| CPC G06F 21/6218 (2013.01) [G06F 21/31 (2013.01)] | 12 Claims |
|
1. A computer-implemented method of operating a data processing system comprising an actor authorization node, an access right storage node, a file record node and one or more processors, the method comprising steps of:
receiving, from a computing device, a request to access a file, the request comprising information identifying an actor making the request and a file to be accessed;
obtaining an indication from a first computing device operated by the actor authorization node whether or not the identified actor is recorded on the actor authorization node as trustworthy, wherein the actor authorization node stores actor information in blocks in a first blockchain, such actor information identifying an actor who has access rights to stored files, such actor information including an actor ID which identifies an actor;
obtaining an indication from a second computing device operated by the access right storage node of the access right the identified actor has to the identified file, wherein the access right storage node stores access rights information in blocks in a second blockchain, such access rights information identifying which actors recorded in the actor authorization node have access to which stored files, wherein for each stored file, the access rights information includes a list of which actors, identified by the actor's respective actor ID, has access to the stored file;
if the identified actor has been indicated by the actor authorization node as being trustworthy and by the access right storage node as having access rights, obtaining file storage and access details from a third computing device operated by the file record node, wherein each file is fragmented and wherein individual file fragments are stored in different storage locations, and wherein the file record node stores information in blocks in a third blockchain regarding a storage location of where each fragment of each file is stored; and
sending the file storage and access details to the computing device or using the file storage and access details to access the stored file and sending the accessed file to the computing device;
wherein the file storage and access details comprise at least one of a file storage location, a file encryption key, a calculated characteristic of the stored file and a calculated characteristic of an encrypted version of the stored file; and
wherein each file is fragmented into n fragments and a first subset of the n fragments containing x fragments, where x and n are integers and x is less than n, is added to a first data storage packet, a second subset of the n fragments containing x fragments is added to a second data storage packet and a third subset of the n fragments containing x fragments is added to a third data storage packet, where the subsets are selected such that any two of the first, second or third data storage packets contains all n of the fragments.
|