Abstract: Traffic signal timing plans are derived from vehicle trajectory or probe data. The probe data is collected and archived in a datastore over a sample time on the order of weeks or longer. Probe data is corrected for clock drift, geo-fence filtered to a selected intersection, and then stop line crossings in the intersection are identified and analyzed along with related data to determine the timing plans and schedule for the intersection. In this way, access to government agency timing plans is obviated so as to save time and expense.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. The secure storage appliance is configured to present to a client a virtual disk, the virtual disk mapped to the plurality of physical storage devices. The secure storage appliance is capable of executing program instructions configured to generate a plurality of secondary blocks of data by performing splitting and encrypting operations on a block of data received from the client for storage on the virtual disk and reconstitute the block of data from at least a portion of the plurality of secondary blocks of data stored in shares on corresponding physical storage devices in response to a request from the client.

Abstract: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.

Abstract: Methods and systems for maintaining data connectivity in a secure data storage network are disclosed. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network the primary secure storage appliance selected from among a plurality of secure storage appliances located in the secure data storage network, the volume presented as a virtual disk to a client device and mapped to physical storage at each of a plurality of storage systems. The method further includes detecting at one of the plurality of secure storage appliances a failure of the primary secure storage appliance. The method also includes, upon detecting the failure of the primary secure storage appliance, reassigning the volume to a second secure storage appliance from among the plurality of secure storage appliances, thereby rendering the second secure storage appliance a new primary secure storage appliance.

Abstract: Methods and systems for maintaining data connectivity in a secure data storage network are disclosed. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network the primary secure storage appliance selected from among a plurality of secure storage appliances located in the secure data storage network, the volume presented as a virtual disk to a client device and mapped to physical storage at each of a plurality of storage systems. The method further includes detecting at one of the plurality of secure storage appliances a failure of the primary secure storage appliance. The method also includes, upon detecting the failure of the primary secure storage appliance, reassigning the volume to a second secure storage appliance from among the plurality of secure storage appliances, thereby rendering the second secure storage appliance a new primary secure storage appliance.

Abstract: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. The secure storage appliance is configured to present to a client a virtual disk, the virtual disk mapped to the plurality of physical storage devices. The secure storage appliance is capable of executing program instructions configured to generate a plurality of secondary blocks of data by performing splitting and encrypting operations on a block of data received from the client for storage on the virtual disk and reconstitute the block of data from at least a portion of the plurality of secondary blocks of data stored in shares on corresponding physical storage devices in response to a request from the client.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network, the secure data storage network including a plurality of secure data paths between the primary secure storage appliance and a client device and a plurality of secure data paths between the secure storage appliance and a plurality of storage systems, the volume corresponding to physical storage at each of the plurality of storage systems. The method also includes detecting a connectivity problem on at least one of the secure data paths. The method further includes assessing whether to reassign the volume to a different secure storage appliance based upon the connectivity problem.

Abstract: Methods and systems of managing access to data in a secure data storage network are disclosed. One such method includes associating a storage resource with a community of interest, the community of interest associated with a workgroup key providing access to a virtual disk, the virtual disk allowing access to a volume comprising a plurality of shares stored on a plurality of physical storage devices. The method also includes, upon determining a user of a client device is a member of the community of interest, providing access to the storage resource to the user, whereby the storage resource is associated with the workgroup key.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. The secure storage appliance is configured to present to a client a virtual disk, the virtual disk mapped to the plurality of physical storage devices. The secure storage appliance is capable of executing program instructions configured to generate a plurality of secondary blocks of data by performing splitting and encrypting operations on a block of data received from the client for storage on the virtual disk and reconstitute the block of data from at least a portion of the plurality of secondary blocks of data stored in shares on corresponding physical storage devices in response to a request from the client.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. The secure storage appliance is configured to present to a client a virtual disk, the virtual disk mapped to the plurality of physical storage devices. The secure storage appliance is capable of executing program instructions configured to generate a plurality of secondary data blocks by performing splitting and encrypting operations on a primary data block received from the client for storage on the virtual disk. For security, the secondary data blocks are stored at geographically-distributed locations. The secure storage appliance is also capable of executing program instructions configured to reconstitute the primary data block from at least a portion of the plurality of secondary data blocks stored in shares on corresponding physical storage devices in response to a request from the client.

Abstract: Methods and systems of presenting data in a secure data storage network are disclosed. One method includes defining a community of interest capable of accessing data stored in a secure data storage network, the community of interest including a plurality of users desiring access to a common set of data. The method also includes associating the community of interest with a workgroup key. and, upon identification of a client device as associated with a user from among the plurality of users in the community of interest, presenting a virtual disk to the client device, the virtual disk associated with the workgroup key and a volume containing the common set of data, the volume including a plurality of shares stored on a plurality of physical storage devices.

Abstract: Methods and systems of presenting data in a secure data storage network are disclosed. One method includes defining a plurality of communities of interest, each community of interest capable of accessing data stored in a secure data storage network and including a plurality of users desiring access to a common set of data, wherein each of the plurality of communities of interest has a set of security rights. The method also includes associating each of the plurality of communities of interest with a different workgroup key.

Abstract: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network, the secure data storage network including a plurality of secure data paths between the primary secure storage appliance and a client device and a plurality of secure data paths between the secure storage appliance and a plurality of storage systems, the volume corresponding to physical storage at each of the plurality of storage systems. The method also includes detecting a connectivity problem on at least one of the secure data paths. The method further includes assessing whether to reassign the volume to a different secure storage appliance based upon the connectivity problem.

Abstract: Methods and systems for providing data backup are disclosed. One method includes receiving at a virtual tape backup system a data image to be maintained, and transmitting the contents of the data image to a secure storage appliance. The method also includes processing the contents of the data image with the secure storage appliance to cryptographically split one or more blocks of data of the data image such that each of the one or more blocks of data is split into a plurality of secondary data blocks. The method further includes storing the plurality of secondary data blocks in a corresponding plurality of shares located on a plurality of physical storage devices.

Abstract: Methods and systems for maintaining data connectivity in a secure data storage network are disclosed. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network the primary secure storage appliance selected from among a plurality of secure storage appliances located in the secure data storage network, the volume presented as a virtual disk to a client device and mapped to physical storage at each of a plurality of storage systems. The method further includes detecting at one of the plurality of secure storage appliances a failure of the primary secure storage appliance. The method also includes, upon detecting the failure of the primary secure storage appliance, reassigning the volume to a second secure storage appliance from among the plurality of secure storage appliances, thereby rendering the second secure storage appliance a new primary secure storage appliance.

Abstract: Methods and systems for presenting a virtual disk to a client device are disclosed. One method includes receiving client credentials from a client device, the client credentials including a client identifier. The method also includes authenticating the client device at a secure storage device. The method further includes determining a volume is associated with the client device based upon the client identifier, the volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices. The method also includes, upon determining the volume is associated with the client device, presenting the volume to the client device.

Abstract: Methods and systems for securing data in a data storage network are disclosed. One method includes receiving at a secure storage appliance a block of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices. The method further includes cryptographically splitting the block of data received by the secure storage appliance into a plurality of secondary data blocks, and cryptographically splitting the session key into a plurality of session key fragments. The method further includes encrypting each of the plurality of secondary data blocks with a different session key, each session key associated with at least one of the plurality of shares, and encrypting each of the plurality of session key fragments with a workgroup key associated with a source of the block of data.

Abstract: Methods and systems for storing data securely in a secure data storage network are disclosed. One method includes receiving at a secure storage appliance a block of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices. The method also includes cryptographically splitting the block of data received by the secure storage appliance into a plurality of secondary data blocks. The method further includes encrypting each of the plurality of secondary data blocks with a different session key, each session key associated with at least one of the plurality of shares. The method also includes storing each data block and associated session key at the corresponding share, remote from the secure storage appliance.

Abstract: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.