Information leakage detection for storage systems
First Claim
1. A storage system comprising:
- a controller in communication with one or more storage devices, said controller controlling input/output (I/O) operations to said one or more storage devices,wherein when said controller receives write data targeting said one or more storage devices, said controller compares a content of said write data with a content of existing data already stored in said one or more storage devices,wherein, when the content of the write data matches the content of the existing data, the storage system determines an owner of the write data and an owner of the existing data that has the matching content, andwherein said storage system performs a specified action when the owner of the write data is not registered as the owner of the existing data.
1 Assignment
0 Petitions
Accused Products
Abstract
A storage system compares content of new data received from a host computer with content of existing data already stored in the storage system. If the content of the new data matches the content of the existing data, the storage system determines whether the computer that sent the new data is a registered owner of the new data by determining who the registered owners are of the existing data that has the matching content. If the computer that sent the new data is not a registered owner, unauthorized information sharing is assumed to have taken place. The storage system sends a notification or takes other specified action when the computer that sent the new data is not a registered owner. An administrator or monitoring agent may thus be notified of any unauthorized file sharing or data leakage within the storage system.
39 Citations
20 Claims
-
1. A storage system comprising:
-
a controller in communication with one or more storage devices, said controller controlling input/output (I/O) operations to said one or more storage devices, wherein when said controller receives write data targeting said one or more storage devices, said controller compares a content of said write data with a content of existing data already stored in said one or more storage devices, wherein, when the content of the write data matches the content of the existing data, the storage system determines an owner of the write data and an owner of the existing data that has the matching content, and wherein said storage system performs a specified action when the owner of the write data is not registered as the owner of the existing data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A storage system comprising:
-
a controller for processing I/O operations received one or more host computers, said I/O operations being directed to a plurality of storage devices in communication with said controller, wherein said storage system receives write data from a particular one of said one or more host computers, wherein said storage system calculates a first hash value for the write data and compares the first hash value with second hash values calculated for existing data stored in the storage system, wherein when said first hash value matches one of said second hash values, said storage system determines an owner of the write data by identifying a location from which the write data was received and by determining a first host group correlated to the identified location, wherein the storage system determines an owner of the existing data that has the matching content by determining any host groups registered as owners of the existing data, and wherein when the first host group determined to have sent the write data is not registered as an owner of the existing data, an information leakage is assumed, and the storage system performs a specified action. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. An information system comprising:
-
a storage system in communication with one or more first host computers and one or more second host computers, said one or more first host computers being members of a first host group and said one or more second host computers being members of a second host group, wherein said storage system calculates a first hash value for new data received from a particular one of said first or second host computers, wherein said storage system compares the first hash value with second hash values calculated for existing data stored in the storage system, wherein when said first hash value matches one of said second hash values, said storage system determines any host groups registered for existing data corresponding to said existing hash value, and wherein when said particular one of said first or second host computers that sent the new data is not a member of any host groups registered for the existing data corresponding to said one of said second hash values, said storage system performs a specified action. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification