公开(公告)号：GB2520489A

公开(公告)日：2015-05-27

申请号：GB201320459

申请日：2013-11-20

Applicant: IBM

Inventor： LEBUTSCH DAVID ,  WAIZENEGGER TIM ,  MEGA CATALDO ,  BARNEY JONATHAN M ,  SCHLEIPEN STEFAN

IPC: G06F21/62 ,  G06F3/06 ,  G06F21/78

Abstract: Data processing and storage apparatus comprises a hardware security module and a data storage medium 2 storing encrypted data objects in a hierarchical data maintenance structure of encrypted partition tables and hash-nodes forming a rooted tree, where: a partition table comprises a first reference to an encrypted data object and a first cryptographic key for its decryption; a hash-node comprises a second reference to a partition table or hash-node and a second cryptographic key for its decryption; the root node is decipherable using a master cryptographic key stored in internal storage 4 of the hardware security module; a data object is assigned to the root node via first and second references of a partition table and hash-nodes forming a set of successive nodes in the rooted tree; and a secure deletion of a data object is performed by: traversing the set of successive nodes in the tree by successively decrypting all hash-nodes and the partition table starting from the root node; and recursively traversing the set of successive nodes starting from the partition table and re-encrypting all the traversed nodes with new second cryptographic keys, with the first cryptographic key being removed or disregarded in the re-encryption.

公开(公告)号：GB2520056A

公开(公告)日：2015-05-13

申请号：GB201319723

申请日：2013-11-08

Applicant: IBM

Inventor： LEBUTSCH DAVID ,  MEGA CATALDO ,  WAIZENEGGER TIM ,  SHULMAN-PELEG ALEXANDRA ,  KURTZ BERNHARD ,  FACTOR MICHAEL

IPC: G06F21/64 ,  G06F17/30

Abstract: A method for operating a storage system 2, a retention management system 3 and a trusted component 4a, 4b, the storage system storing data objects and associated metadata, and the trusted component providing access to a secure date and/or time basis and performing cryptographic operations by using internally stored secret data, comprises: calculating (44 in Figure 4) a retention date associated with a data object in the storage system; generating (45 in Figure 4) a cryptographic checksum for metadata, comprising the retention date, relating to the data object in the trusted component; storing (46 in Figure 4) the metadata and the cryptographic checksum in the storage system; and in response to receiving a request 51 to perform a deletion transaction on the data object: checking 53 if the cryptographic checksum is valid to detect possible tampering of the metadata; checking 54 if the current date taken from a secure time basis by the trusted component is past the retention date; and if this verification of validity and expiration is successful, then authorizing deletion by sending the storage system a deletion authorization code 55 generated in the trusted component as confirmation to delete the data object.