公开(公告)号：US09009114B1

公开(公告)日：2015-04-14

申请号：US11262568

申请日：2005-10-31

申请人： Srineet Sridharan

发明人： Srineet Sridharan

IPC分类号： G06F7/00 ,  G06F17/00 ,  G06F13/14

CPC分类号： G06F17/30082 ,  G06F11/1448 ,  G06F11/1451 ,  G06F11/1461 ,  G06F11/1469 ,  G06F13/14

摘要： A method to create a version map to represent the data state of a file at a particular point in time when an incremental backup is performed. In one embodiment, a logical memory backup file is created that is known as a cumulative data file. Changes to the cumulative data file according to one embodiment of the present invention include periodically appending copies of data modified since the prior backup. A new version map may be created each time an incremental backup occurs. Locations of both modified and unmodified data in the backup data file are mapped for future reference to the data.

摘要翻译： 创建版本映射以表示在执行增量备份的特定时间点的文件的数据状态的方法。 在一个实施例中，创建被称为累积数据文件的逻辑存储器备份文件。 根据本发明的一个实施例对累积数据文件的改变包括周期性地附加自先前备份以来修改的数据的副本。 每次发生增量备份时，都可能会创建一个新的版本映射。 备份数据文件中修改和未修改数据的位置被映射以供将来参考数据。

公开(公告)号：US08881284B1

公开(公告)日：2014-11-04

申请号：US12140037

申请日：2008-06-16

申请人： Basil S. Gabriel

发明人： Basil S. Gabriel

IPC分类号： G06F11/00

CPC分类号： G06F21/53 ,  G06F21/566

摘要： A method and apparatus for secure network access using a virtual machine are disclosed. The method includes provisioning a virtual machine, downloading content to the virtual machine, and sending information from the virtual machine. The information that is sent from the virtual machine is configured to allow the display of output from the virtual machine. The output from the virtual machine is based on the content. The apparatus includes a number of virtual machine servers. Each of the virtual machine servers is configured to support at least one of a number of virtual machines. A first virtual machine of the virtual machines includes an antivirus module. The first virtual machine is configured to download content. The antivirus module is configured to detect a virus by virtue of being configured to analyze the content.

摘要翻译： 公开了一种使用虚拟机进行安全网络访问的方法和装置。 该方法包括配置虚拟机，向虚拟机下载内容，以及从虚拟机发送信息。 从虚拟机发送的信息被配置为允许显示虚拟机的输出。 虚拟机的输出基于内容。 该装置包括多个虚拟机服务器。 每个虚拟机服务器被配置为支持多个虚拟机中的至少一个。 虚拟机的第一虚拟机包括防病毒模块。 第一个虚拟机被配置为下载内容。 防病毒模块被配置为通过被配置为分析内容来检测病毒。

公开(公告)号：US08874907B1

公开(公告)日：2014-10-28

申请号：US11864621

申请日：2007-09-28

申请人： Aaron Christensen ,  Prabhu Damodharan ,  William Browning ,  Weibao Wu ,  Xianbo Zhang

发明人： Aaron Christensen ,  Prabhu Damodharan ,  William Browning ,  Weibao Wu ,  Xianbo Zhang

IPC分类号： H04L29/06

CPC分类号： H04L67/1097 ,  H04L63/08 ,  H04L63/10

摘要： Providing authentication of users accessing an NFS shared file system. A shared secret is used as a component of the mount point used to access the NFS share. Upon receiving a request to access to the data in the NFS share, the process creates at least one cryptographic value and then creates a path to the mount point which incorporates the cryptographic value. The process then creates the mount point at the path, e.g., /PATH:k1, where k1 is the cryptographic value. Creation of the mount point is preferably performed using NFS protocol semantics, without requiring any changes to the NFS protocol semantics. A second cryptographic value, k2, may be used for unmounting the mount point.

摘要翻译： 提供访问NFS共享文件系统的用户的身份验证。 共享密钥用作用于访问NFS共享的安装点的组件。 在接收到访问NFS共享中的数据的请求时，该进程创建至少一个加密值，然后创建一个包含加密值的装载点的路径。 然后，进程在路径上创建安装点，例如/ PATH：k1，其中k1是加密值。 安装点的创建最好使用NFS协议语义进行，而不需要对NFS协议语义进行任何更改。 可以使用第二个加密值k2来卸载安装点。

公开(公告)号：US08850132B1

公开(公告)日：2014-09-30

申请号：US11007605

申请日：2004-12-08

申请人： Poonam P. Dhavale ,  Kalaivani Arumugham ,  Randall K. Shingai ,  Ronald S. Karr

发明人： Poonam P. Dhavale ,  Kalaivani Arumugham ,  Randall K. Shingai ,  Ronald S. Karr

IPC分类号： G06F12/00 ,  G06F13/00 ,  G06F13/28

CPC分类号： G06F3/0605 ,  G06F3/0632 ,  G06F3/067 ,  G06F13/28

摘要： A method and system for providing a shared data resource coordinator within a storage virtualizing data processing system is disclosed. According to one embodiment of the present invention, a first node of a plurality of nodes is configured to process requests to access a shared data resource on behalf of the plurality of nodes, where the plurality of nodes includes a logical volume configuration server configured to present a logical volume to one or more logical volume configuration clients. A second node is then selected from the plurality of nodes and configured to process requests to access the shared data resource on behalf of the plurality of nodes.

摘要翻译： 公开了一种用于在存储虚拟化数据处理系统内提供共享数据资源协调器的方法和系统。 根据本发明的一个实施例，多个节点的第一节点被配置为处理代表多个节点访问共享数据资源的请求，其中多个节点包括被配置为呈现的逻辑卷配置服务器 逻辑卷到一个或多个逻辑卷配置客户端。 然后从多个节点中选择第二个节点，并配置为处理代表多个节点访问共享数据资源的请求。

公开(公告)号：US08825591B1

公开(公告)日：2014-09-02

申请号：US10750401

申请日：2003-12-31

申请人： Xinyi David Lai ,  Par Botes ,  HanCheng Hsiung

发明人： Xinyi David Lai ,  Par Botes ,  HanCheng Hsiung

IPC分类号： G06F7/00 ,  G06F17/00

CPC分类号： G06F17/30073

摘要： System and method for tracking statistics at the subfile level and transparently placing or migrating inactive or less active blocks of data to other storage devices. Embodiments may provide mechanisms to track statistics at the subfile level of files including, but not limited to, database files, and to transparently place or migrate inactive or less active blocks of data of the files from higher-performing, typically more expensive, storage to lower-performing, typically less expensive, storage, while placing or migrating active blocks of data of the files to higher-performing storage, based on the subfile-level statistics rather than on file-level timestamps. In some embodiments, knowledge of file structure (e.g., database file structure), for example knowledge of database partitions with header blocks and data blocks in databases using data partitioning, may be used to separate more active and less active blocks of data of files onto storage with different performance and/or other characteristics.

摘要翻译： 用于跟踪子文件级别的统计信息的系统和方法，并将无效或较少活动的数据块透明地放置或迁移到其他存储设备。 实施例可以提供在文件的子文件级别跟踪统计信息的机制，包括但不限于数据库文件，并且将来自更高性能，通常更昂贵的存储的文件的不活动或较少活动的数据块透明地放置或迁移到 低性能，通常较便宜的存储，同时基于子文件级统计信息而不是文件级时间戳将文件的活动数据块放置或迁移到更高性能的存储。 在一些实施例中，可以使用文件结构（例如，数据库文件结构）的知识，例如使用数据分割在数据库中具有标题块和数据块的数据库分区的知识，以将更多活动和较少活动的文件数据块分离到 具有不同性能和/或其他特性的存储。

公开(公告)号：US08667587B1

公开(公告)日：2014-03-04

申请号：US13474973

申请日：2012-05-18

申请人： Walter Bogorad ,  Vadim Antonov

发明人： Walter Bogorad ,  Vadim Antonov

IPC分类号： G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G06F15/173

CPC分类号： H04L63/105

摘要： A mechanism is provided for determining a safety reputation for a network site in a manner that provides both wide coverage of potentially malicious sites as well as improves the freshness of information from which the safety reputation is derived. Community-based information, such as reports from users related to recently-visited network sites, malware detected by reporting network nodes, non-specific information such as unusual CPU usage and network activity of visiting nodes, and information received from other types of external feeds is used in determining the safety reputation and updating the safety reputation. Such information is analyzed in order to determine network sites that are potential sources of malware, which can then be subjected to more detailed analysis. Historical information as to a site's reputation and other factors such as commercial importance can also be reviewed to make a determination as to whether information being currently gathered by a community of users is sufficient to trigger additional analysis of the network site. Thus, resources used for detailed analysis of suspect network sites is conserved.

摘要翻译： 提供了一种用于以提供潜在恶意站点的广泛覆盖的方式来确定网络站点的安全信誉的机制，以及提高从其导出安全信誉的信息的新鲜度。 基于社区的信息，例如与最近访问的网站相关的用户的报告，由报告网络节点检测到的恶意软件，诸如异常CPU使用率和访问节点的网络活动之类的非特定信息以及从其他类型的外部馈送接收到的信息 用于确定安全声誉和更新安全声誉。 分析这些信息以便确定作为恶意软件潜在来源的网络站点，然后可以进行更详细的分析。 关于网站声誉和商业重要性等其他因素的历史信息也可以进行审查，以确定目前由用户社区收集的信息是否足以触发网站的额外分析。 因此，用于详细分析可疑网站的资源是保守的。

公开(公告)号：US08631133B1

公开(公告)日：2014-01-14

申请号：US10430754

申请日：2003-05-06

申请人： Ramana Jonnala ,  Ronald S. Karr ,  Dhanesh Joshi

发明人： Ramana Jonnala ,  Ronald S. Karr ,  Dhanesh Joshi

IPC分类号： G06F15/16

CPC分类号： H04L67/1097 ,  H04L69/14 ,  Y02D50/30

摘要： A method and system of providing a virtual transport session is disclosed. According to one embodiment, a virtual transport session is provided by establishing a virtual transport session between an initiator module and a target module across a network, wherein the virtual transport session comprises a transport session. Thereafter, information is transferred between the initiator module and the target module using the virtual transport session. According to another embodiment, establishing a virtual transport session between an initiator module and a target module across a network comprises associating a globally unique identifier to an initiator module.

摘要翻译： 公开了一种提供虚拟传输会话的方法和系统。 根据一个实施例，通过在发起者模块和目标模块之间跨网络建立虚拟传输会话来提供虚拟传输会话，其中虚拟传输会话包括传输会话。 此后，使用虚拟传输会话在发起者模块和目标模块之间传送信息。 根据另一个实施例，通过网络在发起者模块和目标模块之间建立虚拟传输会话包括将全局唯一标识符与发起者模块相关联。

公开(公告)号：US08631103B1

公开(公告)日：2014-01-14

申请号：US09860620

申请日：2001-05-18

申请人： Saugata Guha ,  Carleton Miyamoto ,  Jagadish Bandhole

发明人： Saugata Guha ,  Carleton Miyamoto ,  Jagadish Bandhole

IPC分类号： G06F13/00

CPC分类号： H04L41/0253

摘要： A solution for remotely administering dynamic computing environments is provided. A list of administrative actions and computing devices are displayed on a user interface. The user then can select an administrative action to be performed on any number of the computing devices in the list. Once selected, a signal is sent to the remote computing environment indicating the administrative action to be performed on the selected computing devices. The administrative action is then performed on the selected computing devices.

摘要翻译： 提供了用于远程管理动态计算环境的解决方案。 管理操作和计算设备的列表显示在用户界面上。 然后，用户可以选择在列表中的任何数量的计算设备上执行的管理动作。 一旦被选择，信号被发送到远程计算环境，指示要在所选择的计算设备上执行的管理动作。 然后在所选择的计算设备上执行管理动作。

公开(公告)号：US08572055B1

公开(公告)日：2013-10-29

申请号：US12164284

申请日：2008-06-30

申请人： Weibao Wu ,  Michael John Zeis

发明人： Weibao Wu ,  Michael John Zeis

IPC分类号： G06F7/00 ,  G06F17/00

CPC分类号： G06F11/1458 ,  G06F11/1453 ,  G06F17/30097

摘要： A method, system and apparatus for efficient storage of small files in a segment-based deduplication scheme by allocating multiple small files to a single data segment is provided. A mechanism for distinguishing between large files (e.g., files that are on the order of the size of a segment or larger) and smaller files, and starting a new segment at the beginning of a large file is also provided. A file attribute-based system for determining an identity of a small file at which to begin a new segment and then allocating subsequent small files to that segment and contiguous segments until a next small file having an appropriate attribute subsequently is encountered to begin a new segment is further provided. In one aspect of the present invention a filename hash is used for file attribute analysis to determine when a new segment should begin. Using such a mechanism, multiple small files can be allocated to a data segment and at the same time continue to provide for efficient storage of large files within separate data segments. The file attribute analysis further provides for an increase in deduplication rate for subsequently provided copies of the small files (e.g., in a backup) since segment boundaries remain constant in spite of file additions or deletions.

摘要翻译： 提供了一种用于通过将多个小文件分配给单个数据段来在基于段的重复数据删除方案中有效存储小文件的方法，系统和装置。 还提供了用于区分大文件（例如，大小的大小的大小的文件）和较小的文件以及在大文件的开始处开始新的段的机制。 一种基于文件属性的系统，用于确定开始新段的小文件的身份，然后分配后续小文件到该段和连续段，直到遇到具有适当属性的下一个小文件以开始新段 进一步提供。 在本发明的一个方面，使用文件名散列来进行文件属性分析，以确定何时开始新的片段。 使用这种机制，可以将多个小文件分配给数据段，并且同时继续提供在单独的数据段内有效地存储大文件。 文件属性分析进一步提供随后提供的小文件副本（例如，备份）中重复数据删除率的增加，因为段边界保持不变，尽管文件添加或删除。

公开(公告)号：US08543784B1

公开(公告)日：2013-09-24

申请号：US11968001

申请日：2007-12-31

申请人： Thomas G. Clifford ,  Donald C. Peterson ,  Shelley A Schmokel

发明人： Thomas G. Clifford ,  Donald C. Peterson ,  Shelley A Schmokel

IPC分类号： G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F1/00 ,  G06F1/26 ,  G06F1/32

CPC分类号： G06F11/1458 ,  G06F1/3268 ,  G06F11/1461 ,  G06F11/3034 ,  G06F11/3055 ,  Y02D10/154

摘要： Various techniques for coordinating the resource allocation and management capabilities of a backup application with the power saving features provided by a storage array are disclosed. One method involves accessing power management information associated with a logical storage unit (LSU) and image property information that indicates a future pattern of access to a backup image. The method also involves selecting the LSU, based upon both the power management information and the image property information, and then causing the backup image to be written to the LSU. Another method, performed by a backup module, involves receiving power management information associated with a storage array, selecting a logical storage unit (LSU) implemented on the storage array, based upon the power management information, and performing a backup storage management operation on the LSU, in response to selecting the LSU.

摘要翻译： 公开了用于利用由存储阵列提供的省电特征来协调备份应用的资源分配和管理能力的各种技术。 一种方法涉及访问与逻辑存储单元（LSU）相关联的功率管理信息以及指示未来访问备份图像的图像属性信息。 该方法还包括基于功率管理信息和图像属性信息来选择LSU，然后使备份图像被写入LSU。 由备份模块执行的另一种方法涉及接收与存储阵列相关联的功率管理信息，基于所述功率管理信息选择在所述存储阵列上实现的逻辑存储单元（LSU），以及对所述存储阵列执行备份存储管理操作 LSU响应选择LSU。