Data processing: database and file management or data structures – Database and file access
Reexamination Certificate
2008-09-30
2011-12-27
Le, Thu-Nguyet (Department: 2162)
Data processing: database and file management or data structures
Database and file access
Reexamination Certificate
active
08086585
ABSTRACT:
For enhanced access control, a client includes a token in each read or write command sent to a block storage device. The block storage device evaluates the token to determine whether or not read or write access is permitted at a specified logical block address. For example, the token is included in the logical block address field of a SCSI read or write command. The client may compute the token as a function of the logical block address of a data block to be accessed, or a metadata server may include the token in each block address of each extent reported to the client in response to a metadata request. For enhanced security, the token also is a function of a client identifier, a logical unit number, and access rights of the client to a particular extent of file system data blocks.
REFERENCES:
patent: 5253203 (1993-10-01), Partovi et al.
patent: 5319760 (1994-06-01), Mason et al.
patent: 5893140 (1999-04-01), Vahalia et al.
patent: 6044468 (2000-03-01), Osmond
patent: 6209059 (2001-03-01), Ofer et al.
patent: 6324581 (2001-11-01), Xu et al.
patent: 6477544 (2002-11-01), Bolosky et al.
patent: 6493825 (2002-12-01), Blumenau et al.
patent: 6658522 (2003-12-01), Martin et al.
patent: 6842810 (2005-01-01), Fitzgerald et al.
patent: 6868516 (2005-03-01), Walton et al.
patent: 6973455 (2005-12-01), Vahalia et al.
patent: 6976165 (2005-12-01), Carpentier et al.
patent: 7093021 (2006-08-01), Blumenau et al.
patent: 7165152 (2007-01-01), Blumenau et al.
patent: 7206863 (2007-04-01), Oliveira et al.
patent: 7260636 (2007-08-01), Blumenau et al.
patent: 7263590 (2007-08-01), Todd et al.
patent: 7458102 (2008-11-01), Rogers et al.
patent: 7475124 (2009-01-01), Jiang et al.
patent: 2002/0078239 (2002-06-01), Howard et al.
patent: 2003/0229690 (2003-12-01), Kitani et al.
patent: 2004/0054750 (2004-03-01), de Jong et al.
patent: 2007/0055702 (2007-03-01), Fridella et al.
patent: 2007/0088702 (2007-04-01), Fridella et al.
patent: 2007/0260842 (2007-11-01), Faibish et al.
patent: 2008/0005468 (2008-01-01), Faibish et al.
Vahalia, Uresh, Unix Internals: The New Frontiers, 1996, p. 261-289 and 338-371, Prentice-Hall, Inc., Upper Saddle River, NJ.
Nowicki, Bill, Network Working Group, RFC 1094, “NFS: Network File System Protocol Specification,” Mar. 1989, 27 pages, Sun Microsystems, Inc., Santa Clara, CA.
NFS Protocol Sequence Diagram, Aug. 11, 2007, 3 pages, EventHelix.com Inc., Gaithersburg, MD.
Leach, Paul, and Naik, Dilip, “A Common Internet File System,” Dec. 19, 1997, 121 pages, Microsoft Corporation, Redmond, WA.
Satran et al., “Internet Small Computer Systems Interface (iSCSI),” Network Working Group, Request for Comments: 3720, Apr. 2004, 257 pages, The Internet Society, Reston, VA.
“SCSI Read Commands,” Wikipedia, printed Jun. 30, 2008, 3 pages, Wikimedia Foundation Inc., San Francisco, CA.
“EMC Symmetrix DMX Architecture,” Product Description Guide, Mar. 2004, 76 pages, EMC Corporation, Hopkinton, MA.
“Enginuity: The Symmetrix Storage Operating Environment,” EMC White Paper, Jul. 2005, 22 pages, EMC Corporation, Hopkinton, MA.
“EMC CLARiiON CX3 Best Practices for Achieving ‘Five 9s’ Availability,” Feb. 2007, 14 pages, EMC Corporation, Hopkinton, MA.
Deploying Celerra MPFSi in High-Performance Computing Environments, Jun. 2006, 19 pages, EMC Corporation, Hopkinton, MA.
EMC Celerra iSCSI Solutions Microsoft Exchange 2003 Best Practices, Sep. 2005, 11 pages, EMC Corporation, Hopkinton, MA.
EMC Celerra File Mover, Datasheet, Sep. 2004, 2 pages, EMC Corporation, Hopkinton, MA.
“Celerra Data Migration Service (CDMS),” White Paper, Jan. 2002, 14 pages, EMC Corporation, Hopkinton, MA.
Black et al., “pNFS Block/Volume Layout,” ietf.org Internet draft, Mar. 4, 2007, 18 pages, The Internet Society, Reston, VA.
Black et al., “pNFS Block/Volume Layout,” ietf.org Internet draft, Dec. 30, 2005, 22 pages, The Internet Society, Reston, VA.
EMC Celerra HighRoad, Jan. 2002, 13 pages, EMC Corporation, Hopkinton, MA.
Fridella et al., “Elements of a Scalable Network File System Protocol,” NEPS Workshop at the University of Michigan, Ann Arbor, MI, Dec. 4, 2003, position paper (5 pages) and presentation (“Building a Scalable NFS,” 13 pages), EMC Corporation, Hopkinton, MA.
Menon et al., “IBM Storage Tank—a heterogeneous scalable SAN file system,” IBM Systems Journal, vol. 42, No. 2, 2003, pp. 250-267, IBM Corp., Armonk, NY.
“Object Storage Architecture: Defining a new generation of storage systems built on distributed, intelligent storage devices,” White Paper, Oct. 19, 2003, 18 pages, Panasas, Inc., Fremont, CA.
“Shared Storage Cluster Computing,” Jan. 27, 2005, 22 pages, Panasas, Inc., Fremont, CA.
Menezes et al., Handbook of Applied Cryptography, Oct. 17, 1996, pp. 387, 400-402, CRC Press, New York, NY.
Gobioff, et al, “Security for Network Attached Storage Devices,” CMU-CS-97-185, Oct. 23, 1997, 20 pages, School of Computer Science, Carnegie Mellon University, Pittsburg, Pennsylvania.
Gibson, et al., “Filesystems for Network-Attached Secure Disks,” CMU-CS-97-118, Jul. 1997, 18 pages, School of Computer Science, Carnegie Mellon University, Pittsburg, Pennsylvania.
Gibson, et al., “File Server Scaling with Network-Attached Secure Disks,” Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (Sigmetrics '97), Seattle, Washington, Jun. 15-18, 1997, p. 272-284, Association for Computing Machinery, New York, NY.
Gibson, et al., “A Case for Network-Attached Secure Disks,” CMU-CS-96-142, Sep. 26, 1996, 19 pages, School of Computer Science, Carnegie Mellon University, Pittsburg, Pennsylvania.
Gong. Li, A Secure Identity-Based Capability System, Jan. 1989, 16 pages, University of Cambridge Computer Laboratory, Cambridge, England.
IEEE P1619.3(TM)/D1, Draft Standard for Key Management Infrastructure for Cryptographic Protection of Stored Data (May 2007), 44 pages, IEEE, Piscataway, NJ.
IEEE P1619.1(TM)/D20 Draft Standard for Authenticated Encryption with Length Expansion for Storage Devices (Jun. 2007), 51 pages, IEEE, Piscataway, NJ.
IEEE P1619(TM)/D19 Draft Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices (Oct. 2007), 38 pages, IEEE, Piscataway, NJ.
FIPS Publication 197, Announcing the Advanced Encryption Standard (AES), Nov. 26, 2001, 51 pages, National Institute of Standards and Technology, Gaithersburg, MD.
FIPS Publication 140-2, Security Requirements for Cryptographic Modules, May 25, 2001, 69 pages, National Institute of Standards and Technology, Gaithersburg, MD.
FIPS Publication 198, The Keyed-Hash Message Authentication Code (HMAC), Mar. 6, 2002, 20 pages, National Institute of Standards and Technology, Gaithersburg, MD.
Network Working Group, G. Waters, Editor, “User-based Security Model for SNMPv2,” RFC 1910, Feb. 1996, 40 pages, The Internet Society, Reston, VA.
GXC3 Core, P1619 / 802.1ae (MACSec) GCM/XTS/CBC-AES Core, ipcores.com datasheet, Nov. 2007, 3 pages, IP Cores, Inc., Palo Alto, CA.
Brashers Per
Faibish Sorin
Glasgow Jason
Jiang Xiaoye
Wurzl Mario
Auchterlonie Richard
EMC Corporation
Le Thu-Nguyet
Novak Druce & Quigg LLP
LandOfFree
Access control to block storage devices for a shared disk... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Access control to block storage devices for a shared disk..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Access control to block storage devices for a shared disk... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4267397