公开(公告)号：US08494170B2

公开(公告)日：2013-07-23

申请号：US13453730

申请日：2012-04-23

申请人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

发明人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

IPC分类号： H04L29/06

CPC分类号： H04L9/083 ,  H04L9/0825

摘要： Provided are a computer program product, system and method for a redundant key server encryption environment. A key server receives from at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key, a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server, and at least one additional wrapped encryption key by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the generated keys to the requesting device.

摘要翻译： 提供了一种用于冗余密钥服务器加密环境的计算机程序产品，系统和方法。 密钥服务器从至少一个远程密钥服务器接收与所述至少一个远程密钥服务器相关联的公钥。 密钥服务器从请求设备接收到加密密钥的请求，并生成加密密钥以供请求设备使用以解锁存储。 密钥服务器通过用请求设备公钥加密加密密钥来生成第一包装加密密钥，第二包装加密密钥通过用与密钥服务器相关联的公钥加密加密密钥，以及至少一个附加的包装加密密钥由 使用由所述至少一个远程密钥服务器提供的所述至少一个公共密钥加密所述加密密钥。 密钥服务器将生成的密钥发送到请求设备。

公开(公告)号：US08140865B2

公开(公告)日：2012-03-20

申请号：US12367484

申请日：2009-02-06

申请人： David Ray Kahler ,  Richard Anthony Ripberger

发明人： David Ray Kahler ,  Richard Anthony Ripberger

IPC分类号： G06F21/00

CPC分类号： G06F21/6218

摘要： A computational device receives input information on characteristics of customer data, critical metadata, and non-critical metadata, and characteristics of disk array configurations, wherein customer data is to be stored encrypted, wherein critical metadata is to be stored non-encrypted, and wherein non-critical metadata is to be stored encrypted or non-encrypted. The computational device determines band boundary information based on the received input information. Encrypting disks with pre-established bands are created based on the band boundary information and the encrypting disks are pre-initialized.

摘要翻译： 计算设备接收关于客户数据，关键元数据和非关键元数据的特征以及磁盘阵列配置的特征的输入信息，其中客户数据要被加密地存储，其中关键元数据将要被非加密存储，并且其中 非关键元数据将被加密或未加密存储。 计算装置根据接收到的输入信息确定频带边界信息。 基于带边界信息创建具有预先建立的频带的磁盘加密，并且加密磁盘被预初始化。

公开(公告)号：US10133883B2

公开(公告)日：2018-11-20

申请号：US12368032

申请日：2009-02-09

申请人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger

发明人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger

IPC分类号： G06F21/80 ,  G06F11/14 ,  G06F12/0804 ,  G06F21/81 ,  G06F12/0866

摘要： A method, system, and computer program product for safeguarding nonvolatile storage (NVS) data by a processor in communication with a memory device following a power loss event is provided. A first portion of the NVS data is encrypted using a first buffer module. Subsequently the first portion of the NVS data is transferred to at least one shared storage device, while a second portion of the NVS data is simultaneously encrypted using a second buffer module. The second portion of the NVS data is subsequently transferred to the at least one shared storage device.

公开(公告)号：US08300831B2

公开(公告)日：2012-10-30

申请号：US12767723

申请日：2010-04-26

申请人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

发明人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

IPC分类号： H04L9/00

CPC分类号： H04L9/083 ,  H04L9/0825

摘要： Provided are a computer program product, system and method for a redundant key server encryption environment. A key server transmits public keys associated with the key server and at least one device to at least one remote key server. The key server receives from the at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device comprising one of the at least one device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key associated with the requesting device. The key server generates a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server. At least one additional wrapped encryption key is generated for each of the at least one remote key server by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the first, second and the at least one additional wrapped encryption key to the requesting device.

摘要翻译： 提供了一种用于冗余密钥服务器加密环境的计算机程序产品，系统和方法。 密钥服务器将与密钥服务器和至少一个设备相关联的公钥传送到至少一个远程密钥服务器。 密钥服务器从与至少一个远程密钥服务器相关联的至少一个远程密钥服务器公钥接收。 密钥服务器从包括至少一个设备之一的请求设备接收到对加密密钥的请求，并且生成加密密钥以供请求设备使用以解锁存储。 密钥服务器通过使用与请求设备相关联的请求设备公钥对加密密钥进行加密来生成第一封包加密密钥。 密钥服务器通过使用与密钥服务器相关联的公钥加密加密密钥来生成第二封包加密密钥。 通过利用由至少一个远程密钥服务器提供的至少一个公共密钥对加密密钥进行加密，为至少一个远程密钥服务器中的每一个生成至少一个附加的包装加密密钥。 密钥服务器将第一，第二和至少一个附加的包装加密密钥发送到请求设备。

公开(公告)号：US20120233455A1

公开(公告)日：2012-09-13

申请号：US13453730

申请日：2012-04-23

申请人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

发明人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

IPC分类号： H04L9/28

CPC分类号： H04L9/083 ,  H04L9/0825

摘要： Provided are a computer program product, system and method for a redundant key server encryption environment. A key server receives from at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key, a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server, and at least one additional wrapped encryption key by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the generated keys to the requesting device.

摘要翻译： 提供了一种用于冗余密钥服务器加密环境的计算机程序产品，系统和方法。 密钥服务器从至少一个远程密钥服务器接收与所述至少一个远程密钥服务器相关联的公钥。 密钥服务器从请求设备接收到加密密钥的请求，并生成加密密钥以供请求设备使用以解锁存储。 密钥服务器通过用请求设备公钥加密加密密钥来生成第一包装加密密钥，第二包装加密密钥通过用与密钥服务器相关联的公钥加密加密密钥，以及至少一个附加的包装加密密钥由 使用由所述至少一个远程密钥服务器提供的所述至少一个公共密钥加密所述加密密钥。 密钥服务器将生成的密钥发送到请求设备。

公开(公告)号：US20110261964A1

公开(公告)日：2011-10-27

申请号：US12767723

申请日：2010-04-26

申请人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

发明人： David Ray Kahler ,  Anjul Mathur ,  Richard Anthony Ripberger ,  Jacob Lee Sheppard ,  Glen Alan Jaquette

IPC分类号： H04L9/08 ,  H04L9/00

CPC分类号： H04L9/083 ,  H04L9/0825

摘要： Provided are a computer program product, system and method for a redundant key server encryption environment. A key server transmits public keys associated with the key server and at least one device to at least one remote key server. The key server receives from the at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device comprising one of the at least one device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key associated with the requesting device. The key server generates a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server. At least one additional wrapped encryption key is generated for each of the at least one remote key server by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the first, second and the at least one additional wrapped encryption key to the requesting device.

摘要翻译： 提供了一种用于冗余密钥服务器加密环境的计算机程序产品，系统和方法。 密钥服务器将与密钥服务器和至少一个设备相关联的公钥传送到至少一个远程密钥服务器。 密钥服务器从与至少一个远程密钥服务器相关联的至少一个远程密钥服务器公钥接收。 密钥服务器从包括至少一个设备之一的请求设备接收到对加密密钥的请求，并且生成加密密钥以供请求设备使用以解锁存储。 密钥服务器通过使用与请求设备相关联的请求设备公钥对加密密钥进行加密来生成第一封包加密密钥。 密钥服务器通过使用与密钥服务器相关联的公钥加密加密密钥来生成第二封包加密密钥。 通过利用由至少一个远程密钥服务器提供的至少一个公共密钥对加密密钥进行加密，为至少一个远程密钥服务器中的每一个生成至少一个附加的包装加密密钥。 密钥服务器将第一，第二和至少一个附加的包装加密密钥发送到请求设备。

公开(公告)号：US20100205453A1

公开(公告)日：2010-08-12

申请号：US12367484

申请日：2009-02-06

申请人： David Ray Kahler ,  Richard Anthony Ripberger

发明人： David Ray Kahler ,  Richard Anthony Ripberger

IPC分类号： H04L9/06 ,  G06F12/00

CPC分类号： G06F21/6218

摘要： A computational device receives input information on characteristics of customer data, critical metadata, and non-critical metadata, and characteristics of disk array configurations, wherein customer data is to be stored encrypted, wherein critical metadata is to be stored non-encrypted, and wherein non-critical metadata is to be stored encrypted or non-encrypted. The computational device determines band boundary information based on the received input information. Encrypting disks with pre-established bands are created based on the band boundary information and the encrypting disks are pre-initialized.

摘要翻译： 计算设备接收关于客户数据，关键元数据和非关键元数据的特征以及磁盘阵列配置的特征的输入信息，其中客户数据要被加密地存储，其中关键元数据将要被非加密存储，并且其中 非关键元数据将被加密或未加密存储。 计算装置根据接收到的输入信息确定频带边界信息。 基于带边界信息创建具有预先建立的频带的磁盘加密，并且加密磁盘被预初始化。

公开(公告)号：US08417849B2

公开(公告)日：2013-04-09

申请号：US12575380

申请日：2009-10-07

申请人： Clint Alan Hardy ,  Matthew Joseph Kalos ,  Richard Anthony Ripberger

发明人： Clint Alan Hardy ,  Matthew Joseph Kalos ,  Richard Anthony Ripberger

IPC分类号： G06F3/00

CPC分类号： G06F11/201 ,  G06F3/0617

摘要： A method to adjust a multi-path device reservation by supplying a computing device and a storage controller interconnected with a communication link. The method further reserves a data storage device in communication with the storage controller, where that data storage device reservation is held by a first communication path group comprising a first plurality of communication paths configured in the communication link. If the method detects a failed communication path configured in the first communication path group, the method configures a second communication path group by removing the failed communication path from the first communication path group, wherein the second communication path group maintains the data storage device reservation.

摘要翻译： 一种通过提供与通信链路互连的计算设备和存储控制器来调整多路径设备预留的方法。 该方法还保留与存储控制器通信的数据存储设备，其中数据存储设备预留由包括在通信链路中配置的第一多个通信路径的第一通信路径组保持。 如果该方法检测到在第一通信路径组中配置的故障通信路径，则该方法通过从第一通信路径组去除故障通信路径来配置第二通信路径组，其中第二通信路径组保持数据存储设备预留。

公开(公告)号：US20110231323A1

公开(公告)日：2011-09-22

申请号：US12725252

申请日：2010-03-16

申请人： Richard Anthony Ripberger

发明人： Richard Anthony Ripberger

IPC分类号： G06Q50/00 ,  G06F13/24

CPC分类号： G06F3/0622 ,  G06F3/0637 ,  G06F3/0665 ,  G06F3/0689 ,  G06Q10/06 ,  G06Q50/184

摘要： A licensing application implemented in a computational device receives a request to enable a feature for a logical volume of a plurality of logical volumes controlled by the computational device, wherein each feature of a plurality of features is configurable to be enabled or disabled for one or more logical volumes of the plurality of logical volumes. The licensing application determines, whether enabling the feature for the logical volume causes a licensed capacity limit for the feature to be exceeded. Enabling the feature for the logical volume is avoided, in response to determining that enabling the feature for the logical volume causes the licensed capacity limit for the feature to be exceeded.

摘要翻译： 在计算设备中实现的许可应用接收用于为由计算设备控制的多个逻辑卷的逻辑卷启用特征的请求，其中多个特征的每个特征可配置为对一个或多个 多个逻辑卷的逻辑卷。 许可应用程序确定启用逻辑卷的功能是否会导致功能的许可容量限制超出。 响应于确定启用逻辑卷的功能会导致超出功能的许可容量限制，可以避免为逻辑卷启用功能。

公开(公告)号：US07769975B2

公开(公告)日：2010-08-03

申请号：US10990050

申请日：2004-11-15

申请人： Richard Anthony Ripberger

发明人： Richard Anthony Ripberger

IPC分类号： G06F12/00

CPC分类号： G06F3/0629 ,  G06F3/0605 ,  G06F3/0689

摘要： Provided is a method for configuring volumes in a storage system. Information is provided on a plurality of storage device groups, wherein each storage group includes storage devices having common storage device attributes. Selection is received of at least one storage device group and an array type. An array is configured as the selected array type using storage devices included in the at least one selected storage group. Configured arrays are assigned to extent pools. A plurality of extents are configured in the extent pools, wherein each extent in one extent pool comprises a portion of one array assigned to the extent pool. A volume is configured to include at least one extent from one extent pool.

摘要翻译： 提供了一种用于在存储系统中配置卷的方法。 在多个存储设备组上提供信息，其中每个存储组包括具有共同存储设备属性的存储设备。 接收到至少一个存储设备组和阵列类型的选择。 使用包括在所选择的至少一个存储组中的存储设备将阵列配置为所选择的阵列类型。 配置的阵列分配给扩展池。 在盘区池中配置多个盘区，其中一个盘区池中的每个盘区包括分配给盘区池的一个阵列的一部分。 一个卷被配置为从一个扩展池中包含至少一个扩展。