Synchronous replication for system and data security

US 7,149,858 B1
Filed: 10/31/2003
Issued: 12/12/2006
Est. Priority Date: 10/31/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

replicating an operation on data from first data storage in a first security domain to second data storage in a second security domain, whereinthe first security domain and the second security domain are independent of one another,the first security domain permits a first host in the first security domain to directly access the first data storage, andthe first security domain prohibits a second host in the second security domain from directly accessing the first data storage;

awaiting a receipt of an acknowledgement that the operation on the data has been completed in the second security domain; and

completing the operation on the data in the first security domain in response to the receipt of the acknowledgement that the operation on the data has been completed in the second security domain, wherein the completing the operation in the second security domain comprises completing the operation on the data in second data storage in the second security domain.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and computer-readable medium for maintaining up-to-date, consistent backup copies of primary data that are immune to corruption even when security of the primary data is breached. Independent security domains are established for primary and secondary data, such that access to each security domain must be obtained independently of access to the other security domains. For example, a host computer system having access to data storage in the primary security domain does not have access to data storage in the secondary security domain, and vice versa. Changes to primary data are synchronously replicated over a tightly controlled replication link from primary data storage in the primary security domain to secondary data storage in the secondary security domain. A change to the data is completed in the primary security domain when an acknowledgement is received that the change to the data has been stored in secondary data storage.

Citations

53 Claims

1. A method comprising:
- replicating an operation on data from first data storage in a first security domain to second data storage in a second security domain, whereinthe first security domain and the second security domain are independent of one another,the first security domain permits a first host in the first security domain to directly access the first data storage, andthe first security domain prohibits a second host in the second security domain from directly accessing the first data storage;
  
  awaiting a receipt of an acknowledgement that the operation on the data has been completed in the second security domain; and
  
  completing the operation on the data in the first security domain in response to the receipt of the acknowledgement that the operation on the data has been completed in the second security domain, wherein the completing the operation in the second security domain comprises completing the operation on the data in second data storage in the second security domain.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 2. The method of claim 1 whereinthe replicating is performed over a controlled communication link from the first host in the first security domain to the second host in the second security domain.
  - 3. The method of claim 2 whereinonly the controlled communication link couples the first host to the second host.
  - 4. The method of claim 1 whereinthe first host controls access to the first security domain;
    - andthe second host controls access to the second security domain.
  - 5. The method of claim 4 further comprising:
    - the first host accessing data stored in the second security domain by requesting the data stored in the second security domain from the second host.
  - 6. The method of claim 4 whereinthe second data storage is inaccessible directly by the first host.
  - 7. The method of claim 4 whereinthe first data storage is inaccessible directly by the second host.
  - 8. The method of claim 1 whereinthe completing the change comprisesnotifying an application making the change to the data that the change is complete.
  - 9. The method of claim 1 further comprising:
    - using the data from the second data storage when the first data storage fails.
  - 10. The method of claim 1 further comprising:
    - reading a first portion of the data from the first data storage; and
      
      requesting a second portion of the data from the second host coupled to the second data storage.
  - 11. The method of claim 1 whereinthe first data storage and the second data storage are not connected to one local area network.
  - 12. The method of claim 1 further comprising:
    - replicating a second change to the data in the first data storage to the second security domain after the acknowledgement is received.
  - 13. The method of claim 12 further comprising:
    - completing the second change in the first security domain when a second acknowledgement is received that the second change to the data has been stored in the second storage area.
  - 14. The method of claim 1 further comprising:
    - restoring the data in the first data storage from the second data storage when the data are corrupted.
  - 15. The method of claim 1 whereinthe first data storage comprises a log.
  - 16. The method of claim 1 further comprising:
    - saving a version of data stored in the second data storage prior to storing the change to the data in the second data storage.
  - 17. The method of claim 16 whereinboth the version of the data and the change to the data are accessible after storing the change to the data in the second data storage.
  - 18. The method of claim 1 whereinthe second data storage comprises a log.
  - 19. The method of claim 18 further comprising:
    - constructing a current version of the data from the log.
  - 20. The method of claim 1 whereinthe second data storage comprisesa log, anda storage volume.
  - 21. The method of claim 20 further comprising:
    - writing the change to the data to the log; and
      
      writing the change to the data from the log to the storage volume.
  - 22. The method of claim 21 further comprising:
    - allocating space in the second data storage for the change to the data when writing the change to the data from the log to the storage volume.
  - 23. The method of claim 20 further comprising:
    - writing an oldest change to the data from the log to the storage volume.
  - 24. The method of claim 1 whereinthe second data storage comprisesa log,a storage volume, anda set of snapshots of the storage volume.
  - 25. The method of claim 24 further comprising:
    - periodically making a new snapshot of the set of snapshots.
  - 26. The method of claim 25 further comprising:
    - allocating a portion of the second data storage for storing the new snapshot when the new snapshot is made.
  - 27. The method of claim 26 whereinthe portion comprises storage for each block of a plurality of blocks in the storage volume.
  - 28. The method of claim 24 whereinat least one of the set of snapshots is a copy-on-write snapshot.
  - 29. The method of claim 28 whereinthe copy-on-write snapshot is a most recent snapshot of the set of snapshots.
  - 30. The method of claim 28 further comprising:
    - writing the change to the log,writing a version of data in the storage volume to the copy-on-write snapshot, andwriting the change to the data to the storage volume after writing the version of the data to the copy-on-write snapshot.
  - 31. The method of claim 24 whereinat least one of the set of snapshots is an instant snapshot.
  - 32. The method of claim 24 further comprising:
    - combining data from at least two snapshots of the set of snapshots into a combined snapshot; and
      
      deleting the at least two snapshots.
  - 33. The method of claim 32 whereinthe at least two snapshots were created at adjacent points in time.
  - 34. The method of claim 1 whereinthe second data storage comprisesa log,a storage volume, anda set of overlay storage objects, whereineach overlay storage object of the set comprises respective data to be applied to the storage volume.
  - 35. The method of claim 34 further comprising:
    - writing the change to the data to the log;
      
      writing the change to the data from the log to one overlay storage object of the set.
  - 36. The method of claim 35 whereinthe one overlay storage object is a most recent overlay storage object of the set.
  - 37. The method of claim 34 further comprising:
    - reading data in the second data storage byreading the respective data from at least one overlay storage object of the set of overlay storage objects, andreading other data in the second data storage from the storage volume.
  - 38. The method of claim 37 whereinthe reading the respective data comprises reading the respective data in an order determined by a respective time for that each overlay storage object was created.
  - 39. The method of claim 34 further comprising:
    - writing the respective data from one overlay storage object of the set of overlay storage objects to the storage volume.
  - 40. The method of claim 39 whereinthe one overlay storage object is an oldest overlay storage object of the set.
  - 41. The method of claim 39 further comprising:
    - deleting the one overlay storage object.

42. A system comprising:
- means for replicating an operation on data from first data storage in a first security domain to second data storage in a second security domain, whereinthe first security domain and the second security domain are independent of one another,the first security domain permits a first host in the first security domain to directly access the first data storage, andthe first security domain prohibits a second host in the second security domain from directly accessing the first data storage;
  
  means for awaiting a receipt of an acknowledgement that the operation on the data has been completed in the second security domain; and
  
  means for completing the operation on the data in the first security domain in response to the receipt of the acknowledgement that the operation on the data has been completed in the second security domain, wherein the completing the operation in the second security domain comprises completing the operation on the data in second data storage in the second security domain.
- View Dependent Claims (43)
- - 43. The system of claim 42 whereinthe means for replicating is configured to perform the replicating of the operation over a controlled communication link from the first host in the first security domain to the second host in the second security domain.

44. A system comprising:
- a replication module configured to replicate an operation on data from first data storage in a first security domain to second data storage in a second security domain, whereinthe first security domain and the second security domain are independent of one another,the first security domain permits a first host in the first security domain to directly access the first data storage, andthe first security domain prohibits a second host in the second security domain from directly accessing the first data storage;
  
  a receiving module configured to await a receipt of an acknowledgement that the operation on the data has been completed in the second security domain; and
  
  a completion module configured to complete the operation on the data in the first security domain in response to the receipt of the acknowledgement that the operation on the data has been completed in the second security domain, wherein the completing the operation in the second security domain comprises completing the operation on the data in second data storage in the second security domain.
- View Dependent Claims (45, 46, 47, 48)
- - 45. The system of claim 44 whereinthe replication module is configured to perform the replication over a controlled communication link from the first host in the first security domain to the second host in the second security domain.
  - 46. The system of claim 44 further comprising:
    - a secondary module configured to use the data from the second data storage when the first data storage fails.
  - 47. The system of claim 44 further comprising:
    - a reading module configured to read a first portion of the data from the first data storage; and
      
      a requesting module configured to request a second portion of the data from the second host coupled to the second data storage.
  - 48. The system of claim 44 further comprising:
    - a restoring module configured to restore the data in the first data storage from the second data storage, if the data becomes corrupted.

49. A computer-readable medium comprising:
- replicating instructions configured to replicate an operation on data from first data storage in a first security domain to second data storage in a second security domain, whereinthe first security domain and the second security domain are independent of one another,the first security domain permits a first host in the first security domain to directly access the first data storage, andthe first security domain prohibits a second host in the second security domain from directly accessing the first data storage;
  
  awaiting a receipt of an acknowledgement that the operation on the data has been completed in the second security domain; and
  
  completing instructions configured to complete the operation on the data in the first security domain in response to the receipt of the acknowledgement that the operation on the data has been completed in the second security domain, wherein the completing the operation in the second security domain comprises completing the operation on the data in second data storage in the second security domain.
- View Dependent Claims (50, 51, 52, 53)
- - 50. The computer-readable medium of claim 49 whereinthe replicating instructions are configured to perform the replication over a controlled communication link from the first host in the first security domain to the second host in the second security domain.
  - 51. The computer-readable medium of claim 49 further comprising:
    - using instructions configured to use the data from the second data storage when the first data storage fails.
  - 52. The computer-readable medium of claim 49 further comprising:
    - reading instructions configured to read a first portion of the data from the first data storage; and
      
      requesting instructions configured to request a second portion of the data from the second host coupled to the second data storage.
  - 53. The computer-readable medium of claim 49 further comprising:
    - restoring instructions configured to restore the data in the first data storage from the second data storage, if the data becomes corrupted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Veritas Technologies, LLC (Whitehouse Group Ltd.)
Original Assignee
Veritas Operating Corporation (Gen Digital Inc.)
Inventors
Kiselev, Oleg
Primary Examiner(s)
PEIKARI, BEHZAD

Application Number

US10/699,475
Time in Patent Office

1,138 Days
Field of Search

711/161, 711/162
US Class Current

711/162
CPC Class Codes

G06F 11/2076   Synchronous techniques

G06F 21/568   eliminating virus, restorin...

H04L 67/565   Conversion or adaptation of...

H04L 67/5651   Reducing the amount or size...

Synchronous replication for system and data security

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Synchronous replication for system and data security

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links