| 摘要 |
<p>The various embodiments of the present invention include techniques for securing the use of data deduplication activities occurring in a source-deduplicating storage management system. These techniques are intended to prevent fake data backup, target data contamination, and data spoofing attacks initiated by a source. In one embodiment, one technique includes limiting chunk querying to authorized users. Another technique provides detection of attacks and unauthorized access to keys within the target system. Additional techniques include the combination of validating the existence of data from the source by validating the data chunk, validating a data sample of the data chunk, or validating a hash value of the data chunk. A further embodiment involves the use of policies to provide authorization levels for chunk sharing and linking within the target. These techniques separately and in combination provide a comprehensive strategy to avoid unauthorized access to data within the target storage system.</p> |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION;IBM UNITED KINGDOM LIMITED;HOCHBERG, AVISHAI, HAIM;CANNON, DAVID, MAXWELL;SMITH, JAMES, PATRICK;ANGLIN, MATTHEW;KOJENOV, ALEXEI;YAKUSHEV, MARK |
发明人 |
HOCHBERG, AVISHAI, HAIM;CANNON, DAVID, MAXWELL;SMITH, JAMES, PATRICK;ANGLIN, MATTHEW;KOJENOV, ALEXEI;YAKUSHEV, MARK |
