Clustered filesystem for mix of trusted and untrusted nodes
First Claim
1. A method of operating a cluster of computer system nodes sharing direct read/write access to filesystems administered by at least one trusted metadata server node on storage devices connected to the computer system nodes via a storage area network, comprising:
- assigning a mandatory access control label as an extended attribute of each filesystem object administered by the at least one trusted metadata server node regardless of whether required by a client node creating the filesystem object.
13 Assignments
0 Petitions
Accused Products
Abstract
A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
109 Citations
18 Claims
-
1. A method of operating a cluster of computer system nodes sharing direct read/write access to filesystems administered by at least one trusted metadata server node on storage devices connected to the computer system nodes via a storage area network, comprising:
assigning a mandatory access control label as an extended attribute of each filesystem object administered by the at least one trusted metadata server node regardless of whether required by a client node creating the filesystem object. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. At least one computer readable medium storing at least one program embodying a method of operating a cluster of computer system nodes sharing direct read/write access to filesystems administered by at least one trusted metadata server node on storage devices connected to the computer system nodes via a storage area network, said method comprising:
assigning a mandatory access control label as an extended attribute of each filesystem object administered by the at least one trusted metadata server node regardless of whether required by a client node creating the filesystem object. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A cluster of computer systems, comprising:
-
storage devices storing at least one filesystem;
a storage area network coupled to said storage devices;
metadata client nodes coupled to said storage area network; and
at least one trusted metadata server node, coupled to said storage area network, to assign a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification