公开(公告)号：US06988130B2

公开(公告)日：2006-01-17

申请号：US10139490

申请日：2002-05-06

申请人： Steven M. Blumenau ,  Yoav Raz

发明人： Steven M. Blumenau ,  Yoav Raz

IPC分类号： G06F15/167

CPC分类号： H04L61/35 ,  G06F3/0605 ,  G06F3/0617 ,  G06F3/0635 ,  G06F3/0662 ,  G06F3/067 ,  H04L29/12009 ,  H04L29/12783 ,  H04L67/28 ,  H04L67/2819 ,  H04L69/329

摘要： A storage controller has at least one physical data port for a data network including host processors. The storage controller is programmed to provide a plurality of virtual ports for access to storage, and a virtual switch for routing storage access requests from the physical port to the virtual ports. The virtual ports and the virtual switch are defined by software. The virtual ports appear to the hosts as physical ports in the data network. For example, in a Fiber-Channel network, the virtual ports have World Wide Names (WWNs) and are assigned temporary addresses (S_IDs), and the virtual switch provides a name server identifying the WWNs and S_IDs of the virtual ports. For convenient partitioning of storage among host processors, one or more virtual ports are assigned to each host, and a set of storage volumes are made accessible from each virtual port.

公开(公告)号：US06799255B1

公开(公告)日：2004-09-28

申请号：US09776327

申请日：2001-02-02

申请人： Steven M. Blumenau ,  Yoav Raz

发明人： Steven M. Blumenau ,  Yoav Raz

IPC分类号： G06F1200

CPC分类号： G06F9/5016 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/067 ,  G06F3/0689 ,  G06F21/80 ,  Y10S707/99933 ,  Y10S707/99934 ,  Y10S707/99935 ,  Y10S707/99942

摘要： A storage controller for controling access to data storage has a memory and at least one data port for a data network including host processors. The memory is programmed to define a respective specification for each host processor of a respective subset of the data storage to which access by the host processor is restricted, and each specification is associated with a host identifier stored in the memory. When the storage controller receives a data access request from a host processor, it decodes a host identifier from the data access request, and searches the memory for a host identifier matching the host identifier decoded from the request. Upon finding a match, the respective specification of the respective subset for the host processor is accessed to determine whether or not storage specified by the storage access request is contained in the respective subset. If so, then storage access can continue, and otherwise, storage access is denied. Preferably the host identifier decoded from the request is a temporary address assigned by the network, and also stored in the memory in association with each respective specification is a relatively permanent identifier for the host processor.

摘要翻译： 用于控制对数据存储的访问的存储控制器具有用于包括主机处理器的数据网络的存储器和至少一个数据端口。 存储器被编程为为主机处理器的访问限制的数据存储器的相应子集的每个主处理器定义相应的规范，并且每个规范与存储在存储器中的主机标识符相关联。 当存储控制器从主处理器接收到数据访问请求时，它从数据访问请求解码主机标识符，并且在存储器中搜索与从请求解码的主机标识符匹配的主机标识符。 在找到匹配后，访问主机处理器的相应子集的相应规范以确定存储访问请求指定的存储是否包含在相应的子集中。 如果是这样，则存储访问可以继续，否则存储访问被拒绝。 优选地，从请求解码的主机标识符是由网络分配的临时地址，并且还与每个相应规范相关联地存储在存储器中，是用于主处理器的相对永久的标识符。

公开(公告)号：US06502162B2

公开(公告)日：2002-12-31

申请号：US09900295

申请日：2001-07-06

申请人： Steven M. Blumenau ,  Yoav Raz

发明人： Steven M. Blumenau ,  Yoav Raz

IPC分类号： G06F1208

CPC分类号： G06F3/0622 ,  G06F3/0644 ,  G06F3/0674 ,  G06F12/0607

摘要： In a data storage subsystem providing data storage to host processors, a process of configuration defines a subset of the data storage that each host may access. A vector specification is a convenient mechanism for specifying a set of storage volumes that a host may access. For example, for each host processor, there is stored in memory of the data storage subsystem a list of contiguous ranges or vectors of the storage volumes that the host may access. To determine whether or not a specified logical volume number is included in the vector, a mudulus of the stride of the vector is computed from the difference between the address of the specified logical volume and the beginning address of the vector, and the modulus is compared to zero. To provide a mapping between logical unit numbers specified by the host and the logical volumes, a contiguous range of logical unit numbers may also be specified for each contiguous range or vector of storage volumes. The logical volume number is computed from a specified logical unit number by computing a difference between the specified logical unit number and the beginning logical unit number, multiplying the difference by the stride of the vector to produce a product, and adding the product to the beginning address of the vector.

公开(公告)号：US06493825B1

公开(公告)日：2002-12-10

申请号：US09107202

申请日：1998-06-29

申请人： Steven M. Blumenau ,  Yoav Raz

发明人： Steven M. Blumenau ,  Yoav Raz

IPC分类号： H04L900

CPC分类号： G06F21/602 ,  G06F2221/2153

摘要： An object is authenticated by transmitting a random number to the object. The object has an integrated circuit chip including a memory and encryption circuitry. The memory stores information defining an encryption scheme preassigned to the object. The encryption circuitry reads the memory, and encrypts the random number according to the encryption scheme defined by the information read from the memory to produce encrypted data. The memory cannot be read from any output of the integrated chip, and the chip is constructed so that it is virtually impossible to recover the information contained in the memory by visual inspection, probing, or disassembly of the chip. The object is authenticated by checking whether the encrypted data is a correct result of encrypting the data using the encryption scheme pressigned to the object. The method can be used in a data processing system to authenticate each message transmitted by a host processor to a data processing device. For example, when a host logs into the data processing device, the data processing device transmits a series of random numbers to the host. The host encrypts the random numbers to produce a series of encrypted data, and the data processing device concurrently encrypts the random numbers to produce a series of encrypted values. The host inserts respective encrypted data into each message, and the data processing device authenticates each message by comparing the encrypted data in the message to a corresponding encrypted value.

摘要翻译： 通过向对象发送随机数来验证对象。 该物体具有包括存储器和加密电路的集成电路芯片。 存储器存储定义预分配给对象的加密方案的信息。 加密电路读取存储器，并且根据从存储器读取的信息定义的加密方案对随机数进行加密以产生加密数据。 存储器不能从集成芯片的任何输出读取，并且芯片被构造成使得通过目视检查，探测或拆卸芯片实际上不可能恢复存储器中包含的信息。 通过检查加密数据是否是使用加密方案加密数据的正确结果来对对象进行身份验证。 该方法可以在数据处理系统中用于将由主处理器发送的每个消息认证到数据处理设备。 例如，当主机登录到数据处理装置时，数据处理装置向主机发送一系列随机数。 主机加密随机数以产生一系列加密数据，数据处理设备同时加密随机数，产生一系列加密值。 主机将各自的加密数据插入到每个消息中，并且数据处理装置通过将消息中的加密数据与对应的加密值进行比较来认证每个消息。

公开(公告)号：US06195703B1

公开(公告)日：2001-02-27

申请号：US09103996

申请日：1998-06-24

申请人： Steven M. Blumenau ,  Yoav Raz

发明人： Steven M. Blumenau ,  Yoav Raz

IPC分类号： G06F1338

CPC分类号： G06F9/505

摘要： A data network includes a switch that links a number of host processors to shared resources such as network ports of a cached storage subsystem. The switch routes resource requests from its inputs to selected ones of its outputs in accordance with programmed routing information. The routing information is changed dynamically based on measured loading characteristics of requests from the switch inputs or the respective hosts, in order to reduce the probability of blocked paths. In a specific example, respective subsets of output ports of the switch are assigned to each respective input port, the loading of each input port of the switch is measured, and the respective subset of output ports assigned to each input port are repetitively changed, and the respective subset of an input port is changed in response to blocking of the output ports assigned to the input port. A respective subset is selected based on the measured loading characteristics and a priority assigned to the input port, in order to balance loading on the output ports. In another specific example, a respective subset of the output ports is assigned to each host, based on host loading characteristics and a respective priority assigned to each host.

摘要翻译： 数据网络包括将多个主机处理器链接到诸如高速缓存存储子系统的网络端口的共享资源的交换机。 交换机根据编程的路由信息​​将资源请求从其输入路由到其输出的选择路由。 基于来自交换机输入或相应主机的请求的负载特性，动态地改变路由信息，以减少阻塞路径的概率。 在具体示例中，将开关的输出端口的各个子集分配给每个相应的输入端口，测量开关的每个输入端口的负载，并且分配给每个输入端口的输出端口的相应子集重复地改变，并且 响应于分配给输入端口的输出端口的阻塞，输入端口的相应子集被改变。 基于测量的加载特性和分配给输入端口的优先级来选择相应的子集，以平衡输出端口上的负载。 在另一具体示例中，基于主机负载特性和分配给每个主机的相应优先级，将输出端口的相应子集分配给每个主机。

公开(公告)号：US06675274B1

公开(公告)日：2004-01-06

申请号：US09809001

申请日：2001-03-15

申请人： Tao Kai Lam ,  Yoav Raz ,  Ruben I. Michel ,  Musik Schreiber ,  Avigail Matalon

发明人： Tao Kai Lam ,  Yoav Raz ,  Ruben I. Michel ,  Musik Schreiber ,  Avigail Matalon

IPC分类号： G06F1202

CPC分类号： G06F3/0631 ,  G06F3/0613 ,  G06F3/067

摘要： Described are techniques for determining temporary storage areas for logical volumes to be swapped. Logical volumes may be swapped in a computer system in connection with efforts to improve performance of associated data storage entities in the computer system. As part of the data swapping and physical relocation of logical volumes, temporary storage locations are used. A temporary storage location is associated and used with each logical volume being swapped. Determining a temporary storage area for a logical volume may be made in accordance with particular criteria. A temporary storage area is determined for each logical volume from a list of one or more possible candidate locations. The problem of matching a logical volume to a unique temporary storage area may be represented as a bipartite graph matching problem using solutions, such as the maximum flow, and other techniques to find a match for each logical volume.

摘要翻译： 描述了用于确定要交换的逻辑卷的临时存储区域的技术。 与计算机系统中关联的数据存储实体的性能改善有关的逻辑卷可以在计算机系统中交换。 作为逻辑卷的数据交换和物理重定位的一部分，使用临时存储位置。 临时存储位置与每个正在交换的逻辑卷相关联并使用。 可以根据特定标准来确定用于逻辑卷的临时存储区域。 从一个或多个可能候选位置的列表中为每个逻辑卷确定临时存储区域。 将逻辑卷与唯一的临时存储区域匹配的问题可以被表示为使用诸如最大流程的解决方案和用于找到每个逻辑卷的匹配的其他技术的解决方案的二分图匹配问题。

公开(公告)号：US5504900A

公开(公告)日：1996-04-02

申请号：US349474

申请日：1994-12-05

申请人： Yoav Raz

发明人： Yoav Raz

IPC分类号： G06F12/00 ,  G06F9/46 ,  G06F9/48 ,  G06F9/52 ,  G06F12/14 ,  G06F12/16

CPC分类号： G06F9/4881 ,  G06F9/466

摘要： Serializability across distributed transactions is guaranteed by selectively committing and aborting or delaying transactions to enforce an order of commitment that is the same as an order of performance of conflicting component operations of the transactions. A first memory access operation in a first transaction, for example, conflicts with a second memory access operation in a second transaction when the two memory access operations reference the same memory location and at least one of the operations is a write operation. The transaction processing system may permit a second transaction to read data written by a write operation of a first transaction before the first transaction is committed. In this case, depending on the respective order in which the two conflicting operations occur, the order of commitment is enforced, possibly by aborting either of the two transactions, to ensure that the order of commitment is the same as the order of the operations. The conflicts, for example, are detected when the addresses are determined during preparation of the transactions. The component operations may be scheduled for most efficient use of the computer system capabilities. In a multiprocessor system in which a global coordinator communicates with a plurality of transaction processors by way of "prepare" and "commit" commands, the commitment order is referenced to delay acknowledging that a transaction has been "prepared" until the transaction's "abort set" has been minimized.

摘要翻译： 通过选择性地提交和中止或延迟交易来执行与事务冲突的组件操作的执行顺序相同的承诺顺序来保证跨分布式事务的可序列化。 当两个存储器访问操作引用相同的存储器位置并且至少一个操作是写操作时，第一事务中的第一存储器访问操作例如与第二事务中的第二存储器访问操作冲突。 事务处理系统可以允许第二事务在第一事务提交之前读取通过第一事务的写操作写入的数据。 在这种情况下，根据发生两个相互冲突的相应顺序，承诺的顺序可以通过中止任一交易来实施，以确保承诺顺序与操作顺序相同。 例如，当在准备交易期间确定地址时，检测到冲突。 为了最有效地利用计算机系统功能，可以安排组件操作。 在其中全局协调器通过“准备”和“提交”命令与多个事务处理器进行通信的多处理器系统中，承诺命令被引用为确认交易已被“准备”的延迟，直到交易的“中止集 “已经最小化了。

公开(公告)号：US5504899A

公开(公告)日：1996-04-02

申请号：US348753

申请日：1994-12-02

申请人： Yoav Raz

发明人： Yoav Raz

IPC分类号： G06F9/46 ,  G06F12/14

CPC分类号： G06F9/466

摘要： Global serializability in a distributed computing system having a plurality of resource managers is guaranteed by selectively committing global transactions, and aborting or delaying commitment of transactions to enforce an order of commitment of global transactions that is the same as an order of conflicts among the global transactions, including indirect conflicts caused by local transactions. These conflicts are detected, for example, by maintaining a serializability graph in each resource manager recording the effects of local as well as global transactions, including the effects of committed local transactions. The serializability graph includes nodes representing transactions, directed edges representing direct conflicts, and paths including more than one edge representing indirect conflicts. By referencing the serializability graph, global serializability is achieved in a most efficient manner. An atomic commitment coordinator, for example, communicates with a plurality of resource managers by way of "prepare," "commit" and "abort" commands, and the serializability graph in each resource manager is referenced to delay acknowledging that a global transaction has been "prepared" until an optimum "abort set" is obtained for compliance with the global transaction commitment order.

摘要翻译： 具有多个资源管理器的分布式计算系统中的全局可序列性通过选择性地执行全局事务来保证，并且中止或延迟交易承诺来执行与全球交易之间的冲突顺序相同的全球交易的承诺顺序 ，包括由当地交易引起的间接冲突。 检测到这些冲突，例如，通过在每个资源管理器中维护记录局部和全局事务的影响（包括承诺的本地事务的影响）的可序列化图。 可序列化图包括表示事务的节点，表示直接冲突的有向边，以及包含多于一个表示间接冲突的边的路径。 通过引用可序列化图，可以以最有效的方式实现全局可序列化。 例如，原子承诺协调器通过“准备”，“提交”和“中止”命令与多个资源管理器进行通信，并且每个资源管理器中的可序列化图被引用为延迟确认全局事务已被 “准备”直到获得符合全球交易承诺令的最佳“中止集”。

公开(公告)号：US06311252B1

公开(公告)日：2001-10-30

申请号：US08885263

申请日：1997-06-30

申请人： Yoav Raz

发明人： Yoav Raz

IPC分类号： G06F1300

CPC分类号： G06F12/0866

摘要： A method of moving data between first, second, and third storage levels of a hierarchically arranged data storage system is described. The method includes the steps of dividing address space into a plurality of contiguous segments, each of which is further divided into a plurality of contiguous groups. Each of the groups may store a sequence of records, each of which is represented by a sequence of bytes. When it is necessary to move a designated record between the second and third levels of the data storage system, the segment in which that designated record is stored is moved; and when it is necessary to move the designated record between the first and second levels, the group in which that designated record is stored is moved.

摘要翻译： 描述了在分层布置的数据存储系统的第一，第二和第三存储级之间移动数据的方法。 该方法包括以下步骤：将地址空间划分成多个连续的段，每个连续的段被进一步分成多个连续的组。 每个组可以存储记录序列，每个记录由字节序列表示。 当需要在数据存储系统的第二级和第三级之间移动指定的记录时，存储指定记录的段被移动; 并且当需要在第一和第二级之间移动指定的记录时，移动存储指定记录的组。

公开(公告)号：US06173306B2

公开(公告)日：2001-01-09

申请号：US08505089

申请日：1995-07-21

申请人： Yoav Raz ,  Natan Vishlitzky ,  Bruno Alterescu

发明人： Yoav Raz ,  Natan Vishlitzky ,  Bruno Alterescu

IPC分类号： G06F945

CPC分类号： G06F9/5083 ,  G06F13/4256

摘要： A method of controlling distribution of processing in a system that includes a plurality of host data processors connected to a data storage system which includes a digital storage that is partitioned into a plurality of volumes. The method includes assigning ownership of the volumes to the host processors such that each of the host processors owns a different subset of the plurality of volumes, wherein a host processor is prohibited from sending I/O requests to any of the volumes which it does not own. The method further includes monitoring the I/O requests that are sent to each of the volumes by each of the host processors; from information obtained through monitoring, generating workload statistics indicative of the distribution of workload among the host processors; detecting a workload imbalance in the workload statistics; and in response to detecting a workload imbalance, reassigning ownership of the volumes to the host processors so as to change the distribution of workload among the host processors.

摘要翻译： 一种控制系统中处理分配的方法，该系统包括连接到数据存储系统的多个主机数据处理器，该数据存储系统包括被划分成多个卷的数字存储器。 该方法包括将主体处理器的所有权分配给这些主处理器，使得每个主处理器拥有多个卷的不同子集，其中主处理器被禁止向其中的任何卷发送I / O请求 拥有。 该方法还包括监视每个主处理器发送到每个卷的I / O请求; 从通过监视获得的信息中，生成指示主处理器之间的工作负荷分布的工作量统计信息; 检测工作量统计中的工作量不平衡; 并且响应于检测到工作负载不平衡，将所述卷的所有权重新分配给主处理器，以便改变主处理器之间的工作负载分布。