×

Methods and apparatus for providing security for a data storage system

  • US 7,134,138 B2
  • Filed: 02/15/2001
  • Issued: 11/07/2006
  • Est. Priority Date: 02/15/2001
  • Status: Expired due to Term
First Claim
Patent Images

1. A data storage system for accessing a set of data, comprising:

  • a data access manager for establishing a plurality of tokens for accessing the set of data;

    a network connection in communication with the data access manager; and

    a data storage assembly in communication with the network connection, the data storage assembly comprising (i) a set of storage locations that stores the set of data, and (ii) a control circuit configured to;

    receive from a host in communication with the data access manager over the network connection (i) a device oriented, block based command to access the set of data and (ii) a first access token of the plurality of tokens that provides access to the set of data stored in the set of storage locations in the data storage system;

    generate an authorization signal that controls access to the set of data based on the first access token and a second access token of the plurality of tokens, the second access token associated with the set of storage locations, by performing a comparison of the first access token to the second access token associated with the set of storage locations,if the comparison indicates that the first access token and the second access token are identical, produce an access approval signal that provides access to the set of storage locations; and

    if the comparison indicates that the first access token and the second access token are not identical, produce an access failure signal that indicates a denial of access to the set of storage locations; and

    produce a response signal that provides a response to the device oriented, block based command over the network connection to the host based on the authorization signal.wherein, when receiving, the control circuit is configured to receive from the host in communication with the data access manager over the network connection the first access token of the plurality of tokens that provides access to the set of data stored within a range of disk addresses in the set of storage locations of the data storage assembly, the range of disk addresses distinct from file names associated with the set of data; and

    when generating, generate an authorization signal that controls access to the set of data based on the first access token and a second access token of the plurality of tokens, the second access token associated with the range of disk addresses in the set of storage locations.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×