：2006-01-03

申请号：US09565821

申请日：2000-05-05

申请人： John R. Douceur ,  William J. Bolosky ,  Marvin M. Theimer

发明人： John R. Douceur ,  William J. Bolosky ,  Marvin M. Theimer

IPC分类号： H04L9/00

CPC分类号： H04L9/3236 ,  H04L9/3247 ,  Y10S707/99953 ,  Y10S707/99955

摘要： Cryptographic protocols and methods of employing the same are described. The described protocols advantageously enable two or more identical encryptable objects that are coded for encryption with different keys to be identified as identical without access to either the unencrypted objects or the keys that are used in the encryption process. Additionally, the protocols enable two or more identical encryptable objects to be processed with different encryption keys, yet be stored in a manner so that the total required storage space is proportional to the space that is required to store a single encryptable object, plus a constant amount for each distinct encryption key. In various embodiments, the encryptable objects comprise files and the cryptographic protocols enable encrypted files to be used in connection with single instance store (SIS) systems.

摘要翻译： 描述了使用它们的密码协议和方法。 所描述的协议有利地使得被编码用于具有不同密钥的加密的两个或更多个相同的可加密对象被识别为相同，而不访问加密过程中使用的未加密对象或密钥。 另外，这些协议允许使用不同的加密密钥来处理两个或多个相同的可加密对象，但是以一定的方式存储，使得所需的总存储空间与存储单个可加密对象所需的空间成正比，加上常数 每个不同加密密钥的数量。 在各种实施例中，可加密对象包括文件，并且加密协议使加密文件能够与单实例存储（SIS）系统相关联使用。

公开(公告)号：US07509423B2

公开(公告)日：2009-03-24

申请号：US10992024

申请日：2004-11-18

申请人： John R. Douceur ,  Marvin M. Theimer ,  Atul Adya ,  William J. Bolosky

发明人： John R. Douceur ,  Marvin M. Theimer ,  Atul Adya ,  William J. Bolosky

IPC分类号： G06F15/13

CPC分类号： G06F17/30156 ,  Y10S707/99944 ,  Y10S707/99946 ,  Y10S707/99952 ,  Y10S707/99953

摘要： Potentially identical objects (e.g., files) are located across multiple computers based on stochastic partitioning of workload. For each of a plurality of objects stored on a plurality of computers in a network, a portion of object information corresponding to the object is selected. The object information can be generated in a variety of manners (e.g., based on hashing the object, based on characteristics of the object, and so forth). Any of a variety of portions of the object information can be used (e.g., the least significant bits of the object information). A stochastic partitioning process is then used to identify which of the plurality of computers to communicate the object information to for identification of potentially identical objects on the plurality of computers.

公开(公告)号：US07505970B2

公开(公告)日：2009-03-17

申请号：US10959701

申请日：2004-10-06

申请人： Atul Adya ,  William J. Bolosky ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer

发明人： Atul Adya ,  William J. Bolosky ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer

IPC分类号： G06F7/00 ,  G06F17/30

CPC分类号： G06F17/30094 ,  G06F17/30171 ,  G06F17/30899 ,  G06F2201/825 ,  H04L63/0823 ,  H04L63/123 ,  Y10S707/956 ,  Y10S707/99931 ,  Y10S707/99938

摘要： A serverless distributed file system manages the storage of files and directories using one or more directory groups. The directories may be managed using Byzantine-fault-tolerant groups, whereas files are managed without using Byzantine-fault-tolerant groups. Additionally, the file system may employ a hierarchical namespace to store files. Furthermore, the directory group may employ a plurality of locks to control access to objects (e.g., files and directories) in each directory.

公开(公告)号：US06981138B2

公开(公告)日：2005-12-27

申请号：US09817812

申请日：2001-03-26

申请人： John R. Douceur ,  Atul Adya ,  William J. Bolosky ,  Marvin M. Theimer

发明人： John R. Douceur ,  Atul Adya ,  William J. Bolosky ,  Marvin M. Theimer

IPC分类号： H04L9/08 ,  H04L9/30 ,  H04L9/00

CPC分类号： H04L9/0825 ,  H04L9/0894

摘要： A file that has been encrypted using a symmetric key and that has a corresponding access control entry with the symmetric key encrypted using the public key of a public/private key pair can be accessed. An encrypted key cache is also accessed to determine whether an access control entry to symmetric key mapping exists in the cache for the access control entry corresponding to the file. If such a mapping exists in the cache, then the mapped-to symmetric key is obtained form the cache, otherwise the encrypted symmetric key is decrypted using the private key of the public/private key pair. The encrypted key cache itself can also be encrypted and stored as an encrypted file.

公开(公告)号：US20090132552A1

公开(公告)日：2009-05-21

申请号：US12361678

申请日：2009-01-29

申请人： Atul Adya ,  William J. Bolosky ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer

发明人： Atul Adya ,  William J. Bolosky ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer

IPC分类号： G06F17/30 ,  G06F12/02 ,  H04L9/00

CPC分类号： G06F17/30094 ,  G06F17/30171 ,  G06F17/30899 ,  G06F2201/825 ,  H04L63/0823 ,  H04L63/123 ,  Y10S707/956 ,  Y10S707/99931 ,  Y10S707/99938

摘要： A serverless distributed file system manages the storage of files and directories using one or more directory groups. The directories may be managed using Byzantine-fault-tolerant groups, whereas files are managed without using Byzantine-fault-tolerant groups. Additionally, the file system may employ a hierarchical namespace to store files. Furthermore, the directory group may employ a plurality of locks to control access to objects (e.g., files and directories) in each directory.

摘要翻译： 无服务器分布式文件系统使用一个或多个目录组来管理文件和目录的存储。 可以使用拜占庭容错组来管理目录，而不使用拜占庭容错组来管理文件。 此外，文件系统可以使用分层命名空间来存储文件。 此外，目录组可以使用多个锁来控制对每个目录中的对象（例如，文件和目录）的访问。

公开(公告)号：US07359937B2

公开(公告)日：2008-04-15

申请号：US11134124

申请日：2005-05-20

申请人： John R. Douceur ,  Marvin M. Theimer ,  Atul Adya ,  William J. Bolosky

发明人： John R. Douceur ,  Marvin M. Theimer ,  Atul Adya ,  William J. Bolosky

IPC分类号： G06F15/13

CPC分类号： G06F17/30156 ,  Y10S707/99944 ,  Y10S707/99946 ,  Y10S707/99952 ,  Y10S707/99953

摘要： Potentially identical objects (e.g., files) are located across multiple computers based on stochastic partitioning of workload. For each of a plurality of objects stored on a plurality of computers in a network, a portion of object information corresponding to the object is selected. The object information can be generated in a variety of manners (e.g., based on hashing the object, based on characteristics of the object, and so forth). Any of a variety of portions of the object information can be used (e.g., the least significant bits of the object information). A stochastic partitioning process is then used to identify which of the plurality of computers to communicate the object information to for identification of potentially identical objects on the plurality of computers.

公开(公告)号：US08112452B2

公开(公告)日：2012-02-07

申请号：US12361678

申请日：2009-01-29

申请人： Atul Adya ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer ,  William J. Bolosky

发明人： Atul Adya ,  Gerald Cermak ,  John R. Douceur ,  Marvin M. Theimer ,  Roger P. Wattenhofer ,  William J. Bolosky

IPC分类号： G06F7/00 ,  G06F17/30 ,  G06F12/00

CPC分类号： G06F17/30094 ,  G06F17/30171 ,  G06F17/30899 ,  G06F2201/825 ,  H04L63/0823 ,  H04L63/123 ,  Y10S707/956 ,  Y10S707/99931 ,  Y10S707/99938

摘要： A serverless distributed file system manages the storage of files and directories using one or more directory groups. The directories may be managed using Byzantine-fault-tolerant groups, whereas files are managed without using Byzantine-fault-tolerant groups. Additionally, the file system may employ a hierarchical namespace to store files. Furthermore, the directory group may employ a plurality of locks to control access to objects (e.g., files and directories) in each directory.

摘要翻译： 无服务器分布式文件系统使用一个或多个目录组来管理文件和目录的存储。 可以使用拜占庭容错组来管理目录，而不使用拜占庭容错组来管理文件。 此外，文件系统可以使用分层命名空间来存储文件。 此外，目录组可以使用多个锁来控制对每个目录中的对象（例如，文件和目录）的访问。

公开(公告)号：US07886364B2

公开(公告)日：2011-02-08

申请号：US11206556

申请日：2005-08-18

申请人： John R. Douceur ,  Atul Adya ,  William J. Bolosky ,  Marvin M. Theimer

发明人： John R. Douceur ,  Atul Adya ,  William J. Bolosky ,  Marvin M. Theimer

IPC分类号： H04L9/00 ,  H04K1/00 ,  H04N7/173 ,  G06F11/30 ,  H04L9/08 ,  H04L9/30 ,  G06F12/14 ,  G06F21/00

CPC分类号： H04L9/0825 ,  H04L9/0894

摘要： A file that has been encrypted using a symmetric key and that has a corresponding access control entry with the symmetric key encrypted using the public key of a public/private key pair can be accessed. An encrypted key cache is also accessed to determine whether an access control entry to symmetric key mapping exists in the cache for the access control entry corresponding to the file. If such a mapping exists in the cache, then the mapped-to symmetric key is obtained form the cache, otherwise the encrypted symmetric key is decrypted using the private key of the public/private key pair. The encrypted key cache itself can also be encrypted and stored as an encrypted file.

摘要翻译： 可以访问已经使用对称密钥加密并具有使用公钥/私钥对的公钥加密的对称密钥的相应访问控制条目的文件。 还访问加密密钥高速缓存以确定对应于该文件的访问控制条目的高速缓存中是否存在对称密钥映射的访问控制条目。 如果高速缓存中存在这样的映射，则从高速缓存获得映射到对称密钥，否则使用公钥/私钥对的私钥解密加密的对称密钥。 加密的密钥缓存本身也可以加密并存储为加密文件。