Storage system
First Claim
Patent Images
1. A storage system which can communicate with one or more outer unit, the storage system comprising:
- a plurality of logical devices;
access attribute mode setting means that sets one or more access attribute mode for each logical device, the access attribute mode being selected from a plurality of predetermined access attribute modes; and
access control means that controls a requested access operation, according to an access attribute mode which is set for the designate logical device, when a command requesting the access operation on a logical device which is designated from the outer unit is input, and outputs a response having information on a result of the controlled access operation to the outer unit, wherein one or more device recognition control mode for applying predetermined restriction to a device recognition type operation by which the outer unit recognizes a logical device itself or the capacity thereof is included in the predetermined access attribute mode; and
the access control means comprises device recognition control means for outputting, in a case that the access attribute mode which is set for the designated logical device is the device recognition control mode and the access operation requested from the outer unit is the device recognition type operation on the designated logical device, a response having information on a result of adding the predetermined restriction which accords to the set device recognition control mode to the requested device recognition type operation, the result being output to the outer unit.
1 Assignment
0 Petitions
Accused Products
Abstract
There is provided a storage system suitable for an open system which has advanced security functions for logical devices. In a storage system such as a RAID system, 6 types of access attributes which are Readable/Writable, Read Only, Unreadable/Unwritable, Read Capacity 0, Inquiry Restricted, and S-vol Disable, can be set for each logical device. Read Capacity 0 makes a response “capacity 0” upon inquiries from hosts about capacity. Inquiry Restricted does not permit the hosts to recognize logical devices. S-vol Disable does not permit pair forming for duplication of a logical device with another device as the destination of copying. Upon receipt of commands from hosts of the open system, the storage system changes command processes and responses, depending on the difference in operation system, vendor, version, or the like, between hosts.
53 Citations
8 Claims
-
1. A storage system which can communicate with one or more outer unit, the storage system comprising:
-
a plurality of logical devices;
access attribute mode setting means that sets one or more access attribute mode for each logical device, the access attribute mode being selected from a plurality of predetermined access attribute modes; and
access control means that controls a requested access operation, according to an access attribute mode which is set for the designate logical device, when a command requesting the access operation on a logical device which is designated from the outer unit is input, and outputs a response having information on a result of the controlled access operation to the outer unit, wherein one or more device recognition control mode for applying predetermined restriction to a device recognition type operation by which the outer unit recognizes a logical device itself or the capacity thereof is included in the predetermined access attribute mode; and
the access control means comprises device recognition control means for outputting, in a case that the access attribute mode which is set for the designated logical device is the device recognition control mode and the access operation requested from the outer unit is the device recognition type operation on the designated logical device, a response having information on a result of adding the predetermined restriction which accords to the set device recognition control mode to the requested device recognition type operation, the result being output to the outer unit. - View Dependent Claims (2, 3, 4)
-
-
5. A storage system which can communicate with one or more outer unit, the storage system comprising:
-
a plurality of logical devices;
access attribute mode setting means that sets one or more access attribute mode for each logical device, the access attribute modes being selected from a plurality of predetermined access attribute modes; and
access control means that controls a requested access operation, according to an access attribute mode which is set for the designated logical device, when a command requesting the access operation on a logical device which is designated by the outer unit is input, and outputs a response having information on a result of the controlled access operation to the outer unit, wherein one or more copy pair forming control mode for applying predetermined restriction to a copy pair forming operation for forming a copy pair with another logical device, having the designated logical device as a secondary volume, is included in the predetermined access attribute mode; and
the access control means comprises copy pair forming control means for outputting, in a case that the access attribute mode which is set for the designated logical device is the copy pair forming control mode and the access operation requested from the outer unit is the copy pair forming operation on the designated logical device, a response having information on a result of adding the predetermined restriction which accords to the set copy pair forming control mode to the requested copy pair forming operation, the result being output to the outer unit. - View Dependent Claims (6)
-
-
7. A storage system which can communicate with a plurality of outer units of different types, comprising:
-
unit mode setting means that selects a single unit mode corresponding to a unit type of each of the outer units from a plurality of predetermined unit modes and sets the selected unit mode on each of the outer units;
mode dependent operation storage means that stores a type of operation to be performed when a command of a predetermined type is processed, for each unit mode;
mode dependent response storage means that stores a type of information to be included in a response to the processed command in a case that a result of processing the command is a result of a predetermined type, for each unit mode;
command processing means, the command processing means being for processing a command which is input from one of the outer units, which, in a case that the command which has been input is a command of the predetermined type, selects an operation type in processing the command which has been input, the operation type being correspondent to a unit mode which is set for the outer unit which has issued the command and being selected from operation types for respective unit modes stored in the mode dependent operation storage means, and performs an operation corresponding to the selected type of operation; and
command responding means that outputs a response including information corresponding to a result of processing by the command processing means to the outer unit which has issued the command, and in a case that the result of the processing is the result of the predetermined type, selects an information type corresponding to the unit mode which is set for the outer unit which has issued the command, the information type being selected from information types for the respective unit modes stored in the mode dependent operation storage means, and outputs a response including information corresponding to the selected information type to the outer unit which has issued the command.
-
-
8. A computer system comprising a plurality of outer units of different types and a storage system which can communicate with the outer units, wherein
each of the plurality of outer units is installed with an application program which uses the storage system, and a storage management program for performing management control associated with setting and controlling a security function for logical devices of the storage system, according to an instruction from the application program; - and
each of the plurality of outer units automatically performs the management control of the storage system from the application program through the storage management program.
- and
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHitachi, Ltd.
-
Original AssigneeHitachi, Ltd.
-
InventorsNagasoe, Yasuyki, Homma, Hisao
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current711/114
-
CPC Class CodesG06F 3/0605 by facilitating the interac...G06F 3/0623 in relation to contentG06F 3/0632 by initialisation or re-ini...G06F 3/0637 PermissionsG06F 3/067 Distributed or networked st...Y10S 707/99939 Privileged access
