-
公开(公告)号:US07606806B2
公开(公告)日:2009-10-20
申请号:US11330261
申请日:2006-01-12
申请人: Ryusuke Ito , Yoshinori Okami
发明人: Ryusuke Ito , Yoshinori Okami
IPC分类号: G06F17/00
CPC分类号: G06F3/0622 , G06F3/0601 , G06F3/0635 , G06F3/0637 , G06F3/0659 , G06F3/067 , G06F21/62 , G06F2003/0697 , G06F2221/2141 , H04L29/12028 , H04L61/103 , H04L67/1097 , Y10S707/954 , Y10S707/99933 , Y10S707/99939
摘要: According to the present invention, techniques for performing security functions in computer storage subsystems in order to prevent illegal access by the host computers according to logical unit (LU) identity are provided. In representative embodiments management tables can be used to disclose the Logical Unit in the storage subsystem to the host computers in accordance with the users operational needs. In a specific embodiment, accessibility to a storage subsystem resource can be decided when an Inquiry Command is received, providing systems and apparatus wherein there is no further need to repeatedly determine accessibility for subsequent accesses to the Logical Unit. Many such embodiments can maintain relatively high performance, while providing robust security for each LU.
摘要翻译: 根据本发明,提供了用于在计算机存储子系统中执行安全功能以防止主计算机根据逻辑单元(LU)身份的非法访问的技术。 在代表性实施例中,管理表可以用于根据用户的操作需要将存储子系统中的逻辑单元公开到主计算机。 在特定实施例中,可以在接收到查询命令时确定对存储子系统资源的可访问性,提供系统和装置,其中不再需要重复地确定对逻辑单元的后续访问的可访问性。 许多这样的实施例可以维持相对较高的性能,同时为每个LU提供鲁棒的安全性。
-
公开(公告)号:US07293068B2
公开(公告)日:2007-11-06
申请号:US09866226
申请日:2001-05-24
申请人: Eiju Katsuragi , Toshio Nakano , Yoshinori Okami , Takao Satoh
发明人: Eiju Katsuragi , Toshio Nakano , Yoshinori Okami , Takao Satoh
IPC分类号: G06F15/16
CPC分类号: G06F11/2082 , G06F11/2074 , G06F11/2092
摘要: During recovery of a master system, a mismatch between data in the master system and that in a backup system is obviated quickly to shorten time consumed before resumption of operation of the master system. The backup system controls, as second difference information, update data generated over a substitute operation period between occurrence of a disabled state of the master system and recovery thereof and when the master system is enabled to operate, a range of addition of first difference information inside the master system and the second difference information or only a range of the second difference information is copied to the master system to eliminate the data mismatch.
摘要翻译: 在主系统恢复期间,主系统中的数据与备份系统中的数据之间的不匹配被快速消除,以缩短主系统恢复操作之前消耗的时间。 作为第二差异信息,备份系统控制在主系统的禁用状态的发生与其恢复之间的替代操作期间生成的数据以及当主系统能够操作时,更新在第 主系统和第二差异信息或仅第二差异信息的范围被复制到主系统以消除数据不匹配。
-
23.发明申请Method of performing active data copying processing, and storage subsystem and storage control apparatus for performing active data copying processing 有权执行活动数据复制处理的方法以及用于执行活动数据复制处理的存储子系统和存储控制装置公开(公告)号:US20070180274A1
公开(公告)日:2007-08-02
申请号:US11649449
申请日:2007-01-03
IPC分类号: G06F12/14
CPC分类号: H04L63/10 , G06F3/0622 , G06F3/0637 , G06F3/065 , G06F3/0659 , G06F3/0683 , G06F21/78 , Y10S707/99953 , Y10S707/99955
摘要: When an active data copy process relative to a logical storage device is performed without involving a computer, an access permission/rejection of the computer to the logical storage device is checked by referring to a correspondence between WWN of the computer and a logical storage device identifier LUN to thereby determine whether an access to a copy source logical storage device and a copy destination logical storage device is permitted or not. It is therefore possible to prevent an outflow of illegal data from a storage subsystem to be caused by an active copy instruction command.
摘要翻译: 当在不涉及计算机的情况下执行相对于逻辑存储设备的活动数据复制处理时,通过参考计算机的WWN与逻辑存储设备标识符之间的对应关系来检查计算机对逻辑存储设备的访问允许/拒绝 LUN,从而确定是否允许对复制源逻辑存储设备和复制目的地逻辑存储设备的访问。 因此,可以防止来自存储子系统的非法数据的流出由主动复制指令命令引起。
-
24.发明授权公开(公告)号:US07206900B2
公开(公告)日:2007-04-17
申请号:US10768693
申请日:2004-02-02
申请人: Seiichi Higaki , Yoshinori Okami , Takao Satoh
发明人: Seiichi Higaki , Yoshinori Okami , Takao Satoh
CPC分类号: G06F11/1092 , G06F3/061 , G06F3/0631 , G06F3/0635 , G06F3/0689 , G06F11/1662 , G06F11/2094
摘要: When a bus is used as a data communication channel, data within a disk unit cannot be reproduced or copied into a spare disk while a control unit is making read/write processing based on a request from a host computer, or vice versa. Thus, a loop is constructed by a fiber channel capable of time division multiplex function, and the processing between the disk unit and the spare is performed not through the control unit so that the data within the disk can be copied into the spare while the processing between the host computer and the disk unit is being performed, or both processing operations can be executed in parallel.
摘要翻译: 当总线用作数据通信信道时,控制单元根据来自主计算机的请求进行读/写处理,不能将磁盘单元内的数据再现或复制到备用磁盘中,反之亦然。 因此,通过能够进行时分多路复用功能的光纤通道构成环路,并且不通过控制单元进行盘单元与备用盘之间的处理,使得可以在处理中将盘内的数据复制到备用 正在执行主计算机和盘单元之间,或者可以并行执行两个处理操作。
-
公开(公告)号:US07167962B2
公开(公告)日:2007-01-23
申请号:US11323773
申请日:2005-12-30
申请人: Toshio Nakano , Katsunori Nakamura , Mikito Ogata , Yoshinori Okami , Seiichi Higaki , Hiroshi Abei , Haruaki Watanabe , Kouji Arai , Takashi Oeda , Akira Yamamoto , Kenji Yamagami , Shigeru Kishiro
发明人: Toshio Nakano , Katsunori Nakamura , Mikito Ogata , Yoshinori Okami , Seiichi Higaki , Hiroshi Abei , Haruaki Watanabe , Kouji Arai , Takashi Oeda , Akira Yamamoto , Kenji Yamagami , Shigeru Kishiro
IPC分类号: G06F13/20
CPC分类号: G06F11/2069 , G06F11/2058 , G06F11/2064 , G06F11/2074 , G06F11/2076
摘要: Two data centers located in the vicinity are connected using a synchronous transfer copy function, and one of the data centers is coupled with a third data center disposed at a remote location by an asynchronous remote copying function. The order whereat a storage sub-system located in the vicinity has received data from a host is consistently guaranteed, and the third data center holds the data. Further, each storage sub-system includes a function whereby, during normal operation, data can be exchanged and the data update state can be obtained by the storage sub-systems located in the two data centers that do not directly engage in data transmission.
-
公开(公告)号:US20060195668A1
公开(公告)日:2006-08-31
申请号:US11323773
申请日:2005-12-30
申请人: Toshio Nakano , Katsunori Nakamura , Mikito Ogata , Yoshinori Okami , Seiichi Higaki , Hiroshi Abei , Haruaki Watanabe , Kouji Arai , Takashi Oeda , Akira Yamamoto , Kenji Yamagami , Shigeru Kishiro
发明人: Toshio Nakano , Katsunori Nakamura , Mikito Ogata , Yoshinori Okami , Seiichi Higaki , Hiroshi Abei , Haruaki Watanabe , Kouji Arai , Takashi Oeda , Akira Yamamoto , Kenji Yamagami , Shigeru Kishiro
IPC分类号: G06F12/16
CPC分类号: G06F11/2069 , G06F11/2058 , G06F11/2064 , G06F11/2074 , G06F11/2076
摘要: Two data centers located in the vicinity are connected using a synchronous transfer copy function, and one of the data centers is coupled with a third data center disposed at a remote location by an asynchronous remote copying function. The order whereat a storage sub-system located in the vicinity has received data from a host is consistently guaranteed, and the third data center holds the data. Further, each storage sub-system includes a function whereby, during normal operation, data can be exchanged and the data update state can be obtained by the storage sub-systems located in the two data centers that do not directly engage in data transmission.
摘要翻译: 位于附近的两个数据中心使用同步传送复制功能连接,并且其中一个数据中心通过异步远程复制功能与设置在远程位置的第三数据中心耦合。 位于附近的存储子系统从主机接收到数据的顺序是一贯保证的,第三数据中心保存数据。 此外,每个存储子系统包括在正常操作期间可以交换数据并且可以通过位于不直接参与数据传输的两个数据中心中的存储子系统来获得数据更新状态的功能。
-
公开(公告)号:US20060161548A1
公开(公告)日:2006-07-20
申请号:US11330261
申请日:2006-01-12
申请人: Ryusuke Ito , Yoshinori Okami
发明人: Ryusuke Ito , Yoshinori Okami
CPC分类号: G06F3/0622 , G06F3/0601 , G06F3/0635 , G06F3/0637 , G06F3/0659 , G06F3/067 , G06F21/62 , G06F2003/0697 , G06F2221/2141 , H04L29/12028 , H04L61/103 , H04L67/1097 , Y10S707/954 , Y10S707/99933 , Y10S707/99939
摘要: According to the present invention, techniques for performing security functions in computer storage subsystems in order to prevent illegal access by the host computers according to logical unit (LU) identity are provided. In representative embodiments management tables can be used to disclose the Logical Unit in the storage subsystem to the host computers in accordance with the users operational needs. In a specific embodiment, accessibility to a storage subsystem resource can be decided when an Inquiry Command is received, providing systems and apparatus wherein there is no further need to repeatedly determine accessibility for subsequent accesses to the Logical Unit. Many such embodiments can maintain relatively high performance, while providing robust security for each LU.
-
公开(公告)号:US06779083B2
公开(公告)日:2004-08-17
申请号:US10076553
申请日:2002-02-19
IPC分类号: G06F1214
CPC分类号: H04L67/1097 , G06F3/0622 , G06F3/0637 , G06F3/067 , H04L63/10 , H04L63/20
摘要: Tables (FIGS. 11 and 12) for stipulating information (WWN: WorldWide Name) for primarily identifying computers, information (GID: Group ID) for identifying a group of the computers and a logical unit number (LUN) permitting access from the host computer inside storage subsystem, in accordance with arbitrary operation method by a user, and for giving them to host computer. The invention uses management table inside the storage subsystem and gives logical unit inside storage subsystem to host computer group arbitrarily grouped by a user in accordance with the desired form of operation of the user, can decide access approval/rejection to the logical unit inside the storage subsystem in the group unit and at the same time, can provide the security function capable of setting interface of connection in the group unit under single port of storage subsystem without changing existing processing, limitation and other functions of computer.
摘要翻译: 用于规定用于主要识别计算机的信息(WWN:WorldWide Name)的表格(图11和图12),用于识别一组计算机的信息(GID:组ID)和允许从主计算机访问的逻辑单元号码 内部存储子系统,根据用户的任意操作方式,并将其提供给主机。 本发明使用存储子系统内的管理表,并将存储子系统内的逻辑单元提供给用户根据用户所期望的操作形式任意分组的计算机组,可以对存储器内的逻辑单元进行访问批准/拒绝 子系统,同时可以提供能够在单个存储子系统端口的组单元内设置连接接口的安全功能,而无需更改计算机的现有处理,限制等功能。
-
公开(公告)号:US06728848B2
公开(公告)日:2004-04-27
申请号:US09879663
申请日:2001-06-11
申请人: Keishi Tamura , Yoshinori Okami , Hiroshi Abei , Mikito Ogata
发明人: Keishi Tamura , Yoshinori Okami , Hiroshi Abei , Mikito Ogata
IPC分类号: G06F1200
CPC分类号: G06F11/1464 , G06F3/0601 , G06F11/1456 , G06F2003/0697 , H04L67/1097 , Y10S707/99953 , Y10S707/99955
摘要: The present invention provides a method, a system and code for backing up information on a storage system, for example, a disk system, connected to a storage area network. The host or server system off loads the task of backing up its data to the storage system that stores the data. In an exemplary embodiment a server sends an E-copy command to a disk system. Next, the disk system finds an available back-up device, for example, a tape or DLT library, and then backs-up the information indicated in the E-copy command to the back-up device. A user interface is provided so that one or more path groups, comprising at least a target port and an initiator port, on a disk system may be designated.
摘要翻译: 本发明提供了一种方法,系统和用于备份连接到存储区域网络的存储系统(例如,磁盘系统)上的信息的代码。 主机或服务器系统卸载将其数据备份到存储数据的存储系统的任务。 在示例性实施例中,服务器向磁盘系统发送电子拷贝命令。 接下来,磁盘系统找到可用的备份设备,例如磁带或DLT库,然后将E-copy命令中指示的信息备份到备份设备。 提供了用户界面,使得可以指定在盘系统上包括至少目标端口和启动器端口的一个或多个路径组。
-
公开(公告)号:US20100005101A1
公开(公告)日:2010-01-07
申请号:US12558929
申请日:2009-09-14
申请人: Ryusuke ITO , Yoshinori Okami
发明人: Ryusuke ITO , Yoshinori Okami
IPC分类号: G06F17/00 , G06F15/167
CPC分类号: G06F3/0622 , G06F3/0601 , G06F3/0635 , G06F3/0637 , G06F3/0659 , G06F3/067 , G06F21/62 , G06F2003/0697 , G06F2221/2141 , H04L29/12028 , H04L61/103 , H04L67/1097 , Y10S707/954 , Y10S707/99933 , Y10S707/99939
摘要: According to the present invention, techniques for performing security functions in computer storage subsystems in order to prevent illegal access by the host computers according to logical unit (LU) identity are provided. In representative embodiments management tables can be used to disclose the Logical Unit in the storage subsystem to the host computers in accordance with the users operational needs. In a specific embodiment, accessibility to a storage subsystem resource can be decided when an Inquiry Command is received, providing systems and apparatus wherein there is no further need to repeatedly determine accessibility for subsequent accesses to the Logical Unit. Many such embodiments can maintain relatively high performance, while providing robust security for each LU.
摘要翻译: 根据本发明,提供了用于在计算机存储子系统中执行安全功能以防止主计算机根据逻辑单元(LU)身份的非法访问的技术。 在代表性实施例中,管理表可以用于根据用户的操作需要将存储子系统中的逻辑单元公开到主计算机。 在特定实施例中,可以在接收到查询命令时确定对存储子系统资源的可访问性,提供系统和装置,其中不再需要重复地确定对逻辑单元的后续访问的可访问性。 许多这样的实施例可以维持相对较高的性能,同时为每个LU提供鲁棒的安全性。
-
-
-
-
-
-
-
-
-
搜索结果
55 条记录 (耗时 0.041 秒)