-
公开(公告)号:US20100154053A1
公开(公告)日:2010-06-17
申请号:US12336562
申请日:2008-12-17
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: H04L63/08 , G06F3/0622 , G06F3/0637 , G06F3/067 , G06F21/78 , H04L63/0428 , H04L63/0876
摘要: Methods and systems for presenting a virtual disk to a client device are disclosed. One method includes receiving client credentials from a client device, the client credentials including a client identifier. The method also includes authenticating the client device at a secure storage device. The method further includes determining a volume is associated with the client device based upon the client identifier, the volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices. The method also includes, upon determining the volume is associated with the client device, presenting the volume to the client device.
摘要翻译: 公开了向客户端设备呈现虚拟磁盘的方法和系统。 一种方法包括从客户端设备接收客户端凭证,客户机凭证包括客户端标识符。 该方法还包括在安全存储设备处验证客户端设备。 该方法还包括基于客户端标识符确定与客户端设备相关联的卷,该存储器与存储在相应的多个物理存储设备上的多个共享相关联的卷。 所述方法还包括在确定所述卷与所述客户端设备相关联时,将所述卷呈现给所述客户端设备。
-
公开(公告)号:US20100161964A1
公开(公告)日:2010-06-24
申请号:US12342575
申请日:2008-12-23
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: G06F21/6272 , G06F2221/2107 , G06F2221/2141
摘要: Methods and systems of presenting data in a secure data storage network are disclosed. One method includes defining a plurality of communities of interest, each community of interest capable of accessing data stored in a secure data storage network and including a plurality of users desiring access to a common set of data, wherein each of the plurality of communities of interest has a set of security rights. The method also includes associating each of the plurality of communities of interest with a different workgroup key. The method further includes, upon identification of a client device as associated with a user from among the plurality of users in a community of interest, presenting a virtual disk to the client device in accordance with the security rights, the virtual disk associated with the workgroup key associated with the community of interest and a volume containing the common set of data to the community of interest, the volume including a plurality of shares stored on a plurality of physical storage devices.
摘要翻译: 公开了在安全数据存储网络中呈现数据的方法和系统。 一种方法包括定义感兴趣的多个社区,感兴趣的每个社区都能够访问存储在安全数据存储网络中的数据,并且包括希望访问一组共同的数据的多个用户,其中所述多个感兴趣社区中的每一个 有一套担保权。 该方法还包括将感兴趣的多个社区中的每一个与不同的工作组密钥相关联。 该方法还包括:在感兴趣的社区中的多个用户中识别与用户相关联的客户端设备时,根据安全权限向客户端设备呈现虚拟磁盘,与工作组相关联的虚拟磁盘 与所关注的社区相关联的密钥以及包含所述感兴趣社区的共同数据集的卷,所述卷包括存储在多个物理存储设备上的多个共享。
-
公开(公告)号:US20140164790A1
公开(公告)日:2014-06-12
申请号:US13706457
申请日:2012-12-06
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
IPC分类号: H04L9/32
CPC分类号: G06Q10/10 , H04L9/0833 , H04L9/085
摘要: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.
摘要翻译: 公开了用于安全数据存储网络的管理管理的方法和系统。 一个系统包括被配置为托管多个卷的安全存储设备,每个卷与存储在相应的多个物理存储设备上的多个共享相关联,并具有多个卷管理设置,其中每个卷可由一组 一个或多个用户,每个用户分配了管理访问级别,所述卷管理设置可由第一用户从与所述卷相关联的一个或多个用户的组中编辑,并且分配了足以编辑所述卷管理设置的管理访问级别,以及 卷管理设置由第二用户从与卷相关联的一个或多个用户的组之外的外部不可访问,并且分配了至少等于第一用户的管理访问级别。
-
公开(公告)号:US20100150341A1
公开(公告)日:2010-06-17
申请号:US12336568
申请日:2008-12-17
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: G06F21/805 , H04L9/085 , H04L9/0894
摘要: Methods and systems for securing data in a data storage network are disclosed. One method includes receiving at a secure storage appliance a block of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices. The method further includes cryptographically splitting the block of data received by the secure storage appliance into a plurality of secondary data blocks, and cryptographically splitting the session key into a plurality of session key fragments. The method further includes encrypting each of the plurality of secondary data blocks with a different session key, each session key associated with at least one of the plurality of shares, and encrypting each of the plurality of session key fragments with a workgroup key associated with a source of the block of data.
摘要翻译: 公开了用于在数据存储网络中保护数据的方法和系统。 一种方法包括在安全存储设备处接收用于存储在卷上的数据块,所述数据块与多个物理存储设备上分布的多个共享相关联。 该方法还包括将由安全存储设备接收的数据块加密地分割成多个辅助数据块,以及将会话密钥加密地分割成多个会话密钥片段。 该方法还包括用不同的会话密钥加密多个辅助数据块中的每一个,每个会话密钥与多个共享中的至少一个共享相关联,并且利用与该多个会话密钥相关联的工作组密钥加密每个会话密钥片段 源数据块。
-
公开(公告)号:US08392682B2
公开(公告)日:2013-03-05
申请号:US12336564
申请日:2008-12-17
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
IPC分类号: G06F12/00
CPC分类号: H04L69/40 , G06F21/6218 , G06F2221/2113 , G06F2221/2141 , H04L9/085 , H04L9/088 , H04L9/0897 , H04L63/20 , H04L67/1097
摘要: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.
摘要翻译: 公开了用于安全数据存储网络的管理管理的方法和系统。 一个系统包括被配置为托管多个卷的安全存储设备,每个卷与存储在相应的多个物理存储设备上的多个共享相关联,并具有多个卷管理设置,其中每个卷可由一组 一个或多个用户,每个用户分配了管理访问级别,所述卷管理设置可由第一用户从与所述卷相关联的一个或多个用户的组中编辑,并且分配了足以编辑所述卷管理设置的管理访问级别,以及 卷管理设置由第二用户从与卷相关联的一个或多个用户的组之外的外部不可访问,并且分配了至少等于第一用户的管理访问级别。
-
公开(公告)号:US20100162005A1
公开(公告)日:2010-06-24
申请号:US12342636
申请日:2008-12-23
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: G06F21/80 , G06F21/6218
摘要: Methods and systems of presenting data in a secure data storage network are disclosed. One method includes defining a community of interest capable of accessing data stored in a secure data storage network, the community of interest including a plurality of users desiring access to a common set of data. The method also includes associating the community of interest with a workgroup key. and, upon identification of a client device as associated with a user from among the plurality of users in the community of interest, presenting a virtual disk to the client device, the virtual disk associated with the workgroup key and a volume containing the common set of data, the volume including a plurality of shares stored on a plurality of physical storage devices.
摘要翻译: 公开了在安全数据存储网络中呈现数据的方法和系统。 一种方法包括定义能够访问存储在安全数据存储网络中的数据的感兴趣社区,感兴趣的社区包括期望访问公共数据集合的多个用户。 该方法还包括将感兴趣的社区与工作组密钥相关联。 并且在所感兴趣的社区中的多个用户中识别与用户相关联的客户端设备,向客户端设备呈现虚拟磁盘时,与工作组密钥相关联的虚拟磁盘和包含公共集合的卷 数据,所述卷包括存储在多个物理存储设备上的多个共享。
-
公开(公告)号:US20100161981A1
公开(公告)日:2010-06-24
申请号:US12342610
申请日:2008-12-23
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: G06F21/80
摘要: Methods and systems of managing access to data in a secure data storage network are disclosed. One such method includes associating a storage resource with a community of interest, the community of interest associated with a workgroup key providing access to a virtual disk, the virtual disk allowing access to a volume comprising a plurality of shares stored on a plurality of physical storage devices. The method also includes, upon determining a user of a client device is a member of the community of interest, providing access to the storage resource to the user, whereby the storage resource is associated with the workgroup key.
摘要翻译: 公开了在安全数据存储网络中管理数据访问的方法和系统。 一种这样的方法包括将存储资源与感兴趣的社区相关联,与提供对虚拟磁盘的访问的工作组密钥相关联的兴趣团体,允许访问包含存储在多个物理存储器上的多个共享的卷的虚拟磁盘 设备。 该方法还包括,在确定客户端设备的用户是感兴趣社区的成员时,向用户提供对存储资源的访问,由此存储资源与工作组密钥相关联。
-
公开(公告)号:US20100153703A1
公开(公告)日:2010-06-17
申请号:US12336559
申请日:2008-12-17
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: G06F21/805 , H04L63/06 , H04L67/1097 , H04L2463/062
摘要: Methods and systems for storing data securely in a secure data storage network are disclosed. One method includes receiving at a secure storage appliance a block of data for storage on a volume, the volume associated with a plurality of shares distributed across a plurality of physical storage devices. The method also includes cryptographically splitting the block of data received by the secure storage appliance into a plurality of secondary data blocks. The method further includes encrypting each of the plurality of secondary data blocks with a different session key, each session key associated with at least one of the plurality of shares. The method also includes storing each data block and associated session key at the corresponding share, remote from the secure storage appliance.
摘要翻译: 公开了将数据安全地存储在安全数据存储网络中的方法和系统。 一种方法包括在安全存储设备处接收用于存储在卷上的数据块,所述数据块与多个物理存储设备上分布的多个共享相关联。 该方法还包括将由安全存储设备接收的数据块加密地分割成多个辅助数据块。 该方法还包括用不同的会话密钥加密多个辅助数据块中的每一个,每个会话密钥与多个共享中的至少一个共享相关联。 该方法还包括将每个数据块和相关联的会话密钥存储在远离安全存储设备的相应共享处。
-
公开(公告)号:US20100153670A1
公开(公告)日:2010-06-17
申请号:US12336564
申请日:2008-12-17
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers , Robert Johnson
CPC分类号: H04L69/40 , G06F21/6218 , G06F2221/2113 , G06F2221/2141 , H04L9/085 , H04L9/088 , H04L9/0897 , H04L63/20 , H04L67/1097
摘要: Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.
摘要翻译: 公开了用于安全数据存储网络的管理管理的方法和系统。 一个系统包括被配置为托管多个卷的安全存储设备,每个卷与存储在相应的多个物理存储设备上的多个共享相关联,并具有多个卷管理设置,其中每个卷可由一组 一个或多个用户,每个用户分配了管理访问级别,所述卷管理设置可由第一用户从与所述卷相关联的一个或多个用户的组中编辑,并且分配了足以编辑所述卷管理设置的管理访问级别,以及 卷管理设置由第二用户从与卷相关联的一个或多个用户的组之外的外部不可访问,并且分配了至少等于第一用户的管理访问级别。
-
公开(公告)号:US08135980B2
公开(公告)日:2012-03-13
申请号:US12342438
申请日:2008-12-23
申请人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers
发明人: David Dodgson , Joseph Neill , Ralph Farina , Edward Chin , Albert French , Scott Summers
IPC分类号: G06F11/00
CPC分类号: H04L63/104 , G06F11/2007 , H04L63/06
摘要: A secure storage appliance is disclosed, along with methods of storing and reading data in a secure storage network. In one aspect, a method includes assigning a volume to a primary secure storage appliance located in a secure data storage network, the secure data storage network including a plurality of secure data paths between the primary secure storage appliance and a client device and a plurality of secure data paths between the secure storage appliance and a plurality of storage systems, the volume corresponding to physical storage at each of the plurality of storage systems. The method also includes detecting a connectivity problem on at least one of the secure data paths. The method further includes assessing whether to reassign the volume to a different secure storage appliance based upon the connectivity problem.
摘要翻译: 公开了一种安全存储设备,以及在安全存储网络中存储和读取数据的方法。 一方面,一种方法包括将卷分配给位于安全数据存储网络中的主要安全存储设备,所述安全数据存储网络包括主安全存储设备和客户端设备之间的多个安全数据路径,以及多个 所述安全存储设备与多个存储系统之间的安全数据路径,所述卷对应于所述多个存储系统中的每一个处的物理存储。 该方法还包括检测至少一个安全数据路径上的连接问题。 该方法还包括基于连接性问题评估是否将卷重新分配给不同的安全存储设备。
-
-
-
-
-
-
-
-
-