WO2002062032A9 - Method and system for secure exchange of messages - Google Patents

Method and system for secure exchange of messages

Info

Publication number
WO2002062032A9
WO2002062032A9 PCT/US2001/050069 US0150069W WO02062032A9 WO 2002062032 A9 WO2002062032 A9 WO 2002062032A9 US 0150069 W US0150069 W US 0150069W WO 02062032 A9 WO02062032 A9 WO 02062032A9
Authority
WO
WIPO (PCT)
Prior art keywords
message
file
destination
segments
message segments
Prior art date
Application number
PCT/US2001/050069
Other languages
French (fr)
Other versions
WO2002062032A2 (en
WO2002062032A3 (en
Inventor
Li Shu
Dorothy C Poppe
Original Assignee
Draper Lab Charles S
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Draper Lab Charles S filed Critical Draper Lab Charles S
Priority to AU2002248234A priority Critical patent/AU2002248234A1/en
Publication of WO2002062032A2 publication Critical patent/WO2002062032A2/en
Publication of WO2002062032A3 publication Critical patent/WO2002062032A3/en
Publication of WO2002062032A9 publication Critical patent/WO2002062032A9/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • G06F11/10Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
    • G06F11/1076Parity data used in redundant arrays of independent storages, e.g. in RAID systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0001Systems modifying transmission characteristics according to link quality, e.g. power backoff
    • H04L1/0009Systems modifying transmission characteristics according to link quality, e.g. power backoff by adapting the channel coding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0041Arrangements at the transmitter end
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0064Concatenated codes
    • H04L1/0066Parallel concatenated codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/0078Avoidance of errors by organising the transmitted data in a format specifically designed to deal with errors, e.g. location
    • H04L1/0083Formatting with frames or packets; Protocol or part of protocol for error control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/02Arrangements for detecting or preventing errors in the information received by diversity reception
    • H04L1/06Arrangements for detecting or preventing errors in the information received by diversity reception using space diversity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L25/00Baseband systems
    • H04L25/02Details ; arrangements for supplying electrical power along data transmission lines
    • H04L25/14Channel dividing arrangements, i.e. in which a single bit stream is divided between several baseband channels and reassembled at the receiver
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/24Multipath
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/10Indexing scheme relating to G06F11/10
    • G06F2211/1002Indexing scheme relating to G06F11/1076
    • G06F2211/1028Distributed, i.e. distributed RAID systems with parity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0057Block codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0056Systems characterized by the type of code used
    • H04L1/0059Convolutional codes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/18Automatic repetition systems, e.g. Van Duuren systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L2001/0092Error control systems characterised by the topology of the transmission link
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L2001/0092Error control systems characterised by the topology of the transmission link
    • H04L2001/0093Point-to-multipoint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L2001/0092Error control systems characterised by the topology of the transmission link
    • H04L2001/0096Channel splitting in point-to-point links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/06Optimizing the usage of the radio link, e.g. header compression, information sizing, discarding information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing
    • H04W40/12Communication route or path selection, e.g. power-based or shortest path routing based on transmission quality or channel quality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support

Definitions

  • the invention generally relates to electronic communications, and, more particularly, to security in network- based communications.
  • a secure network typically requires steps be taken to protect the network from intruders. Such steps can include special communications protocols or special hardware, for example, use of a secure, optical network backbone. In such cases, secure communications, if at all possible, are limited to the confines of the secure network.
  • the secure host approach includes installation of a security protocol on network host computers to monitor network communications.
  • the protocol provides review and control of network communications to guard against theft and tampering.
  • This approach requires the host computers to implement a security protocol that operates at Layer 3 or 4 of the Open Systems Interconnection (OSI) model.
  • OSI Open Systems Interconnection
  • a variety of encryption devices or software tools can protect data communications from theft and tampering. For example, keyed encryption techniques are common. Such techniques typically require that a sender and a recipient of a message share some information regarding an encryption algorithm and encryption/decryption key to enable the recipient to de-encrypt a message .
  • message packet headers are particularly vulnerable to tampering because the packet header typically cannot be encrypted. Variants of the above general schemes have been proposed to respond to this problem. Further, message packets can be modified to enable detection of tampering and hence the potential of an altered message packet. Alternatively, a message can be disguised to appear as an ordinary message to fool an eavesdropper. The ordinary appearing message would have a distinct meaning to a recipient based on prior agreement between the sender and the recipient .
  • the invention generally involves secure data transmission over a network.
  • the invention is particularly suited to message transmission over a network that has multiple pathways.
  • Various embodiments of the invention can defeat eavesdroppers wishing to intercept or interfere with a message.
  • a solution is provided for the problem of the publicly visible addresses that are typically associated with transmitted communications.
  • the invention is suited to protect various types of communications .
  • the communications may be digital electronic communications and may include, for example, messages and data.
  • the communications may be sent via a network in the form of packets.
  • the network may be, for example, a wired, wireless or optical network.
  • trusted intermediaries i.e. nodes
  • the ultimate destination of the communication is generally concealed from all but the intermediary.
  • an intermediary receives a message or other communication from a source, examines the concealed address of the destination and forwards the communication to the destination.
  • the source can be concealed while the destination address of the next trusted intermediary, which may be the final destination of the packet, is now publicly observable. In this manner, an eavesdropper cannot simultaneously discern the source and destination of a communication.
  • An eavesdropper attempting to intercept a message sent between two parties must therefore overcome multiple difficulties. If an eavesdropper observes transmissions such as data packets leaving a source, it cannot correctly identify the ultimate or real destination of each data packet. If the eavesdropper observes data packets arriving at a destination, it cannot correctly identify the original source of each packet. Thus, an eavesdropper may be impeded from identifying messages sent from a particular original source to a particular final destination.
  • the node can be, for example, a network node .
  • the node can be a computer server or a radio transceiver (e.g. a mobile telephone).
  • Splitting the message into message segments can make message interception and tampering more difficult.
  • An eavesdropper must then intercept multiple segments to obtain the message, and still will not know the source or the destination.
  • the ultimate destination addresses of the segments can be concealed when the segments are transmitted to one or more trusted nodes.
  • An eavesdropper seeking messages or segments addressed to a particular destination may then only perceive the message segments as being addressed to the intermediary, and thus fail to intercept them.
  • the invention features an apparatus for transmitting a file.
  • the file can include data or a message, or both. It can be in binary form, as for a typical computer data file. It can be a file of any form as utilized in electronic, electro-magnetic, and optical network-based communications.
  • the apparatus includes a file splitter that splits the file into a plurality of message segments. Each message segment includes an address of the destination.
  • transmit means the directing of a file from any source location to any destination location.
  • the actual transmission of a file may occur via all suitable techniques of file transfer, including, but not limited to, standard file-transfer protocols via an electronic or optical network .
  • the apparatus also includes a file encapsulator.
  • the file encapsulator encapsulates at least one of the plurality of message segments. The encapsulation conceals the address of the true origin and ultimate destination during transmission of at least one encapsulated message segment to one or more trusted nodes.
  • the trusted nodes may re-encapsulate the message and retransmit the message segments to the destination for reassembly of the file at the final destination.
  • the file splitter may also include a file converter.
  • the file converter converts the file into N message segments. The file can be reassembled from a subset of any M of the message segments, where N and M are positive integers, and N > M >1.
  • the apparatus may further include a file encoder.
  • the file encoder encodes the file prior to splitting of the file by the file splitter.
  • the file encoder, file encapsulator and file splitter may include, for example, integrated circuits, such as microprocessors.
  • a single integrated circuit or microprocessor may include the file encoder, file encapsulator and file splitter.
  • One or more microprocessors may implement software that enables the functioning of the file encoder, file encapsulator or file splitter. Any of the file encapsulator, the file splitter and the file encoder may be implemented in software, firmware or hardware (e.g. as an application-specific integrated circuit) .
  • the software may be designed to run on general-purpose equipment or specialized processors dedicated to the functionality herein described.
  • the invention in second aspect, involves a method of secure transmission of a file from a source to a destination.
  • the method includes splitting the file into a plurality of message segments. Each message segment includes an address of the destination.
  • the method further includes encapsulating at least one of the plurality of message segments to conceal the address of the . origin and destination. At least one encapsulated message segment is transmitted to one or more trusted nodes. The one or more trusted nodes retransmit at least one message segment to the destination for reassembly of the file at the destination.
  • the process of splitting the file may include converting the file into N message segments.
  • the N message segments may enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M ⁇ 1.
  • Retransmitting at least one message segment may include transmitting at least M of the N message segments to the destination.
  • the file can be reassembled after at least M of the
  • Transmitting to one or more trusted nodes may include transmitting more than one message segment via multiple pathways of a communications network.
  • the method further includes encoding the file. Encoding the file may include enciphering the ' file. Encapsulating at least one message segment may include enciphering at least one of the message segments. Encapsulating may further include adding forwarding instructions to the message segment . The forwarding instructions instruct one of the trusted nodes to forward the message segment towards the destination. The forwarding instructions may include the address of the destination. Encapsulating may further include addressing each one of the plurality of message segments to one of the plurality of trusted nodes.
  • FIG. 1 illustrates an embodiment of a communication of a message from a source to a destination.
  • FIG. 2 illustrates an embodiment of a communication of a message that provides improved message security.
  • FIG. 3 illustrates an embodiment of a method that provides message delivery assurance and security.
  • FIG. 4 illustrates an embodiment of spatial diversification of message transmission, which transmits split message segments along three paths through a network.
  • FIG. 5 illustrates an embodiment of reassembly of a message at a destination.
  • FIG. 6 illustrates an embodiment where obstruction of a single node does not deny message transmission.
  • FIG. 7 illustrates an embodiment where eavesdropping on a single link provides no information.
  • FIG. 8 illustrates an embodiment with integration of data encryption into an encoder and a decoder.
  • FIG. 9 illustrates an embodiment with integration of data encryption into the a splitter and a assembler.
  • FIG. 10 illustrates an embodiment of an apparatus for transmitting a file via a communications network.
  • FIG. 11 illustrates an embodiment of N message segment identifiers attached to N message segments.
  • FIG. 12 illustrates an embodiment of an apparatus for transmitting a file.
  • FIG. 13 illustrates an embodiment of an encapsulated message segment addressed to a trusted node.
  • FIG. 14 illustrates an embodiment of a message segment addressed to a destination.
  • file means for transferring any entity of data that may be transferred via analog or digital means.
  • entity may originate in analog or digital form, and, at various times, may be stored in analog or digital form.
  • entity is capable of transfer between two distinct physical locations via, in particular, electronic, wireless and optically based communications .
  • the present invention may be applied to any form of data or message, particularly high security can be achieved by splitting a message into multiple segments sent over different network pathways. At the same time, this approach also involves a greater degree of complexity than applications utilizing a single pathway.
  • An apparatus and method for data assurance in communication networks makes advantageous use of aspects of networked communication.
  • MANET mobile ad-hoc networks
  • messages can be forwarded along multiple, variable data paths. Aggregation of a number of such paths forms a single "super path.”
  • a method includes encoding a message, splitting the encoded result into distinct message segments, and sending each segment along a different path.
  • a receiving node may reconstruct the original message without the requirement that all message segments eventually reach the receiving node after traveling along their individual paths .
  • One embodiment includes a protocol that enables a sender to provide information to a ⁇ destination, i.e., receiver node, about encoding and splitting algorithms that were used to process a message
  • ⁇ orae embodiments include methods for inferring the status of the collection of links.
  • Some embodiments include one or more algorithms for determining which combination of encoding and splitting algorithms to use in response to a current status of the links.
  • some embodiments enable dynamic adjustment in response to changing network communication conditions, in particular for a MANET.
  • One such embodiment includes a set of encoding/decoding algorithms and a set of splitting/reassembling algorithms to permit an optimized response to the dynamic variations in the link characteristics.
  • Modified algorithms can incorporate data security enhancement features .
  • encoding algorithms may be used to prevent the deduction of any part of the original message from individual processed message segments. A minimum number of message segments may be required to reconstruct the original message.
  • encryption keys may be used to enhance security.
  • security enhancement can be achieved by deterministically varying a set of splitting/reassembling algorithms. Data assurance in networks can be adjusted to a desired level by choosing an appropriate encoding and splitting scheme to tolerate failures over a sufficiently large number of paths. Encoding redundancy can reduce or eliminate the need for message retransmission. Message delay may be reduced, and utilization of each link in the network may be increased. Generally, the benefit in overall network resource utilization and performance grows with the number of links, i.e., the number of directly communicating node-pair combinations, and the expected number of relaying hops through which a packet is forwarded towards its destination.
  • the apparatus and method improve data security.
  • an eavesdropper sniffing e.g., packets traveling on a particular path cannot deduce much useful information.
  • Additional security components or steps can improve the level of data security; for example, encoding mechanisms can be chosen to avoid exposing the original data bits directly and a bit-position scrambling mechanism can be incorporated before splitting of the message. This provides security gains that require almost no increase in system complexity or computational burden.
  • a redundantly encoded message is transmitted by aggregating multiple paths in a MANET to form a single super-path. This aggregation provides robustness in view of the potentially drastic variation in individual links.
  • the super-path has a collective characteristic that improves stability, and statistically resembles a fixed link pathway in comparison to a pathway through a conventional MANET.
  • the channel coding technique may first encode the message to inject the desired level of redundancy into the message, then split the encoded message into multiple segments, and then forward each segment along a different path.
  • the extra redundancy injected by the encoding method via, e.g., erasure correcting codes) may permit reassembly of the original message without requiring the successful delivery of all message segments through their individual paths.
  • Encoding methods may be used to improve the data assurance to a desired level for a network, or example, a MANET. This is more effective for MANET-based communications than simply adopting or adapting the two-pronged approach of fixed point-to- point channels (and conventional networks) .
  • the characteristics of the aggregated super-path more closely resemble that of the fixed point-to-point channel than that of the individual member paths in the aggregate. Moreover, the variation in the characteristics of the super-path is slower than the variation of individual member paths, and can be designed to become tractable.
  • super-path characteristics are regularly or continuously analyzed, and encoding and splitting algorithms are selected from classes of encoding algorithms and splitting algorithms in response to a determined characteristic.
  • Super- path characteristics may include, for example, the number of successfully received message segments and the identity of the paths through which message segments • are successfully received.
  • Encoding and splitting of messages directly improves message security. Because the message segments are forwarded along distinct routes to the destination, an eavesdropper must simultaneously intercept multiple message segments before a successful recovery of the original message becomes possible. The mobility and the geographical distribution of the nodes in the network make this difficult, and splitting the message into more segments can increase the difficulty of recovery. Furthermore, an encoding algorithm can be chosen that prevents message reconstruction without interception of at least a threshold portion of message segments.
  • scrambling and de- scrambling of bit positions requires many fewer operations to execute and complete than traditional encryption and decryption methods .
  • Some embodiments include a stand-alone protocol layer for insertion in the networking protocol layer.
  • the protocol layer can be inserted between the medium access control (MAC) layer and the networking layer of a communication system.
  • the protocol layer may include mechanisms for monitoring or analyzing the characteristics of network links and a decision algorithm to dynamically choose one of a class of encoding and splitting algorithms based on the observed network link characteristics.
  • the protocol layer when the link stability is low, switches to an encoding algorithm that tolerates more losses of the message segments and a message-splitting scheme that results in smaller segments, in an attempt to improve delivery assurance. In another embodiment, when the link stability improves, the protocol layer switches to an encoding algorithm that has requires more message segments to be received and a message-splitting scheme that uses larger segments, in an attempt to reduce the protocol overhead.
  • the impact of the proposed algorithm and the dynamic protocol can be measured at multiple levels of the network. The probability of delivery success in a single attempt can be improved to any desired level by choosing an appropriate combination of encoding and splitting methods or algorithms. Generally, an entire message is not transmitted along a single path. Instead, a message is fragmented, i.e.
  • a message 1 e.g., a block of message bits
  • an encoder 2 e.g. a scrambling encoder.
  • the encoder 2 injects redundancy into the message bit stream, which increases the number of bits in the message.
  • the encoded message is fed to a message splitter 4, which breaks the message into N message segments .
  • the N message segments are forwarded to the destination along different paths in a network 3.
  • An assembler 6 reassembles the encoded message as the segments are received.
  • a partially reassembled message is passed to a decoder 8, e.g. an erasure decoder.
  • the decoder recovers the original message 1, using only the bits available from the partially assembled message.
  • the threshold number of segments is determined by the selected coding scheme.
  • Both the assembler 6 and the erasure decoder 8 may be implemented in hardware and/or as software modules .
  • Improving the probability of completed delivery of a message in a first attempt reduces both the average delay and the number of retransmissions required for deliver of messages through the network. Reducing the number of retransmissions decreases the number of channel contentions in a network with multi-accessing nodes such as a MANET. This may significantly improve the utilization of both the links and the network, in terms of factors such as the number of data bits sent per usage of bandwidth, channel, link, battery power, etc. This in turn significantly improves the overall network throughput and efficiency.
  • FIG. 2 illustrates an embodiment that provides improved message security.
  • a sender 10 and a receiver 20 agree to use a combination of an encoding scheme and a splitting mechanism that splits each message into three segments for transmission via a MANET 23.
  • the MANET 23 includes several nodes a-g.
  • the encoding scheme requires at least two message segments to reach the receiver for recovery of a split message.
  • An eavesdropper is illustrated as intercepting message segments between nodes c ' and e; a jammer is illustrated as blocking transmission of message segments at node f.
  • Three paths Pi, P 2 , P 3 through the network 23 are a subset of all possible paths. Message security and integrity are maintained in spite of the efforts of the eavesdropper and the jammer.
  • the eavesdropper acquires only a message segment transmitted along path P 3 . Because the number of message segments threshold is 2, the single segment does not provide any useful information to the eavesdropper. All three segments will reach the receiver 20. The first two to arrive are used to reassemble the original message .
  • the jammer attacking node f prevents the message segment traveling on path P 3 from reaching the receiver 20.
  • the other two message segments arrive, and the message is recovered.
  • the jammer cannot prevent the receiver 20 from getting the message.
  • Several criteria may be used to assess the performance of alternative implementations of a decision algorithm and a dynamic protocol. Such criteria may include, for example:
  • a protocol is inserted into a network communications protocol stack, e.g., between the MAC and the networking layer.
  • This protocol mechanism senses and predicts variations in the characteristics of the link aggregate, and dynamically chooses the best combination of encoding/decoding and splitting/reassembly algorithms from a set or class of algorithms.
  • the attempt to optimize can seek a combination that adds the least overhead to achieve a specified probability of successful message delivery.
  • the selection process may further include, e.g., consideration of message priority, other measures of message importance, or cost of latency.
  • FIG. 3 one embodiment is illustrated of a method that provides message delivery assurance and security. The method includes encoding the message to inject redundancy into a message stream, and splitting the encoded message.
  • the split, encoded message is forwarded along spatially diversified routes.
  • a message, or message block that includes k bits is processed through an encoder 2, e.g., a scrambling encoder, that converts the message into an encoded message block of n bits, where n > k.
  • a splitter 4 decomposes the output of the encoder 2 into N message segments, each segment including no more than [n/N] bits. " [n/N]" denotes the least integer greater than n/N. N, n and k are positive integers.
  • FIG. 4 illustrates spatial diversification.
  • Each of the N message segments is forwarded to the intended recipient, preferably along a different route. This gives spatial diversification to the routes used for transmission.
  • Nodes a-g are a subset of network 23 nodes.
  • the sender 10 forwards segments to the receiver 20 along path Pi (including nodes a and g) , path P 2 (including nodes b and d) , and path P 3 (nodes c, e, and f) .
  • the different physical locations of the nodes forces the message segments to travel through different areas of the network. Link conditions and congestion in different areas may vary considerably.
  • the message segments are re-assembled as they are received at the receiver 20.
  • the partially assembled message is forwarded to a decoder 8, e.g., an erasure decoder, which recovers the entire original message.
  • a decoder 8 e.g., an erasure decoder
  • each message segment has a length of b, where 0 ⁇ b ⁇ [n/N] .
  • [n/N] denotes the least integer greater than n/N.
  • Limitation of the value of b can assure that each encoded message bit exists in only one message segment. Because n must be greater than k, [k/b] ⁇ N. Hence, there are fewer than N segments when the shorter unencoded message is broken into segments of length b. A longer, encoded message is obtained with N segments of length b.
  • the intended recipient can recover the original message with any subset of [k/b] segments of the N message segments, given an appropriate selection of the encoding scheme.
  • the message recovery mechanism at the intended recipient can tolerate the loss of some of the message segments. This allows for losses due to, e.g., network congestion, broken links, interference or jamming. This may require n bits to be transmitted for every k message bits, where n > k. Advantages are realized, however, such as :
  • - n/k may be smaller than the number of bits that would be transmitted for each bit if an entire block is retransmitted; and — the probability that the intended recipient correctly recovers the original message from a single transmission attempt is improved.
  • error-correcting codes examples include Bose-Chaudhuri-Hocquenghem (BCH) codes, Convolutional codes, Hamming codes, Reed-Solomon codes, Golay codes, Turbo codes, and several other linear and nonlinear block codes .
  • BCH Bose-Chaudhuri-Hocquenghem
  • Various embodiments provide significant security benefits. Referring to Figure 6, resistance to localized jamming is one benefit. Jamming, for example, disrupting transmission at a single network node or link, minimally impacts the functionality of the rest of the network. When a jammer located near node f has broken the continuity of path P 3 , path Pi and path P 2 are still able to deliver message segments, and the message is successfully decoded. To be effective at disruption, a jammer must be located close enough to either the sender 10 or receiver 20 to jam a significant number of message segments. For example, the probability of disruption in a mobile, military network is reduced by the requirement for close proximity of a hostile j ammer .
  • an eavesdropper is physically located between node c and node e, able to copy any message segment, e.g., data packet, that passes along path P 3 .
  • the eavesdropper must correctly receive a minimum of [k/b] message segments to recover a complete message. To receive the minimum number of segments, however, requires eavesdropping on other paths Pi, P 2 .
  • Some embodiments prevent even partial message recovery by the eavesdropper.
  • a non-systematic code can be used to create a condition during which any subset of q message segments, with q ⁇ [k/b] , will prove insufficient to recover any subset of the original message. Similar to the jammer, the eavesdropper must be physically located very close to either the sender 10 or the intended recipient 20 to effectively intercept segments from multiple paths Pi, P 2 , P 3 .
  • the effectiveness of a local jammer is reduced by taking advantage of the nature of a distributed networking environment .
  • a single eavesdropper has a reduced ability to observe enough segments to allow an understanding of the communications carried by the network.
  • the overall security of information carried by the entire network is significantly improved.
  • Some embodiments further improve security through use of data encryption by means of bit position scrambling.
  • the selection of a scrambling encoder can be controlled with an encryption key.
  • the actual bit scrambling can be accomplished in either an encoder ' or a splitter.
  • Figure 8 schematically shows the use of permutation by an encoder 2a.
  • Figure 9 shows the use of permutation by a splitter 4a. For example, even a simple use of an encryption key to alter bit positions in the encoded message, would require the eavesdropper to potentially search through n! possibilities .
  • the encoding scheme provides strong resilience against loss of message segments, preferably having the value of (k + e) as close to n as possible, where e is the number of message segment losses that the scheme can overcome, k is the original message length, and n is the encoded message length;
  • a segment carries identification that is a number assigned by the message splitter. This number may be a field in a protocol header that is attached to each message segment, or embedded in the message segment itself.
  • Additional protocol header fields may be included when encoding and splitting algorithms are altered dynamically to better suit the observed characteristic variations of the super- path.
  • the additional fields can carry measurement data regarding the characteristics of the super-path as well as data that informs the destination node of the changes in the encoding and splitting algorithms.
  • Inclusion of additional protocol header fields incurs additional transmission bandwidth for every hop. Hence, it is preferable to optimize choices of fields to minimize the resulting bandwidth expansion.
  • the apparatus 30 includes a file processor 31, which may be implemented in hardware and/or as a software module, and a message segment transmitter 32.
  • the file processor converts files into N message segments that enable reassembly of the file from a subset of any M of the message segments.
  • N and M are positive integers and N > M ⁇ 1.
  • the message segment transmitter 32 which may be implemented in hardware and/or as a software module, transmits message segments to a receiver.
  • the receiver can reassemble a file after receiving M of the N message segments .
  • the file processor 31 may comprise a file encoder 35 and an encoded file splitter 36 that convert a file into N message segments.
  • the file encoder 35 may implement a class of encoding algorithms in generating the message segments.
  • the encoded file splitter 36 may implement a class of splitting algorithms.
  • the processor 31 may further comprise a communications network analyzer 37, which may be implemented in hardware and/or as a software module, that determines the condition of a communications network.
  • the processor 31 may also include a message segment parameter selector 38 (which also may be implemented in hardware and/or as a software module) that selects a set of values for M and N based on the determined condition to achieve a preselected probability of a successful transmission of M of the transmitted message segments.
  • the apparatus may include N message segment identifiers 33 that have a one-to-one association with the N message segments 34.
  • message segments 34 are transmitted with their associated identifiers 33 to assist in reassembly of the message.
  • the identifiers 33 can include, for example alphanumeric data.
  • the identifiers 33 are binary numbers .
  • the above described and various other embodiments are of particular value when applied, for example, to ad-hoc networks, MANETs and conventional packet networks with distributed routing algorithms . Particular value accrues when applied to MANETs that include moderately mobile units . II. Method and System for Secure Exchange of Messages
  • a trusted node may be selected for its ability to securely and reliably forward communications, such as messages, message segments and storage segments. For example, rather than addressing every message segment to an intended recipient, a message sender may address one or more of the message segments to one or more trusted nodes .
  • forwarding instructions are included with the message segments to enable forwarding of the segments to the intended recipient .
  • Various embodiments may be used to obscure the origin and destination of a message.
  • Message interception is very difficult for an eavesdropper tapping a communication link, even if the link is in close proximity to either the sender or recipient.
  • To deduce the messages of a particular conversation all messages or message segments received by, or leaving, the recipient (who may also be a sender) must be captured. Further, some or all of the communications may be encrypted to further complicate the eavesdropper's task.
  • Increasing the number of trusted nodes can dramatically increase the difficulty of message interception.
  • an apparatus for transmitting a file includes a file splitter 71 that splits the file into a plurality of message segments 81.
  • Each message segment includes forwarding instructions 82, e.g., an address of the destination.
  • the transmission of message segments 81 may occur via all suitable techniques of file transfer, including, but not limited to, standard file-transfer protocols via an electronic or optical network.
  • the apparatus also includes a file encapsulator 73.
  • the file encapsulator 73 encapsulates at least one of the plurality of message segments 81.
  • the encapsulation 83 conceals the address of the destination during transmission of the encapsulated message segment 81 to one or more trusted nodes .
  • a trusted node address 84 which is publicly visible, is attached to the encapsulated message segment 81 to permit transmission of the message segment 81 to the corresponding trusted node.
  • the trusted node re-encapsulates and retransmits the message segment 81, in part by examining the forwarding instructions 82 and making the address of the next destination, which may be the final destination address 85, visible to the network .
  • the file splitter 71 may also include a file converter.
  • the file converter converts the file into N message segments that permit reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M > 1.
  • the apparatus may further include a file encoder 72.
  • the file encoder 72 encodes the file prior to splitting of the file by the file splitter 71.
  • the file encoder 72, file encapsulator 73 and file splitter 71 may include, for example, integrated circuits, such as microprocessors.
  • a single integrated circuit or microprocessor may include the file encoder 72, file encapsulator 73 and file splitter 71.
  • One or more microprocessors may implement software that enables the functioning of the file encoder 72, file encapsulator 73 or file splitter 71.
  • Any of the file encapsulator 73, the file splitter 71 and the file encoder 72 may be implemented in software, firmware or hardware (e.g. as an application-specific integrated circuit) .
  • the software may be designed to run on general-purpose equipment or specialized processors dedicated to the functionality herein described.
  • An embodiment of a method of secure transmission of a file from a source to a destination includes splitting the file into a plurality of message segments. Each message segment includes an address of the destination.
  • the method may further include encoding the file. Encoding the file may include enciphering the file.
  • the process of splitting the file may include converting the file into N message segments. The N message segments may enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M ⁇ 1.
  • the method also includes encapsulating at least one of the plurality of message segments to conceal the address of the destination. At least one encapsulated message segment is transmitted to one or more trusted nodes. Message segments may be transmitted via multiple pathways of a communications network.
  • the one or more trusted nodes retransmit the message segment to the destination for reassembly of the file at the destination.
  • Retransmitting at least one message segment may include transmitting at least M of the N message segments to the destination.
  • the message segment may be encapsulated during. transmission from the trusted node to another trusted node or to the destination.
  • the file can be reassembled after at least M of the N message segments arrive at the destination.
  • Encapsulating a message segment may include enciphering the message segments. Encapsulating may further include adding forwarding instructions to the message segment. The forwarding instructions instruct a receiving one of the trusted nodes- to forward the message segment toward the destination. The forwarding instructions may include the address of the destination. Encapsulating may further include addressing each one of the plurality of message segments to one of the plurality of trusted nodes.
  • Some embodiments of a method of secure transmission of a file from a source to a destination include two or more stages of file splitting.
  • one or more message segments from a first file splitting step may be further split into additional message segments.
  • a second splitting step may be advantageous, for example, when a node that transmits files via a network has limited access to the network.
  • a node that transmits files via the Internet may have limited gateway access. The access may be limited, for example, to as few as one or two gateways .
  • the node might then split a file into a few message segments, for example three message segments, and transmit the message segments to the gateways.
  • the gateways could further split one or more of the three message segments, and then forward message segments toward a destination via the Internet.
  • the file is converted into N message segments that enable reassembly of the file from a subset of any M of the message segments. At least M of the N message segments are transmitted toward a destination for reassembly of the file after receiving M of the N message segments.
  • At least one of the transmitted segments is further converted into N 2 message segments that enable reassembly of the at least one message segment from a subset of any M 2 of the N 2 message segments, where N 2 and M 2 are positive integers and N 2 > M 2 ⁇ 1.
  • At least M 2 of the N 2 message segments are transmitted toward the destination for reassembly of the at least one message segment prior to reassembly of the file.
  • the at least M 2 segments may be reassembled at the destination.
  • the at least M 2 segments may be • received and reassembled by an intermediate node.
  • the reassembled segment may then be transmitted toward the final destination. Additional conversion steps and/or reassembly steps may be included at intermediate nodes in the network.
  • LAN local-area networks
  • WAN wide area networks
  • Senders and receivers can be connected to a WAN either directly or via a LAN through a variety of connections including standard telephone lines, LAN or WAN links (e.g., Tl, T3 , 56kb, X.25), broadband connections (ISDN, DSL, Frame Relay, ATM), and wireless connections.
  • the connections can be established using a variety of communication protocols (e.g., TCP/IP, IPX, SPX, NetBIOS, Ethernet, RS232, and direct asynchronous connections) .
  • the sender and receiver are comprised of appropriate computer hardware.
  • appropriate computer hardware include any personal computer (e.g., Windows or Macintosh operating system computer) , Windows-based terminal, Network Computer, wireless device, information appliance, RISC Power PC device, X-device, workstation, mini computer, main frame computer or other computing device.
  • the sender or receiver can be a portable computing device such as a PDA or cell phone.
  • the sender or receiver can be any terminal (windows' or non-windows based) , or thin-client device operating according to a server-based computing model.

Abstract

The invention features an apparatus and method for transmitting a file. The apparatus includes a file splitter that splits the file into a plurality of message segments. Each message segment includes an address of the destination. The apparatus also includes a file encapsulator. The file encapsulator encapsulates at least one of the plurality of message segments. The encapsulation conceals the address of the destination during transmission of the at least one encapsulated message segment to one or more trusted nodes. The trusted nodes retransmit the message segments to the destination for reassembly of the file at the destination.

Description

METHOD AND SYSTEM FOR SECURE EXCHANGE OF MESSAGES
Cross-Reference to Related Case
This claims the benefit of and priority to U.S. Provisional Patent Application Serial No. 60/258,127, filed December 22, 2000, the entirety of which is incorporated herein by reference.
Technical Field
The invention generally relates to electronic communications, and, more particularly, to security in network- based communications.
Background Information
Message security is of particular concern in modern, network-based communications. Communications often occur between devices such as computers operating in a non-secure network, such as the Internet. It is generally desirable to protect communications from eavesdropping and tampering.
Generally, three approaches have been used to provide secure communications: a secure network; a secure host with security protocols; and encryption of communications. A secure network typically requires steps be taken to protect the network from intruders. Such steps can include special communications protocols or special hardware, for example, use of a secure, optical network backbone. In such cases, secure communications, if at all possible, are limited to the confines of the secure network.
The secure host approach includes installation of a security protocol on network host computers to monitor network communications. The protocol provides review and control of network communications to guard against theft and tampering. This approach requires the host computers to implement a security protocol that operates at Layer 3 or 4 of the Open Systems Interconnection (OSI) model. A variety of encryption devices or software tools can protect data communications from theft and tampering. For example, keyed encryption techniques are common. Such techniques typically require that a sender and a recipient of a message share some information regarding an encryption algorithm and encryption/decryption key to enable the recipient to de-encrypt a message .
Message packet headers are particularly vulnerable to tampering because the packet header typically cannot be encrypted. Variants of the above general schemes have been proposed to respond to this problem. Further, message packets can be modified to enable detection of tampering and hence the potential of an altered message packet. Alternatively, a message can be disguised to appear as an ordinary message to fool an eavesdropper. The ordinary appearing message would have a distinct meaning to a recipient based on prior agreement between the sender and the recipient .
The above described approaches to message security are ineffective when a secure network or encryption methods are unavailable or not desired.
Summary of the Invention
The invention generally involves secure data transmission over a network. The invention is particularly suited to message transmission over a network that has multiple pathways. Various embodiments of the invention can defeat eavesdroppers wishing to intercept or interfere with a message. A solution is provided for the problem of the publicly visible addresses that are typically associated with transmitted communications. The invention is suited to protect various types of communications . The communications may be digital electronic communications and may include, for example, messages and data. The communications may be sent via a network in the form of packets. The network may be, for example, a wired, wireless or optical network. In the following discussion, the terms
"communication", "message", "file" and "data" are all used to express the general idea of information transmitted between parties. The particular form that the information assumes during transmission may be binary, as found in modern digital communications.
Improved security is accomplished by use of one or more trusted intermediaries, i.e. nodes, to relay communications between parties, for example, a source and a destination. The ultimate destination of the communication is generally concealed from all but the intermediary. Thus, an intermediary receives a message or other communication from a source, examines the concealed address of the destination and forwards the communication to the destination.
When the intermediary forwards a communication, the source can be concealed while the destination address of the next trusted intermediary, which may be the final destination of the packet, is now publicly observable. In this manner, an eavesdropper cannot simultaneously discern the source and destination of a communication.
An eavesdropper attempting to intercept a message sent between two parties must therefore overcome multiple difficulties. If an eavesdropper observes transmissions such as data packets leaving a source, it cannot correctly identify the ultimate or real destination of each data packet. If the eavesdropper observes data packets arriving at a destination, it cannot correctly identify the original source of each packet. Thus, an eavesdropper may be impeded from identifying messages sent from a particular original source to a particular final destination.
An intermediary can perform the same function for two-way or multi-party communications. The node can be, for example, a network node . The node can be a computer server or a radio transceiver (e.g. a mobile telephone).
Splitting the message into message segments can make message interception and tampering more difficult. An eavesdropper must then intercept multiple segments to obtain the message, and still will not know the source or the destination. To further complicate interception, the ultimate destination addresses of the segments can be concealed when the segments are transmitted to one or more trusted nodes. An eavesdropper seeking messages or segments addressed to a particular destination may then only perceive the message segments as being addressed to the intermediary, and thus fail to intercept them.
Moreover, increasing the number of pathways used for transmission of message segments or data packets provides additional security. An eavesdropper must then monitor and intercept communications along multiple pathways to attempt to obtain all the message segments required for reconstruction of a message. Message segments can be encrypted to impede an eavesdropper still further.
Accordingly, in a first aspect, the invention features an apparatus for transmitting a file. The file can include data or a message, or both. It can be in binary form, as for a typical computer data file. It can be a file of any form as utilized in electronic, electro-magnetic, and optical network-based communications. The apparatus includes a file splitter that splits the file into a plurality of message segments. Each message segment includes an address of the destination.
The term "transmit" as used herein means the directing of a file from any source location to any destination location. The actual transmission of a file may occur via all suitable techniques of file transfer, including, but not limited to, standard file-transfer protocols via an electronic or optical network .
The apparatus also includes a file encapsulator. The file encapsulator encapsulates at least one of the plurality of message segments. The encapsulation conceals the address of the true origin and ultimate destination during transmission of at least one encapsulated message segment to one or more trusted nodes. The trusted nodes may re-encapsulate the message and retransmit the message segments to the destination for reassembly of the file at the final destination. The file splitter may also include a file converter. The file converter converts the file into N message segments. The file can be reassembled from a subset of any M of the message segments, where N and M are positive integers, and N > M >1.
The apparatus may further include a file encoder. The file encoder encodes the file prior to splitting of the file by the file splitter. The file encoder, file encapsulator and file splitter may include, for example, integrated circuits, such as microprocessors. A single integrated circuit or microprocessor may include the file encoder, file encapsulator and file splitter. One or more microprocessors may implement software that enables the functioning of the file encoder, file encapsulator or file splitter. Any of the file encapsulator, the file splitter and the file encoder may be implemented in software, firmware or hardware (e.g. as an application-specific integrated circuit) . The software may be designed to run on general-purpose equipment or specialized processors dedicated to the functionality herein described.
In second aspect, the invention involves a method of secure transmission of a file from a source to a destination. The method includes splitting the file into a plurality of message segments. Each message segment includes an address of the destination.
The method further includes encapsulating at least one of the plurality of message segments to conceal the address of the . origin and destination. At least one encapsulated message segment is transmitted to one or more trusted nodes. The one or more trusted nodes retransmit at least one message segment to the destination for reassembly of the file at the destination.
The process of splitting the file may include converting the file into N message segments. The N message segments may enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M ≥ 1.
Retransmitting at least one message segment may include transmitting at least M of the N message segments to the destination. The file can be reassembled after at least M of the
N message segments arrive at the destination.
Transmitting to one or more trusted nodes may include transmitting more than one message segment via multiple pathways of a communications network. In another embodiment, the method further includes encoding the file. Encoding the file may include enciphering the' file. Encapsulating at least one message segment may include enciphering at least one of the message segments. Encapsulating may further include adding forwarding instructions to the message segment . The forwarding instructions instruct one of the trusted nodes to forward the message segment towards the destination. The forwarding instructions may include the address of the destination. Encapsulating may further include addressing each one of the plurality of message segments to one of the plurality of trusted nodes.
The foregoing and other objects, aspects, features, and advantages of the invention will become more apparent from the following description and from the claims.
Brief Description of the Drawings
In the drawings, like reference characters generally refer to the same parts throughout the different views. Also, the drawings are not necessarily to scale, emphasis instead generally being placed upon illustrating the principles of the invention.
FIG. 1 illustrates an embodiment of a communication of a message from a source to a destination.
FIG. 2 illustrates an embodiment of a communication of a message that provides improved message security.
FIG. 3 illustrates an embodiment of a method that provides message delivery assurance and security. FIG. 4 illustrates an embodiment of spatial diversification of message transmission, which transmits split message segments along three paths through a network.
FIG. 5 illustrates an embodiment of reassembly of a message at a destination.
FIG. 6 illustrates an embodiment where obstruction of a single node does not deny message transmission.
FIG. 7 illustrates an embodiment where eavesdropping on a single link provides no information. FIG. 8 illustrates an embodiment with integration of data encryption into an encoder and a decoder.
FIG. 9 illustrates an embodiment with integration of data encryption into the a splitter and a assembler.
FIG. 10 illustrates an embodiment of an apparatus for transmitting a file via a communications network.
FIG. 11 illustrates an embodiment of N message segment identifiers attached to N message segments.
FIG. 12 illustrates an embodiment of an apparatus for transmitting a file. FIG. 13 illustrates an embodiment of an encapsulated message segment addressed to a trusted node.
FIG. 14 illustrates an embodiment of a message segment addressed to a destination.
Description
The terms "file", "message", "data" and "data file" are herein understood to refer to any entity of data that may be transferred via analog or digital means. The entity may originate in analog or digital form, and, at various times, may be stored in analog or digital form. The entity is capable of transfer between two distinct physical locations via, in particular, electronic, wireless and optically based communications .
Although, as explained above, the present invention may be applied to any form of data or message, particularly high security can be achieved by splitting a message into multiple segments sent over different network pathways. At the same time, this approach also involves a greater degree of complexity than applications utilizing a single pathway.
Accordingly, for purposes of explanation, an advantageous technique of message splitting for multiple-pathway networks is described below in the section labeled "I". Then, in the section labeled "II", further embodiments of the invention are described, which have particular utility in connection with transmission of split messages via a single pathway or via multiple pathways . I. Message Splitting and Spatially Diversified Message
Routing for Increasing Transmission Assurance and Data Security Over Distributed Networks
An apparatus and method for data assurance in communication networks makes advantageous use of aspects of networked communication. Though the below discussion is applicable to communication networks generally, several embodiments are given for mobile ad-hoc networks (MANET) , since some features are preferably1 applied to MANETs . During a typical communications session (between, e.g., an originating node and a destination node) , messages can be forwarded along multiple, variable data paths. Aggregation of a number of such paths forms a single "super path." In one embodiment, a method includes encoding a message, splitting the encoded result into distinct message segments, and sending each segment along a different path. A receiving node may reconstruct the original message without the requirement that all message segments eventually reach the receiving node after traveling along their individual paths .
One embodiment includes a protocol that enables a sender to provide information to a■ destination, i.e., receiver node, about encoding and splitting algorithms that were used to process a message, ^orae embodiments include methods for inferring the status of the collection of links. Some embodiments include one or more algorithms for determining which combination of encoding and splitting algorithms to use in response to a current status of the links.
Hence, some embodiments enable dynamic adjustment in response to changing network communication conditions, in particular for a MANET. One such embodiment includes a set of encoding/decoding algorithms and a set of splitting/reassembling algorithms to permit an optimized response to the dynamic variations in the link characteristics. Modified algorithms can incorporate data security enhancement features .
For example, encoding algorithms may be used to prevent the deduction of any part of the original message from individual processed message segments. A minimum number of message segments may be required to reconstruct the original message. Further, encryption keys may be used to enhance security. In particular, security enhancement can be achieved by deterministically varying a set of splitting/reassembling algorithms. Data assurance in networks can be adjusted to a desired level by choosing an appropriate encoding and splitting scheme to tolerate failures over a sufficiently large number of paths. Encoding redundancy can reduce or eliminate the need for message retransmission. Message delay may be reduced, and utilization of each link in the network may be increased. Generally, the benefit in overall network resource utilization and performance grows with the number of links, i.e., the number of directly communicating node-pair combinations, and the expected number of relaying hops through which a packet is forwarded towards its destination.
In one aspect, the apparatus and method improve data security. As multiple message segments are required to decode the original message, an eavesdropper sniffing, e.g., packets traveling on a particular path cannot deduce much useful information. Additional security components or steps can improve the level of data security; for example, encoding mechanisms can be chosen to avoid exposing the original data bits directly and a bit-position scrambling mechanism can be incorporated before splitting of the message. This provides security gains that require almost no increase in system complexity or computational burden. In one embodiment, a redundantly encoded message is transmitted by aggregating multiple paths in a MANET to form a single super-path. This aggregation provides robustness in view of the potentially drastic variation in individual links. The super-path has a collective characteristic that improves stability, and statistically resembles a fixed link pathway in comparison to a pathway through a conventional MANET.
The channel coding technique may first encode the message to inject the desired level of redundancy into the message, then split the encoded message into multiple segments, and then forward each segment along a different path. At the receiving end, the extra redundancy injected by the encoding method (via, e.g., erasure correcting codes) may permit reassembly of the original message without requiring the successful delivery of all message segments through their individual paths. Encoding methods may be used to improve the data assurance to a desired level for a network, or example, a MANET. This is more effective for MANET-based communications than simply adopting or adapting the two-pronged approach of fixed point-to- point channels (and conventional networks) . The characteristics of the aggregated super-path more closely resemble that of the fixed point-to-point channel than that of the individual member paths in the aggregate. Moreover, the variation in the characteristics of the super-path is slower than the variation of individual member paths, and can be designed to become tractable.
As a result, the variation of super-path characteristics can become more sensitive to network communications congestion than to link-to-link communication variations, e.g., radio frequency channel variations, arising from movement of the nodes. Hence, in one embodiment, super-path characteristics are regularly or continuously analyzed, and encoding and splitting algorithms are selected from classes of encoding algorithms and splitting algorithms in response to a determined characteristic. Super- path characteristics may include, for example, the number of successfully received message segments and the identity of the paths through which message segments are successfully received.
The performance of these classes of algorithms can be rated. Protocols that implement measurement of super-path characteristics and dynamic selection of an optimum combination of encoding algorithms and splitting algorithms can also be rated. Rating of algorithms and protocols can permit improved optimization of selections. Encoding and splitting of messages directly improves message security. Because the message segments are forwarded along distinct routes to the destination, an eavesdropper must simultaneously intercept multiple message segments before a successful recovery of the original message becomes possible. The mobility and the geographical distribution of the nodes in the network make this difficult, and splitting the message into more segments can increase the difficulty of recovery. Furthermore, an encoding algorithm can be chosen that prevents message reconstruction without interception of at least a threshold portion of message segments.
Additional security is made possible by scrambling, even simple scrambling, of the positions of the encoded message bits, e.g. before splitting, to prevent message reconstruction by an eavesdropper even when the eavesdropper intercepts a sufficiently large number of message segments. Generally, scrambling and de- scrambling of bit positions requires many fewer operations to execute and complete than traditional encryption and decryption methods .
Some embodiments include a stand-alone protocol layer for insertion in the networking protocol layer. For example, the protocol layer can be inserted between the medium access control (MAC) layer and the networking layer of a communication system. The protocol layer may include mechanisms for monitoring or analyzing the characteristics of network links and a decision algorithm to dynamically choose one of a class of encoding and splitting algorithms based on the observed network link characteristics.
In one embodiment, when the link stability is low, the protocol layer switches to an encoding algorithm that tolerates more losses of the message segments and a message-splitting scheme that results in smaller segments, in an attempt to improve delivery assurance. In another embodiment, when the link stability improves, the protocol layer switches to an encoding algorithm that has requires more message segments to be received and a message-splitting scheme that uses larger segments, in an attempt to reduce the protocol overhead. The impact of the proposed algorithm and the dynamic protocol can be measured at multiple levels of the network. The probability of delivery success in a single attempt can be improved to any desired level by choosing an appropriate combination of encoding and splitting methods or algorithms. Generally, an entire message is not transmitted along a single path. Instead, a message is fragmented, i.e. split, and forwarded along multiple paths. The realized increase in data assurance general comes with an initial delay in transmission of message segments, or packets, due to the encoding and splitting. Generally, however, overall communications delays are improved because of the improved probability of completion of each message transmission in the first attempt.
Referring to Figure 1, an embodiment of a communication . of a message from a source to a destination is illustrated. A message 1, e.g., a block of message bits, is fed to an encoder 2, e.g. a scrambling encoder. The encoder 2 injects redundancy into the message bit stream, which increases the number of bits in the message. The encoded message is fed to a message splitter 4, which breaks the message into N message segments .
The N message segments are forwarded to the destination along different paths in a network 3. An assembler 6 reassembles the encoded message as the segments are received. When the number of segments received reaches a specified threshold, a partially reassembled message is passed to a decoder 8, e.g. an erasure decoder. The decoder recovers the original message 1, using only the bits available from the partially assembled message. The threshold number of segments is determined by the selected coding scheme. Both the assembler 6 and the erasure decoder 8 may be implemented in hardware and/or as software modules .
Improving the probability of completed delivery of a message in a first attempt reduces both the average delay and the number of retransmissions required for deliver of messages through the network. Reducing the number of retransmissions decreases the number of channel contentions in a network with multi-accessing nodes such as a MANET. This may significantly improve the utilization of both the links and the network, in terms of factors such as the number of data bits sent per usage of bandwidth, channel, link, battery power, etc. This in turn significantly improves the overall network throughput and efficiency.
Figure 2 illustrates an embodiment that provides improved message security. A sender 10 and a receiver 20 agree to use a combination of an encoding scheme and a splitting mechanism that splits each message into three segments for transmission via a MANET 23. The MANET 23 includes several nodes a-g. The encoding scheme requires at least two message segments to reach the receiver for recovery of a split message. An eavesdropper is illustrated as intercepting message segments between nodes c ' and e; a jammer is illustrated as blocking transmission of message segments at node f. Three paths Pi, P2, P3 through the network 23 are a subset of all possible paths. Message security and integrity are maintained in spite of the efforts of the eavesdropper and the jammer.
The eavesdropper acquires only a message segment transmitted along path P3. Because the number of message segments threshold is 2, the single segment does not provide any useful information to the eavesdropper. All three segments will reach the receiver 20. The first two to arrive are used to reassemble the original message .
The jammer attacking node f prevents the message segment traveling on path P3 from reaching the receiver 20. The other two message segments, however, arrive, and the message is recovered. The jammer cannot prevent the receiver 20 from getting the message. Several criteria may be used to assess the performance of alternative implementations of a decision algorithm and a dynamic protocol. Such criteria may include, for example:
- delivery assurance, the probability of successful receipt of a fully correct message (affected by the probability of link/node failure) ;
- security improvement, in terms of the number of message segments that must be acquired by an eavesdropper in order to reconstruct the original message; and - improvement in effective bandwidth, the reduction in the number of required retransmissions as compared to, for example, the adaptation of the two-pronged approach to a MANET.
In one embodiment, a protocol is inserted into a network communications protocol stack, e.g., between the MAC and the networking layer. This protocol mechanism senses and predicts variations in the characteristics of the link aggregate, and dynamically chooses the best combination of encoding/decoding and splitting/reassembly algorithms from a set or class of algorithms. The attempt to optimize can seek a combination that adds the least overhead to achieve a specified probability of successful message delivery. The selection process may further include, e.g., consideration of message priority, other measures of message importance, or cost of latency. Referring to Figure 3, one embodiment is illustrated of a method that provides message delivery assurance and security. The method includes encoding the message to inject redundancy into a message stream, and splitting the encoded message. The split, encoded message is forwarded along spatially diversified routes. For example, a message, or message block, that includes k bits is processed through an encoder 2, e.g., a scrambling encoder, that converts the message into an encoded message block of n bits, where n > k. A splitter 4 decomposes the output of the encoder 2 into N message segments, each segment including no more than [n/N] bits. " [n/N]" denotes the least integer greater than n/N. N, n and k are positive integers.
Figure 4 illustrates spatial diversification. Each of the N message segments is forwarded to the intended recipient, preferably along a different route. This gives spatial diversification to the routes used for transmission. Nodes a-g are a subset of network 23 nodes. The sender 10 forwards segments to the receiver 20 along path Pi (including nodes a and g) , path P2 (including nodes b and d) , and path P3 (nodes c, e, and f) . The different physical locations of the nodes forces the message segments to travel through different areas of the network. Link conditions and congestion in different areas may vary considerably.
Referring to Figure 5, the message segments are re-assembled as they are received at the receiver 20. When a sufficiently large number of message segments is received, the partially assembled message is forwarded to a decoder 8, e.g., an erasure decoder, which recovers the entire original message. Improved delivery assurance is achieved because not all message segments must be successfully received to permit the recipient to recover the original message.
In one embodiment, each message segment has a length of b, where 0 < b < [n/N] . " [n/N]" denotes the least integer greater than n/N. Limitation of the value of b can assure that each encoded message bit exists in only one message segment. Because n must be greater than k, [k/b] < N. Hence, there are fewer than N segments when the shorter unencoded message is broken into segments of length b. A longer, encoded message is obtained with N segments of length b.
The intended recipient can recover the original message with any subset of [k/b] segments of the N message segments, given an appropriate selection of the encoding scheme. Hence, the message recovery mechanism at the intended recipient can tolerate the loss of some of the message segments. This allows for losses due to, e.g., network congestion, broken links, interference or jamming. This may require n bits to be transmitted for every k message bits, where n > k. Advantages are realized, however, such as :
- n/k may be smaller than the number of bits that would be transmitted for each bit if an entire block is retransmitted; and — the probability that the intended recipient correctly recovers the original message from a single transmission attempt is improved.
Examples of classes of error-correcting codes that can be utilized include Bose-Chaudhuri-Hocquenghem (BCH) codes, Convolutional codes, Hamming codes, Reed-Solomon codes, Golay codes, Turbo codes, and several other linear and nonlinear block codes .
Various embodiments provide significant security benefits. Referring to Figure 6, resistance to localized jamming is one benefit. Jamming, for example, disrupting transmission at a single network node or link, minimally impacts the functionality of the rest of the network. When a jammer located near node f has broken the continuity of path P3, path Pi and path P2 are still able to deliver message segments, and the message is successfully decoded. To be effective at disruption, a jammer must be located close enough to either the sender 10 or receiver 20 to jam a significant number of message segments. For example, the probability of disruption in a mobile, military network is reduced by the requirement for close proximity of a hostile j ammer .
Referring to Figure 7, another security benefit of some embodiments is the difficulty an eavesdropper experiences when trying to intercept messages. As illustrated in Figure 7, an eavesdropper is physically located between node c and node e, able to copy any message segment, e.g., data packet, that passes along path P3. The eavesdropper must correctly receive a minimum of [k/b] message segments to recover a complete message. To receive the minimum number of segments, however, requires eavesdropping on other paths Pi, P2.
Some embodiments prevent even partial message recovery by the eavesdropper. An appropriately chosen scrambling encoder
(e.g., a non-systematic code) can be used to create a condition during which any subset of q message segments, with q < [k/b] , will prove insufficient to recover any subset of the original message. Similar to the jammer, the eavesdropper must be physically located very close to either the sender 10 or the intended recipient 20 to effectively intercept segments from multiple paths Pi, P2, P3.
The effectiveness of a local jammer is reduced by taking advantage of the nature of a distributed networking environment . Similarly, a single eavesdropper has a reduced ability to observe enough segments to allow an understanding of the communications carried by the network. As a result, the overall security of information carried by the entire network is significantly improved. Some embodiments further improve security through use of data encryption by means of bit position scrambling. The selection of a scrambling encoder can be controlled with an encryption key. In some alternative embodiments, the actual bit scrambling can be accomplished in either an encoder 'or a splitter.
Referring to Figures 8 and 9, embodiments that utilize permutation are illustrated. Figure 8 schematically shows the use of permutation by an encoder 2a. Figure 9 shows the use of permutation by a splitter 4a. For example, even a simple use of an encryption key to alter bit positions in the encoded message, would require the eavesdropper to potentially search through n! possibilities .
Some embodiments that include a scrambling encoder employ ah encoding scheme that provides one or both of the following features :
- the encoding scheme provides strong resilience against loss of message segments, preferably having the value of (k + e) as close to n as possible, where e is the number of message segment losses that the scheme can overcome, k is the original message length, and n is the encoded message length; and
- no bits in the original message are ascertainable from any message subset below a threshold number; for linear block codes, this generally requires use of non- systematic codes and that approximately half of the elements of a generating matrix elements have a value of 1.
In order for the assembler at the receiving node to correctly reassemble the message fragments, the content of each segment must be identified. In one embodiment, the information required for reassembly is reduced by inclusion of a numbering scheme for the message segments. In a preferred embodiment, a segment carries identification that is a number assigned by the message splitter. This number may be a field in a protocol header that is attached to each message segment, or embedded in the message segment itself.
Additional protocol header fields may be included when encoding and splitting algorithms are altered dynamically to better suit the observed characteristic variations of the super- path. The additional fields can carry measurement data regarding the characteristics of the super-path as well as data that informs the destination node of the changes in the encoding and splitting algorithms. Inclusion of additional protocol header fields incurs additional transmission bandwidth for every hop. Hence, it is preferable to optimize choices of fields to minimize the resulting bandwidth expansion.
Referring to Figure 10, an embodiment of an apparatus 30 for transmitting a file via a communications network is illustrated. The apparatus 30 includes a file processor 31, which may be implemented in hardware and/or as a software module, and a message segment transmitter 32. The file processor converts files into N message segments that enable reassembly of the file from a subset of any M of the message segments. N and M are positive integers and N > M ≥ 1.
The message segment transmitter 32, which may be implemented in hardware and/or as a software module, transmits message segments to a receiver. The receiver can reassemble a file after receiving M of the N message segments .
The file processor 31 may comprise a file encoder 35 and an encoded file splitter 36 that convert a file into N message segments. The file encoder 35 may implement a class of encoding algorithms in generating the message segments. The encoded file splitter 36 may implement a class of splitting algorithms.
The processor 31 may further comprise a communications network analyzer 37, which may be implemented in hardware and/or as a software module, that determines the condition of a communications network. The processor 31 may also include a message segment parameter selector 38 (which also may be implemented in hardware and/or as a software module) that selects a set of values for M and N based on the determined condition to achieve a preselected probability of a successful transmission of M of the transmitted message segments.
Referring to Figure 11, the apparatus may include N message segment identifiers 33 that have a one-to-one association with the N message segments 34. In the embodiment illustrated in Figure 11, message segments 34 are transmitted with their associated identifiers 33 to assist in reassembly of the message. The identifiers 33 can include, for example alphanumeric data. In one embodiment, during transmission, the identifiers 33 are binary numbers . The above described and various other embodiments are of particular value when applied, for example, to ad-hoc networks, MANETs and conventional packet networks with distributed routing algorithms . Particular value accrues when applied to MANETs that include moderately mobile units . II. Method and System for Secure Exchange of Messages
The security of information carried by a network may be improved when a sender and recipient utilize a trusted node as an intermediary for exchange of communications. A trusted node may be selected for its ability to securely and reliably forward communications, such as messages, message segments and storage segments. For example, rather than addressing every message segment to an intended recipient, a message sender may address one or more of the message segments to one or more trusted nodes . In preferred embodiments, forwarding instructions are included with the message segments to enable forwarding of the segments to the intended recipient .
Various embodiments may be used to obscure the origin and destination of a message. Message interception is very difficult for an eavesdropper tapping a communication link, even if the link is in close proximity to either the sender or recipient. To deduce the messages of a particular conversation, all messages or message segments received by, or leaving, the recipient (who may also be a sender) must be captured. Further, some or all of the communications may be encrypted to further complicate the eavesdropper's task. Increasing the number of trusted nodes can dramatically increase the difficulty of message interception.
Referring to Figures 12-14, one embodiment of an apparatus for transmitting a file includes a file splitter 71 that splits the file into a plurality of message segments 81. Each message segment includes forwarding instructions 82, e.g., an address of the destination. The transmission of message segments 81 may occur via all suitable techniques of file transfer, including, but not limited to, standard file-transfer protocols via an electronic or optical network. The apparatus also includes a file encapsulator 73. The file encapsulator 73 encapsulates at least one of the plurality of message segments 81. The encapsulation 83 conceals the address of the destination during transmission of the encapsulated message segment 81 to one or more trusted nodes . A trusted node address 84, which is publicly visible, is attached to the encapsulated message segment 81 to permit transmission of the message segment 81 to the corresponding trusted node. The trusted node re-encapsulates and retransmits the message segment 81, in part by examining the forwarding instructions 82 and making the address of the next destination, which may be the final destination address 85, visible to the network .
The file splitter 71 may also include a file converter. The file converter converts the file into N message segments that permit reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M > 1.
The apparatus may further include a file encoder 72. The file encoder 72 encodes the file prior to splitting of the file by the file splitter 71.
The file encoder 72, file encapsulator 73 and file splitter 71 may include, for example, integrated circuits, such as microprocessors. A single integrated circuit or microprocessor may include the file encoder 72, file encapsulator 73 and file splitter 71. One or more microprocessors may implement software that enables the functioning of the file encoder 72, file encapsulator 73 or file splitter 71. Any of the file encapsulator 73, the file splitter 71 and the file encoder 72 may be implemented in software, firmware or hardware (e.g. as an application-specific integrated circuit) . The software may be designed to run on general-purpose equipment or specialized processors dedicated to the functionality herein described.
An embodiment of a method of secure transmission of a file from a source to a destination includes splitting the file into a plurality of message segments. Each message segment includes an address of the destination. The method may further include encoding the file. Encoding the file may include enciphering the file. The process of splitting the file may include converting the file into N message segments. The N message segments may enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M ≥ 1. The method also includes encapsulating at least one of the plurality of message segments to conceal the address of the destination. At least one encapsulated message segment is transmitted to one or more trusted nodes. Message segments may be transmitted via multiple pathways of a communications network. The one or more trusted nodes retransmit the message segment to the destination for reassembly of the file at the destination. Retransmitting at least one message segment may include transmitting at least M of the N message segments to the destination. The message segment may be encapsulated during. transmission from the trusted node to another trusted node or to the destination. The file can be reassembled after at least M of the N message segments arrive at the destination.
Encapsulating a message segment may include enciphering the message segments. Encapsulating may further include adding forwarding instructions to the message segment. The forwarding instructions instruct a receiving one of the trusted nodes- to forward the message segment toward the destination. The forwarding instructions may include the address of the destination. Encapsulating may further include addressing each one of the plurality of message segments to one of the plurality of trusted nodes.
Some embodiments of a method of secure transmission of a file from a source to a destination include two or more stages of file splitting. In these embodiments, one or more message segments from a first file splitting step may be further split into additional message segments. A second splitting step may be advantageous, for example, when a node that transmits files via a network has limited access to the network. For example, a node that transmits files via the Internet may have limited gateway access. The access may be limited, for example, to as few as one or two gateways . The node might then split a file into a few message segments, for example three message segments, and transmit the message segments to the gateways. The gateways could further split one or more of the three message segments, and then forward message segments toward a destination via the Internet. In some embodiments of a method, which include multiple splitting steps, the file is converted into N message segments that enable reassembly of the file from a subset of any M of the message segments. At least M of the N message segments are transmitted toward a destination for reassembly of the file after receiving M of the N message segments.
At least one of the transmitted segments is further converted into N2 message segments that enable reassembly of the at least one message segment from a subset of any M2 of the N2 message segments, where N2 and M2 are positive integers and N2 > M2 ≥ 1. At least M2 of the N2 message segments are transmitted toward the destination for reassembly of the at least one message segment prior to reassembly of the file.
The at least M2 segments may be reassembled at the destination. Alternatively, the at least M2 segments may be • received and reassembled by an intermediate node. The reassembled segment may then be transmitted toward the final destination. Additional conversion steps and/or reassembly steps may be included at intermediate nodes in the network.
Various embodiments of the method and apparatus for secure exchange of messages may be applied to network-based communications. Relevant networks include, but are not limited to, local-area networks (LAN) or a wide area networks (WAN) such as the Internet or the World Wide Web. Senders and receivers can be connected to a WAN either directly or via a LAN through a variety of connections including standard telephone lines, LAN or WAN links (e.g., Tl, T3 , 56kb, X.25), broadband connections (ISDN, DSL, Frame Relay, ATM), and wireless connections. The connections can be established using a variety of communication protocols (e.g., TCP/IP, IPX, SPX, NetBIOS, Ethernet, RS232, and direct asynchronous connections) .
In some embodiments, the sender and receiver are comprised of appropriate computer hardware. Examples of such hardware include any personal computer (e.g., Windows or Macintosh operating system computer) , Windows-based terminal, Network Computer, wireless device, information appliance, RISC Power PC device, X-device, workstation, mini computer, main frame computer or other computing device.
Alternatively, the sender or receiver can be a portable computing device such as a PDA or cell phone. As a further alternative, the sender or receiver can be any terminal (windows' or non-windows based) , or thin-client device operating according to a server-based computing model.
Variations, modifications, and other implementations of what is' described herein will occur to those of ordinary skill in the art without departing from the spirit and the scope of the invention as claimed. Accordingly, the invention is to be defined not by the preceding illustrative description but instead by the spirit and scope of the following claims .
What is claimed is:

Claims

1. An apparatus for transmitting a file, comprising: a file splitter that splits the file into a plurality of message segments, each message segment including an address of the destination; and a file encapsulator that encapsulates at least one of the plurality of message segments to conceal the address of the destination during transmission of at least one encapsulated message segment to one or more trusted nodes for retransmission by the one or more trusted nodes toward the destination for reassembly of the file at the destination.
2. The apparatus of claim 1 wherein the file splitter comprises a file converter that converts the file into N message segments that enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M > 1.
3. The apparatus of claim 1 wherein a single processor includes the file splitter and the file encapsulator.
4. The apparatus of claim 1 further comprising a file encoder that encodes the file prior to splitting of the file by the file splitter.
5. A method of secure transmission of a file from a source to a destination, comprising the steps of: splitting the file into a plurality of message segments, each message segment including an address of the destination; encapsulating at least one of the plurality of message segments to conceal the address of the destination; transmitting at least one encapsulated message segment to one or more trusted nodes; and causing retransmission of the at least one of the plurality of message segments from the one or more trusted nodes toward the destination for reassembly of the file at the destination.
6. The method claim 5 wherein the step of splitting the file comprises the step of converting the file into N message segments that enable reassembly of the file from a subset of any M of the message segments, where N and M are positive integers, and N > M ≥ 1.
7. The method of claim 6 wherein the step of causing retransmission comprises causing splitting of the at least one message segment into N2 message segments that enable reassembly of the at least one message segment from a subset of any M2 of the N2 message segments, where N2 and M2 are positive integers and N2 > M2 ≥ 1; and causing transmission of at least M2 of the N2 message segments toward the destination for reassembly of the at least one message segment prior to reassembly of the file.
8. The method of claim 6 wherein the step of causing retransmission comprises the step of transmitting at least M of the N message segments to the destination for reassembly of the file after at least M of the N message segments arrive at the destination.
9. The method of claim 5 wherein the step of transmitting comprises the step of transmitting more than one message segment via multiple pathways of a communications network.
10. The method of claim 5 further comprising the step of encoding the file prior to transmission.
11. The method of claim 10 wherein the step of encoding the file comprises the step of enciphering the file.
12. The method of claim 5 wherein the step of encapsulating at least one of the plurality of message segments comprises the step of enciphering the at least one of the plurality of message segments .
13. The method of claim 5 wherein the step of encapsulating at least one of the plurality of message segments comprises the step of adding forwarding instructions to at least one of the plurality of message segments to instruct a receiving one of the plurality of trusted nodes to forward at least one of the plurality of message segments toward the destination.
14. The method of claim 5 wherein the step of encapsulating at least one of the plurality of message segments comprises the step of addressing each one of the plurality of message segments to one of the plurality of trusted nodes .
15. The method of claim 5 wherein the step of causing retransmission comprises causing splitting of the at least one of the plurality of message segments into a second plurality of message segments including an address of the destination; and causing transmission of the second plurality of message segments toward the destination.
16. The method of claim 15 further comprising the steps of causing reassembly of the at least one message segment; and causing transmission of the at least one reassembled message segment toward the receiver.
PCT/US2001/050069 2000-12-22 2001-12-21 Method and system for secure exchange of messages WO2002062032A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002248234A AU2002248234A1 (en) 2000-12-22 2001-12-21 Method and system for secure exchange of messages

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US25812700P 2000-12-22 2000-12-22
US60/258,127 2000-12-22

Publications (3)

Publication Number Publication Date
WO2002062032A2 WO2002062032A2 (en) 2002-08-08
WO2002062032A3 WO2002062032A3 (en) 2003-07-10
WO2002062032A9 true WO2002062032A9 (en) 2004-05-13

Family

ID=22979192

Family Applications (3)

Application Number Title Priority Date Filing Date
PCT/US2001/050069 WO2002062032A2 (en) 2000-12-22 2001-12-21 Method and system for secure exchange of messages
PCT/US2001/050059 WO2002052787A2 (en) 2000-12-22 2001-12-21 Message splitting and spatially diversified message routing for increasing transmission assurance and data security over distributed networks
PCT/US2001/050052 WO2002065292A2 (en) 2000-12-22 2001-12-21 Distributed fault tolerant and secure storage

Family Applications After (2)

Application Number Title Priority Date Filing Date
PCT/US2001/050059 WO2002052787A2 (en) 2000-12-22 2001-12-21 Message splitting and spatially diversified message routing for increasing transmission assurance and data security over distributed networks
PCT/US2001/050052 WO2002065292A2 (en) 2000-12-22 2001-12-21 Distributed fault tolerant and secure storage

Country Status (3)

Country Link
US (3) US20020080888A1 (en)
AU (3) AU2002248234A1 (en)
WO (3) WO2002062032A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9213857B2 (en) 2010-03-31 2015-12-15 Security First Corp. Systems and methods for securing data in motion
US9294444B2 (en) 2004-10-25 2016-03-22 Security First Corp. Systems and methods for cryptographically splitting and storing data
US9298937B2 (en) 1999-09-20 2016-03-29 Security First Corp. Secure data parser method and system
US9411524B2 (en) 2010-05-28 2016-08-09 Security First Corp. Accelerator system for use with secure data storage
US9516002B2 (en) 2009-11-25 2016-12-06 Security First Corp. Systems and methods for securing data in motion

Families Citing this family (773)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073617A1 (en) 2000-06-19 2004-04-15 Milliken Walter Clark Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US6958984B2 (en) * 2001-08-02 2005-10-25 Motorola, Inc. Method and apparatus for aggregation of wireless resources of proximal wireless units to facilitate diversity signal combining
US7002942B2 (en) * 2001-08-02 2006-02-21 Motorola, Inc. Method and apparatus for communicating information by splitting information among a plurality of proximal units
US7548506B2 (en) 2001-10-17 2009-06-16 Nortel Networks Limited System access and synchronization methods for MIMO OFDM communications systems and physical layer packet and preamble design
US7032224B2 (en) * 2001-12-31 2006-04-18 Slam Dunk Networks, Inc. Method for the secure and timely delivery of large messages over a distributed communication network
US20040025018A1 (en) * 2002-01-23 2004-02-05 Haas Zygmunt J. Secure end-to-end communication in mobile ad hoc networks
US6760845B1 (en) 2002-02-08 2004-07-06 Networks Associates Technology, Inc. Capture file format system and method for a network analyzer
US7599852B2 (en) * 2002-04-05 2009-10-06 Sponster Llc Method and apparatus for adding advertising tag lines to electronic messages
US20030204741A1 (en) * 2002-04-26 2003-10-30 Isadore Schoen Secure PKI proxy and method for instant messaging clients
US20030236869A1 (en) * 2002-06-04 2003-12-25 Emmot Darel N. Data management system and method
DE10335943A1 (en) * 2002-08-06 2004-06-03 Brainshield Technologies Inc. Device for copy-protected distribution of electronic documents via public electronic data network e.g. the internet, with time-limited access to reconstruction server for reconstruction of encrypted document
US7653632B2 (en) * 2002-10-01 2010-01-26 Texas Instruments Incorporated File system for storing multiple files as a single compressed file
US7586874B2 (en) * 2003-01-06 2009-09-08 Interdigital Technology Corporation Wireless communication method and apparatus for providing multimedia broadcast services
US9372870B1 (en) 2003-01-21 2016-06-21 Peer Fusion, Inc. Peer to peer code generator and decoder for digital systems and cluster storage system
US8626820B1 (en) * 2003-01-21 2014-01-07 Peer Fusion, Inc. Peer to peer code generator and decoder for digital systems
US8108500B2 (en) * 2003-06-13 2012-01-31 Broadcom Corporation Probing-based auto moding
KR100526183B1 (en) 2003-07-15 2005-11-03 삼성전자주식회사 Apparatus and Method for efficient data transmission/reception in Mobile Ad-hoc Network
GB0317308D0 (en) * 2003-07-24 2003-08-27 Koninkl Philips Electronics Nv Wireless network security
CH694215A5 (en) * 2003-09-10 2004-09-15 Csaba Bona Method is for transmission of electronic data via dual network for increasing Internet security and involves packet preparation which puts together each second bit of useful information in two types of packets
JP4448000B2 (en) * 2003-11-05 2010-04-07 キヤノン株式会社 Information transmission apparatus, information transmission destination designation method, storage medium, and program
GB2409299B (en) * 2003-12-18 2007-11-07 Ibm A system for preparing data
GB0406095D0 (en) * 2004-03-17 2004-04-21 Koninkl Philips Electronics Nv Method for providing secure data transfer in a mesh network
NZ552196A (en) * 2004-06-24 2010-09-30 Freestyle Technology Pty Ltd Client processor device
US8606891B2 (en) 2004-09-10 2013-12-10 Freestyle Technology Pty Ltd Client processor device for building application files from file fragments for different versions of an application
US7860923B2 (en) * 2004-08-18 2010-12-28 Time Warner Inc. Method and device for the wireless exchange of media content between mobile devices based on user information
WO2006023836A2 (en) * 2004-08-18 2006-03-02 Time Warner, Inc. Method and apparatus for wirelessly sharing a file using an application level connection
US7860922B2 (en) * 2004-08-18 2010-12-28 Time Warner, Inc. Method and device for the wireless exchange of media content between mobile devices based on content preferences
DE102004047371A1 (en) * 2004-09-29 2006-03-30 Siemens Ag Method for distributing software and configuration data and corresponding data network
CN100499459C (en) * 2005-02-24 2009-06-10 华为技术有限公司 Method for implementing information stream transmission in next generation network
US8266237B2 (en) * 2005-04-20 2012-09-11 Microsoft Corporation Systems and methods for providing distributed, decentralized data storage and retrieval
US7515565B2 (en) * 2005-05-09 2009-04-07 Kyocera Corporation Multiple source wireless communication system and method
US20070024471A1 (en) * 2005-08-01 2007-02-01 Lexmark International, Inc. Systems and methods for secure communication over wired transmission channels
US20070053512A1 (en) * 2005-09-02 2007-03-08 Sbc Knowledge Ventures Lp Method and apparatus for improving security in a voice over internet protocol session
US11080138B1 (en) 2010-04-26 2021-08-03 Pure Storage, Inc. Storing integrity information in a vast storage system
US11416339B1 (en) 2005-09-30 2022-08-16 Pure Storage, Inc. Validating requests based on stored vault information
US10866754B2 (en) 2010-04-26 2020-12-15 Pure Storage, Inc. Content archiving in a distributed storage network
US8694668B2 (en) * 2005-09-30 2014-04-08 Cleversafe, Inc. Streaming media software interface to a dispersed data storage network
US10389814B2 (en) 2005-09-30 2019-08-20 Pure Storage, Inc. Prioritizing memory devices to replace based on namespace health
US8595435B2 (en) * 2009-07-30 2013-11-26 Cleversafe, Inc. Dispersed storage write process
US7574570B2 (en) * 2005-09-30 2009-08-11 Cleversafe Inc Billing system for information dispersal system
US10270858B2 (en) 2005-09-30 2019-04-23 International Business Machines Corporation Inducing memory device idle time through rolling read prioritizations
US10257276B2 (en) 2005-09-30 2019-04-09 International Business Machines Corporation Predictive rebalancing according to future usage expectations
US8209363B2 (en) * 2007-10-09 2012-06-26 Cleversafe, Inc. File system adapted for use with a dispersed data storage network
US11340988B2 (en) * 2005-09-30 2022-05-24 Pure Storage, Inc. Generating integrity information in a vast storage system
US11909418B1 (en) 2005-09-30 2024-02-20 Pure Storage, Inc. Access authentication in a dispersed storage network
US9632722B2 (en) 2010-05-19 2017-04-25 International Business Machines Corporation Balancing storage unit utilization within a dispersed storage network
US8880799B2 (en) * 2005-09-30 2014-11-04 Cleversafe, Inc. Rebuilding data on a dispersed storage network
US11272009B1 (en) 2005-09-30 2022-03-08 Pure Storage, Inc. Managed data slice maintenance in a distributed storage system
US10860424B1 (en) 2005-09-30 2020-12-08 Pure Storage, Inc. Background verification processing in a storage network
US10938418B2 (en) 2005-09-30 2021-03-02 Pure Storage, Inc. Online disk replacement/removal
US9063881B2 (en) 2010-04-26 2015-06-23 Cleversafe, Inc. Slice retrieval in accordance with an access sequence in a dispersed storage network
US7953937B2 (en) * 2005-09-30 2011-05-31 Cleversafe, Inc. Systems, methods, and apparatus for subdividing data for storage in a dispersed data storage grid
US11221917B1 (en) 2005-09-30 2022-01-11 Pure Storage, Inc. Integrity processing in a dispersed storage network
US11620185B2 (en) 2005-09-30 2023-04-04 Pure Storage, Inc. Integrity processing in a dispersed storage network
US11841770B2 (en) 2005-09-30 2023-12-12 Pure Storage, Inc. Storage unit connection security in a storage network and methods for use therewith
US8352782B2 (en) * 2005-09-30 2013-01-08 Cleversafe, Inc. Range based rebuilder for use with a dispersed data storage network
US10154034B2 (en) 2010-04-26 2018-12-11 International Business Machines Corporation Cooperative data access request authorization in a dispersed storage network
US11327674B2 (en) 2012-06-05 2022-05-10 Pure Storage, Inc. Storage vault tiering and data migration in a distributed storage network
US10282440B2 (en) 2015-03-31 2019-05-07 International Business Machines Corporation Prioritizing rebuilding of encoded data slices
US10747616B2 (en) 2015-03-31 2020-08-18 Pure Storage, Inc. Adapting rebuilding of encoded data slices in a dispersed storage network
US9774684B2 (en) 2005-09-30 2017-09-26 International Business Machines Corporation Storing data in a dispersed storage network
US8171101B2 (en) * 2005-09-30 2012-05-01 Cleversafe, Inc. Smart access to a dispersed data storage network
US9996413B2 (en) * 2007-10-09 2018-06-12 International Business Machines Corporation Ensuring data integrity on a dispersed storage grid
US10051057B2 (en) 2005-09-30 2018-08-14 International Business Machines Corporation Prioritizing read locations based on an error history
US7904475B2 (en) * 2007-10-09 2011-03-08 Cleversafe, Inc. Virtualized data storage vaults on a dispersed data storage network
US10169229B2 (en) 2012-06-05 2019-01-01 International Business Machines Corporation Protocols for expanding existing sites in a dispersed storage network
US9027080B2 (en) 2008-03-31 2015-05-05 Cleversafe, Inc. Proxy access to a dispersed storage network
US10250686B2 (en) 2005-09-30 2019-04-02 International Business Machines Corporation Finding alternate storage locations to support failing disk migration
US8357048B2 (en) * 2009-09-29 2013-01-22 Cleversafe, Inc. Interactive gaming utilizing a dispersed storage network
US10855769B2 (en) 2005-09-30 2020-12-01 Pure Storage, Inc. Prioritizing memory devices to replace based on namespace health
US10356177B2 (en) 2005-09-30 2019-07-16 International Business Machines Corporation Prioritizing ranges to rebuild based on namespace health
US9632872B2 (en) 2012-06-05 2017-04-25 International Business Machines Corporation Reprioritizing pending dispersed storage network requests
US10432726B2 (en) 2005-09-30 2019-10-01 Pure Storage, Inc. Last-resort operations to save at-risk-data
US11474903B1 (en) 2005-09-30 2022-10-18 Pure Storage, Inc. Rebuilding of encoded data slices using locally decodable code segments
US10044807B2 (en) 2005-09-30 2018-08-07 International Business Machines Corporation Optimistic checked writes
US8285878B2 (en) * 2007-10-09 2012-10-09 Cleversafe, Inc. Block based access to a dispersed data storage network
US8555109B2 (en) * 2009-07-30 2013-10-08 Cleversafe, Inc. Method and apparatus for distributed storage integrity processing
EP1952575B1 (en) 2005-11-18 2017-12-27 Security First Corp. Secure data parser method and system
US8014389B2 (en) * 2005-12-06 2011-09-06 Lippershy Celestial Llc Bidding network
TWI301021B (en) * 2005-12-27 2008-09-11 Ind Tech Res Inst File distribution and access system and method for file management
US7716180B2 (en) 2005-12-29 2010-05-11 Amazon Technologies, Inc. Distributed storage system with web services client interface
US20070177739A1 (en) * 2006-01-27 2007-08-02 Nec Laboratories America, Inc. Method and Apparatus for Distributed Data Replication
EP1850554A3 (en) * 2006-04-21 2010-03-17 LONMARK Deutschland e.V. Safe communications in a network
KR20080113299A (en) * 2006-04-27 2008-12-29 엔엑스피 비 브이 Secure storage system and method for secure storing
US20100167690A1 (en) * 2006-06-20 2010-07-01 Mats Andersson user terminal for enhanced security in a wireless communications system, and a system for its use
WO2008001327A2 (en) * 2006-06-30 2008-01-03 Koninklijke Philips Electronics N.V. Method and apparatus for encrypting/decrypting data
DE102006030838A1 (en) * 2006-07-04 2008-01-10 Technische Universität München A signal encoder, a signal decoder, a method of configuring a signal encoder, a method of configuring a signal decoder, a method of operating a signal encoder, a method of operating a signal decoder, a computer program and a data transmission system
US20080137854A1 (en) * 2006-11-20 2008-06-12 Victor Bryan Friday Secure data transmission utility system
GB2446200A (en) * 2006-12-01 2008-08-06 David Irvine Encryption system for peer-to-peer networks which relies on hash based self-encryption and mapping
GB2446199A (en) 2006-12-01 2008-08-06 David Irvine Secure, decentralised and anonymous peer-to-peer network
CA2670597A1 (en) * 2006-12-05 2008-06-12 Don Martin Improved tape backup method using a secure data parser
US8301179B2 (en) * 2006-12-06 2012-10-30 Research In Motion Limited Method and system for communicating a message attachment
EP1931090B1 (en) 2006-12-06 2010-01-20 Research In Motion Limited Method and system for communicating a message attachment
US20120084544A1 (en) * 2010-10-04 2012-04-05 Ralph Robert Farina Methods and systems for providing and controlling cryptographically secure communications across unsecured networks between a secure virtual terminal and a remote system
EP1976201A1 (en) * 2007-03-30 2008-10-01 Lucent Technologies Inc. Shared communication capabilities of mobile stations for high bandwidth communications
FR2920618B1 (en) * 2007-08-31 2009-10-30 Thales Sa METHOD FOR DISTRIBUTING CRYPTOGRAPHIC KEYS IN A COMMUNICATION NETWORK
US9521186B2 (en) 2007-09-13 2016-12-13 International Business Machines Corporation Method and system for file transfer over a messaging infrastructure
BRPI0816772A2 (en) 2007-09-14 2015-03-24 Security First Corp Systems and methods for controlling cryptographic keys
US20090083366A1 (en) * 2007-09-26 2009-03-26 Martin Roantree Secure document transmission
US8819179B2 (en) 2007-10-09 2014-08-26 Cleversafe, Inc. Data revision synchronization in a dispersed storage network
US8965956B2 (en) 2007-10-09 2015-02-24 Cleversafe, Inc. Integrated client for use with a dispersed data storage network
US9959076B2 (en) 2007-10-09 2018-05-01 International Business Machines Corporation Optimized disk load distribution
US8549351B2 (en) * 2007-10-09 2013-10-01 Cleversafe, Inc. Pessimistic data reading in a dispersed storage network
US9888076B2 (en) 2007-10-09 2018-02-06 International Business Machines Corporation Encoded data slice caching in a distributed storage network
US8572429B2 (en) * 2007-10-09 2013-10-29 Cleversafe, Inc. Optimistic data writing in a dispersed storage network
US9697171B2 (en) 2007-10-09 2017-07-04 Internaitonal Business Machines Corporation Multi-writer revision synchronization in a dispersed storage network
US10027478B2 (en) 2007-10-09 2018-07-17 International Business Machines Corporation Differential key backup
US8478865B2 (en) * 2007-10-09 2013-07-02 Cleversafe, Inc. Systems, methods, and apparatus for matching a connection request with a network interface adapted for use with a dispersed data storage network
US8185614B2 (en) * 2007-10-09 2012-05-22 Cleversafe, Inc. Systems, methods, and apparatus for identifying accessible dispersed digital storage vaults utilizing a centralized registry
US8533256B2 (en) * 2007-10-09 2013-09-10 Cleversafe, Inc. Object interface to a dispersed data storage network
US8189768B2 (en) * 2007-10-31 2012-05-29 First Principles, Inc. Secure messaging
US8442070B1 (en) * 2008-02-01 2013-05-14 Hobnob, Inc. Fractional threshold encoding and aggregation
ES2449790T3 (en) 2008-02-22 2014-03-21 Security First Corp. Systems and methods for secure management and communication in a work group
FR2929063B1 (en) * 2008-03-20 2010-06-11 Canon Kk METHOD AND DEVICE FOR ALLOCATING DATA TRANSMISSION PATHS IN A SYNCHRONOUS COMMUNICATION NETWORK, COMPUTER PROGRAM PRODUCT AND CORRESPONDING STORAGE MEDIUM
EP2107730A1 (en) 2008-03-31 2009-10-07 Mitsubishi Electric R&D Centre Europe B.V. Method for determining to which resource among plural resources, elements of a group of elements have to be allocated
EP2107731B1 (en) * 2008-03-31 2016-11-09 Mitsubishi Electric R&D Centre Europe B.V. Method and a device for transferring a flow of data by a first telecommunication device to a second telecommunication device
US9501355B2 (en) 2008-03-31 2016-11-22 International Business Machines Corporation Storing data and directory information in a distributed storage network
US10169598B1 (en) 2008-04-10 2019-01-01 United Services Automobile Association Systems and methods for sending and receiving encrypted submessages
US8630987B2 (en) * 2008-07-16 2014-01-14 Cleversafe, Inc. System and method for accessing a data object stored in a distributed storage network
US8819011B2 (en) * 2008-07-16 2014-08-26 Cleversafe, Inc. Command line interpreter for accessing a data object stored in a distributed storage network
DE102008035923A1 (en) * 2008-08-01 2010-02-11 Robert Niggl System for controlled exchange of data between identified Internet devices by partial data transmission, has transmission routes that are provided between source system and target system
US10447474B2 (en) * 2009-04-20 2019-10-15 Pure Storage, Inc. Dispersed data storage system data decoding and decryption
US11868498B1 (en) 2009-04-20 2024-01-09 Pure Storage, Inc. Storage integrity processing in a storage network
US8744071B2 (en) * 2009-04-20 2014-06-03 Cleversafe, Inc. Dispersed data storage system data encryption and encoding
US10104045B2 (en) 2009-04-20 2018-10-16 International Business Machines Corporation Verifying data security in a dispersed storage network
US9483656B2 (en) 2009-04-20 2016-11-01 International Business Machines Corporation Efficient and secure data storage utilizing a dispersed data storage system
US8819781B2 (en) * 2009-04-20 2014-08-26 Cleversafe, Inc. Management of network devices within a dispersed data storage network
US8656187B2 (en) * 2009-04-20 2014-02-18 Cleversafe, Inc. Dispersed storage secure data decoding
CA2760251A1 (en) 2009-05-19 2010-11-25 Security First Corp. Systems and methods for securing data in the cloud
US10230692B2 (en) * 2009-06-30 2019-03-12 International Business Machines Corporation Distributed storage processing module
US9009575B2 (en) 2009-07-30 2015-04-14 Cleversafe, Inc. Rebuilding a data revision in a dispersed storage network
US9558059B2 (en) 2009-07-30 2017-01-31 International Business Machines Corporation Detecting data requiring rebuilding in a dispersed storage network
US10108492B2 (en) 2009-07-30 2018-10-23 International Business Machines Corporation Rebuilding data stored in a dispersed storage network
US9208025B2 (en) 2009-07-30 2015-12-08 Cleversafe, Inc. Virtual memory mapping in a dispersed storage network
US9207870B2 (en) 2009-07-30 2015-12-08 Cleversafe, Inc. Allocating storage units in a dispersed storage network
US8448016B2 (en) 2009-07-31 2013-05-21 Cleversafe, Inc. Computing core application access utilizing dispersed storage
DE112010003149B4 (en) 2009-07-31 2023-09-14 International Business Machines Corporation Collaborative encryption and decryption by agents
US8949695B2 (en) * 2009-08-27 2015-02-03 Cleversafe, Inc. Method and apparatus for nested dispersed storage
US9411810B2 (en) 2009-08-27 2016-08-09 International Business Machines Corporation Method and apparatus for identifying data inconsistency in a dispersed storage network
US8560855B2 (en) 2009-08-27 2013-10-15 Cleversafe, Inc. Verification of dispersed storage network access control information
DE112009005190A5 (en) * 2009-08-30 2012-06-28 Robert Niggl METHOD AND SYSTEM FOR CONTROLLED DATA EXCHANGE BETWEEN IDENTIFIED IT DEVICES
US9436653B2 (en) * 2009-09-03 2016-09-06 International Business Machines Corporation Shared-bandwidth multiple target remote copy
US8548913B2 (en) 2009-09-29 2013-10-01 Cleversafe, Inc. Method and apparatus to secure an electronic commerce transaction
US8918534B2 (en) 2009-09-29 2014-12-23 Cleversafe, Inc. Writing data slices to ready and non-ready distributed storage units in a distributed storage network
US8750847B2 (en) * 2009-09-29 2014-06-10 Orange Method of masking an identifier of at least one destination of a call, and a corresponding device and computer program
US8281181B2 (en) * 2009-09-30 2012-10-02 Cleversafe, Inc. Method and apparatus for selectively active dispersed storage memory device utilization
US20170147219A1 (en) * 2009-09-30 2017-05-25 International Business Machines Corporation Utilization of solid-state memory devices in a dispersed storage network
US20110093540A1 (en) * 2009-09-30 2011-04-21 Bae Systems Information And Electronic Systems Integration Inc. Method and system for communications using cooperative helper nodes
US8438456B2 (en) * 2009-10-05 2013-05-07 Cleversafe, Inc. Method and apparatus for dispersed storage of streaming data
US8560604B2 (en) 2009-10-08 2013-10-15 Hola Networks Ltd. System and method for providing faster and more efficient data communication
US8433978B2 (en) * 2009-10-29 2013-04-30 Cleversafe, Inc. Data distribution utilizing unique read parameters in a dispersed storage system
US10389845B2 (en) 2009-10-29 2019-08-20 Pure Storage, Inc. Determining how to service requests based on several indicators
US9015431B2 (en) * 2009-10-29 2015-04-21 Cleversafe, Inc. Distributed storage revision rollbacks
US10757187B2 (en) 2009-10-29 2020-08-25 Pure Storage, Inc. Streaming all-or-nothing encoding with random offset support
US9774678B2 (en) 2009-10-29 2017-09-26 International Business Machines Corporation Temporarily storing data in a dispersed storage network
US9661356B2 (en) 2009-10-29 2017-05-23 International Business Machines Corporation Distribution of unique copies of broadcast data utilizing fault-tolerant retrieval from dispersed storage
US10073737B2 (en) 2009-10-30 2018-09-11 International Business Machines Corporation Slice location identification
US9900150B2 (en) * 2009-10-30 2018-02-20 International Business Machines Corporation Dispersed storage camera device and method of operation
US9311185B2 (en) 2009-10-30 2016-04-12 Cleversafe, Inc. Dispersed storage unit solicitation method and apparatus
US8589637B2 (en) * 2009-10-30 2013-11-19 Cleversafe, Inc. Concurrent set storage in distributed storage network
US8479078B2 (en) * 2009-10-30 2013-07-02 Cleversafe, Inc. Distributed storage network for modification of a data object
US9098376B2 (en) 2009-10-30 2015-08-04 Cleversafe, Inc. Distributed storage network for modification of a data object
US9413529B2 (en) 2009-10-30 2016-08-09 International Business Machines Corporation Distributed storage network and method for storing and retrieving encryption keys
US8572282B2 (en) 2009-10-30 2013-10-29 Cleversafe, Inc. Router assisted dispersed storage network method and apparatus
US9195408B2 (en) 2009-10-30 2015-11-24 Cleversafe, Inc. Highly autonomous dispersed storage system retrieval method
EP2503741B1 (en) * 2009-11-18 2014-09-17 Nec Corporation Dynamic route branching system and dynamic route branching method
US9270298B2 (en) 2009-11-24 2016-02-23 International Business Machines Corporation Selecting storage units to rebuild an encoded data slice
US9501349B2 (en) 2009-11-24 2016-11-22 International Business Machines Corporation Changing dispersed storage error encoding parameters
US8918897B2 (en) * 2009-11-24 2014-12-23 Cleversafe, Inc. Dispersed storage network data slice integrity verification
US9152514B2 (en) 2009-11-24 2015-10-06 Cleversafe, Inc. Rebuilding a data segment in a dispersed storage network
US8527807B2 (en) 2009-11-25 2013-09-03 Cleversafe, Inc. Localized dispersed storage memory system
US9836352B2 (en) 2009-11-25 2017-12-05 International Business Machines Corporation Detecting a utilization imbalance between dispersed storage network storage units
US10015141B2 (en) 2009-11-25 2018-07-03 International Business Machines Corporation Dispersed data storage in a VPN group of devices
US9626248B2 (en) 2009-11-25 2017-04-18 International Business Machines Corporation Likelihood based rebuilding of missing encoded data slices
US9996548B2 (en) 2009-11-25 2018-06-12 International Business Machines Corporation Dispersed storage using localized peer-to-peer capable wireless devices in a peer-to-peer or femto cell supported carrier served fashion
US8819452B2 (en) 2009-11-25 2014-08-26 Cleversafe, Inc. Efficient storage of encrypted data in a dispersed storage network
US8688907B2 (en) * 2009-11-25 2014-04-01 Cleversafe, Inc. Large scale subscription based dispersed storage network
US9672109B2 (en) 2009-11-25 2017-06-06 International Business Machines Corporation Adaptive dispersed storage network (DSN) and system
US8621268B2 (en) * 2009-11-25 2013-12-31 Cleversafe, Inc. Write threshold utilization in a dispersed storage system
US9489264B2 (en) 2009-11-25 2016-11-08 International Business Machines Corporation Storing an encoded data slice as a set of sub-slices
EP2333997A1 (en) * 2009-12-14 2011-06-15 Alcatel Lucent Method of dispersity transmitting a piece of information
US20110145336A1 (en) * 2009-12-14 2011-06-16 Carroll Martin D Electronic mail server and method for automatically generating address lists
US10237281B2 (en) 2009-12-29 2019-03-19 International Business Machines Corporation Access policy updates in a dispersed storage network
US9922063B2 (en) 2009-12-29 2018-03-20 International Business Machines Corporation Secure storage of secret data in a dispersed storage network
US9866595B2 (en) 2009-12-29 2018-01-09 International Busines Machines Corporation Policy based slice deletion in a dispersed storage network
US9798467B2 (en) 2009-12-29 2017-10-24 International Business Machines Corporation Security checks for proxied requests
US9152489B2 (en) 2009-12-29 2015-10-06 Cleversafe, Inc. Revision synchronization of a dispersed storage network
US10372686B2 (en) 2009-12-29 2019-08-06 International Business Machines Corporation Policy-based storage in a dispersed storage network
US10133632B2 (en) 2009-12-29 2018-11-20 International Business Machines Corporation Determining completion of migration in a dispersed storage network
US8468368B2 (en) * 2009-12-29 2013-06-18 Cleversafe, Inc. Data encryption parameter dispersal
US20180335967A1 (en) 2009-12-29 2018-11-22 International Business Machines Corporation User customizable data processing plan in a dispersed storage network
US9672108B2 (en) 2009-12-29 2017-06-06 International Business Machines Corporation Dispersed storage network (DSN) and system with improved security
US10289505B2 (en) * 2009-12-29 2019-05-14 International Business Machines Corporation Dispersed multi-media content for a centralized digital video storage system
US9462316B2 (en) * 2009-12-29 2016-10-04 International Business Machines Corporation Digital content retrieval utilizing dispersed storage
US9413393B2 (en) 2009-12-29 2016-08-09 International Business Machines Corporation Encoding multi-media content for a centralized digital video storage system
US10158648B2 (en) 2009-12-29 2018-12-18 International Business Machines Corporation Policy-based access in a dispersed storage network
US10067831B2 (en) 2009-12-29 2018-09-04 International Business Machines Corporation Slice migration in a dispersed storage network
US9305597B2 (en) 2009-12-29 2016-04-05 Cleversafe, Inc. Accessing stored multi-media content based on a subscription priority level
US10001923B2 (en) 2009-12-29 2018-06-19 International Business Machines Corporation Generation collapse
US9330241B2 (en) 2009-12-29 2016-05-03 International Business Machines Corporation Applying digital rights management to multi-media file playback
US10031669B2 (en) 2009-12-29 2018-07-24 International Business Machines Corporation Scheduling migration related traffic to be non-disruptive and performant
US9507735B2 (en) 2009-12-29 2016-11-29 International Business Machines Corporation Digital content retrieval utilizing dispersed storage
US9727266B2 (en) 2009-12-29 2017-08-08 International Business Machines Corporation Selecting storage units in a dispersed storage network
US9369526B2 (en) 2009-12-29 2016-06-14 International Business Machines Corporation Distributed storage time synchronization based on retrieval delay
US8990585B2 (en) 2009-12-29 2015-03-24 Cleversafe, Inc. Time based dispersed storage access
US10148788B2 (en) 2009-12-29 2018-12-04 International Business Machines Corporation Method for providing schedulers in a distributed storage network
US8762343B2 (en) * 2009-12-29 2014-06-24 Cleversafe, Inc. Dispersed storage of software
US8954667B2 (en) 2010-01-28 2015-02-10 Cleversafe, Inc. Data migration in a dispersed storage network
US8959366B2 (en) * 2010-01-28 2015-02-17 Cleversafe, Inc. De-sequencing encoded data slices
US8522113B2 (en) * 2010-01-28 2013-08-27 Cleversafe, Inc. Selecting storage facilities and dispersal parameters in a dispersed storage network
US11301592B2 (en) 2010-01-28 2022-04-12 Pure Storage, Inc. Distributed storage with data obfuscation and method for use therewith
US9760440B2 (en) 2010-01-28 2017-09-12 International Business Machines Corporation Site-based namespace allocation
US9201732B2 (en) 2010-01-28 2015-12-01 Cleversafe, Inc. Selective activation of memory to retrieve data in a dispersed storage network
US8352501B2 (en) * 2010-01-28 2013-01-08 Cleversafe, Inc. Dispersed storage network utilizing revision snapshots
US9043548B2 (en) 2010-01-28 2015-05-26 Cleversafe, Inc. Streaming content storage
US10007575B2 (en) 2010-02-27 2018-06-26 International Business Machines Corporation Alternative multiple memory format storage in a storage network
US20180365105A1 (en) 2014-06-05 2018-12-20 International Business Machines Corporation Establishing an operation execution schedule in a dispersed storage network
US10268374B2 (en) 2010-02-27 2019-04-23 International Business Machines Corporation Redundant array of independent discs and dispersed storage network system re-director
US11429486B1 (en) 2010-02-27 2022-08-30 Pure Storage, Inc. Rebuilding data via locally decodable redundancy in a vast storage network
US9135115B2 (en) 2010-02-27 2015-09-15 Cleversafe, Inc. Storing data in multiple formats including a dispersed storage format
US10324791B2 (en) 2010-11-01 2019-06-18 International Business Machines Corporation Selectable parallel processing of dispersed storage error encoding
US10216647B2 (en) 2010-02-27 2019-02-26 International Business Machines Corporation Compacting dispersed storage space
US9311184B2 (en) 2010-02-27 2016-04-12 Cleversafe, Inc. Storing raid data as encoded data slices in a dispersed storage network
US8281182B2 (en) * 2010-03-12 2012-10-02 Cleversafe, Inc. Dispersed storage unit selection
US8578205B2 (en) * 2010-03-15 2013-11-05 Cleversafe, Inc. Requesting cloud data storage
US8527705B2 (en) * 2010-03-16 2013-09-03 Cleversafe, Inc. Temporarily caching an encoded data slice
US9229824B2 (en) 2010-03-16 2016-01-05 International Business Machines Corporation Caching rebuilt encoded data slices in a dispersed storage network
US9170884B2 (en) 2010-03-16 2015-10-27 Cleversafe, Inc. Utilizing cached encoded data slices in a dispersed storage network
US8493608B2 (en) * 2010-03-25 2013-07-23 Kyocera Document Solutions Inc. Image forming apparatus capable of managing job history, computer-readable recording medium storing job history management program code, and job history management method in the image forming apparatus
US9092386B2 (en) 2010-04-26 2015-07-28 Cleversafe, Inc. Indicating an error within a dispersed storage network
US9898373B2 (en) 2010-04-26 2018-02-20 International Business Machines Corporation Prioritizing rebuilding of stored data in a dispersed storage network
US9606858B2 (en) 2010-04-26 2017-03-28 International Business Machines Corporation Temporarily storing an encoded data slice
US9495117B2 (en) 2010-04-26 2016-11-15 International Business Machines Corporation Storing data in a dispersed storage network
US8938552B2 (en) 2010-08-02 2015-01-20 Cleversafe, Inc. Resolving a protocol issue within a dispersed storage network
US10956292B1 (en) 2010-04-26 2021-03-23 Pure Storage, Inc. Utilizing integrity information for data retrieval in a vast storage system
US10447767B2 (en) 2010-04-26 2019-10-15 Pure Storage, Inc. Resolving a performance issue within a dispersed storage network
US8914669B2 (en) 2010-04-26 2014-12-16 Cleversafe, Inc. Secure rebuilding of an encoded data slice in a dispersed storage network
US8625635B2 (en) 2010-04-26 2014-01-07 Cleversafe, Inc. Dispersed storage network frame protocol header
US10193689B2 (en) 2010-05-19 2019-01-29 International Business Machines Corporation Storing access information in a dispersed storage network
US10353774B2 (en) 2015-10-30 2019-07-16 International Business Machines Corporation Utilizing storage unit latency data in a dispersed storage network
US8626871B2 (en) 2010-05-19 2014-01-07 Cleversafe, Inc. Accessing a global vault in multiple dispersed storage networks
US11740972B1 (en) 2010-05-19 2023-08-29 Pure Storage, Inc. Migrating data in a vast storage network
US8621580B2 (en) 2010-05-19 2013-12-31 Cleversafe, Inc. Retrieving access information in a dispersed storage network
US10911230B2 (en) 2010-05-19 2021-02-02 Pure Storage, Inc. Securely activating functionality of a computing device in a dispersed storage network
US8874868B2 (en) 2010-05-19 2014-10-28 Cleversafe, Inc. Memory utilization balancing in a dispersed storage network
US8909858B2 (en) 2010-06-09 2014-12-09 Cleversafe, Inc. Storing encoded data slices in a dispersed storage network
US8782227B2 (en) 2010-06-22 2014-07-15 Cleversafe, Inc. Identifying and correcting an undesired condition of a dispersed storage network access request
US8555142B2 (en) 2010-06-22 2013-10-08 Cleversafe, Inc. Verifying integrity of data stored in a dispersed storage memory
US10162524B2 (en) 2010-08-02 2018-12-25 International Business Machines Corporation Determining whether to compress a data segment in a dispersed storage network
US8627114B2 (en) 2010-08-02 2014-01-07 Cleversafe, Inc. Authenticating a data access request to a dispersed storage network
US20190095101A1 (en) 2010-08-02 2019-03-28 International Business Machines Corporation Authenticating a credential in a dispersed storage network
US9077734B2 (en) 2010-08-02 2015-07-07 Cleversafe, Inc. Authentication of devices of a dispersed storage network
US9063968B2 (en) 2010-08-02 2015-06-23 Cleversafe, Inc. Identifying a compromised encoded data slice
EP2418579A1 (en) * 2010-08-06 2012-02-15 Alcatel Lucent A method of storing data, corresponding computer program product, and data storage device therefor
US10255135B2 (en) 2010-08-25 2019-04-09 International Business Machines Corporation Method and apparatus for non-interactive information dispersal
US9940195B2 (en) 2010-08-25 2018-04-10 International Business Machines Corporation Encryption of slice partials
DE102010039845A1 (en) * 2010-08-26 2012-03-01 Robert Bosch Gmbh Method for transmitting sensor data
US8762793B2 (en) 2010-08-26 2014-06-24 Cleversafe, Inc. Migrating encoded data slices from a re-provisioned memory device of a dispersed storage network memory
CA2882602A1 (en) 2010-09-20 2012-03-29 Rick L. Orsini Systems and methods for secure data sharing
US9112535B2 (en) 2010-10-06 2015-08-18 Cleversafe, Inc. Data transmission utilizing partitioning and dispersed storage error encoding
US8656138B2 (en) 2010-10-06 2014-02-18 Cleversafe, Inc. Efficiently accessing an encoded data slice utilizing a memory bin
US10970168B2 (en) 2010-10-06 2021-04-06 Pure Storage, Inc. Adjusting dispersed storage error encoding parameters based on path performance
US10298957B2 (en) 2010-10-06 2019-05-21 International Business Machines Corporation Content-based encoding in a multiple routing path communications system
US9571230B2 (en) 2010-10-06 2017-02-14 International Business Machines Corporation Adjusting routing of data within a network path
US9843412B2 (en) 2010-10-06 2017-12-12 International Business Machines Corporation Optimizing routing of data across a communications network
US10805042B2 (en) 2010-11-01 2020-10-13 Pure Storage, Inc. Creating transmission data slices for use in a dispersed storage network
US10082970B2 (en) 2010-11-01 2018-09-25 International Business Machines Corporation Storing an effective dynamic width of encoded data slices
US10289318B2 (en) 2010-11-01 2019-05-14 International Business Machines Corporation Adjusting optimistic writes in a dispersed storage network
US9015499B2 (en) 2010-11-01 2015-04-21 Cleversafe, Inc. Verifying data integrity utilizing dispersed storage
US8707105B2 (en) 2010-11-01 2014-04-22 Cleversafe, Inc. Updating a set of memory devices in a dispersed storage network
US10146645B2 (en) 2010-11-01 2018-12-04 International Business Machines Corporation Multiple memory format storage in a storage network
US10768833B2 (en) 2010-11-01 2020-09-08 Pure Storage, Inc. Object dispersal load balancing
US8627065B2 (en) 2010-11-09 2014-01-07 Cleversafe, Inc. Validating a certificate chain in a dispersed storage network
US9590838B2 (en) 2010-11-09 2017-03-07 International Business Machines Corporation Transferring data of a dispersed storage network
US9336139B2 (en) 2010-11-29 2016-05-10 Cleversafe, Inc. Selecting a memory for storage of an encoded data slice in a dispersed storage network
US11789631B2 (en) 2010-11-29 2023-10-17 Pure Storage, Inc. Utilizing metadata storage trees in a vast storage network
US11307930B1 (en) 2010-11-29 2022-04-19 Pure Storage, Inc. Optimized selection of participants in distributed data rebuild/verification
US9454431B2 (en) 2010-11-29 2016-09-27 International Business Machines Corporation Memory selection for slice storage in a dispersed storage network
US10802763B2 (en) 2010-11-29 2020-10-13 Pure Storage, Inc. Remote storage verification
US10922179B2 (en) 2010-11-29 2021-02-16 Pure Storage, Inc. Post rebuild verification
US11582299B2 (en) 2016-01-26 2023-02-14 Pure Storage, Inc. Allocating cache memory in a dispersed storage network
US10372350B2 (en) 2010-11-29 2019-08-06 Pure Storage, Inc. Shared ownership of namespace ranges
US9589254B2 (en) 2010-12-08 2017-03-07 Microsoft Technology Licensing, Llc Using e-mail message characteristics for prioritization
IL210169A0 (en) * 2010-12-22 2011-03-31 Yehuda Binder System and method for routing-based internet security
US8832493B2 (en) 2010-12-22 2014-09-09 Cleversafe, Inc. Storing directory metadata in a dispersed storage network
EP2793130B1 (en) 2010-12-27 2015-12-23 Amplidata NV Apparatus for storage or retrieval of a data object on a storage medium, which is unreliable
US8897443B2 (en) 2010-12-27 2014-11-25 Cleversafe, Inc. Watermarking slices stored in a dispersed storage network
US9081715B2 (en) 2011-02-01 2015-07-14 Cleversafe, Inc. Utilizing a dispersed storage network access token module to retrieve data from a dispersed storage network memory
US8688949B2 (en) 2011-02-01 2014-04-01 Cleversafe, Inc. Modifying data storage in response to detection of a memory system imbalance
US20120226855A1 (en) 2011-03-02 2012-09-06 Cleversafe, Inc. Sharing a directory of a dispersed storage network
US10102063B2 (en) 2011-03-02 2018-10-16 International Business Machines Corporation Transferring data utilizing a transfer token module
US10298684B2 (en) 2011-04-01 2019-05-21 International Business Machines Corporation Adaptive replication of dispersed data to improve data access performance
US8880978B2 (en) 2011-04-01 2014-11-04 Cleversafe, Inc. Utilizing a local area network memory and a dispersed storage network memory to access data
US11418580B2 (en) 2011-04-01 2022-08-16 Pure Storage, Inc. Selective generation of secure signatures in a distributed storage network
US8627091B2 (en) 2011-04-01 2014-01-07 Cleversafe, Inc. Generating a secure signature utilizing a plurality of key shares
US9298550B2 (en) 2011-05-09 2016-03-29 Cleversafe, Inc. Assigning a dispersed storage network address range in a maintenance free storage container
US20170192684A1 (en) 2011-05-09 2017-07-06 International Business Machines Corporation Auditing a transaction in a dispersed storage network
US9141458B2 (en) 2011-05-09 2015-09-22 Cleversafe, Inc. Adjusting a data storage address mapping in a maintenance free storage container
US9219604B2 (en) 2011-05-09 2015-12-22 Cleversafe, Inc. Generating an encrypted message for storage
US10452836B2 (en) 2011-05-09 2019-10-22 Pure Storage, Inc. Retrieving a hypertext markup language file from a dispersed storage network memory
US10042709B2 (en) 2011-06-06 2018-08-07 International Business Machines Corporation Rebuild prioritization during a plurality of concurrent data object write operations
US8756480B2 (en) 2011-06-06 2014-06-17 Cleversafe, Inc. Prioritized deleting of slices stored in a dispersed storage network
US10061650B2 (en) 2011-06-06 2018-08-28 International Business Machines Corporation Priority based rebuilding
US8656253B2 (en) 2011-06-06 2014-02-18 Cleversafe, Inc. Storing portions of data in a dispersed storage network
US10949301B2 (en) * 2011-06-06 2021-03-16 Pure Storage, Inc. Pre-positioning pre-stored content in a content distribution system
US8924770B2 (en) 2011-07-06 2014-12-30 Cleversafe, Inc. Rebuilding a data slice of a maintenance free storage container
US20130013798A1 (en) 2011-07-06 2013-01-10 Cleversafe, Inc. Distribution of multi-media content to a user device
US10678619B2 (en) 2011-07-27 2020-06-09 Pure Storage, Inc. Unified logs and device statistics
US11016702B2 (en) 2011-07-27 2021-05-25 Pure Storage, Inc. Hierarchical event tree
US9135098B2 (en) 2011-07-27 2015-09-15 Cleversafe, Inc. Modifying dispersed storage network event records
US9092385B2 (en) 2011-08-17 2015-07-28 Cleversafe, Inc. Facilitating access of a dispersed storage network
US9971802B2 (en) 2011-08-17 2018-05-15 International Business Machines Corporation Audit record transformation in a dispersed storage network
US10120756B2 (en) 2011-08-17 2018-11-06 International Business Machines Corporation Audit object generation in a dispersed storage network
US10454678B2 (en) 2011-08-17 2019-10-22 Pure Storage, Inc. Accesor-based audit trails
US8930649B2 (en) 2011-09-06 2015-01-06 Cleversafe, Inc. Concurrent coding of data streams
US11907060B2 (en) 2011-09-06 2024-02-20 Pure Storage, Inc. Coding of data streams in a vast storage network
US20190179696A1 (en) 2011-09-06 2019-06-13 International Business Machines Corporation Demultiplexing decoded data streams in a distributed storage network
US10235237B2 (en) 2011-09-06 2019-03-19 Intertnational Business Machines Corporation Decoding data streams in a distributed storage network
US8677214B2 (en) 2011-10-04 2014-03-18 Cleversafe, Inc. Encoding data utilizing a zero information gain function
US8555130B2 (en) 2011-10-04 2013-10-08 Cleversafe, Inc. Storing encoded data slices in a dispersed storage unit
US8776186B2 (en) 2011-10-04 2014-07-08 Cleversafe, Inc. Obtaining a signed certificate for a dispersed storage network
US9304843B2 (en) 2011-11-01 2016-04-05 Cleversafe, Inc. Highly secure method for accessing a dispersed storage network
US10365969B2 (en) 2011-11-01 2019-07-30 International Business Machines Corporation Multiple wireless communication systems stream slices based on geography
US11329830B1 (en) 2011-11-01 2022-05-10 Pure Storage, Inc. Dispersed credentials
US10496500B2 (en) 2011-11-01 2019-12-03 Pure Storage, Inc. Preemptively reading extra encoded data slices
US10437678B2 (en) 2011-11-01 2019-10-08 Pure Storage, Inc. Updating an encoded data slice
US9798616B2 (en) 2011-11-01 2017-10-24 International Business Machines Corporation Wireless sending a set of encoded data slices
US8627066B2 (en) 2011-11-03 2014-01-07 Cleversafe, Inc. Processing a dispersed storage network access request utilizing certificate chain validation information
US11474958B1 (en) 2011-11-28 2022-10-18 Pure Storage, Inc. Generating and queuing system messages with priorities in a storage network
US10387071B2 (en) 2011-11-28 2019-08-20 Pure Storage, Inc. On-the-fly cancellation of unnecessary read requests
US9203625B2 (en) 2011-11-28 2015-12-01 Cleversafe, Inc. Transferring encoded data slices in a distributed storage network
US10558592B2 (en) 2011-11-28 2020-02-11 Pure Storage, Inc. Priority level adaptation in a dispersed storage network
US10318445B2 (en) 2011-11-28 2019-06-11 International Business Machines Corporation Priority level adaptation in a dispersed storage network
US10977194B2 (en) 2011-11-28 2021-04-13 Pure Storage, Inc. Securely storing random keys in a dispersed storage network
US10055283B2 (en) 2011-11-28 2018-08-21 International Business Machines Corporation Securely distributing random keys in a dispersed storage network
US8848906B2 (en) 2011-11-28 2014-09-30 Cleversafe, Inc. Encrypting data for storage in a dispersed storage network
US9009567B2 (en) 2011-12-12 2015-04-14 Cleversafe, Inc. Encrypting distributed computing data
US20180083930A1 (en) 2011-12-12 2018-03-22 International Business Machines Corporation Reads for dispersed computation jobs
US10104168B2 (en) 2011-12-12 2018-10-16 International Business Machines Corporation Method for managing throughput in a distributed storage network
US9430286B2 (en) 2011-12-12 2016-08-30 International Business Machines Corporation Authorizing distributed task processing in a distributed storage network
US9674155B2 (en) 2011-12-12 2017-06-06 International Business Machines Corporation Encrypting segmented data in a distributed computing system
US10360106B2 (en) 2011-12-12 2019-07-23 International Business Machines Corporation Throttled real-time writes
US20130238900A1 (en) 2011-12-12 2013-09-12 Cleversafe, Inc. Dispersed storage network secure hierarchical file directory
US10348640B2 (en) 2011-12-12 2019-07-09 International Business Machines Corporation Partial task execution in a dispersed storage network
US10666596B2 (en) 2011-12-12 2020-05-26 Pure Storage, Inc. Messaging via a shared memory of a distributed computing system
US10146621B2 (en) 2011-12-12 2018-12-04 International Business Machines Corporation Chaining computes in a distributed computing system
US10346218B2 (en) 2011-12-12 2019-07-09 International Business Machines Corporation Partial task allocation in a dispersed storage network
US9584359B2 (en) 2011-12-12 2017-02-28 International Business Machines Corporation Distributed storage and computing of interim data
WO2013089977A1 (en) * 2011-12-12 2013-06-20 Motorola Solutions, Inc. Communicating large presence documents
US9304858B2 (en) 2011-12-12 2016-04-05 International Business Machines Corporation Analyzing found data in a distributed storage and task network
US9141468B2 (en) 2011-12-12 2015-09-22 Cleversafe, Inc. Managing memory utilization in a distributed storage and task network
US9817701B2 (en) 2011-12-12 2017-11-14 International Business Machines Corporation Threshold computing in a distributed computing system
US10176045B2 (en) 2011-12-12 2019-01-08 International Business Machines Corporation Internet based shared memory in a distributed computing system
US10671585B2 (en) 2012-01-31 2020-06-02 Pure Storage, Inc. Storing indexed data to a dispersed storage network
US9465861B2 (en) * 2012-01-31 2016-10-11 International Business Machines Corporation Retrieving indexed data from a dispersed storage network
US9146810B2 (en) 2012-01-31 2015-09-29 Cleversafe, Inc. Identifying a potentially compromised encoded data slice
US9891995B2 (en) * 2012-01-31 2018-02-13 International Business Machines Corporation Cooperative decentralized rebuild scanning
US9203902B2 (en) 2012-01-31 2015-12-01 Cleversafe, Inc. Securely and reliably storing data in a dispersed storage network
US8990664B2 (en) 2012-01-31 2015-03-24 Cleversafe, Inc. Identifying a potentially compromised encoded data slice
US10157051B2 (en) 2012-03-02 2018-12-18 International Business Machines Corporation Upgrading devices in a dispersed storage network
US11232093B2 (en) 2012-03-02 2022-01-25 Pure Storage, Inc. Slice migration in a dispersed storage network
US9195684B2 (en) 2012-03-02 2015-11-24 Cleversafe, Inc. Redundant task execution in a distributed storage and task network
US10402393B2 (en) 2012-03-02 2019-09-03 Pure Storage, Inc. Slice migration in a dispersed storage network
US9171031B2 (en) 2012-03-02 2015-10-27 Cleversafe, Inc. Merging index nodes of a hierarchical dispersed storage index
US9380032B2 (en) 2012-04-25 2016-06-28 International Business Machines Corporation Encrypting data for storage in a dispersed storage network
US10795766B2 (en) 2012-04-25 2020-10-06 Pure Storage, Inc. Mapping slice groupings in a dispersed storage network
US10621044B2 (en) 2012-04-25 2020-04-14 Pure Storage, Inc. Mapping slice groupings in a dispersed storage network
US10447471B2 (en) 2012-06-05 2019-10-15 Pure Storage, Inc. Systematic secret sharing
US10474395B2 (en) 2012-06-05 2019-11-12 Pure Storage, Inc. Abstracting namespace mapping in a dispersed storage network through multiple hierarchies
US10073638B2 (en) 2012-06-05 2018-09-11 International Business Machines Corporation Automatic namespace ordering determination
US10002047B2 (en) 2012-06-05 2018-06-19 International Business Machines Corporation Read-if-not-revision-equals protocol message
US9613052B2 (en) 2012-06-05 2017-04-04 International Business Machines Corporation Establishing trust within a cloud computing system
WO2013183028A2 (en) * 2012-06-07 2013-12-12 Cell Buddy Network Ltd Mobile hot spot
US10114697B2 (en) 2012-06-25 2018-10-30 International Business Machines Corporation Large object parallel writing
US11093327B1 (en) 2012-06-25 2021-08-17 Pure Storage, Inc. Failure abatement approach for failed storage units common to multiple vaults
US9141297B2 (en) 2012-06-25 2015-09-22 Cleversafe, Inc. Verifying encoded data slice integrity in a dispersed storage network
US10430276B2 (en) 2012-06-25 2019-10-01 Pure Storage, Inc. Optimal orderings of processing unit priorities in a dispersed storage network
US10120574B2 (en) 2012-06-25 2018-11-06 International Business Machines Corporation Reversible data modifications within DS units
US8935761B2 (en) 2012-06-25 2015-01-13 Cleversafe, Inc. Accessing storage nodes in an on-line media storage system
US10157011B2 (en) 2012-06-25 2018-12-18 International Business Machines Corporation Temporary suspension of vault access
US20180336097A1 (en) 2012-06-25 2018-11-22 International Business Machines Corporation Namespace affinity and failover for processing units in a dispersed storage network
US9258177B2 (en) 2012-08-02 2016-02-09 International Business Machines Corporation Storing a data stream in a set of storage devices
US10651975B2 (en) 2012-08-02 2020-05-12 Pure Storage, Inc. Forwarding data amongst cooperative DSTN processing units of a massive data ingestion system
US9176822B2 (en) 2012-08-31 2015-11-03 Cleversafe, Inc. Adjusting dispersed storage error encoding parameters
US11360851B2 (en) 2012-08-31 2022-06-14 Pure Storage, Inc. Duplicating authentication information between connections
US10409678B2 (en) 2012-08-31 2019-09-10 Pure Storage, Inc. Self-optimizing read-ahead
US9875158B2 (en) 2012-08-31 2018-01-23 International Business Machines Corporation Slice storage in a dispersed storage network
US10241863B2 (en) 2012-08-31 2019-03-26 International Business Machines Corporation Slice rebuilding in a dispersed storage network
US10331518B2 (en) 2012-08-31 2019-06-25 International Business Machines Corporation Encoding data in a dispersed storage network
US10409679B2 (en) 2012-08-31 2019-09-10 Pure Storage, Inc. Migrating data slices in a dispersed storage network
US9424326B2 (en) 2012-09-13 2016-08-23 International Business Machines Corporation Writing data avoiding write conflicts in a dispersed storage network
US10417253B2 (en) 2012-09-13 2019-09-17 Pure Storage, Inc. Multi-level data storage in a dispersed storage network
US10331698B2 (en) 2012-09-13 2019-06-25 International Business Machines Corporation Rebuilding data in a dispersed storage network
US10057351B2 (en) 2012-09-13 2018-08-21 International Business Machines Corporation Modifying information dispersal algorithm configurations in a dispersed storage network
US10318549B2 (en) 2012-09-13 2019-06-11 International Business Machines Corporation Batching modifications to nodes in a dispersed index
US10402423B2 (en) 2012-09-13 2019-09-03 Pure Storage, Inc. Sliding windows for batching index updates
US10331519B2 (en) 2012-10-08 2019-06-25 International Business Machines Corporation Application of secret sharing schemes at multiple levels of a dispersed storage network
US9503513B2 (en) 2012-10-08 2016-11-22 International Business Machines Corporation Robust transmission of data utilizing encoded data slices
US10127111B2 (en) 2012-10-08 2018-11-13 International Business Machines Corporation Client provided request prioritization hints
US10606700B2 (en) 2012-10-08 2020-03-31 Pure Storage, Inc. Enhanced dispersed storage error encoding using multiple encoding layers
US9298542B2 (en) 2012-10-30 2016-03-29 Cleversafe, Inc. Recovering data from corrupted encoded data slices
US9936020B2 (en) 2012-10-30 2018-04-03 International Business Machines Corporation Access control of data in a dispersed storage network
US10587691B2 (en) 2012-12-05 2020-03-10 Pure Storage, Inc. Impatient writes
US10558621B2 (en) * 2012-12-05 2020-02-11 Pure Storage, Inc. Lock stealing writes for improved reliability
US9521197B2 (en) 2012-12-05 2016-12-13 International Business Machines Corporation Utilizing data object storage tracking in a dispersed storage network
US9811533B2 (en) 2012-12-05 2017-11-07 International Business Machines Corporation Accessing distributed computing functions in a distributed computing system
US10013203B2 (en) 2013-01-04 2018-07-03 International Business Machines Corporation Achieving storage compliance in a dispersed storage network
US10423491B2 (en) 2013-01-04 2019-09-24 Pure Storage, Inc. Preventing multiple round trips when writing to target widths
US10241866B2 (en) 2013-01-04 2019-03-26 International Business Machines Corporation Allocating rebuilding queue entries in a dispersed storage network
US10204009B2 (en) 2013-01-04 2019-02-12 International Business Machines Corporation Prioritized rebuilds using dispersed indices
US9558067B2 (en) 2013-01-04 2017-01-31 International Business Machines Corporation Mapping storage of data in a dispersed storage network
US10229002B2 (en) 2013-01-04 2019-03-12 International Business Machines Corporation Process to migrate named objects to a dispersed or distributed storage network (DSN)
US9311187B2 (en) 2013-01-04 2016-04-12 Cleversafe, Inc. Achieving storage compliance in a dispersed storage network
US20190250823A1 (en) 2013-01-04 2019-08-15 International Business Machines Corporation Efficient computation of only the required slices
US10402270B2 (en) 2013-01-04 2019-09-03 Pure Storage, Inc. Deterministically determining affinity for a source name range
US10642992B2 (en) 2013-01-04 2020-05-05 Pure Storage, Inc. Password augmented all-or-nothin transform
US11416340B1 (en) 2013-01-04 2022-08-16 Pure Storage, Inc. Storage system with multiple storage types in a vast storage network
CN103916448B (en) * 2013-01-09 2018-05-18 深圳市腾讯计算机系统有限公司 Data transmission method, system and corresponding cloud transmission platform based on cloud transmission platform
US10310763B2 (en) 2013-02-05 2019-06-04 International Business Machines Corporation Forming a distributed storage network memory without namespace aware distributed storage units
US10664360B2 (en) 2013-02-05 2020-05-26 Pure Storage, Inc. Identifying additional resources to accelerate rebuildling
US9043499B2 (en) 2013-02-05 2015-05-26 Cleversafe, Inc. Modifying a dispersed storage network memory data access response plan
US10621021B2 (en) 2013-02-05 2020-04-14 Pure Storage, Inc. Using dispersed data structures to point to slice or date source replicas
US10055441B2 (en) 2013-02-05 2018-08-21 International Business Machines Corporation Updating shared group information in a dispersed storage network
US10268554B2 (en) 2013-02-05 2019-04-23 International Business Machines Corporation Using dispersed computation to change dispersal characteristics
US10430122B2 (en) 2013-02-05 2019-10-01 Pure Storage, Inc. Using partial rebuilding to change information dispersal algorithm (IDA)
CA2900504A1 (en) 2013-02-13 2014-08-21 Security First Corp. Systems and methods for a cryptographic file system layer
US11036392B2 (en) 2013-02-26 2021-06-15 Pure Storage, Inc. Determining when to use convergent encryption
US10642489B2 (en) 2013-02-26 2020-05-05 Pure Storage, Inc. Determining when to initiate an intra-distributed storage unit rebuild vs. an inter-distributed storage unit rebuild
US9274908B2 (en) 2013-02-26 2016-03-01 International Business Machines Corporation Resolving write conflicts in a dispersed storage network
US10075523B2 (en) 2013-04-01 2018-09-11 International Business Machines Corporation Efficient storage of data in a dispersed storage network
US10043017B2 (en) * 2013-04-15 2018-08-07 Paul Lewis Systems and methods for jurisdiction independent data storage in a multi-vendor cloud environment
US10984116B2 (en) 2013-04-15 2021-04-20 Calamu Technologies Corporation Systems and methods for digital currency or crypto currency storage in a multi-vendor cloud environment
US9405926B2 (en) * 2014-06-30 2016-08-02 Paul Lewis Systems and methods for jurisdiction independent data storage in a multi-vendor cloud environment
US9456035B2 (en) 2013-05-03 2016-09-27 International Business Machines Corporation Storing related data in a dispersed storage network
US10223213B2 (en) 2013-05-03 2019-03-05 International Business Machines Corporation Salted zero expansion all or nothing transformation
US9667530B2 (en) * 2013-05-06 2017-05-30 International Business Machines Corporation Privacy preserving query method and system for use in federated coalition networks
US9405609B2 (en) 2013-05-22 2016-08-02 International Business Machines Corporation Storing data in accordance with a performance threshold
US11226860B1 (en) 2013-05-30 2022-01-18 Pure Storage, Inc. Difference based rebuild list scanning
US9424132B2 (en) 2013-05-30 2016-08-23 International Business Machines Corporation Adjusting dispersed storage network traffic due to rebuilding
US9432341B2 (en) 2013-05-30 2016-08-30 International Business Machines Corporation Securing data in a dispersed storage network
US9730271B2 (en) * 2013-06-03 2017-08-08 Avago Technologies General Ip (Singapore) Pte. Ltd. Systems and methods for splitting and recombining communications in multi-network environments
US11221916B2 (en) 2013-07-01 2022-01-11 Pure Storage, Inc. Prioritized data reconstruction in a dispersed storage network
US10133635B2 (en) 2013-07-01 2018-11-20 International Business Machines Corporation Low-width vault in distributed storage system
US9501360B2 (en) 2013-07-01 2016-11-22 International Business Machines Corporation Rebuilding data while reading data in a dispersed storage network
US10169369B2 (en) 2013-07-01 2019-01-01 International Business Machines Corporation Meeting storage requirements with limited storage resources
US9652470B2 (en) 2013-07-01 2017-05-16 International Business Machines Corporation Storing data in a dispersed storage network
US9626125B2 (en) 2013-07-31 2017-04-18 International Business Machines Corporation Accounting for data that needs to be rebuilt or deleted
US10180880B2 (en) 2013-07-31 2019-01-15 International Business Machines Corporation Adaptive rebuilding rates based on sampling and inference
US20180188964A1 (en) 2013-07-31 2018-07-05 International Business Machines Corporation Managed storage unit shutdown in a distributed storage network
US9451025B2 (en) 2013-07-31 2016-09-20 International Business Machines Corporation Distributed storage network with alternative foster storage approaches and methods for use therewith
US10681134B2 (en) 2013-07-31 2020-06-09 Pure Storage, Inc. Accelerated learning in adaptive rebuilding by applying observations to other samples
US9241044B2 (en) 2013-08-28 2016-01-19 Hola Networks, Ltd. System and method for improving internet communication by using intermediate nodes
US9661074B2 (en) 2013-08-29 2017-05-23 International Business Machines Corporations Updating de-duplication tracking data for a dispersed storage network
US10489071B2 (en) 2013-08-29 2019-11-26 Pure Storage, Inc. Vault provisioning within dispersed or distributed storage network (DSN)
US10514857B2 (en) 2013-08-29 2019-12-24 Pure Storage, Inc. Dynamic adjusting of parameters based on resource scoring
US10484474B2 (en) 2013-08-29 2019-11-19 Pure Storage, Inc. Rotating offline DS units
US9998538B2 (en) 2013-08-29 2018-06-12 International Business Machines Corporation Dispersed storage with coordinated execution and methods for use therewith
US10601918B2 (en) 2013-08-29 2020-03-24 Pure Storage, Inc. Rotating inactive storage units in a distributed storage network
US20180039421A1 (en) * 2013-10-03 2018-02-08 International Business Machines Corporation Method for collecting scheduler-relevant information for a task moving through the system
US9857974B2 (en) 2013-10-03 2018-01-02 International Business Machines Corporation Session execution decision
GB2519119A (en) 2013-10-10 2015-04-15 Ibm Linear network coding in a dynamic distributed federated database
US9781208B2 (en) * 2013-11-01 2017-10-03 International Business Machines Corporation Obtaining dispersed storage network system registry information
US10304096B2 (en) 2013-11-01 2019-05-28 International Business Machines Corporation Renting a pipe to a storage system
US10182115B2 (en) 2013-11-01 2019-01-15 International Business Machines Corporation Changing rebuild priority for a class of data
US20150149528A1 (en) * 2013-11-25 2015-05-28 At&T Intellectual Property I, L.P. Methods, Systems and Apparatus to Determine a Distributed Content Share Storage Scheme
US9154471B2 (en) * 2013-11-26 2015-10-06 At&T Intellectual Property I, L.P. Method and apparatus for unified encrypted messaging
US9900316B2 (en) 2013-12-04 2018-02-20 International Business Machines Corporation Accessing storage units of a dispersed storage network
US11340993B2 (en) 2014-01-06 2022-05-24 Pure Storage, Inc. Deferred rebuilding with alternate storage locations
US9594639B2 (en) 2014-01-06 2017-03-14 International Business Machines Corporation Configuring storage resources of a dispersed storage network
US10922181B2 (en) 2014-01-06 2021-02-16 Pure Storage, Inc. Using storage locations greater than an IDA width in a dispersed storage network
US9552261B2 (en) 2014-01-31 2017-01-24 International Business Machines Corporation Recovering data from microslices in a dispersed storage network
US9778987B2 (en) 2014-01-31 2017-10-03 International Business Machines Corporation Writing encoded data slices in a dispersed storage network
US11204836B1 (en) 2014-01-31 2021-12-21 Pure Storage, Inc. Using trap slices for anomaly detection in a distributed storage network
US10318382B2 (en) 2014-01-31 2019-06-11 International Business Machines Corporation Determining missing encoded data slices
US10769016B2 (en) 2014-02-26 2020-09-08 Pure Storage, Inc. Storing a plurality of correlated data in a dispersed storage network
US10678638B2 (en) 2014-02-26 2020-06-09 Pure Storage, Inc. Resolving write conflicts in a dispersed storage network
US9529834B2 (en) 2014-02-26 2016-12-27 International Business Machines Corporation Concatenating data objects for storage in a dispersed storage network
US9665429B2 (en) 2014-02-26 2017-05-30 International Business Machines Corporation Storage of data with verification in a dispersed storage network
US10635312B2 (en) 2014-02-26 2020-04-28 Pure Storage, Inc. Recovering data in a dispersed storage network
US10592109B2 (en) 2014-02-26 2020-03-17 Pure Storage, Inc. Selecting storage resources in a dispersed storage network
US10140182B2 (en) 2014-02-26 2018-11-27 International Business Machines Corporation Modifying allocation of storage resources in a dispersed storage network
US10681138B2 (en) 2014-04-02 2020-06-09 Pure Storage, Inc. Storing and retrieving multi-format content in a distributed storage network
US10020826B2 (en) 2014-04-02 2018-07-10 International Business Machines Corporation Generating molecular encoding information for data storage
US11347590B1 (en) 2014-04-02 2022-05-31 Pure Storage, Inc. Rebuilding data in a distributed storage network
US10015152B2 (en) 2014-04-02 2018-07-03 International Business Machines Corporation Securing data in a dispersed storage network
US10628245B2 (en) 2014-04-02 2020-04-21 Pure Storage, Inc. Monitoring of storage units in a dispersed storage network
US10761917B2 (en) 2014-04-02 2020-09-01 Pure Storage, Inc. Using global namespace addressing in a dispersed storage network
US20150288680A1 (en) 2014-04-02 2015-10-08 Cleversafe, Inc. Distributing registry information in a dispersed storage network
US20190087599A1 (en) 2014-04-02 2019-03-21 International Business Machines Corporation Compressing a slice name listing in a dispersed storage network
US10394476B2 (en) 2014-04-30 2019-08-27 Pure Storage, Inc. Multi-level stage locality selection on a large system
US9735967B2 (en) 2014-04-30 2017-08-15 International Business Machines Corporation Self-validating request message structure and operation
US10802732B2 (en) 2014-04-30 2020-10-13 Pure Storage, Inc. Multi-level stage locality selection on a large system
US10296263B2 (en) 2014-04-30 2019-05-21 International Business Machines Corporation Dispersed bloom filter for determining presence of an object
US9542239B2 (en) 2014-04-30 2017-01-10 International Business Machines Corporation Resolving write request conflicts in a dispersed storage network
US9652621B2 (en) * 2014-05-15 2017-05-16 Michael E. Johnson Electronic transmission security process
US10152601B2 (en) 2014-06-05 2018-12-11 International Business Machines Corporation Reliably recovering stored data in a dispersed storage network
US10140178B2 (en) 2014-06-05 2018-11-27 International Business Machines Corporation Verifying a status level of stored encoded data slices
US10509577B2 (en) 2014-06-05 2019-12-17 Pure Storage, Inc. Reliable storage in a dispersed storage network
US20170164263A1 (en) * 2014-06-13 2017-06-08 Telefonaktiebolaget Lm Ericsson (Publ) Routing And Transmission In Mesh Networks
US11606431B2 (en) 2014-06-30 2023-03-14 Pure Storage, Inc. Maintaining failure independence for storage of a set of encoded data slices
US9690520B2 (en) 2014-06-30 2017-06-27 International Business Machines Corporation Recovering an encoded data slice in a dispersed storage network
US9838478B2 (en) 2014-06-30 2017-12-05 International Business Machines Corporation Identifying a task execution resource of a dispersed storage network
US11398988B1 (en) 2014-06-30 2022-07-26 Pure Storage, Inc. Selection of access resources in a distributed storage network
US11099763B1 (en) 2014-06-30 2021-08-24 Pure Storage, Inc. Migrating generational storage to a decentralized agreement protocol paradigm
US10673946B2 (en) 2014-06-30 2020-06-02 Pure Storage, Inc. Using separate weighting scores for different types of data in a decentralized agreement protocol
US9841925B2 (en) 2014-06-30 2017-12-12 International Business Machines Corporation Adjusting timing of storing data in a dispersed storage network
US10459797B2 (en) 2014-06-30 2019-10-29 Pure Storage, Inc. Making trade-offs between rebuild scanning and failing memory device flexibility
US10440105B2 (en) 2014-06-30 2019-10-08 Pure Storage, Inc. Using a decentralized agreement protocol to rank storage locations for target width
US10042564B2 (en) 2014-06-30 2018-08-07 International Business Machines Corporation Accessing data while migrating storage of the data
US10447612B2 (en) 2014-06-30 2019-10-15 Pure Storage, Inc. Migrating encoded data slices in a dispersed storage network
US10613936B2 (en) 2014-07-31 2020-04-07 Pure Storage, Inc. Fractional slices in a distributed storage system
US10644874B2 (en) 2014-07-31 2020-05-05 Pure Storage, Inc. Limiting brute force attacks against dispersed credentials in a distributed storage system
US11728964B2 (en) 2014-07-31 2023-08-15 Pure Storage, Inc. Performance aided data migration in a distributed storage network
US10089036B2 (en) 2014-07-31 2018-10-02 International Business Machines Corporation Migrating data in a distributed storage network
US10049120B2 (en) 2014-09-05 2018-08-14 International Business Machines Corporation Consistency based access of data in a dispersed storage network
US10176191B2 (en) 2014-09-05 2019-01-08 International Business Machines Corporation Recovering from conflicts that emerge from eventually consistent operations
US10402395B2 (en) 2014-09-05 2019-09-03 Pure Storage, Inc. Facilitating data consistency in a dispersed storage network
US11442921B1 (en) 2014-09-05 2022-09-13 Pure Storage, Inc. Data access in a dispersed storage network with consistency
US10268545B2 (en) 2014-09-08 2019-04-23 International Business Machines Corporation Using reinforcement learning to select a DS processing unit
US10146622B2 (en) 2014-09-08 2018-12-04 International Business Machines Corporation Combining deduplication with locality for efficient and fast storage
US9591076B2 (en) 2014-09-08 2017-03-07 International Business Machines Corporation Maintaining a desired number of storage units
EP3637945B1 (en) * 2014-09-30 2021-07-21 ARRIS Enterprises LLC Technique for establishing a mesh network
US20180101457A1 (en) * 2014-10-29 2018-04-12 International Business Machines Corporation Retrying failed write operations in a dispersed storage network
US9916114B2 (en) * 2014-10-29 2018-03-13 International Business Machines Corporation Deterministically sharing a plurality of processing resources
US10459792B2 (en) * 2014-10-29 2019-10-29 Pure Storage, Inc. Using an eventually consistent dispersed memory to implement storage tiers
US20180113747A1 (en) * 2014-10-29 2018-04-26 International Business Machines Corporation Overdrive mode for distributed storage networks
US10095582B2 (en) * 2014-10-29 2018-10-09 International Business Machines Corporation Partial rebuilding techniques in a dispersed storage unit
US10481833B2 (en) 2014-10-29 2019-11-19 Pure Storage, Inc. Transferring data encoding functions in a distributed storage network
US10223033B2 (en) * 2014-10-29 2019-03-05 International Business Machines Corporation Coordinating arrival times of data slices in a dispersed storage network
US10282135B2 (en) * 2014-10-29 2019-05-07 International Business Machines Corporation Strong consistency write threshold
US20180181332A1 (en) * 2014-10-29 2018-06-28 International Business Machines Corporation Expanding a dispersed storage network memory beyond two locations
WO2016080569A1 (en) * 2014-11-19 2016-05-26 서울대학교산학협력단 File management apparatus for restoring original file from predetermined number or more of file fragments, and file management method therefor
US9733849B2 (en) 2014-11-21 2017-08-15 Security First Corp. Gateway for cloud-based secure storage
US10503592B2 (en) 2014-12-02 2019-12-10 Pure Storage, Inc. Overcoming bottlenecks in partial and traditional rebuild operations
US10521298B2 (en) 2014-12-02 2019-12-31 Pure Storage, Inc. Temporarily storing dropped and rebuilt slices in a DSN memory
US10558527B2 (en) 2014-12-02 2020-02-11 Pure Storage, Inc. Rebuilding strategy in memory managed multi-site duplication
US10402271B2 (en) 2014-12-02 2019-09-03 Pure Storage, Inc. Overcoming bottlenecks in zero information gain (ZIG) rebuild operations
US10481832B2 (en) 2014-12-02 2019-11-19 Pure Storage, Inc. Applying a probability function to avoid storage operations for already-deleted data
US9727275B2 (en) 2014-12-02 2017-08-08 International Business Machines Corporation Coordinating storage of data in dispersed storage networks
US10120739B2 (en) 2014-12-02 2018-11-06 International Business Machines Corporation Prioritized data rebuilding in a dispersed storage network
US10623495B2 (en) 2014-12-31 2020-04-14 Pure Storage, Inc. Keeping synchronized writes from getting out of synch
US10621042B2 (en) 2014-12-31 2020-04-14 Pure Storage, Inc. Vault transformation within a dispersed storage network
US10387252B2 (en) 2014-12-31 2019-08-20 Pure Storage, Inc. Synchronously storing data in a plurality of dispersed storage networks
US10642687B2 (en) 2014-12-31 2020-05-05 Pure Storage, Inc. Pessimistic reads and other smart-read enhancements with synchronized vaults
US10423359B2 (en) 2014-12-31 2019-09-24 Pure Storage, Inc. Linking common attributes among a set of synchronized vaults
US9727427B2 (en) 2014-12-31 2017-08-08 International Business Machines Corporation Synchronizing storage of data copies in a dispersed storage network
US10489247B2 (en) 2014-12-31 2019-11-26 Pure Storage, Inc. Generating time-ordered globally unique revision numbers
US11604707B2 (en) 2014-12-31 2023-03-14 Pure Storage, Inc. Handling failures when synchronizing objects during a write operation
US10656866B2 (en) 2014-12-31 2020-05-19 Pure Storage, Inc. Unidirectional vault synchronization to support tiering
US10452317B2 (en) 2014-12-31 2019-10-22 Pure Storage, Inc. DAP redistribution operation within a dispersed storage network
US10126974B2 (en) 2014-12-31 2018-11-13 International Business Machines Corporation Redistributing encoded data slices in a dispersed storage network
US10423490B2 (en) 2015-01-30 2019-09-24 Pure Storage, Inc. Read-source requests to support bundled writes in a distributed storage system
US10740180B2 (en) 2015-01-30 2020-08-11 Pure Storage, Inc. Storing and retrieving data using proxies
US10511665B2 (en) 2015-01-30 2019-12-17 Pure Storage, Inc. Efficient resource reclamation after deletion of slice from common file
US10440116B2 (en) 2015-01-30 2019-10-08 Pure Storage, Inc. Minimizing data movement through rotation of spare memory devices
US10506045B2 (en) 2015-01-30 2019-12-10 Pure Storage, Inc. Memory access using deterministic function and secure seed
US9826038B2 (en) 2015-01-30 2017-11-21 International Business Machines Corporation Selecting a data storage resource of a dispersed storage network
US10530862B2 (en) 2015-01-30 2020-01-07 Pure Storage, Inc. Determining slices to rebuild from low-level failures
US10169123B2 (en) 2015-01-30 2019-01-01 International Business Machines Corporation Distributed data rebuilding
US10498822B2 (en) 2015-01-30 2019-12-03 Pure Storage, Inc. Adaptive scanning rates
US10802915B2 (en) 2015-01-30 2020-10-13 Pure Storage, Inc. Time based storage of encoded data slices
US9740547B2 (en) 2015-01-30 2017-08-22 International Business Machines Corporation Storing data using a dual path storage approach
US10289342B2 (en) 2015-01-30 2019-05-14 International Business Machines Corporation Data access optimization protocol in a dispersed storage network
US10620878B2 (en) 2015-01-30 2020-04-14 Pure Storage, Inc. Write threshold plus value in dispersed storage network write operations
US10594793B2 (en) 2015-01-30 2020-03-17 Pure Storage, Inc. Read-prepare requests to multiple memories
US10592132B2 (en) 2015-01-30 2020-03-17 Pure Storage, Inc. Read-foreign-slices request for improved read efficiency with bundled writes
US10498823B2 (en) 2015-01-30 2019-12-03 Pure Storage, Inc. Optimally apportioning rebuilding resources
US10437677B2 (en) 2015-02-27 2019-10-08 Pure Storage, Inc. Optimized distributed rebuilding within a dispersed storage network
US10530861B2 (en) 2015-02-27 2020-01-07 Pure Storage, Inc. Utilizing multiple storage pools in a dispersed storage network
US10503591B2 (en) 2015-02-27 2019-12-10 Pure Storage, Inc. Selecting retrieval locations in a dispersed storage network
US11188665B2 (en) 2015-02-27 2021-11-30 Pure Storage, Inc. Using internal sensors to detect adverse interference and take defensive actions
US10528425B2 (en) 2015-02-27 2020-01-07 Pure Storage, Inc. Transitioning to an optimized data storage approach in a dispersed storage network
US10437676B2 (en) 2015-02-27 2019-10-08 Pure Storage, Inc. Urgent reads and using data source health to determine error recovery procedures
US10409772B2 (en) 2015-02-27 2019-09-10 Pure Storage, Inc. Accessing serially stored data in a dispersed storage network
US10534668B2 (en) 2015-02-27 2020-01-14 Pure Storage, Inc. Accessing data in a dispersed storage network
US10404410B2 (en) 2015-02-27 2019-09-03 Pure Storage, Inc. Storage unit (SU) report cards
US10423502B2 (en) 2015-02-27 2019-09-24 Pure Storage, Inc. Stand-by distributed storage units
US10069915B2 (en) 2015-02-27 2018-09-04 International Business Machines Corporation Storing data in a dispersed storage network
US10078472B2 (en) 2015-02-27 2018-09-18 International Business Machines Corporation Rebuilding encoded data slices in a dispersed storage network
US10275185B2 (en) 2015-02-27 2019-04-30 International Business Machines Corporation Fail-in-place supported via decentralized or Distributed Agreement Protocol (DAP)
US10440115B2 (en) 2015-02-27 2019-10-08 Pure Storage, Inc. Write intent messaging in a dispersed storage network
US10387067B2 (en) 2015-02-27 2019-08-20 Pure Storage, Inc. Optimizing data storage in a dispersed storage network
US10657000B2 (en) 2015-02-27 2020-05-19 Pure Storage, Inc. Optimizing data storage in a dispersed storage network
US11836369B1 (en) 2015-02-27 2023-12-05 Pure Storage, Inc. Storing data in an expanded storage pool of a vast storage network
US10579451B2 (en) 2015-02-27 2020-03-03 Pure Storage, Inc. Pro-actively preparing a dispersed storage network memory for higher-loads
US10963180B2 (en) 2015-03-31 2021-03-30 Pure Storage, Inc. Adding incremental storage resources in a dispersed storage network
US11055177B2 (en) 2015-03-31 2021-07-06 Pure Storage, Inc. Correlating operational information with an error condition in a dispersed storage network
US10528282B2 (en) 2015-03-31 2020-01-07 Pure Storage, Inc. Modifying and utilizing a file structure in a dispersed storage network
US10915261B2 (en) 2015-03-31 2021-02-09 Pure Storage, Inc. Selecting a set of storage units in a distributed storage network
US10852957B2 (en) 2015-03-31 2020-12-01 Pure Storage, Inc. Migration agent employing moveslice request
US10534661B2 (en) 2015-03-31 2020-01-14 Pure Storage, Inc. Selecting a storage error abatement alternative in a dispersed storage network
US10331384B2 (en) 2015-03-31 2019-06-25 International Business Machines Corporation Storing data utilizing a maximum accessibility approach in a dispersed storage network
US10387070B2 (en) 2015-03-31 2019-08-20 Pure Storage, Inc. Migrating data in response to adding incremental storage resources in a dispersed storage network
US10713374B2 (en) 2015-03-31 2020-07-14 Pure Storage, Inc. Resolving detected access anomalies in a dispersed storage network
US10437515B2 (en) 2015-03-31 2019-10-08 Pure Storage, Inc. Selecting storage units in a dispersed storage network
US10079887B2 (en) 2015-03-31 2018-09-18 International Business Machines Corporation Expanding storage capacity of a set of storage units in a distributed storage network
US10268376B2 (en) 2015-04-30 2019-04-23 International Business Machines Corporation Automated deployment and assignment of access devices in a dispersed storage network
US10168904B2 (en) 2015-04-30 2019-01-01 International Business Machines Corporation Quasi-error notifications in a dispersed storage network
US10157094B2 (en) 2015-04-30 2018-12-18 International Business Machines Corporation Validating system registry files in a dispersed storage network
US10055170B2 (en) 2015-04-30 2018-08-21 International Business Machines Corporation Scheduling storage unit maintenance tasks in a dispersed storage network
US10067998B2 (en) 2015-04-30 2018-09-04 International Business Machines Corporation Distributed sync list
US10254992B2 (en) 2015-04-30 2019-04-09 International Business Machines Corporation Rebalancing data storage in a dispersed storage network
US10216594B2 (en) 2015-04-30 2019-02-26 International Business Machines Corporation Automated stalled process detection and recovery
US10078561B2 (en) 2015-04-30 2018-09-18 International Business Machines Corporation Handling failing memory devices in a dispersed storage network
US10037171B2 (en) 2015-04-30 2018-07-31 International Business Machines Corporation Accessing common data in a dispersed storage network
US11057446B2 (en) 2015-05-14 2021-07-06 Bright Data Ltd. System and method for streaming content from multiple servers
US10891058B2 (en) 2015-05-29 2021-01-12 Pure Storage, Inc. Encoding slice verification information to support verifiable rebuilding
US11115221B2 (en) 2015-05-29 2021-09-07 Pure Storage, Inc. Verifying a rebuilt encoded data slice using slice verification information
US10789128B2 (en) 2015-05-29 2020-09-29 Pure Storage, Inc. External healing mode for a dispersed storage network memory
US10169125B2 (en) 2015-05-29 2019-01-01 International Business Machines Corporation Re-encoding data in a dispersed storage network
US10838664B2 (en) 2015-05-29 2020-11-17 Pure Storage, Inc. Determining a storage location according to legal requirements
US10613798B2 (en) 2015-05-29 2020-04-07 Pure Storage, Inc. Slice fanout write request
US10523241B2 (en) 2015-05-29 2019-12-31 Pure Storage, Inc. Object fan out write operation
US10409522B2 (en) 2015-05-29 2019-09-10 Pure Storage, Inc. Reclaiming storage capacity in a dispersed storage network
US10430107B2 (en) 2015-05-29 2019-10-01 Pure Storage, Inc. Identifying stored data slices during a slice migration activity in a dispersed storage network
US10324657B2 (en) 2015-05-29 2019-06-18 International Business Machines Corporation Accounting for data whose rebuilding is deferred
US10402122B2 (en) 2015-05-29 2019-09-03 Pure Storage, Inc. Transferring encoded data slices in a dispersed storage network
WO2016206709A1 (en) 2015-06-22 2016-12-29 Telefonaktiebolaget Lm Ericsson (Publ) Path selection in wireless mesh networks
US10055291B2 (en) 2015-06-30 2018-08-21 International Business Machines Corporation Method and system for processing data access requests during data transfers
US11669546B2 (en) 2015-06-30 2023-06-06 Pure Storage, Inc. Synchronizing replicated data in a storage network
US10437671B2 (en) 2015-06-30 2019-10-08 Pure Storage, Inc. Synchronizing replicated stored data
US10127110B2 (en) 2015-07-31 2018-11-13 International Business Machines Corporation Reallocating storage in a dispersed storage network
US11782789B2 (en) 2015-07-31 2023-10-10 Pure Storage, Inc. Encoding data and associated metadata in a storage network
US10466914B2 (en) 2015-08-31 2019-11-05 Pure Storage, Inc. Verifying authorized access in a dispersed storage network
US10073652B2 (en) 2015-09-24 2018-09-11 International Business Machines Corporation Performance optimized storage vaults in a dispersed storage network
US10169147B2 (en) 2015-10-30 2019-01-01 International Business Machines Corporation End-to-end secure data storage in a dispersed storage network
AU2016349197A1 (en) * 2015-11-02 2018-06-21 Dispersive Networks, Inc. Virtual dispersive networking systems and methods
CN105446910B (en) * 2015-11-24 2019-01-25 东软集团股份有限公司 A kind of data transmission method and device
US10409514B2 (en) 2015-11-30 2019-09-10 International Business Machines Corporation IP multicast message transmission for event notifications
US10346246B2 (en) 2015-11-30 2019-07-09 International Business Machines Corporation Recovering data copies in a dispersed storage network
US20170192688A1 (en) 2015-12-30 2017-07-06 International Business Machines Corporation Lazy deletion of vaults in packed slice storage (pss) and zone slice storage (zss)
US10089178B2 (en) 2016-02-29 2018-10-02 International Business Machines Corporation Developing an accurate dispersed storage network memory performance model through training
US10387248B2 (en) 2016-03-29 2019-08-20 International Business Machines Corporation Allocating data for storage by utilizing a location-based hierarchy in a dispersed storage network
US10831381B2 (en) 2016-03-29 2020-11-10 International Business Machines Corporation Hierarchies of credential and access control sharing between DSN memories
US10419538B2 (en) 2016-04-26 2019-09-17 International Business Machines Corporation Selecting memory for data access in a dispersed storage network
US10169082B2 (en) 2016-04-27 2019-01-01 International Business Machines Corporation Accessing data in accordance with an execution deadline
US10007444B2 (en) 2016-04-29 2018-06-26 International Business Machines Corporation Batching access requests in a dispersed storage network
US10628399B2 (en) 2016-04-29 2020-04-21 International Business Machines Corporation Storing data in a dispersed storage network with consistency
US10091298B2 (en) 2016-05-27 2018-10-02 International Business Machines Corporation Enhancing performance of data storage in a dispersed storage network
US10353772B2 (en) 2016-05-31 2019-07-16 International Business Machines Corporation Selecting data for storage in a dispersed storage network
US10122795B2 (en) 2016-05-31 2018-11-06 International Business Machines Corporation Consistency level driven data storage in a dispersed storage network
US10182387B2 (en) * 2016-06-01 2019-01-15 At&T Intellectual Property I, L.P. Method and apparatus for distributing content via diverse networks
US10027755B2 (en) 2016-06-01 2018-07-17 International Business Machines Corporation Selecting storage units in one or more dispersed storage networks
US10394650B2 (en) 2016-06-03 2019-08-27 International Business Machines Corporation Multiple writes using inter-site storage unit relationship
US10719499B2 (en) 2016-06-06 2020-07-21 INTERNATIONAL BUSINESS MACHINES CORPORATIOb Establishing distributed consensus via alternate voting strategies in a dispersed storage network
US10334045B2 (en) 2016-06-06 2019-06-25 International Business Machines Corporation Indicating multiple encoding schemes in a dispersed storage network
US10735545B2 (en) 2016-06-06 2020-08-04 International Business Machines Corporation Routing vault access requests in a dispersed storage network
US10652350B2 (en) 2016-06-06 2020-05-12 International Business Machines Corporation Caching for unique combination reads in a dispersed storage network
FR3052944B1 (en) * 2016-06-15 2019-07-19 Hl2 METHOD FOR SEGMENTING HIGH-PERFORMANCE DATA
FR3052943B1 (en) * 2016-06-15 2018-12-14 Hl2 METHOD FOR RECONSTRUCTING DATA IN LOW-FLOW TRANSMISSION
US10007438B2 (en) 2016-06-25 2018-06-26 International Business Machines Corporation Method and system for achieving consensus using alternate voting strategies (AVS) with incomplete information
US10564852B2 (en) 2016-06-25 2020-02-18 International Business Machines Corporation Method and system for reducing memory device input/output operations
US10235085B2 (en) 2016-06-27 2019-03-19 International Business Machines Corporation Relocating storage unit data in response to detecting hotspots in a dispersed storage network
US11115469B2 (en) 2016-06-28 2021-09-07 International Business Machines Corporation Efficient updates within a dispersed storage network
US10157021B2 (en) 2016-06-29 2018-12-18 International Business Machines Corporation Processing incomplete data access transactions
US10025505B2 (en) 2016-06-29 2018-07-17 International Business Machines Corporation Accessing data in a dispersed storage network during write operations
US10387286B2 (en) 2016-06-30 2019-08-20 International Business Machines Corporation Managing configuration updates in a dispersed storage network
US9934092B2 (en) 2016-07-12 2018-04-03 International Business Machines Corporation Manipulating a distributed agreement protocol to identify a desired set of storage units
US10417094B1 (en) 2016-07-13 2019-09-17 Peer Fusion, Inc. Hyper storage cluster
US10102067B2 (en) 2016-07-14 2018-10-16 International Business Machines Corporation Performing a desired manipulation of an encoded data slice based on a metadata restriction and a storage operational condition
US10114696B2 (en) 2016-07-14 2018-10-30 International Business Machines Corporation Tracking data access in a dispersed storage network
US10534666B2 (en) 2016-07-14 2020-01-14 International Business Machines Corporation Determining storage requirements based on licensing right in a dispersed storage network
US9992063B2 (en) 2016-07-18 2018-06-05 International Business Machines Corporation Utilizing reallocation via a decentralized, or distributed, agreement protocol (DAP) for storage unit (SU) replacement
US10360103B2 (en) 2016-07-18 2019-07-23 International Business Machines Corporation Focused storage pool expansion to prevent a performance degradation
US10769015B2 (en) 2016-07-19 2020-09-08 International Business Machines Corporation Throttling access requests at different layers of a DSN memory
US10277490B2 (en) 2016-07-19 2019-04-30 International Business Machines Corporation Monitoring inter-site bandwidth for rebuilding
US10031809B2 (en) 2016-07-20 2018-07-24 International Business Machines Corporation Efficient method for rebuilding a set of encoded data slices
US10554752B2 (en) 2016-07-20 2020-02-04 International Business Machines Corporation Efficient transfer of encoded data slice sets to new or alternate storage units
US10127112B2 (en) 2016-07-20 2018-11-13 International Business Machines Corporation Assigning prioritized rebuild resources optimally
US10459796B2 (en) 2016-07-20 2019-10-29 International Business Machines Corporation Prioritizing rebuilding based on a longevity estimate of the rebuilt slice
US10379744B2 (en) 2016-07-21 2019-08-13 International Business Machines Corporation System for collecting end-user feedback and usability metrics
US10416930B2 (en) 2016-07-21 2019-09-17 International Business Machines Corporation Global access permit listing
US10459790B2 (en) 2016-07-26 2019-10-29 International Business Machines Corporation Elastic storage in a dispersed storage network
US10395043B2 (en) 2016-07-29 2019-08-27 International Business Machines Corporation Securely storing data in an elastically scalable dispersed storage network
EP3482336A4 (en) * 2016-08-02 2019-12-04 Paul Lewis Jurisdiction independent data storage in a multi-vendor cloud environment
US10031805B2 (en) 2016-08-09 2018-07-24 International Business Machines Corporation Assigning slices to storage locations based on a predicted lifespan
US10223036B2 (en) 2016-08-10 2019-03-05 International Business Machines Corporation Expanding a dispersed storage network (DSN)
US10129023B2 (en) 2016-08-11 2018-11-13 International Business Machines Corporation Enhancing security for multiple storage configurations
US10348829B2 (en) 2016-08-15 2019-07-09 International Business Machines Corporation Auto indexing with customizable metadata
US10013309B2 (en) 2016-08-17 2018-07-03 International Business Machines Corporation Missing slice reconstruction in a dispersed storage network
US10078468B2 (en) 2016-08-18 2018-09-18 International Business Machines Corporation Slice migration in a dispersed storage network
US10379778B2 (en) 2016-08-18 2019-08-13 International Business Machines Corporation Using a master encryption key to sanitize a dispersed storage network memory
US10389683B2 (en) 2016-08-26 2019-08-20 International Business Machines Corporation Securing storage units in a dispersed storage network
US10379773B2 (en) 2016-08-29 2019-08-13 International Business Machines Corporation Storage unit for use in a dispersed storage network
US10581807B2 (en) 2016-08-29 2020-03-03 International Business Machines Corporation Using dispersal techniques to securely store cryptographic resources and respond to attacks
US10061524B2 (en) 2016-09-01 2018-08-28 International Business Machines Corporation Wear-leveling of memory devices
US10169149B2 (en) 2016-09-06 2019-01-01 International Business Machines Corporation Standard and non-standard dispersed storage network data access
US10387079B2 (en) 2016-09-09 2019-08-20 International Business Machines Corporation Placement of dispersed storage data based on requestor properties
US10225271B2 (en) 2016-09-09 2019-03-05 International Business Machines Corporation Distributed storage network with enhanced security monitoring
US10547615B2 (en) 2016-09-12 2020-01-28 International Business Machines Corporation Security response protocol based on security alert encoded data slices of a distributed storage network
US10558396B2 (en) 2016-09-14 2020-02-11 International Business Machines Corporation Pre-caching data according to a current or predicted requester location
US10558389B2 (en) 2016-09-20 2020-02-11 International Business Machines Corporation Per-storage class quality of service (QoS) management within a distributed storage network (DSN) where the DSN stores data using dispersed storage error decoding/encoding
US10067822B2 (en) 2016-09-26 2018-09-04 International Business Machines Corporation Combined slice objects in alternate memory locations
US10305868B2 (en) * 2016-09-30 2019-05-28 Uchicago Argonne, Llc Stream splitting moving target defense
US10997557B2 (en) 2016-10-14 2021-05-04 Slack Technologies, Inc. Method, apparatus, and computer program product for authorizing and authenticating user communication within an enterprise group-based communication platform
US10394630B2 (en) 2016-10-26 2019-08-27 International Business Machines Corporation Estimating relative data importance in a dispersed storage network
US10448062B2 (en) 2016-10-26 2019-10-15 International Business Machines Corporation Pre-fetching media content to reduce peak loads
US10481977B2 (en) 2016-10-27 2019-11-19 International Business Machines Corporation Dispersed storage of error encoded data objects having multiple resolutions
US10585751B2 (en) 2016-10-27 2020-03-10 International Business Machines Corporation Partial rebuild operation within a dispersed storage network including local memory and cloud-based alternative memory
US11169731B2 (en) 2016-10-31 2021-11-09 International Business Machines Corporation Managing storage resources in a dispersed storage network
US10540247B2 (en) 2016-11-10 2020-01-21 International Business Machines Corporation Handling degraded conditions using a redirect module
US10585607B2 (en) 2016-11-10 2020-03-10 International Business Machines Corporation Determining an optimum selection of functions for units in a DSN memory
LU93377B1 (en) * 2016-12-15 2018-07-03 Luxembourg Inst Science & Tech List P2p network data distribution and retrieval using blockchain log
US10114698B2 (en) 2017-01-05 2018-10-30 International Business Machines Corporation Detecting and responding to data loss events in a dispersed storage network
US10782921B2 (en) 2017-01-25 2020-09-22 International Business Machines Corporation Non-writing device finalization of a write operation initiated by another device
US10180787B2 (en) 2017-02-09 2019-01-15 International Business Machines Corporation Dispersed storage write process with lock/persist
US10241865B2 (en) 2017-02-15 2019-03-26 International Business Machines Corporation Handling storage unit failure in a dispersed storage network
US10579309B2 (en) 2017-02-16 2020-03-03 International Business Machines Corporation Method for increasing throughput in a distributed storage network
US10248495B2 (en) 2017-02-17 2019-04-02 International Business Machines Corporation Eventual consistency intent cleanup in a dispersed storage network
US10552341B2 (en) 2017-02-17 2020-02-04 International Business Machines Corporation Zone storage—quickly returning to a state of consistency following an unexpected event
US10382553B2 (en) 2017-02-20 2019-08-13 International Business Machines Corporation Zone storage—resilient and efficient storage transactions
US10394468B2 (en) 2017-02-23 2019-08-27 International Business Machines Corporation Handling data slice revisions in a dispersed storage network
US10241677B2 (en) 2017-02-24 2019-03-26 International Business Machines Corporation Ensuring consistency between content and metadata with intents
US9998147B1 (en) 2017-02-27 2018-06-12 International Business Machines Corporation Method for using write intents in a distributed storage network
US10642532B2 (en) 2017-02-28 2020-05-05 International Business Machines Corporation Storing data sequentially in zones in a dispersed storage network
US10372380B2 (en) 2017-03-01 2019-08-06 International Business Machines Corporation Asserting integrity with a verifiable codec
US10169392B2 (en) 2017-03-08 2019-01-01 International Business Machines Corporation Persistent data structures on a dispersed storage network memory
US11226980B2 (en) 2017-03-13 2022-01-18 International Business Machines Corporation Replicating containers in object storage using intents
US10235241B2 (en) 2017-03-15 2019-03-19 International Business Machines Corporation Method for partial updating data content in a distributed storage network
US10693640B2 (en) 2017-03-17 2020-06-23 International Business Machines Corporation Use of key metadata during write and read operations in a dispersed storage network memory
US10241861B2 (en) 2017-03-23 2019-03-26 International Business Machines Corporation Method for tenant isolation in a distributed computing system
US10542408B2 (en) 2017-03-25 2020-01-21 ARRIS Enterprises, LLC Technique for establishing a mesh network
US10133634B2 (en) 2017-03-30 2018-11-20 International Business Machines Corporation Method for performing in-place disk format changes in a distributed storage network
US10360391B2 (en) 2017-04-03 2019-07-23 International Business Machines Corporation Verifiable keyed all-or-nothing transform
US10379961B2 (en) 2017-04-11 2019-08-13 International Business Machines Corporation Ensuring metadata and index consistency using write intents
US10545699B2 (en) 2017-04-11 2020-01-28 International Business Machines Corporation Dynamic retention policies and optional deletes
US10567509B2 (en) 2017-05-15 2020-02-18 International Business Machines Corporation Rebuilding derived content
US10491386B2 (en) 2017-06-01 2019-11-26 International Business Machines Corporation Slice-level keyed encryption with support for efficient rekeying
US10339003B2 (en) 2017-06-01 2019-07-02 International Business Machines Corporation Processing data access transactions in a dispersed storage network using source revision indicators
US10467097B2 (en) 2017-06-02 2019-11-05 International Business Machines Corporation Indicating data health in a DSN memory
US10372381B2 (en) 2017-06-05 2019-08-06 International Business Machines Corporation Implicit leader election in a distributed storage network
US10361813B2 (en) 2017-06-16 2019-07-23 International Business Machine Corporation Using slice routers for improved storage placement determination
US10534548B2 (en) 2017-06-20 2020-01-14 International Business Machines Corporation Validating restricted operations on a client using trusted environments
US10324855B2 (en) 2017-06-23 2019-06-18 International Business Machines Corporation Associating a processing thread and memory section to a memory device
US10594790B2 (en) 2017-06-28 2020-03-17 International Business Machines Corporation Data compression in a dispersed storage network
US10540111B2 (en) 2017-06-28 2020-01-21 International Business Machines Corporation Managing data container instances in a dispersed storage network
US10541825B2 (en) 2017-07-20 2020-01-21 Slack Technologies, Inc. Method, apparatus and computer program product for generating externally shared communication channels
US11341093B2 (en) 2017-07-20 2022-05-24 Slack Technologies, Llc Method, apparatus and computer program product for generating externally shared communication channels
US10402371B2 (en) 2017-07-20 2019-09-03 Slack Technologies, Inc. Method, apparatus and computer program product for generating externally shared communication channels
US10599502B2 (en) 2017-08-07 2020-03-24 International Business Machines Corporation Fault detection and recovery in a distributed storage network
US10509699B2 (en) 2017-08-07 2019-12-17 International Business Machines Corporation Zone aware request scheduling and data placement
US10671746B2 (en) 2017-08-28 2020-06-02 International Business Machines Corporation Controlling access when processing intents in a dispersed storage network
US10379942B2 (en) 2017-09-27 2019-08-13 International Business Machines Corporation Efficient transfer of objects between containers on the same vault
US10409661B2 (en) 2017-09-29 2019-09-10 International Business Machines Corporation Slice metadata for optimized dispersed storage network memory storage strategies
US10802713B2 (en) 2017-09-29 2020-10-13 International Business Machines Corporation Requester-associated storage entity data
US10585748B2 (en) 2017-09-29 2020-03-10 International Business Machines Corporation Scalable cloud—assigning scores to requesters and treating requests differently based on those scores
US10540120B2 (en) 2017-11-14 2020-01-21 International Business Machines Corporation Contention avoidance on associative commutative updates
RU2671989C1 (en) * 2017-11-27 2018-11-08 Акционерное общество "Калужский научно-исследовательский институт телемеханических устройств" Method of transmission of multilateral messages by the concatenated code in the communication complexes
US10565392B2 (en) 2017-11-28 2020-02-18 International Business Machines Corporation Secure and verifiable update operations
US10423497B2 (en) 2017-11-28 2019-09-24 International Business Machines Corporation Mechanism for representing system configuration changes as a series of objects writable to an object storage container
US10785194B2 (en) 2017-12-07 2020-09-22 International Business Machines Corporation Processing intents using trusted entities in a dispersed storage network
US10681135B2 (en) 2017-12-08 2020-06-09 International Business Machines Corporation Generating slices from a broadcast message and a recipient identity
US10949303B2 (en) 2017-12-11 2021-03-16 Fungible, Inc. Durable block storage in data center access nodes with inline erasure coding
LU100580B1 (en) * 2017-12-18 2019-06-28 Luxembourg Inst Science & Tech List Profiling proxy
US11412041B2 (en) 2018-06-25 2022-08-09 International Business Machines Corporation Automatic intervention of global coordinator
EP3831021A1 (en) 2018-07-27 2021-06-09 Gotenna Inc. VINEtm ZERO-CONTROL ROUTING USING DATA PACKET INSPECTION FOR WIRELESS MESH NETWORKS
US10637785B2 (en) 2018-08-16 2020-04-28 Uchicago Argonne, Llc Software defined networking multiple operating system rotational environment
JP6534478B1 (en) * 2018-08-16 2019-06-26 行徳紙工株式会社 File sharing system and method
WO2020086850A2 (en) * 2018-10-24 2020-04-30 Fungible, Inc. Flexible reliability coding for storage on a network
US10761931B2 (en) 2018-10-24 2020-09-01 Fungible, Inc. Inline reliability coding for storage on a network
US10990478B2 (en) 2019-02-01 2021-04-27 Fungible, Inc. Flexible reliability coding for storage on a network
US11017108B2 (en) 2018-10-30 2021-05-25 International Business Machines Corporation Storage unification with security management
US10936452B2 (en) 2018-11-14 2021-03-02 International Business Machines Corporation Dispersed storage network failover units used to improve local reliability
JP7190336B2 (en) * 2018-11-15 2022-12-15 富士通株式会社 Communication device, communication method, and communication program
US10346378B1 (en) * 2018-11-30 2019-07-09 Slack Technologies, Inc. Data storage architecture for an enterprise communication system
RU2710911C1 (en) * 2019-03-04 2020-01-14 Акционерное общество "Калужский научно-исследовательский институт телемеханических устройств" Method of transmitting multi-unit messages in telecode communication systems
US11151265B2 (en) * 2019-04-29 2021-10-19 International Business Machines Corporation Secure data storage based on obfuscation by distribution
US11876833B2 (en) 2019-08-15 2024-01-16 Uchicago Argonne, Llc Software defined networking moving target defense honeypot
US11593026B2 (en) 2020-03-06 2023-02-28 International Business Machines Corporation Zone storage optimization using predictive protocol patterns
LU101681B1 (en) * 2020-03-16 2021-09-16 Microsoft Technology Licensing Llc Maintenance mode for storage nodes
US11630729B2 (en) 2020-04-27 2023-04-18 Fungible, Inc. Reliability coding with reduced network traffic
RU2755055C1 (en) * 2020-10-13 2021-09-13 Акционерное общество "Калужский научно-исследовательский институт телемеханических устройств" Method for transmitting multiblock messages by cascade code [rs (32, 16, 17), bch (31, 16, 7)]
US20230067574A1 (en) * 2021-09-01 2023-03-02 International Business Machines Corporation Contextually irrelevant file segmentation

Family Cites Families (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4802220A (en) * 1985-03-20 1989-01-31 American Telephone And Telegraph Company, At&T Bell Laboratories Method and apparatus for multi-channel communication security
US4914657A (en) * 1987-04-15 1990-04-03 Allied-Signal Inc. Operations controller for a fault tolerant multiple node processing system
US4908828A (en) * 1987-12-29 1990-03-13 Indesys, Inc. Method for error free message reception
JPH03216751A (en) * 1990-01-05 1991-09-24 Internatl Business Mach Corp <Ibm> Method of transferring file
US5668880A (en) * 1991-07-08 1997-09-16 Alajajian; Philip Michael Inter-vehicle personal data communications device
US5987639A (en) * 1992-01-21 1999-11-16 Nokia Mobile Phones Ltd. Data decoding logic in a mobile phone
FR2686755A1 (en) * 1992-01-28 1993-07-30 Electricite De France METHOD FOR ENCRYPTING MESSAGES TRANSMITTED BETWEEN INTERCONNECTED NETWORKS, ENCRYPTION APPARATUS AND DEVICE FOR COMMUNICATING ENCRYPTED DATA USING SUCH A METHOD.
US5412654A (en) * 1994-01-10 1995-05-02 International Business Machines Corporation Highly dynamic destination-sequenced destination vector routing for mobile computers
AU1680395A (en) * 1994-01-13 1995-08-01 Bankers Trust Company Cryptographic system and method with key escrow feature
US5742905A (en) * 1994-09-19 1998-04-21 Bell Communications Research, Inc. Personal communications internetworking
US5623595A (en) * 1994-09-26 1997-04-22 Oracle Corporation Method and apparatus for transparent, real time reconstruction of corrupted data in a redundant array data storage system
US5553145A (en) * 1995-03-21 1996-09-03 Micali; Silvia Simultaneous electronic transactions with visible trusted parties
US5610904A (en) * 1995-03-28 1997-03-11 Lucent Technologies Inc. Packet-based telecommunications network
US5864654A (en) * 1995-03-31 1999-01-26 Nec Electronics, Inc. Systems and methods for fault tolerant information processing
DE19515681A1 (en) * 1995-04-28 1996-10-31 Sel Alcatel Ag Method, system and subscriber device for tamper-proof separation of message streams
US5699503A (en) * 1995-05-09 1997-12-16 Microsoft Corporation Method and system for providing fault tolerance to a continuous media server system
US5995559A (en) * 1995-08-31 1999-11-30 Telefonaktiebolaget Lm Ericsson Methods for improved communication using repeated words
JPH0981471A (en) * 1995-09-11 1997-03-28 Toshiba Corp Continuous data server device and control instruction transmitting method
US5757924A (en) * 1995-09-18 1998-05-26 Digital Secured Networks Techolognies, Inc. Network security device which performs MAC address translation without affecting the IP address
CN1108702C (en) * 1995-11-07 2003-05-14 摩托罗拉公司 Improved message processing in two-way data deivces
FI102936B (en) * 1996-03-04 1999-03-15 Nokia Telecommunications Oy Improving security of packet transmission in a mobile communication system
US5968197A (en) * 1996-04-01 1999-10-19 Ericsson Inc. Method and apparatus for data recovery
US6137792A (en) * 1996-06-14 2000-10-24 International Discount Telecommunications Corp. Method and apparatus for enabling transmission of data packets over a bypass circuit-switched public telephone connection
US6067620A (en) * 1996-07-30 2000-05-23 Holden; James M. Stand alone security device for computer networks
US5872847A (en) * 1996-07-30 1999-02-16 Itt Industries, Inc. Using trusted associations to establish trust in a computer network
CA2261947C (en) * 1996-08-07 2008-11-18 Silvio Micali Simultaneous electronic transactions with visible trusted parties
US5987011A (en) * 1996-08-30 1999-11-16 Chai-Keong Toh Routing method for Ad-Hoc mobile networks
JP3651721B2 (en) * 1996-11-01 2005-05-25 株式会社東芝 Mobile computer device, packet processing device, and communication control method
US6085178A (en) * 1997-03-21 2000-07-04 International Business Machines Corporation Apparatus and method for communicating between an intelligent agent and client computer process using disguised messages
US5914971A (en) * 1997-04-22 1999-06-22 Square D Company Data error detector for bit, byte or word oriented networks
US5982893A (en) * 1997-06-04 1999-11-09 Simple Access Partners, Llc. System and method for processing transaction messages
US6044486A (en) * 1997-09-11 2000-03-28 Uniden America Corporation Method and device for majority vote optimization over wireless communication channels
US6044487A (en) * 1997-12-16 2000-03-28 International Business Machines Corporation Majority voting scheme for hard error sites
US5883581A (en) * 1997-12-22 1999-03-16 Motorola, Inc. Time diversity radio system using transparent address vector and message repeats
US6052812A (en) * 1998-01-07 2000-04-18 Pocketscience, Inc. Messaging communication protocol
FI108827B (en) * 1998-01-08 2002-03-28 Nokia Corp A method for implementing connection security in a wireless network
US6148082A (en) * 1998-01-14 2000-11-14 Skystream Corporation Scrambling and descrambling control word control in a remultiplexer for video bearing transport streams
US6122743A (en) * 1998-03-31 2000-09-19 Siemens Information And Communication Networks, Inc. System for providing enhanced security for transactions transmitted through a distributed network
US6130881A (en) * 1998-04-20 2000-10-10 Sarnoff Corporation Traffic routing in small wireless data networks
US6154839A (en) * 1998-04-23 2000-11-28 Vpnet Technologies, Inc. Translating packet addresses based upon a user identifier
US6175752B1 (en) * 1998-04-30 2001-01-16 Therasense, Inc. Analyte monitoring device and methods of use
US6138235A (en) * 1998-06-29 2000-10-24 Sun Microsystems, Inc. Controlling access to services between modular applications
US7010604B1 (en) * 1998-10-30 2006-03-07 Science Applications International Corporation Agile network protocol for secure communications with assured system availability
US7600131B1 (en) * 1999-07-08 2009-10-06 Broadcom Corporation Distributed processing in a cryptography acceleration chip
US6687833B1 (en) * 1999-09-24 2004-02-03 Networks Associates, Inc. System and method for providing a network host decoy using a pseudo network protocol stack implementation
US6880090B1 (en) * 2000-04-17 2005-04-12 Charles Byron Alexander Shawcross Method and system for protection of internet sites against denial of service attacks through use of an IP multicast address hopping technique

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9298937B2 (en) 1999-09-20 2016-03-29 Security First Corp. Secure data parser method and system
US9294444B2 (en) 2004-10-25 2016-03-22 Security First Corp. Systems and methods for cryptographically splitting and storing data
US9294445B2 (en) 2004-10-25 2016-03-22 Security First Corp. Secure data parser method and system
US9516002B2 (en) 2009-11-25 2016-12-06 Security First Corp. Systems and methods for securing data in motion
US9213857B2 (en) 2010-03-31 2015-12-15 Security First Corp. Systems and methods for securing data in motion
US9443097B2 (en) 2010-03-31 2016-09-13 Security First Corp. Systems and methods for securing data in motion
US9589148B2 (en) 2010-03-31 2017-03-07 Security First Corp. Systems and methods for securing data in motion
US9411524B2 (en) 2010-05-28 2016-08-09 Security First Corp. Accelerator system for use with secure data storage

Also Published As

Publication number Publication date
WO2002065292A3 (en) 2002-10-31
AU2002253827A1 (en) 2002-08-28
WO2002052787A2 (en) 2002-07-04
WO2002062032A2 (en) 2002-08-08
US20020120874A1 (en) 2002-08-29
US20020080888A1 (en) 2002-06-27
AU2002248234A1 (en) 2002-08-12
AU2002241697A1 (en) 2002-07-08
WO2002052787A3 (en) 2003-02-27
WO2002062032A3 (en) 2003-07-10
US20030084020A1 (en) 2003-05-01
WO2002065292A2 (en) 2002-08-22

Similar Documents

Publication Publication Date Title
US20020120874A1 (en) Method and system for secure exchange of messages
US7171493B2 (en) Camouflage of network traffic to resist attack
Papadimitratos et al. Secure data transmission in mobile ad hoc networks
Papadimitratos et al. Secure message transmission in mobile ad hoc networks
Proano et al. Packet-hiding methods for preventing selective jamming attacks
JP5392102B2 (en) Apparatus and method for reducing overhead in a wireless network
Wright et al. Low-latency cryptographic protection for SCADA communications
EP1842331B1 (en) Method of authenticating multicast messages
US8023513B2 (en) System and method for reducing overhead in a wireless network
JP2007140566A (en) Efficient packet encryption method
Talooki et al. Security concerns and countermeasures in network coding based communication systems: A survey
Raoof et al. Introducing network coding to RPL: The chained secure mode (CSM)
Lima et al. Network coding security: Attacks and countermeasures
Refaey et al. Multilayer authentication for communication systems based on physical-layer attributes
CN114025346A (en) Safe and effective data transmission method for data between mobile self-set networks
Ahmad et al. Study of a new physical layer encryption concept
McGrew et al. Attacks on additive encryption of redundant plaintext and implications on internet security
Zhang et al. Adaptive link layer security architecture for telecommand communications in space networks
Burmester et al. Secure communications in ad hoc networks
Alawadhi et al. A joint scheme for secure and reliable communication in wireless sensor networks
Goutham et al. SelGOR in Wireless Sensor Networks for IoT against Daniel of Service (DoS) attacks
Doomun et al. Modified Temporal Key Integrity Protocol for Efficient Wireless Network Security
Perera Defenses Against Network Coding Pollution Attacks in Wireless Mesh Networks
Lee et al. Lightweight packet authentication in IEEE 802.11
Lv et al. Error-and loss-tolerant bundle fragment authentication for space DTNs

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
COP Corrected version of pamphlet

Free format text: PAGES 1/9-9/9, DRAWINGS, REPLACED BY NEW PAGES 1/11-11/11; DUE TO LATE TRANSMITTAL BY THE RECEIVINGOFFICE

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP