公开(公告)号：US10834086B1

公开(公告)日：2020-11-10

申请号：US15235770

申请日：2016-08-12

申请人： Pure Storage, Inc.

发明人： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L29/06 ,  H04L9/30 ,  H04L9/32

摘要： Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a storage array access module from a client-side array services module, a token representing authentication of user credentials and authorized access privileges defining one or more storage array services accessible by the user, where the token is generated by a cloud-based security module upon authentication of the user credentials and identification of authorized access privileges for the user; receiving, by the storage array access module from the user, a user access request to one or more storage array services; and determining, by the storage array access module, whether to grant the user access request in dependence upon the authorized access privileges represented by the token.

公开(公告)号：US09444822B1

公开(公告)日：2016-09-13

申请号：US14726449

申请日：2015-05-29

申请人： Pure Storage, Inc.

发明人： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： G06F7/04 ,  H04L29/06 ,  H04L9/32

CPC分类号： H04L63/101 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/0815 ,  H04L63/0823 ,  H04L67/1097 ,  H04L67/306 ,  H04L2209/24 ,  H04L2209/72

摘要： Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a storage array access module from a client-side array services module, a token representing authentication of user credentials and authorized access privileges defining one or more storage array services accessible by the user, where the token is generated by a cloud-based security module upon authentication of the user credentials and identification of authorized access privileges for the user; receiving, by the storage array access module from the user, a user access request to one or more storage array services; and determining, by the storage array access module, whether to grant the user access request in dependence upon the authorized access privileges represented by the token.

摘要翻译： 在云中为存储阵列的用户提供授权和认证包括：通过存储阵列访问模块从客户端阵列服务模块接收表示用户凭证的认证的令牌和定义一个或多个存储阵列的授权访问权限 用户可访问的服务，其中令牌由基于云的安全模块通过用户凭证的身份验证和用户的授权访问权限的标识生成; 通过存储阵列访问模块从用户接收对一个或多个存储阵列服务的用户访问请求; 以及由所述存储阵列访问模块确定是否根据由所述令牌表示的授权访问特权来授予所述用户访问请求。

公开(公告)号：US11201913B1

公开(公告)日：2021-12-14

申请号：US16742968

申请日：2020-01-15

申请人： PURE STORAGE, INC.

发明人： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L29/08 ,  H04L29/06

摘要： Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.

公开(公告)号：US10021170B2

公开(公告)日：2018-07-10

申请号：US14726442

申请日：2015-05-29

申请人： Pure Storage, Inc.

发明人： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L29/08 ,  H04L29/06

CPC分类号： H04L67/10 ,  H04L63/0807 ,  H04L67/1097

摘要： Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.

公开(公告)号：US09779268B1

公开(公告)日：2017-10-03

申请号：US14730202

申请日：2015-06-03

申请人： Pure Storage, Inc.

发明人： John Colgrove ,  Mark L. McAuliffe ,  Ethan L. Miller ,  Naveen Neelakantam ,  Marco Sanvido ,  Neil A. Vachharajani ,  Taher Vohra

IPC分类号： G06F21/00 ,  G06F21/78 ,  H04L9/06

CPC分类号： G06F21/78 ,  G06F21/6227 ,  H04L9/065 ,  H04L9/0866 ,  H04L9/0894

摘要： Utilizing a non-repeating identifier to encrypt data, including: receiving a request to write data to a storage device; selecting a segment-offset pair where the data will be stored, where the selected segment-offset pair is unique to every other segment-offset pair utilized during the lifetime of the storage device; and encrypting the data in dependence upon an identifier of the segment-offset pair.

公开(公告)号：US09882913B1

公开(公告)日：2018-01-30

申请号：US15000822

申请日：2016-01-19

申请人： Pure Storage, Inc.

发明人： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L9/32 ,  H04L29/06

CPC分类号： H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

摘要： Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

公开(公告)号：US09300660B1

公开(公告)日：2016-03-29

申请号：US14726446

申请日：2015-05-29

申请人： Pure Storage, Inc.

发明人： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L9/32 ,  G06F9/46

CPC分类号： H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

摘要： Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

摘要翻译： 在云中为存储阵列的用户提供授权和认证包括：从客户端阵列服务模块的基于云的安全模块接收用户凭证; 由基于云的安全模块验证用户凭证; 由基于云的安全模块识别定义用户可访问的一个或多个存储阵列服务的授权访问权限; 由基于云的安全模块生成表示用户凭证的认证和授权的访问权限的令牌; 并且由基于云的安全模块向客户端阵列服务模块提供令牌。

公开(公告)号：US11936719B2

公开(公告)日：2024-03-19

申请号：US17536969

申请日：2021-11-29

申请人： PURE STORAGE, INC.

发明人： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC分类号： H04L9/40 ,  H04L67/10 ,  H04L67/1097

CPC分类号： H04L67/10 ,  H04L63/0807 ,  H04L67/1097

摘要： Managing a storage system, including: receiving, over a first network, user credentials associated with an access request to a storage system; sending, over a second network to a cloud-based security module, the user credentials; receiving, over the second network from the cloud-based security module, a token representing that the user credentials were successfully authenticated by the cloud-based security module; and sending, over the first network to the storage system, the token with a management instruction, wherein the storage system is not coupled for data communications to the cloud-based security module.

公开(公告)号：US11841984B1

公开(公告)日：2023-12-12

申请号：US16815529

申请日：2020-03-11

申请人： PURE STORAGE, INC.

发明人： John Colgrove ,  Mark L. McAuliffe ,  Ethan L. Miller ,  Naveen Neelakantam ,  Marco Sanvido ,  Neil A. Vachharajani ,  Taher Vohra

IPC分类号： G06F21/00 ,  G06F21/78 ,  H04L9/06 ,  H04L9/08 ,  G06F21/62

CPC分类号： G06F21/78 ,  G06F21/6227 ,  H04L9/065 ,  H04L9/0866 ,  H04L9/0894

摘要： Utilizing a non-repeating identifier to encrypt data, including: receiving a request to write data to a storage device; selecting a segment-offset pair where the data will be stored, where the selected segment-offset pair is unique to every other segment-offset pair utilized during the lifetime of the storage device; and encrypting the data in dependence upon an identifier of the segment-offset pair.

公开(公告)号：US10607034B1

公开(公告)日：2020-03-31

申请号：US16040575

申请日：2018-07-20

申请人： PURE STORAGE, INC.

发明人： John Colgrove ,  Mark L. McAuliffe ,  Ethan L. Miller ,  Naveen Neelakantam ,  Marco Sanvido ,  Neil A. Vachharajani ,  Taher Vohra

IPC分类号： G06F21/00 ,  G06F21/78 ,  H04L9/06

摘要： Utilizing a non-repeating identifier to encrypt data, including: receiving a request to write data to a storage device; selecting a segment-offset pair where the data will be stored, where the selected segment-offset pair is unique to every other segment-offset pair utilized during the lifetime of the storage device; and encrypting the data in dependence upon an identifier of the segment-offset pair.