Browse Prior Art Database

Limiting Access to Sensitive Assets during Maintenance Operations

IP.com Disclosure Number: IPCOM000248326D
Publication Date: 2016-Nov-15
Document File: 2 page(s) / 25K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method and system for a data source (ds) unit to perform one or more protective measures prior to receiving service and reverse said measures upon service completion.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 61% of the total text.

Page 01 of 2

Limiting Access to Sensitive Assets during Maintenance Operations

When a data source (ds) unit requires servicing (e.g., faulty memory device replacement, failed or malfunctioning component replacement, upgrade, etc.) assets stored on that ds unit are at an increased risk of exposure. For example, the slices the unit stores, the cryptographic or authentication keys the unit maintains, and its access permissions to other ds units in the system may be put at an increased risk of exposure or tampering while the ds unit is under service. For example, the ds unit may be physically handled by untrusted or less trusted entities, be sent to a less trusted facility, etc.

A method is needed to minimize the scope of damage that might occur during a ds service operation.

The novel solution is a method and system for a ds unit to perform one or more protective measures prior to receiving service and reverse said measures upon service completion.

The protective measures can include:


 Encrypting slices held by the ds unit


 Digitally signing slices (e.g., with a digital signature or hash message authentication code (HMAC) algorithm) held by the ds unit


 Erasing or securely backing up/offloading cryptographic material, such as keys


 Erasing or securely backing up/offloading authentication credentials received from external entities


 Erasing or securely backing up/offloading authentication credentials associated with this ds unit


 Erasing or securely backing up/...