公开(公告)号：US20240311451A1

公开(公告)日：2024-09-19

申请号：US18121510

申请日：2023-03-14

Applicant: Rubrik, Inc.

Inventor： Sandeep Kanyal ,  Rajesh Kumar Jaiswal

IPC: G06F21/31 ,  G06F16/182

CPC classification number: G06F21/31 ,  G06F16/182

Abstract: Methods, systems, and devices for data management are described. A server hosted by a storage node within a cluster of a data management system (DMS) may receive a request to access a file stored in a distributed file system. The request may be associated with a security identifier (SID). The server may transmit an indication of the SID to a shared repository accessible to the cluster. Accordingly, the server may receive an indication of a mapping between the SID and one or both of a user identifier (UID) or a group identifier (GID) associated with the SID. The server may transmit an indication of the file and the UID/GID to the distributed file system, which may compare the UID/GID to a list of authorized identifiers for the file. If the UID/GID is on the list of authorized identifiers, the distributed file system may execute the request accordingly.

公开(公告)号：US20240031353A1

公开(公告)日：2024-01-25

申请号：US17871308

申请日：2022-07-22

Applicant: Rubrik, Inc.

Inventor： Anish Jhaveri ,  Anshul Mohan Gupta ,  Chak Fai Yuen ,  Hao Wu ,  Sandeep Kanyal ,  Seungyeop Han ,  Shivam Rajpal ,  Sriharshitha Velivelli

IPC: H04L9/40

CPC classification number: H04L63/0823

Abstract: A method for establishing secure connectivity is described. The method may include transmitting, to one or more host nodes of a data management system (DMS), an indication of a backup service configuration that includes a public key certificate associated with a first cluster of storage nodes in the DMS and a root certificate associated with a certificate authority. The method may further include establishing a primary connection between the first cluster and the host nodes using the public key certificate. The method may further include obtaining, by a second cluster of storage nodes in the DMS, a certificate chain signed by the certificate authority. The method may further include establishing a secondary connection between the second cluster and the host nodes in response to the first cluster becoming disconnected from the host nodes, where the secondary connection is established using the certificate chain.