Deleting encoded data slices in a dispersed storage network

摘要

A method begins by a dispersed storage (DS) processing module receiving a request regarding at least a portion of corresponding encoded data slices, wherein a collection of encrypted and encoded data slices of a plurality of collections of encrypted and encoded data slices includes a common data aspect, wherein encrypted and encoded data slices of the collection of encrypted and encoded data slices are produced by individually encrypting corresponding encoded data slices using a common encrypting character string and representations of the corresponding encoded data slices. The method continues with the DS processing module identifying the common encrypting character string of the corresponding encoded data slices. When the request is to delete the corresponding encoded data slices, the method continues with the DS processing module obfuscating the common encrypting character string in a local memory such that the collection of encrypted and encoded data slices are effectively incomprehensible.

主权项

1. A distributed storage (DS) unit comprises:
an interface; a plurality of memory devices for storing, in an encrypted format, an encoded data slice from each of at least some sets of encoded data slices of a first, second, third, and fourth pluralities of sets of encoded data slices, wherein:
a first data object is dispersed storage error encoded into the first plurality of sets of encoded data slices;a second data object is dispersed storage error encoded into the second plurality of sets of encoded data slices;a third data object is dispersed storage error encoded into the third plurality of sets of encoded data slices;a fourth data object is dispersed storage error encoded into the fourth plurality of sets of encoded data slices;the first and second data objects share a first common data aspect;the third and fourth data objects share a second common data aspect; andencoded data slices of the first and second pluralities of sets of encoded data slices form a first collection of encoded data slices and encoded data slices of the third and fourth pluralities of sets of encoded data slices form a second collection of encoded data slices; and a processing module operable to:
receive, via the interface, a request regarding encoded data slices of at least one of the first and second plurality of sets of encoded data slices;identify, based on the request, a first common encrypting character string associated with the first common data aspect; andprocess the request regarding the encoded data slices of the at least one of the first and second plurality of sets of encoded data slices based on the first common encrypting character string, wherein encrypting of the encoded data slices of the at least one of the first and second plurality of sets of encoded data slices is done based on the first common encrypting character string.