专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2009023307A3 METHOD AND APPARATUS FOR TAMPER-PROOF WRITE-ONCE-READ-MANY COMPUTER STORAGE 审中-公开
标题翻译：用于防篡改写入一般多计算机存储的方法和装置
公开(公告)号：WO2009023307A3
公开(公告)日：2009-08-27
申请号：PCT/US2008062664
申请日：2008-05-05
申请人： UNIV NEW YORK STATE RES FOUND , SION RADU
发明人： SION RADU
IPC分类号： G06F21/00 , G06F11/30 , G06F15/16 , G06F17/00
CPC分类号： G06F17/30085 , G06F17/30188 , G06F21/64 , G06F21/725
摘要： Disclosed is a method for storing digital information for storage in an adversarial setting in which trusted hardware enforces digital information compliance with data storage mandates. Secure storage overhead is minimized by identifying sparsely accessing the trusted hardware based on data retention cycles. Data retention assurances are provided for information stored by a Write-Once Read-Many (WORM) storage system.
摘要翻译：公开了一种用于将数字信息存储在对手设置中的方法，其中可信硬件强制符合数据存储要求的数字信息。通过基于数据保留周期识别稀疏访问受信任的硬件来最小化安全存储开销。数据保留保证是为一次写入读取（WORM）存储系统存储的信息提供的。

2. 发明申请

WO2010090633A3 DATABASE OUTSOURCING WITH ACCESS PRIVACY 审中-公开
标题翻译：数据库外包与访问隐私
公开(公告)号：WO2010090633A3
公开(公告)日：2010-10-14
申请号：PCT/US2009006639
申请日：2009-12-18
申请人： UNIV NEW YORK , SHASHA DENNIS , WILLIAMS PETER , SION RADU
发明人： SHASHA DENNIS , WILLIAMS PETER , SION RADU
IPC分类号： G06F15/16 , G06F17/30 , G06F17/40
CPC分类号： H04L63/0435 , G06F11/1004 , G06F21/54 , G06F21/602 , G06F21/606 , G06F21/6263 , G06F2221/2101 , G06F2221/2151
摘要： This invention introduces a new paradigm for outsourcing the transaction processing backend of a multi-client database application to an untrusted service provider. Specifically, the invention enables untrusted service providers to support transaction serialization, backup and recovery for clients, with full data confidentiality and correctness. Moreover, providers learn nothing about transactions (except their size and timing), thus achieving read and write access pattern privacy. This creates a novel class of secure database outsourcing models. A storage system. The system includes a network includes a server having a server memory, a server processor and a server network interface in communication with the network. The system includes a plurality of clients. Each client has a client memory in which data is stored, a client processing unit and a client network interface in communication with the server through the network. Each of the clients has an encryption portion that enables each of the clients to securely communicate and understand data with all other clients. The server memory is shared by the clients through the network to store copies of encrypted data in the server memory from the clients. The server is unable to decrypt the encrypted data stored in the server memory. The server has a timing mechanism to ensure data that is shared is a desired copy. A client of a storage system. A server of a storage system. A method for storing data. A method of a client of a storage system. A method of a server of a storage system. A storage system includes a network. The system includes a server having a server network interface in communication with the network, a server processing unit and a server memory for storing data. The system includes a first client and at least a second client. Each client having a client processing unit, a client memory, encryption portion and a client network interface in communication with the network. When the first client desires to perform a deterministic transaction T1 to the server memory and desires to perform a non-deterministic transaction T2 having core modifications M2 to the server database, the first client sends from its client network interface to the server an encrypted executable description of T1, as encrypted by the encryption portion of the first client, and an encrypted executable description of M2 as encrypted by the encryption portion of the first client. The server network interface sends information about an ordered sequence of transactions X including both deterministic and non-deterministic transactions to the second client. The client processing unit of the second client executes transactions X in the order they were sent to the server from the first client. A computer readable medium storing a computer program which when executed by at least one client processing unit of a client of a storage system communicates with a server. A computer readable medium storing a computer program which when executed by at least one server processing unit of a server of a storage system communicates with a client.
摘要翻译：本发明引入了将多客户端数据库应用的事务处理后端外包给不可信服务提供商的新范例。具体来说，本发明使得不信任的服务提供商能够以完整的数据机密性和正确性支持客户端的事务序列化，备份和恢复。此外，提供商对事务（尺寸和时间除外）也没有学习，从而实现读写访问模式隐私。这创建了一类新颖的安全数据库外包模型。存储系统。该系统包括具有服务器存储器的服务器，服务器处理器和与网络通信的服务器网络接口的网络。该系统包括多个客户端。每个客户端具有存储数据的客户端存储器，通过网络与服务器通信的客户端处理单元和客户端网络接口。每个客户端都有一个加密部分，使每个客户端能够与所有其他客户端安全地通信和了解数据。客户端通过网络共享服务器内存，从客户端将服务器内存中的加密数据副本存储起来。服务器无法解密存储在服务器内存中的加密数据。服务器具有定时机制，以确保共享的数据是所需的副本。存储系统的客户端。存储系统的服务器。一种存储数据的方法。存储系统的客户端的方法。一种存储系统的服务器的方法。存储系统包括网络。该系统包括具有与网络通信的服务器网络接口的服务器，服务器处理单元和用于存储数据的服务器存储器。该系统包括第一客户端和至少第二客户端。每个客户端具有与网络通信的客户处理单元，客户端存储器，加密部分和客户端网络接口。当第一客户端希望对服务器存储器执行确定性事务T1并且希望执行具有到服务器数据库的核心修改M2的非确定性事务T2时，第一客户端从其客户端网络接口向服务器发送加密的可执行描述由第一客户机的加密部分加密的T1和由第一客户机的加密部分加密的M2的加密可执行描述。服务器网络接口向第二客户端发送关于包括确定性和非确定性事务的事务X的有序序列的信息。第二客户端的客户处理单元按照从第一客户端发送到服务器的顺序执行事务X. 存储计算机程序的计算机可读介质，所述计算机程序当由存储系统的客户机的至少一个客户处理单元执行时与服务器通信。一种存储计算机程序的计算机可读介质，所述计算机程序当由存储系统的服务器的至少一个服务器处理单元执行时与客户端通信。

3. 发明申请

WO2010090633A2 DATABASE OUTSOURCING WITH ACCESS PRIVACY 审中-公开
标题翻译：数据库外部访问隐私
公开(公告)号：WO2010090633A2
公开(公告)日：2010-08-12
申请号：PCT/US2009/006639
申请日：2009-12-18
申请人： NEW YORK UNIVERSITY , SHASHA, Dennis , WILLIAMS, Peter , SION, Radu
发明人： SHASHA, Dennis , WILLIAMS, Peter , SION, Radu
IPC分类号： G06F15/16 , G06F17/30 , G06F17/40
CPC分类号： H04L63/0435 , G06F11/1004 , G06F21/54 , G06F21/602 , G06F21/606 , G06F21/6263 , G06F2221/2101 , G06F2221/2151
摘要： This invention introduces a new paradigm for outsourcing the transaction processing backend of a multi-client database application to an untrusted service provider. Specifically, the invention enables untrusted service providers to support transaction serialization, backup and recovery for clients, with full data confidentiality and correctness. Moreover, providers learn nothing about transactions (except their size and timing), thus achieving read and write access pattern privacy. This creates a novel class of secure database outsourcing models. A storage system. The system includes a network includes a server having a server memory, a server processor and a server network interface in communication with the network. The system includes a plurality of clients. Each client has a client memory in which data is stored, a client processing unit and a client network interface in communication with the server through the network. Each of the clients has an encryption portion that enables each of the clients to securely communicate and understand data with all other clients. The server memory is shared by the clients through the network to store copies of encrypted data in the server memory from the clients. The server is unable to decrypt the encrypted data stored in the server memory. The server has a timing mechanism to ensure data that is shared is a desired copy. A client of a storage system. A server of a storage system. A method for storing data. A method of a client of a storage system. A method of a server of a storage system. A storage system includes a network. The system includes a server having a server network interface in communication with the network, a server processing unit and a server memory for storing data. The system includes a first client and at least a second client. Each client having a client processing unit, a client memory, encryption portion and a client network interface in communication with the network. When the first client desires to perform a deterministic transaction T1 to the server memory and desires to perform a non-deterministic transaction T2 having core modifications M2 to the server database, the first client sends from its client network interface to the server an encrypted executable description of T1, as encrypted by the encryption portion of the first client, and an encrypted executable description of M2 as encrypted by the encryption portion of the first client. The server network interface sends information about an ordered sequence of transactions X including both deterministic and non-deterministic transactions to the second client. The client processing unit of the second client executes transactions X in the order they were sent to the server from the first client. A computer readable medium storing a computer program which when executed by at least one client processing unit of a client of a storage system communicates with a server. A computer readable medium storing a computer program which when executed by at least one server processing unit of a server of a storage system communicates with a client.
摘要翻译：本发明引入了将多客户端数据库应用程序的事务处理后端外包给不受信任的服务提供者的新范例。具体而言，本发明使得不受信任的服务提供商能够以全面的数据机密性和正确性支持客户端的事务序列化，备份和恢复。而且，提供者对交易（除了它们的大小和时间除外）一无所知，因此实现了读写访问模式的隐私。这创建了一种新型的安全数据库外包模式。一个存储系统。该系统包括网络，该网络包括具有服务器存储器，服务器处理器和与网络通信的服务器网络接口的服务器。该系统包括多个客户端。每个客户端都有一个存储数据的客户端存储器，一个客户端处理单元和一个通过网络与服务器通信的客户端网络接口。每个客户端都有一个加密部分，可以使每个客户端与所有其他客户端安全地进行通信和理解数据。服务器内存由客户端通过网络共享，以便将来自客户端的加密数据的副本存储在服务器内存中。服务器无法解密存储在服务器内存中的加密数据。服务器有一个定时机制来确保共享的数据是所需的副本。存储系统的客户端。存储系统的服务器。一种存储数据的方法。存储系统的客户端的方法。存储系统的服务器的方法。存储系统包括网络。该系统包括具有与网络通信的服务器网络接口的服务器，用于存储数据的服务器处理单元和服务器存储器。该系统包括第一客户端和至少第二客户端。每个客户端具有与网络通信的客户端处理单元，客户端存储器，加密部分和客户端网络接口。当第一客户端希望对服务器存储器执行确定性事务T1并且期望对服务器数据库执行具有核心修改M2的非确定性事务T2时，第一客户端从其客户端网络接口向服务器发送加密的可执行描述所述第一客户端的加密部分加密的所述T1的加密可执行描述和所述第一客户端的加密部分加密的M2的加密可执行描述。服务器网络接口向第二客户端发送关于包括确定性事务和非确定性事务两者的有序事务序列X的信息。第二客户端的客户端处理单元按照他们从第一客户端发送到服务器的顺序执行交易X. 一种存储计算机程序的计算机可读介质，所述计算机程序在由存储系统的客户端的至少一个客户端处理单元执行时与服务器通信。一种存储计算机程序的计算机可读介质，所述计算机程序在由存储系统的服务器的至少一个服务器处理单元执行时与客户端通信。

4. 发明申请

WO2009023307A9 METHOD AND APPARATUS FOR TAMPER-PROOF WRITE-ONCE-READ-MANY COMPUTER STORAGE 审中-公开
标题翻译：用于防篡改一次读取多次计算机存储的方法和装置
公开(公告)号：WO2009023307A9
公开(公告)日：2009-04-09
申请号：PCT/US2008062664
申请日：2008-05-05
申请人： UNIV NEW YORK STATE RES FOUND , SION RADU
发明人： SION RADU
CPC分类号： G06F17/30085 , G06F17/30188 , G06F21/64 , G06F21/725
摘要： Disclosed is a method for storing digital information for storage in an adversarial setting in which trusted hardware enforces digital information compliance with data storage mandates. Secure storage overhead is minimized by identifying sparsely accessing the trusted hardware based on data retention cycles. Data retention assurances are provided for information stored by a Write-Once Read-Many (WORM) storage system.
摘要翻译：公开了一种用于存储数字信息以存储在对抗设置中的方法，其中可信硬件强制数字信息符合数据存储命令。通过识别基于数据保留周期的稀疏访问可信硬件来最大限度地降低安全存储开销。为一次写入多次读取（WORM）存储系统存储的信息提供数据保留保证。

5. 发明申请

WO2009023307A2 METHOD AND APPARATUS FOR TAMPER-PROOF WRITE-ONCE-READ-MANY COMPUTER STORAGE 审中-公开
标题翻译：用于防篡改一次读取多次计算机存储的方法和装置
公开(公告)号：WO2009023307A2
公开(公告)日：2009-02-19
申请号：PCT/US2008/062664
申请日：2008-05-05
申请人： THE RESEARCH FOUNDATION OF THE STATE UNIVERSITY OF NEW YORK , SION, Radu
发明人： SION, Radu
CPC分类号： G06F17/30085 , G06F17/30188 , G06F21/64 , G06F21/725
摘要： Disclosed is a method for storing digital information for storage in an adversarial setting in which trusted hardware enforces digital information compliance with data storage mandates. Secure storage overhead is minimized by identifying sparsely accessing the trusted hardware based on data retention cycles. Data retention assurances are provided for information stored by a Write-Once Read-Many (WORM) storage system.
摘要翻译：公开了一种用于存储数字信息以存储在对抗设置中的方法，其中可信硬件强制数字信息符合数据存储命令。通过识别基于数据保留周期的稀疏访问可信硬件来最大限度地降低安全存储开销。为一次写入多次读取（WORM）存储系统存储的信息提供数据保留保证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式