FIELD
The present disclosure is generally directed to systems and methods for
use in segregating data blocks to distributed storage and, in particular, to systems and
10 methods for use in segregating the data blocks to and storing the data blocks in
different storage devices of such distributed storage based on variables and/or random
divisions of the data blocks.
BACKGROUND
This section provides background information related to the present
15 disclosure which is not necessarily prior art.
The exchange and storage of sensitive information or data is known to
involve one or more safeguards. Encryption, for example, is known to obscure
sensitive data as it is transmitted from a first party to a second party, whereby the first
party encrypts the data before sending and the second party decrypts the data upon
20 receipt to reveal the original sensitive data. In addition, other safeguards may be used
for stored sensitive data, such as, for example, permissions, network tools or
configurations (e.g., firewalls, etc.), etc., to either protect the data as stored or to
restrict access to the data where the data is stored.
DRAWINGS
25 The drawings described herein are for illustrative purposes only of
selected embodiments and not all possible implementations, and are not intended to
limit the scope of the present disclosure.
FIG. 1 illustrates an example system of the present disclosure suitable
for use in segregating and retrieving data blocks in/from different storage devices of
30 distributed storage;
3
FIG. 2 is a block diagram of a computing device that may be used in
the example system of FIG. 1;
FIG. 3 illustrates an example method, which may be implemented in
connection with the system of FIG. 1, for storing a data block in different storage
5 devices of distributed storage, whereby the data block is segregated into segments
according to a variable value and further commingled with chaff segments to enhance
security of the distributed data segments in connection with storing the segments in
the different storage devices; and
FIG. 4 illustrates an example method, which may be implemented in
10 connection with the system of FIG. 1, for use in retrieving data segments from
different storage devices of distributed storage and reconstructing the data segments
into a data block.
Corresponding reference numerals indicate corresponding parts
throughout the several views of the drawings.
15 DETAILED DESCRIPTION
Example embodiments will now be described more fully with
reference to the accompanying drawings. The description and specific examples
included herein are intended for purposes of illustration only and are not intended to
limit the scope of the present disclosure.
20 Sensitive data may take a variety of different forms. For example,
users are often associated with identities, which may include a variety of different
information about the users. This information, as such, may be personal identifying
information (PII) for the users in that parts of the information, alone or in
combination, identify the users to the exclusion of others. Such PII is of particular
25 importance when it is relied on to authenticate the users and/or provide the users with
access to activities related to various interactions, including financial interactions
(e.g., transferring funds, setting up new accounts, etc.), etc. In connection therewith,
the PII is known to different parties, whereby the parties may store the PII (broadly,
sensitive data), or a link to the PII, such that there is potential for the PII to be
30 compromised. Apart from PII, specifically, sensitive data may also include
transaction data, or data specific to a party (e.g., a company, an agency, a government,
a group, a charity, an institution, etc.) rather than specific to a person or individual
4
(e.g., where the data may include a company’s financial data, strategic or technical
information for a company, bid information, etc.).
Uniquely, the systems and methods herein employ distributed storage
to securely store the sensitive data (or information), where the data is segregated in a
5 particular manner. Specifically, a data block containing sensitive data is segregated
into a variable number of segments, and then, optionally, a number of chaff segments
are commingled with the segregated segments. The segments may then be secured
(e.g., encrypted based on a part of the data (e.g., based on a biometric included in the
data, etc.), or otherwise) and are then stored across the distributed storage (which may
10 include a mobile device (e.g., a smartphone, a tablet, etc.) of an originator or
custodian of the data block, etc.), and a record of reconstruction is stored in a location
associated with the originator or custodian of the data block and/or a party associated
with the distributed storage. The segments may further be encrypted prior to being
stored. Consequently, because the data block is stored in the distributed storage,
15 added security is provided in that a nefarious user in possession of the segments from
one or more of the storage devices of the distributed storage (even all of the storage
devices) would be unaware of how many segments are needed to reconstruct the
original block of data due to the variable number of segments and how many of the
segments for a specific data block are real versus chaff segments. These variables
20 provide enhanced protection of the data, for example, including PII, in the possession
of a party through the distributed storage, over conventional management/storage
techniques. Moreover, the segregated segments may further be combined, and
segregated again and distributed, at one or more intervals, to provided still further
enhanced security for the sensitive data. In such instances, each of the segments or
25 the subsequent segments may even be secured by a different biometric of the
originator or other data (e.g., whereby the biometric or other security of the segments
is “rotated, etc.).
FIG. 1 illustrates an example system 100 in which one or more aspects
of the present disclosure may be implemented. Although the system 100 is presented
30 in one arrangement, other embodiments may include the parts of the system 100 (or
other parts) arranged otherwise depending on, for example, types of users and relying
parties, relationships between users and relying parties, different data hosts (e.g., as
services or as custodians, etc.), types of identity services offered, privacy concerns
and/or requirements, etc.
5
The illustrated system 100 generally includes a data host 102, a mobile
device 104 associated with a user 106, and a relying party 108, each of which is
coupled to network 110. The network 110 may include one or more of, without
limitation, a local area network (LAN), a wide area network (WAN) (e.g., the
5 Internet, etc.), a mobile network, a virtual network, and/or another suitable public
and/or private network capable of supporting communication among two or more of
the parts illustrated in FIG. 1, or any combination thereof. Further, in various
implementations, the network 110 may include multiple different networks (e.g.,
private networks, public networks, etc.), where one or more of the multiple different
10 networks are then accessible to particular ones of the data host 102, the mobile device
104, and/or the relying party 108.
The data host 102 in the system 100 generally is associated with
segregating and storing data blocks (e.g., associated with user 106, associated with
another party or entity, etc.). In this example embodiment, the data blocks generally
15 include personal identifying data (or information) related to the user 106, such as, for
example, a name, an address, a phone number, a birthdate, a place of birth, genetics,
biometrics (e.g., fingerprints, a facial image, a palm print, a retina image, a voice
print/scan, etc.), health data (e.g., medical records, vaccination records, etc.),
government identification numbers (e.g., a social security number, a driver’s license
20 number, a passport number, etc.), payment account credentials (e.g., payment account
numbers, tokens, keys, expiration dates, CVCs, etc.), etc. Broadly, the data blocks
include sensitive data. The manner in which the data blocks are stored is described in
more detail below. That said, as noted above, the data blocks may contain any
different type of sensitive data (i.e., information intended to be secured in one manner
25 or another) in other embodiments, whether specific to a user or to a party, or to
multiple users or multiple parties, or even to data in general unrelated to any users or
parties, etc. For example, the data block may include, without limitation, transaction
data, encryption data, security data and/or protocols, organizational data, access data
(e.g., usernames, passwords, entry codes, biometrics, etc.), political data, voting data,
30 planning data, bid data, contract data, etc.
As shown in FIG. 1, the data host 102 includes distributed storage 112,
which in turn includes (as indicated by the solid lines) multiple discrete storage
devices 114a-e. Each of the storage devices 114a-e includes one or more solid state
storage devices, optical storage devices, magnetic storage devices, virtual storage
6
devices, combinations thereof, etc. That said, the storage devices 114a-e may each be
generally understood as a separate node of a single physical storage network, or a
node of a physically separated storage network, etc. For instance, the storage devices
114a-e may be logically separated using different virtual machines located on
5 common hardware. In particular, for example, a single hard drive could be partitioned
to include the different storage devices 114a-e configured to run different operating
systems, whereby the storage devices 114a-e may live on different virtual machines
yet still running on the same hardware. Alternatively, each of the storage devices
114a-e may reside on a completely separate physical machine. Here, the different
10 physical machines may operate together in the same rack space within a facility of the
data host 102 (or other party), or the machines may be geographically separated (e.g.,
into different data centers in different states, cities, regions, etc.). This physical
separation may be utilized when building geographically redundant solutions where
operations will run in multiple regions/multiple zones. As an example, a storage
15 device (e.g., one of storage devices 114a-e, etc.) (e.g., a hard drive, etc.) may be
disposed in a data center on the west coast of the United States and operate as part of
the distributed storage, while a different storage device (e.g., another one of storage
devices 114a-e, etc.) may be disposed in the United Kingdom and still another storage
device (e.g., still another one of storage devices 114a-e, etc.) may be disposed in
20 Australia (with each operating as part of the distributed storage 112).
It should be appreciated that while five storage devices 114a-e are
included in the example distributed storage 112 of the system 100, any suitable
number of storage devices (e.g., three, ten, twelve, twenty, thirty, fifty, one hundred,
three hundred, etc.) may be included in the other distributed storage embodiments
25 depending on, for example, size and scope of the distributed storage 112 and/or size
and/or type of data blocks, etc.
The mobile device 104 in the system 100 is associated with the user
106. In general, the mobile device 104 is configured to participate in the origination
of data (or information) to be stored in the distributed storage 112, or the request for
30 retrieval of the information in connection with a relying party (e.g., the relying party
108, etc.). The mobile device 104 may include, without limitation, a mobile device, a
smartphone, laptop, personal computer, server, etc., which may be specific to the user
106 or generally accessible to the user 106. While the mobile device 104 is illustrated
as separate from the distributed storage 112 in FIG. 1, it should be appreciated that in
7
other embodiments the mobile device 104 may form part of the distributed storage
112, as indicated by the dotted line in FIG. 1. That is, the mobile device 104 may be
configured as described herein, and additionally, or alternatively, be configured
consistent with one of the storage devices 114a-e of the distributed storage 112 (e.g.,
5 as storage device 114c as illustrated in FIG. 1, etc.).
The relying party 108 is a party that expects or intends to receive
and/or rely on information included in the data blocks and/or related to the user 106 in
connection with at least one interaction with the user 106. The relying party 108 may
include, for example, a banking institution, which is configured to rely on PII for the
10 user 106 to open an account (e.g., a credit account, a debit account, a savings account,
etc.), or potentially to move funds into or out of an account previously issued by the
banking institution to the user 106, etc. As other examples, the relying party 108 may
include a corporation, an organization, a healthcare provider, a government agency
(e.g., a revenue or tax agency, etc.), or a retailer offering products (e.g., good,
15 services, etc.) to the user 106, etc., whereby each relies, in one way or another, on the
sensitive data (e.g., PII associated with the user 106, etc.), etc. In still other examples,
the relying party 108 may include other different parties associated with stored data
for the user 106 (either related to the user 106 or to the party (e.g., for consumption by
the user 106, etc.), etc.). For example, the relying party 108 may include a
20 telecommunication service to which the mobile device 104 is associated (e.g., a
network member or subscriber, etc.), whereby the relying party 108 is configured to
maintain a backup of data included in the mobile device 104 (i.e., sensitive
information, etc.). That said, it should be appreciated that the user 106 may be an
individual or a party (e.g., a company, an agency, a government, a group, a charity, an
25 institution, etc.) and the relying party 108 may be any party interacting with the user
106 on the basis of sensitive data stored in the distributed storage 112, as described in
more detail below.
For purposes of illustration herein, and with no intention to limit the
scope of the present disclosure, in the illustrated embodiment the relying party 108
30 includes a digital wallet provider (e.g., a banking institution or payment facilitator
(e.g., a P2P facilitator, a P2B facilitator, etc.), etc.), which provides a bank-type or
wallet-type application 116 for use by the user 106. As shown in FIG. 1, the
application 116 is installed and included in the mobile device 104. Upon accessing
the application 116, the application 116 configures the mobile device 104 to invite the
8
user 106 to register with the relying party 108. The registration will often include the
providing of personal identifying information, or broadly, sensitive information, about
or related to the user 106 (or other associated users) to the relying party 108.
In connection therewith, it should be appreciated that the user 106 is
5 associated with an identity. For purposes of illustration, Table 1 below includes
specific examples of sensitive data, which is PII for the user 106, for example, as part
of his/her identity, etc. The PII included in Table 1 is merely example in nature, as
other different or other additional data may be included, and generally is, in the
identity of the user 106. As part of registration of the user 106, the mobile device
10 104, as configured by the application 116, solicits the information/data from the user
106. The user 106, in turn, enters or otherwise provides the data/information to the
mobile device 104. Upon receipt, then, the mobile device 104 is configured, by the
application 116, to transmit the information to the relying party 108.
Table 1
User 106
Name Jane Smith
Mailing Address 123 Main St., New York, NY 10038
Phone Number 123-456-7890
Birthdate Jan. 1, 1980
Birth Place New York, NY
Government ID # 123456789
Username JSmith
Password Password123456
Biometric Fingerprint
15
In connection with the registration, the application 116 may configure
the mobile device 104 to solicit one or more biometrics from the user 106, for use in
securing and/or accessing the sensitive data at a later time. The biometric(s) may
include different fingerprints, facial images, voice recordings, etc. The mobile device
20 104 may be configured to then provide the biometric(s), or template(s) associated
therewith, to the relying party 108, along with the PII (if not already included).
Upon receipt of the information/data from the mobile device 104, the
relying party 108 is configured to submit the information (and, potentially, the
9
biometrics) to the data host 102 in order for the data to be stored (e.g., via the network
110, etc.).
In turn, the data host 102 is configured to receive the data and to define
a data block for the user 106, which is associated with a unique ID for the user 106 (or
5 the data block) (or multiple data blocks). The unique ID may include a phone number
for the mobile device 104 or a biometric for the user 106, for example, or a different
aspect of the PII for the user 106, or the unique ID may include a series of numbers
and/or letter, etc., which is not directly indicative of the PII of the user 106 (e.g., a
variably and/or randomly selected unique ID, etc.). The unique ID may be defined by
10 the relying party 108 (and provided with the PII), or it may be defined by the data host
102 after receipt of the PII, etc. As for the data block, the information provided by the
user 106 (via the relying party 108) (or portions thereof) forms the data block (or
multiple data blocks). The format of the data block may vary, for example, based on
the particular system embodiment. In this example embodiment, the data block for
15 the above PII of the user 106 is presented below in Table 2, as text content to be
stored by the data host 102 in the distributed storage 112. The data block is shown in
Table 2, then, where the text content includes all the PII from Table 1 in a defined
sequence (e.g., first name, last name, street number, street name, street type, city,
state, etc.) in plain text, with different information parts separated with a period (or
20 dot). Again, it should be appreciated that the data block shown in Table 2 is example
in nature, and that various other forms (or formats) of data blocks may be used in
other examples and within the scope of the present disclosure.
Table 2
Data Block
jane.smith.123.main.st.new.york.ny.010038.1234567890.jan.1.1980.
new.york.ny.123456789.JSmith.Password123456.[numeric
representation of biometric].
25
In some embodiments, the data host 102 may interact with the user
106, for example, via the application 116, etc., to solicit a biometric from user 106. In
turn, the user 106 may provide the biometric to the data host 102 (again, via the
application 116 and/or the mobile device 104 as configured by the application 116,
30 etc.), whereby the biometric may be used as the unique ID to be associated with the
10
data block(s) for the user’s data (e.g., PII, etc.). In connection therewith, in some such
embodiments, the data host 102 may solicit the biometric from the user 106 randomly
so as to create an element of unpredictability around generation and/or unlocking of
the data in the data block(s).
5 Next, the data host 102 is configured to segregate and store the data
block in the distributed storage 112. In particular, in this example embodiment, the
data host 102 is configured to generate a variable value N for the data block. The
value N is an integer value greater than one, and may include, for example, 2, 3, 4, 6,
25, or another suitable number. The value N may be generated in any suitable
10 manner, for example, pursuant to one or more algorithms, whereby the value may be
randomly or pseudo-randomly generated, or even predictably generated (e.g., a last
digit of a street address plus five, etc.), etc. That said, the value N may generally be
“variable” between different generations, per data block, whereby the division of the
data block may vary between different data blocks (whether including the same type
15 and/or volume of data, or not). Additionally, the number N may be greater than or
less than the total number storage devices 114a-e (where the mobile device 104 may
be included as a storage device in such determination) or otherwise related thereto, for
example, based on geographic location(s) of the storage devices 114a-e (e.g., where
segments of a data block may be limited to ones of the storage devices 114a-e within
20 a region of the mobile device 104 and/or the data host 102, etc.). The data host 102 is
configured to then divide or segregate or split the data block into N segments. The
data block may be divided consistent with, for example, a Shamir secret sharing
scheme or other suitable sharing scheme, where N is the number of segments or
fragments into which the data block is divided. In this way, rather than a single
25 storage device holding all of the data for the data block, the data block is divided into
the N pieces amongst multiple storage devices, such that no one storage device holds
the entire data block (and whereby each storage device holding one of the N divided
pieces of the data block contributes their piece in order to recreate the data block (e.g.,
the N pieces (or some determined threshold less than N (e.g., a threshold defined as K,
30 etc. which is less than N; etc.)) are then needed to reconstruct the data block, etc.)).
Moreover, the data host 102 is configured to add M chaff segments
(where M is an integer value greater than or equal to one) to the segregated segments
of the data block (i.e., as actual segments). The value M, like the value N, may be a
variable (e.g., random, pseudo-random, predictable, etc.), but also, in one or more
11
embodiments, may be fixed. The chaff segments generally include chaff, which is not
data included in the data block, but rather fake or bogus information, whereby the
actual segments are commingled with the chaff segments (comprising the chaff) to
provide a total number of segments (M + N). The chaff data may or may not be
5 consistent with the type of data included in the data block (e.g., name, street or email
address information (e.g., kate.yorker.dr.bob@email.com, etc.) in the data block of
Table 2, etc.), whereby consistent data (including the chaff) may maintain the
appearance of belonging to the data block, etc.
The segments may then be encrypted, using one or more suitable
10 encryption techniques. In connection therewith, the segments may be encrypted
based on a biometric (e.g., a fingerprint, a facial image, etc.) specific to the user 106,
other PII of the user 106, the unique ID for the user 106 and/or the mobile device 104,
or other suitable data related and/or unrelated to the user 106, etc.
The data host 102 is configured to next distribute the segments (i.e.,
15 encrypted actual and chaff segments) to the various storage devices 114a-e of the
distributed storage 112. As shown in FIG. 1, and as indicated by the dotted line, the
mobile device 104 may be included as (or may represent) one of the storage devices
114a-e (e.g., the storage device 114c in the illustrated system 100, etc.). The
encrypted segments may be evenly spread over the storage devices 114a-e, or
20 otherwise distributed among the storage devices 114a-e. In connection therewith, the
data host 102 is configured to compile a data block record for the data block. The
record includes, without limitation, a description or identifier of the data block (or the
user 106 associated with the data block), a biometric associated with the user 106 (or
an identifier of the biometric (e.g., right index finger, etc.), etc.), and/or an identifier
25 of the mobile device 104, and also, the value N (i.e., the number of segments into
which the data block was divided), the value M (i.e., the number of chaff segments),
the index address for each of the locations to which the segments were stored (i.e., a
designation of a storage device and a specific address within that storage device), and
instructions for reconstructing the data block (e.g., the order of the actual segments,
30 decryption techniques (e.g., using the identified biometric, etc.), the biometric
authentication scheme (e.g., at the mobile device 104, etc.), etc.), etc.
The data host 102 may be then configured to store the data block
record in memory (e.g., memory 204 described below, etc.) and/or to transmit a
confirmation of the storage of the data block (along with the unique ID) to the relying
12
party 108. Alternatively, the data host 102 may be configured to return the data block
record along with the unique ID to the relying party 108 or to the mobile device 104,
which in turn, is configured to store the data block record in association with the
unique ID for later use to reconstruct the data block. When the data block record is
5 stored in the mobile device 104, for example, it should be appreciated that the
application 116 may configure the mobile device 104 to protect the data block record
with one or more forms of authentication (e.g., a biometric of the user 106, etc.), etc.
That said, it should be appreciated that the data host 102, the mobile
device 104, and relying party 108 may share different roles in the storage of the data
10 block. The data host 102 may be configured to perform the operations above and then
store the data block record, or alternatively, the mobile device 104 or the relying party
108 may be configured to perform many of the operations above, with the data host
102 merely configured as a conduit for the mobile device 104 or the relying party 108
to access the distributed storage 112 (and , in particular, ones of the storage devices
15 114a-e). For example, the mobile device 104 may be configured to cooperate with the
data host 102, as described above, to store the sensitive data (which may then be
accessible as described below), etc. It should be appreciated that the division of the
operations between the data host 102, the mobile device 104, and the relying party
108 may be implementation specific and vary from the description above and below.
20 Later, when the relying party 108 requires the information included in
the data block (e.g., the user 106 requests a transaction via the application 116, etc.),
in one implementation (where the data block record is maintained by the data host
102), the relying party 108 is configured to provide a request for the data block to the
data host 102, where the request includes the unique ID. The data host 102, in turn, is
25 configured to retrieve the data block record associated with the unique ID from
memory and to retrieve each segment identified in the data block record from the
storage devices 114a-e of the distributed storage 112 (one of which, again, which may
include the mobile device 104, etc.). For example, the data host 102 may be
configured to solicit the data block record, or a data segment thereof, from the user
30 106 at the mobile device 104. In turn, the mobile device 104 may be configured to
authenticate the user 106 based on a biometric, or otherwise, before returning the data
block record or data segment. Alternatively, the mobile device 104 may be
configured to solicit a biometric (e.g., as defined in the data block record, etc.) from
13
the user 106 and to return the data segment identified in the data block along with the
biometric to the data host 102.
The data host 102 is further configured to then decrypt the data
segments (based on encryption data included in the data block record (e.g., a unique
5 ID, a biometric of the user 106, etc.)), to discard the chaff segments, and to
reconstruct or reassemble the data block. The data host 102 may be configured to
then return the data block to the relying party 108 in total, or potentially, to respond
with only information identified or requested by the relying party 108 in the request.
In another implementation (where the data block record is maintained
10 by the relying party 108), the relying party 108 is configured to access the data block
record and to request the segments from the data host 102 based on the index
addresses included in the data block record. The data host 102, in turn, is configured
to access the segments, based on the index addresses (e.g., at one of the storage
devices 114a-e and/or the mobile device 104, etc.), and to return the segments to the
15 relying party 108. As noted above, it should be appreciated that less than all the
segments may be required to reconstruct the data block in some embodiments (e.g., a
threshold number K of the segments less than a total number N of the segments
generated, etc.), whereby the data host 102 may be configured to return only a
required number of segments (e.g., the threshold number K of the segments, etc.) to
20 the relying party 108. In various embodiment, specifically, a segment included in the
mobile device 104 (e.g., when acting as storage device 114c, etc.) may be constructed
and/or defined in a manner required to reconstruct the data block, whereby in this
implementation or the implementation above, the data host 102 may be configured to
retrieve that segment from the mobile device 104 (and certain other segments) and to
25 return the segment(s) to the relying party 108. In this manner, the mobile device 104
is necessarily involved in the reconstruction (e.g., whereby authentication of the user
106 at the mobile device 104 may be required (e.g., by the application 116, etc.) to
return the segment to the relying party 108 and to thereby reconstruct the data block
record (e.g., thereby providing still further enhanced security, etc.), etc.).
30 In addition to the data segments, the relying party 108 and/or the data
host 102 may also be configured to solicit a biometric from the user 106, via the
mobile device 104, for use in decryption and/or reconstruction. The mobile device
104, in turn, is configured to solicit (e.g., a specific biometric indicated in the data
block record, etc.) and capture the biometric from the user 106, and then provide the
14
biometric to the relying party 108 and/or the data host 102. In connection therewith,
the relying party 108 and/or the data host 102 may solicit the biometric from the user
106 randomly so as to create an element of unpredictability around unlocking of the
data in the data block(s).
5 Upon receipt of the segments, the relying party 108 is configured to
then decrypt the data segments (based on encryption data included in the data block
record (e.g., the unique ID, a biometric, etc.)), to discard the chaff segments, and to
reconstruct or reassemble the data block. Additionally, the mobile device 104
likewise may be configured, by the application 116, for example, to reconstruct the
10 data block and transmit the same, or part thereof, to the relying party 108, etc.
Then, with the information either from the data host 102 or as
reconstructed, the relying party 108 (or mobile device 104) may proceed as
appropriate. For example, the relying party 108 may be configured to initiate a fund
transfer from the user 106 to another user identified, via the application 116, based on
15 a payment account or other information identified in the data block, after the user 106
is authenticated based on data included in the mobile device 104 and/or based on
further information from the data block. Moreover, regardless of how the relying
party 108 proceeds, generally, when the need for the data is over, the data host 102
and/or the relying party 108 that reconstructed the data is configured to delete the
20 reconstructed data, to thereby maintain the distributed storage of the data block in the
distributed storage 112, but not elsewhere.
In yet another implementation, the user 106 may coordinate retrieving
the data, for modification and/or for redistributing the data. For example, the data
host 102 and/or the mobile device 104 may be configured, after a defined interval
25 (e.g., a day, a week, 15 days, a month, etc.) and/or after a user input, to redistribute
the data block. In particular, the data host 102 (or mobile device 104) may be
configured to retrieve the data block record, to retrieve the data segments from the
distributed storage 112, and to reconstruct the data block record, as described above
(but, generally, without the relying party 108). The data host 102 may then be
30 configured to solicit a biometric or other data from the user 106 (e.g., via the mobile
device 104, etc.) and to repeat the above operations to segregate, encrypt (based on
the biometric or other data) and distribute the data block, whereby the segments may
be different from a prior segregation, the data block record may be different, etc.,
15
thereby providing enhanced security by rotating segments and/or records in the
distributed storage 112.
It should be appreciated that the data host 102 may be configured to
solicit a different biometric from the user 106, upon which the data block is encrypted
5 and/or secured in such modification or redistribution of the data. For example, the
data host 102 may be configured to rely on a fingerprint of the right index finger to
encrypt the segments of the data block in a first instance, and then to rely on a
fingerprint of the left index finger (or a facial image) to encrypt the segments of the
same data block in a second instance after the first instance. In this manner, the
10 biometric being used to secure the data block is rotated, to gain, provide, etc.
enhanced security. Further, the data host 102 may solicit the different biometric from
the user 106 randomly so as to create an element of unpredictability around unlocking
of the data in the data block(s).

We claim:
1. A computer-implemented method for use in storing data blocks in
distributed storage, the method comprising:
5 receiving, by a computing device, a data block comprising data;
generating, by the computing device, a value N for the data block, wherein the
value N includes a variable integer greater than one;
dividing, by the computing device, the data block into N segments, each
segment including a portion of the data;
10 encrypting, by the computing device, the N segments; and
distributing, by the computing device, the N segments in a distributed storage,
wherein the N segments are stored in multiple different storage devices included in
the distributed storage.
15 2. The computer-implemented method of claim 1, further comprising:
generating, by the computing device, a value M for the data block, wherein the
value M includes a variable integer greater than or equal to one;
adding, by the computing device, M segments of chaff to the N segments;
encrypting, by the computing device, the M segments of chaff; and
20 distributing, by the computing device, the M segments in the distributed
storage along with the N segments, wherein the N segments and the M segments of
chaff are stored in the multiple different storage devices included in the distributed
storage.
25 3. The computer-implemented method of claim 2, wherein the N
segments are encrypted by a first encryption technique and the M segments of chaff
are encrypted by a second encryption technique, the first encryption technique
different than the second encryption technique.
30 4. The computer-implemented method of claim 2, wherein the N
segments and the M segments of chaff are each stored in a different one of the
multiple different storage devices included in the distributed storage.
35
5. The computer-implemented method of claim 2, further comprising
compiling, by the computing device, a record for the data block, the recording
including the value N, the value M, encryption data for the N segments and the M
segments of chaff, and index addresses for the storage devices of the distributed
5 storage in which the N segments and the M segments of chaff are stored.
6. The computer-implemented method of claim 5, further comprising:
receiving, by the computing device, a request for the data included in the data
block;
10 retrieving, by the computing device, the N segments and the M segments of
chaff from the storage devices of the distributes storage; and
reconstructing the data block based on the record for the data block, thereby
providing access to the data included in the data block.
15 7. The computer-implemented method of claim 6, further comprising,
after retrieving the N segments and the M segments of chaff, discarding the M
segments of chaff based on the record for the data block; and
wherein reconstructing the data block incudes reconstructing the data block
from the N segments.
20
8. The computer-implemented method of claim 1, wherein the data
includes personal identifying information associated with a user; and
wherein a mobile device of the user is included in the distributed storage as
one of the multiple different storage devices.
25
9. The computer-implemented method of claim 1, wherein the value N is
one of a randomly generated value and a pseudo-randomly generated value.
10. The computer-implemented method of claim 1, wherein the multiple
30 different storage devices are each geographically separated in the distributed storage.
11. The computer-implemented method of claim 1, wherein at least two of
the multiple different storage devices are geographically located at a same location
and are logically separated in the distributed storage at said same location.
36
12. A system for use in storing data blocks in distributed storage, the
system comprising:
distributed storage including multiple different storage devices each
configured to store segments of data; and
5 a data host computing device coupled in communication to the distributed
storage, the data host computing device configured to:
receive a data block comprising data;
generate a value N for the data block, wherein the value N includes a
variable integer greater than one;
10 divide the data block into N segments, each segment including a
portion of the data;
encrypt the N segments; and
distribute the N segments in the distributed storage, wherein the N
segments are stored in the multiple different storage devices included in the
15 distributed storage.
13. The system of claim 12, wherein the multiple different storage devices
are each geographically separated in the distributed storage;
wherein one of the multiple different storage devices includes a mobile device
20 of a user associated with the data included in the data block; and
wherein the data includes personal identifying information of the user.
14. The system of claim 12, wherein at least two of the multiple different
storage devices are geographically located at a same location and are logically
25 separated in the distributed storage at said same location.
15. The system of claim 12, wherein the data host computing device is
further configured to:
generate a value M for the data block, wherein the value M includes a variable
30 integer greater than or equal to one;
add M segments of chaff to the N segments;
encrypt the M segments of chaff; and
37
distribute the M segments in the distributed storage along with the N segments,
wherein the N segments and the M segments of chaff are stored in the multiple
different storage devices included in the distributed storage.
5 16. The system of claim 15, wherein the data host computing device is
further configured to compile a record for the data block, the recording including the
value N, the value M, encryption data for the N segments and the M segments of
chaff, and index addresses for the different storage devices of the distributed storage
in which the N segments and the M segments of chaff are stored.
10
17. The system of claim 16, wherein the data host computing device is
further configured to:
receive a request for the data included in the data block;
retrieve the N segments and the M segments of chaff from the different storage
15 devices of the distributes storage;
discard the M segments of chaff based on the record for the data block; and
reconstruct the data block from the N segments based on the record for the
data block, thereby providing access to the data included in the data block.
20 18. The system of claim 12, wherein the computing device is configured to
encrypt the N segments based on a biometric of the user.
19. A non-transitory computer-readable storage medium including
executable instructions for storing data blocks in distributed storage, which when
25 executed by at least one processor, cause the at least one processor to:
in response to receipt of a data block comprising data associated with a user,
generate a value N for the data block, wherein the value N includes a variable integer
greater than one;
receive a first biometric associated with the user;
30 divide the data block into N segments, wherein each segment includes a
portion of the data;
generate a value M for the data block, wherein the value M includes a variable
integer greater than or equal to one;
add M segments of chaff to the N segments;
38
encrypt the N segments and the M segments of chaff with the received first
biometric; and
distribute the M segments and the N segments in a distributed storage in
communication with the at least one processor, wherein the N segments and the M
5 segments of chaff are stored in multiple different storage devices included in the
distributed storage.
20. The non-transitory computer-readable storage medium of claim 19,
wherein the executable instructions, when executed by the at least one processor,
10 further cause the at least one processor to compile a record for the data block, the
record including: the value N, the value M, encryption data for the N segments and the
M segments of chaff, and an index addresses for the different storage devices of the
distributed storage in which the N segments and the M segments of chaff are stored;
and
15 wherein the executable instructions, when executed by the at least one
processor, further cause the at least one processor to, after distributing the M
segments and the N segments in the distributed storage:
receive a request for the data included in the data block;
receive a second biometric for the user;
20 retrieve the N segments and the M segments of chaff from the different storage
devices of the distributes storage;
decrypt the N segments and the M segments of chaff with the received second
biometric;
discard the M segments of chaff based on the record for the data block; and
25 reconstruct the data block from the N segments based on the record for the
data block, thereby providing access to the data included in the data block.