STORAGE SECURITY USING CRYPTOGRAPHIC SPLITTING
First Claim
1. A system for administrative management of a secure data storage network, the system comprising:
- a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings;
wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level;
wherein the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings;
wherein the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.
10 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for administrative management of a secure data storage network are disclosed. One system includes a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings, wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level, the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings, and the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user.
-
Citations
20 Claims
-
1. A system for administrative management of a secure data storage network, the system comprising:
-
a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings; wherein each volume is accessible by a group of one or more users, each user assigned an administrative access level; wherein the volume management settings are editable by a first user from the group of one or more users associated with the volume and assigned an administrative access level sufficient to edit the volume management settings; wherein the volume management settings are inaccessible by a second user from outside the group of one or more users associated with the volume and assigned an administrative access level at least equal to that of the first user. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for administrative management of a secure data storage network, the system comprising:
-
a secure storage appliance configured to host a plurality of volumes, each volume associated with a plurality of shares stored on a corresponding plurality of physical storage devices and having a plurality of volume management settings; a security group definition designating a plurality of security groups, each security group associated with a volume and assigned to a security administrator, wherein volume management settings of a volume associated with one of the plurality of security groups are editable by the security administrator associated with the security group. - View Dependent Claims (7, 8, 9)
-
-
10. A method of accessing administrative settings in a secure storage appliance, the method comprising:
-
receiving a request for administrative access to a volume managed by the secure storage appliance, the volume associated with a plurality of shares stored on a plurality of physical storage devices, the request including an identifier of an administrative user; checking an administrative access level to determine access rights of the administrative user; responding to the request for administrative access based on an outcome of checking the administrative access level; and generating a log record of the received request for administrative access; wherein the administrative user lacks access rights to a second volume different from the volume associated with a share stored on the plurality of physical storage devices. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification