Controlling access to a storage device
First Claim
1. A method of controlling a data storage device, comprising:
- providing at least one requestor group that accesses the storage device;
providing at least one pool of devices of the data storage device;
providing a plurality of access types, wherein the access types include at least one of;
control, configure, and track changes; and
determining if a request by a requestor of the at least one requestor group is permitted for a device of the at least one pool of devices, wherein the device is an object of the request.
9 Assignments
0 Petitions
Accused Products
Abstract
Controlling access to a data storage device includes defining a plurality of groups that access the data storage device, defining a plurality of pools of devices of the data storage device, and, for at least one of the groups, determining access rights with respect to at least one of the pools. The pools of devices may include communication ports and/or memory segments of the storage element. The access rights may indicate whether system calls are allowed on the communication ports. In some embodiments, restricting access to a data storage device includes coupling each of a plurality of host requestor systems to the storage element by one of a plurality of ports provided for the storage element and selectively determining, for each of the ports, whether system calls are allowed, where, for the ports in which system calls are not allowed, a system call by the host systems coupled thereto causes the storage element to indicate that the system call was not performed. In other embodiments, the access to pools of memory resources having a unique ID number is restricted to requestors having unique ID numbers in a data base that matches allowed requestors and request types to allowed pools of memory.
152 Citations
50 Claims
-
1. A method of controlling a data storage device, comprising:
-
providing at least one requestor group that accesses the storage device;
providing at least one pool of devices of the data storage device;
providing a plurality of access types, wherein the access types include at least one of;
control, configure, and track changes; and
determining if a request by a requestor of the at least one requestor group is permitted for a device of the at least one pool of devices, wherein the device is an object of the request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of controlling access to a data storage device, comprising,
providing a requestor identification number for each requestor having access to the data storage device, where the identification number uniquely identifies each requestor; -
partitioning memory of the data storage device into a plurality of memory segments, and defining an identification number for each of the segments;
providing a plurality of request types including at least one of;
read, write, mirroring, copying, back up, splitting, and tracking system calls; and
allowing a requestor a selected type of request access to a selected one of the plurality of memory segments only if a database of requestor identification numbers indicates that the selected type of request to the selected memory segment is allowable according to the requestor identification number, wherein an override memory location stores one of a pass override condition, a reject override condition and no override condition. - View Dependent Claims (9, 10, 11, 12, 13, 14)
issuing an access request denied indication if the database indicates that the identification number is not allowed for the specified type of access to the specified memory segment.
-
-
10. The method of claim 8, wherein the override memory location is checked before examining the database, and, if a pass override condition is stored therein, the request is allowed.
-
11. The method of claim 10, wherein a value stored in the override memory location reverts to the no override condition after a specified time period.
-
12. The method of claim 8, wherein the override memory location is checked before examining the database, and, if a reject override condition is stored therein, the request is denied.
-
13. The method of claim 8, wherein the plurality of memory segments are grouped into pools of devices and wherein allowing a requestor a selected type of request access includes examining a particular one of the pools of devices corresponding to the selected memory segment.
-
14. The method of claim 11, wherein the specified time period is thirty minutes.
-
15. A method of controlling access to a data storage device, comprising:
-
providing at least one group of requestor devices from a plurality of requestor devices that access the data storage device by issuing requests for at least one of;
reading data in a specified portion of the data storage device, writing data into a specified portion of the data storage device, backing up data from a specified portion of the data storage device, mirroring data, copying data from a specified portion of the data storage device, splitting volumes of the data storage device, and tracking changes to volumes of the data storage device;
providing a plurality of pools of memory resources from a plurality of individual addressable memory resources of the data storage device; and
prior to accessing the memory, providing control logic for the data storage device to determine whether a request from one of the plurality of requestor devices for access to at least one of the plurality of pools of memory resources is permissible, wherein an override memory location stores one of a pass override condition, a reject override condition and no override condition. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method of controlling access to a data storage device, comprising:
-
associating an ID number that identifies at least one of;
a requestor having access to the storage element and a group to which the requestor belongs; and
determining if the requestor is allowed a requested type of access operation to at least a portion of the data storage device in accordance with access information, where the access information includes one or more access operations associated with at least one of;
the requestor ID number, an ID number of the group, a password associated with the requestor, and a password associated with the group, wherein the access operation includes at least one of;
control, configure, and track changes.- View Dependent Claims (25, 26, 27, 28, 29, 30)
-
-
31. A method of controlling access to a data storage device, comprising:
-
associating a password that identifies at least one of;
a requestor having access to the storage element and a group to which the requestor belongs; and
determining if the requestor is allowed a requested type of access operation to at least a portion of the data storage device in accordance with access information, where the access information includes one or more access operations associated with the password, wherein the access operation includes at least one of;
control, configure, and track changes.- View Dependent Claims (32, 33, 34, 35)
-
-
36. A computer program product that controls a data storage device, comprising:
-
executable code that handles at least one requestor group that accesses the storage device;
executable code that handles at least one pool of devices of the data storage device;
executable code that handles a plurality of access types, wherein the access types are selected from the group consisting of;
mirror, split, and track changes; and
executable code that determines if a request by a requestor of the at least one requestor group is permitted for a device of the at least one pool of devices, wherein the device is an object of the request.
-
-
37. A computer program product that controls access to a data storage device, comprising,
executable code that handles a requestor identification number for each requestor having access to the data storage device, where the identification number uniquely identifies each requestor; -
executable code that partitions memory of the data storage device into a plurality of memory segments, and defines an identification number for each of the segments;
executable code that handles a plurality of request types including at least one of;
read, write, mirroring, copying, back up, splitting, and tracking system calls; and
executable code that allows a requestor a selected type of request access to a selected one of the plurality of memory segments only if a database of requestor identification numbers indicates that the selected type of request to the selected memory segment is allowable according to the requestor identification number, wherein an override memory location stores one of a pass override condition, a reject override condition and no override condition. - View Dependent Claims (38, 39, 40, 41)
executable code that issues an access request denied indication if the database indicates that the identification number is not allowed for the specified type of access to the specified memory segment.
-
-
39. The computer program product of claim 37, further comprising:
executable code that checks the override memory location before examining the database, and, if a pass override condition is stored therein, the request is allowed.
-
40. The computer program product of claim 39, further comprising:
executable code that causes a value stored in the override memory location to revert to the no override condition after a specified time period.
-
41. The computer program product of claim 37, further comprising:
executable code that checks the override memory location before examining the database, and, if a reject override condition is stored therein, the request is denied.
-
42. A computer program product that controls access to a data storage device, comprising:
-
executable code that handles at least one group of requestor devices from a plurality of requestor devices that access the data storage device by issuing requests for at least one of;
reading data in a specified portion of the data storage device, writing data into a specified portion of the data storage device, backing up data from a specified portion of the data storage device, mirroring data, copying data from a specified portion of the data storage device, splitting volumes of the data storage device, and tracking changes to volumes of the data storage device;
executable code that handles a plurality of pools of memory resources from a plurality of individual addressable memory resources of the data storage device; and
executable code that determines whether a request from one of the plurality of requestor devices for access to at least one of the plurality of pools of memory resources is permissible, wherein an override memory location stores one of a pass override condition, a reject override condition and no override condition. - View Dependent Claims (43, 44, 45)
executable code that checks the override memory location before examining the database, and, if a pass override condition is stored therein, the request is allowed.
-
-
44. The computer program product of claim 43, further comprising:
executable code that causes a value stored in the override memory location to revert to the no override condition after a specified time period.
-
45. The computer program product of claim 42, further comprising:
executable code that checks the override memory location before examining the database, and, if a reject override condition is stored therein, the request is denied.
-
46. A computer program product that controls access to a data storage device, comprising:
-
executable code that handles an ID number that identifies at least one of;
a requestor having access to the storage element associated with a group to which the requestor belongs; and
executable code that determines if the requestor is allowed a requested type of access operation to at least a portion of the data storage device in accordance with access information, where the access information includes one or more access operations associated with at least one of;
the requestor ID number, an ID number of the group, a password associated with the requestor, and a password associated with the group, wherein the access operation includes at least one of;
control, configure, and track changes.- View Dependent Claims (47, 48, 49)
executable code that causes the access information to include a combination of the requestor ID number and the ID number of the group.
-
-
48. The computer program product of claim 46, further comprising:
executable code that causes the access information to use a combination of the ID number of the group and at least one of;
the password associated with the requestor and the password associated with the group.
-
49. The computer program product of claim 46, further comprising:
executable code that causes the access information to use a combination of the ID number of the group and the password associated with the group.
-
50. A computer program product that controls access to a data storage device, comprising:
-
executable code that handles a password that identifies at least one of;
a requestor having access to the storage element and a group to which the requestor belongs; and
executable code that determines if the requestor is allowed a requested type of access operation to at least a portion of the data storage device in accordance with access information, where the access information includes one or more access operations associated with the password, wherein the access operation includes at least one of;
control, configure, and track changes.
-
Specification