Abstract:
Apparatus and method for updating map structures in an object storage system. A server communicates with users of an object storage system over a network. A plurality of data storage devices are arranged into locations to store and retrieve data objects of the users. A storage controller is associated with each location to direct data object transfers between the data storage devices of the associated location and the server using an existing map structure that describes the data objects in each location. A management module is adapted to generate a new map structure, migrate at least one data object from an existing location described by the existing map structure to a new location described by the new map structure, and to distribute the new map structure to each of the storage controllers after the migration of the at least one data object.
Abstract:
Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
Abstract:
Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
Abstract:
Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
Abstract:
Apparatus and method for adding storage capacity to an object storage system. In accordance with some embodiments, a first set of data storage devices store data objects in accordance with a first map structure. A management module detects a second set of data storage devices added to the first set and, in response thereto, generates a second map structure and migrates a portion of the data objects from the first set to the second set based on the second map structure to balance the first and second sets.
Abstract:
Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
Abstract:
Apparatus and method for migrating data within an object storage system using available storage system bandwidth. In accordance with some embodiments, a server communicates with users of the object storage system over a network. A plurality of data storage devices are grouped into zones, with each zone corresponding to a different physical location within the object storage system. A controller direct transfers of data objects between the server and the data storage devices of a selected zone. A rebalancing module directs migration of sets of data objects between zones in relation to an available bandwidth of the server.
Abstract:
Apparatus and method for updating map structures in an object storage system. A server communicates with users of an object storage system over a network. A plurality of data storage devices are arranged into locations to store and retrieve data objects of the users. A storage controller is associated with each location to direct data object transfers between the data storage devices of the associated location and the server using an existing map structure that describes the data objects in each location. A management module is adapted to generate a new map structure, migrate at least one data object from an existing location described by the existing map structure to a new location described by the new map structure, and to distribute the new map structure to each of the storage controllers after the migration of the at least one data object.