Resilient secret sharing cloud based architecture for data vault
Abstract
A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.
Claims
exact text as granted — not AI-modified1 . A method of securely storing data comprising:
providing, within a secure data storage system, a plurality of secret sharing methods for selection; identifying a striping policy for storage of the data, in accordance with input preferences; splitting the data into a plurality, N, of secret shares according to a selected one of the plurality of secret sharing methods, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system; writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.
2 . The method of claim 1 , wherein the secret sharing methods include methods with relatively high security but relatively low resilience and methods with relatively high resilience but relatively low security and wherein the selection of the striping policy is based on preferences that are translated into security and resilience preferences.
3 . The method of claim 1 , wherein the secret sharing methods include methods with relatively high T/N and relatively low T/N and wherein an interface is provided to enable a user or administrator to input preferences that are translated into selection of a striping policy.
4 . The method of claim 1 , wherein the secret sharing methods include different secret sharing algorithms selected from the group that includes:
perfect secret sharing scheme (PSS); computational secret sharing (CSS); information dispersal algorithm; and Reed-Solomon encoding combined with encryption.
5 . The method of claim 1 , wherein the policy translates a user preference for security, resilience and/or performance into a selection of method.
6 . The method of claim 1 , wherein each share is written to an independent store, at least some of which are outside the secure storage system.
7 . The method of claim 1 , wherein the independent stores comprise a plurality of stores selected from the group that includes:
a public cloud; a private cloud; a relational data store; a non-SQL data store; and a file server.
8 . A system for securely storing data comprising:
a secret sharing module adapted to provide a plurality of secret sharing methods for selection, each method arranged to split the data into a plurality, N, of secret shares wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N; a policy module adapted to determine a policy for storage of the data, in accordance with input preferences, wherein the method selected by the secret sharing module for splitting the data is determined by the policy module; a metadata module for generating and storing metadata associated with the data, the metadata identifying the selected secret sharing method; and a memory interface for writing the secret shares to storage such that, when at least T shares are retrieved from storage, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.
9 . A computer program product or products comprising program code which, when executed by a computer or a plurality of interconnected computers, causes the computer(s) to:
receive data for secure storage; identify a striping policy for storage of the data, in accordance with input preferences; split the data into a plurality, N, of secret shares according to a selected one of the plurality of secret sharing methods, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N; generate and store metadata associated with the data, the metadata identifying the selected secret sharing method; write the secret shares to storage; retrieve at least T shares; recall the metadata; identify the selected secret sharing method from the metadata; and recover the data.
10 . A method of securely storing data comprising:
fragmenting the data into a plurality, N, of secret shares of equal size according to a secret sharing algorithm, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, splitting each share into data particles of equal size; writing the particles to storage such that the particles of each share are written to independent storage means corresponding to that share, each particle being identified only by an identifier unique within its respective storage means.
11 . The method of claim 10 further comprising pre-storing particles of dummy data within each storage means, whereby the particles of data and particles of dummy data co-exist in the storage means.
12 . The method of claim 10 , further comprising performing a clean-up process for each storage means, whereby particles that exist in the storage means are identified as having expired, whereby particles of data and particles of expired data co-exist in the storage means.
13 . The method of claim 10 , further comprising identifying a persistence policy for storage of the data in accordance with input preferences, whereby a set of storage means is selected for storage of the data in accordance with the persistence policy.
14 . The method of claim 10 , further comprising identifying a persistence policy for storage of the data in accordance with a sensitivity attribute associated with the data.
15 . The method of claim 13 , wherein polices are defined for user selection that include restrictions on attributes of the storage means that are to be selected to make up the set of storage means.
16 . The method of claim 13 , wherein polices are defined for user selection that include different attributes for each of the storage means that are to be selected to make up the set of storage means.
17 . The method of claim 16 wherein the attributes include identifiers of storage providers and geographical locations of the storage means.
18 . The method of claim 13 , wherein polices are defined for user selection that include user latency preference.
19 . The method of claim 13 , wherein polices are defined for user selection that include duplication of one or more shares across plural independent storage means.
20 . The method of claim 13 , wherein polices are defined for user selection that include trustworthiness of the storage means.
21 . The method of claim 10 , further comprising monitoring the performance of each storage means for improvement of selection of storage means according to persistence policy.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.