VIRTUAL DATA CENTER
First Claim
1. A method for sharing a plurality of storage resources for an organization, wherein the organization is modeled as an organizational model having a plurality of units, wherein one or more users are assigned to each unit of the plurality of units of the organizational model, the method comprising:
- mapping the plurality of storage resources to the plurality of units of the organizational model, wherein, for each unit of the plurality of units, one or more storage resource of the plurality of storage resources is mapped to a corresponding unit of the plurality of units;
establishing access restrictions to storage resource management commands by the one or more users assigned to each unit, wherein command access levels assigned to the one or more users assigned to each unit are used to establish the access restrictions to storage resource management commands; and
securing access to the plurality of storage resources using the storage resource mapping and the access restrictions to provide secure unit-based storage resource access, wherein the secure unit-based storage resource access is secured at a port level through use of the mapping whereby storage resources of the plurality of storage resources are only visible via ports of host devices to which a storage resource of the storage resources is mapped, and wherein the secure unit-based storage resource access is secured at a user level through use of the access restrictions whereby storage resource management commands are only available to users assigned to each unit in accordance with the access restrictions to the storage resource management commands.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method are provided for securely sharing storage resources in a storage network. One or more organizations are modeled in a structure where each organization includes one or more units. Users are assigned to a unit and are also assigned a command access level. The command access level grants access to certain management commands that may be performed on storage resources. Storage resources are then bound to units in the organization and may be accessed by users in the unit. Once command access levels are assigned and storage resources are bound, access for a user in the unit is restricted to the command access level assigned to the user and the storage resources bound to the user'"'"'s unit. When a command from a user is received, the command access level of the user and the bound storage resources for the unit of the user is determined. Then, a management command is performed using the bound storage for the user'"'"'s unit if the command is available for the command access level.
-
Citations
20 Claims
-
1. A method for sharing a plurality of storage resources for an organization, wherein the organization is modeled as an organizational model having a plurality of units, wherein one or more users are assigned to each unit of the plurality of units of the organizational model, the method comprising:
-
mapping the plurality of storage resources to the plurality of units of the organizational model, wherein, for each unit of the plurality of units, one or more storage resource of the plurality of storage resources is mapped to a corresponding unit of the plurality of units; establishing access restrictions to storage resource management commands by the one or more users assigned to each unit, wherein command access levels assigned to the one or more users assigned to each unit are used to establish the access restrictions to storage resource management commands; and securing access to the plurality of storage resources using the storage resource mapping and the access restrictions to provide secure unit-based storage resource access, wherein the secure unit-based storage resource access is secured at a port level through use of the mapping whereby storage resources of the plurality of storage resources are only visible via ports of host devices to which a storage resource of the storage resources is mapped, and wherein the secure unit-based storage resource access is secured at a user level through use of the access restrictions whereby storage resource management commands are only available to users assigned to each unit in accordance with the access restrictions to the storage resource management commands. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A storage management system for sharing a plurality of storage resources for an organization, the system comprising:
-
an organizational model, stored in memory of the storage management system, of an organization having a plurality of units, wherein one or more users are assigned to each unit of the plurality of units of the organizational model, wherein, for each unit of the plurality of units, one or more storage resource of the plurality of storage resources is mapped to a corresponding unit of the plurality of units; access restrictions to storage resource management commands, stored in memory of the storage management system, by the one or more users assigned to each unit, wherein command access levels assigned to the one or more users assigned to each unit establish access restrictions to storage resource management commands; and instructions, operable upon a device of the system, securing access to the plurality of storage resources using the storage resource mapping and the access restrictions to provide secure unit-based storage resource access, wherein the secure unit-based storage resource access is secured at a port level through use of the mapping whereby storage resources of the plurality of storage resources are only visible via ports of host devices to which a storage resource of the storage resources is mapped, and wherein the secure unit-based storage resource access is secured at a user level through use of the access restrictions whereby storage resource management commands are only available to users assigned to each unit in accordance with the access restrictions to the storage resource management commands. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for sharing a plurality of storage resources for an organization, wherein the organization is modeled as an organizational model having a plurality of units, wherein one or more users are assigned to each unit of the plurality of units of the organizational model, the method comprising:
-
mapping the plurality of storage resources to the plurality of units of the organizational model, wherein, for each unit of the plurality of units, one or more storage resource of the plurality of storage resources is mapped to a corresponding unit of the plurality of units; and establishing access restrictions to storage resource management commands by the one or more users assigned to each unit, wherein the access restrictions comprise command access levels having roles and features for each unit of the plurality of units, wherein the roles provide different levels of command access for each command access level, wherein each feature provides commands that are permitted for that feature, wherein each role is granted access to one or more feature, and wherein command access levels assigned to the one or more users assigned to each unit are used to establish the access restrictions to storage resource management commands in accordance with its roles and features. - View Dependent Claims (18, 19, 20)
-
Specification