Access control management

US 8,024,514 B2
Filed: 07/17/2007
Issued: 09/20/2011
Est. Priority Date: 03/01/2007
Status: Active Grant

First Claim

Patent Images

1. A method of managing operations that may be performed in a cartridge library, comprising:

recording, in a memory medium coupled to the cartridge library, access control parameters including a first access control parameter to identify a particular time period during which a resource of the cartridge library can be accessed, and a second access control parameter to identify one of a user, a server, or a command;

receiving, in an interface controller coupled to the cartridge library, a request to access a storage cartridge of the cartridge library; and

implementing an access control routine in the interface controller, wherein the access control routine accesses the first and second access control parameters to limit, in response to the request, a user'"'"'s ability to perform at least one command on the resource of the cartridge library during the particular time period identified by the first access control parameter.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a cartridge library, comprises a management component comprising a first processor module and a memory medium communicatively connected to the first processor module, an interface controller comprising a second processor module and a memory medium communicatively connected to the second processor module, wherein the interface controller comprises logic instructions stored on a computer readable medium which, when executed, cause the second processor module to, record, in a memory medium coupled to the cartridge library, at least one access control parameter, wherein the access control parameter identifies at least one of a user, a server, a command, or a time, receive, in an interface controller coupled to the cartridge library, a request for at least one resource of the cartridge library, and implement an access control routine in the interface controller to use the access control parameter to determine whether to limit a user'"'"'s ability to perform at least one command on at least one resource of the cartridge library during at least one time period.

108 Citations

22 Claims

1. A method of managing operations that may be performed in a cartridge library, comprising:
- recording, in a memory medium coupled to the cartridge library, access control parameters including a first access control parameter to identify a particular time period during which a resource of the cartridge library can be accessed, and a second access control parameter to identify one of a user, a server, or a command;
  
  receiving, in an interface controller coupled to the cartridge library, a request to access a storage cartridge of the cartridge library; and
  
  implementing an access control routine in the interface controller, wherein the access control routine accesses the first and second access control parameters to limit, in response to the request, a user'"'"'s ability to perform at least one command on the resource of the cartridge library during the particular time period identified by the first access control parameter.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising receiving, in a management component coupled to the cartridge library, the access control parameters by receiving via a user interface in the management component instructions which assign access rights to a user of the cartridge library.
  - 3. The method of claim 1, wherein recording, in the memory medium coupled to the cartridge library, the access control parameters comprises:
    - verifying, in a management component, the access control parameters by confirming that the resource identified by the first and second access control parameters is a valid resource;
      
      after the verifying, transmitting the access control parameters to the interface controller; and
      
      storing the access control parameters in a data file maintained by the interface controller.
  - 4. The method of claim 3, wherein the verifying further comprises confirming that an administrator providing the access control parameters has predefined rights.
  - 5. The method of claim 1, wherein the access control parameters are stored in an access control file, wherein using the access control parameters in determining whether to limit a user'"'"'s ability to perform the at least one command on the resource of the cartridge library during the particular time period comprises:
    - obtaining an identifier from the request, wherein the identifier identifies a user of the cartridge library;
      
      locating a record associated with the identifier in the access control file; and
      
      forwarding the command to a target device in the cartridge library for processing when the request is consistent with the access control parameters in the access control file.
  - 6. The method of claim 1, wherein the access control parameters are stored in an access control file, wherein using the access control parameters in determining whether to limit a user'"'"'s ability to perform at least one command on the resource of the cartridge library during the particular time period comprises:
    - obtaining an identifier from the request, wherein the identifier identifies a user of the cartridge library;
      
      locating a record associated with the identifier in the access control file; and
      
      invoking an error routine when the request is inconsistent with the access control parameters in the access control file.
  - 7. The method of claim 6, wherein invoking the error routine when the request is inconsistent with the access control parameters in the access control file comprises:
    - transmitting an error message to the user, wherein the error message indicates that a requested resource is unavailable to the user at this time; and
      
      recording the error message in a log.
  - 8. The method of claim 1, wherein the request is associated with a time stamp, and wherein the time stamp is compared to the particular time period of the first access control parameter to determine whether the at least one command can be performed on the resource in response to the request.

9. A cartridge library, comprising:
- a management component comprising a first processor module and a computer readable medium communicatively connected to the first processor module;
  
  an interface controller comprising a second processor module and a computer readable medium communicatively connected to the second processor module,wherein the interface controller comprises logic instructions stored on the computer readable medium of the interface controller which, when executed, cause the second processor module to;
  
  record, in a memory medium coupled to the cartridge library, access control parameters including a first access control parameter to identify a particular time period during which a resource of the cartridge library can be accessed, and a second access control parameter to identify one of a user, a server, or a command;
  
  receive a request to access a storage cartridge of the cartridge library; and
  
  implement an access control routine configured to use the first and second access control parameters to, in response to the request, determine whether to limit a user'"'"'s ability to perform at least one command on the resource of the cartridge library during the particular time period identified by the first access control parameter.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The cartridge library of claim 9, wherein the management component comprises logic instructions stored on the computer readable medium of the management component which, when executed, cause the first processor module to receive the access control parameters by receiving instructions which assign access rights to a user of the storage system.
  - 11. The cartridge library of claim 9, wherein the management component comprises logic instructions stored on the computer readable medium of the management component which, when executed, cause the first processor module to:
    - verify the access control parameters by confirming that the resource identified by the first and second access control parameters is a valid resource;
      
      after the verifying, transmit the access control parameters to the interface controller; and
      
      store the access control parameters in a data file maintained by the interface controller.
  - 12. The cartridge library of claim 11, wherein the verifying is performed by confirming that an administrator providing the access control parameters has predefined rights.
  - 13. The cartridge library of claim 9, wherein the access control parameters are stored in an access control file, the interface controller further comprising logic instructions stored on the computer readable medium of the interface controller which, when executed configure the second processor module to:
    - obtain an identifier from the request, wherein the identifier identifies a user of the cartridge library;
      
      locate a record associated with the identifier in the access control file; and
      
      forward the command to a target device in the cartridge library for processing when the request is consistent with the access control parameters in the access control file.
  - 14. The cartridge library of claim 9, wherein the access control parameters are stored in an access control file, wherein the interface controller further comprises logic instructions stored on the computer readable medium of the interface controller which, when executed, cause the interface controller to:
    - obtain an identifier from the request, wherein the identifier identifies a user of the cartridge library;
      
      locate a record associated with the identifier in the access control file; and
      
      invoke an error routine when the request is inconsistent with the access control parameters in the access control file.
  - 15. The cartridge library of claim 14, wherein the interface controller comprises logic instructions stored on the computer readable medium of the interface controller which, when executed, cause the interface controller to:
    - transmit an error message to the user, wherein the error message indicates that a requested resource is unavailable to the user at this time; and
      
      record the error message in a log.
  - 16. The cartridge library of claim 9, wherein the request is associated with a time stamp, and wherein the logic instructions when executed cause the second processor module to further compare the time stamp to the particular time period of the first access control parameter to determine whether the at least one command can be performed on the resource.

17. A computer program product comprising logic instructions stored on a computer readable medium which, when executed by one or more processors, cause the one or more processors to manage access requests in a cartridge library by performing operations, comprising:
- recording, in a memory medium coupled to the cartridge library, access control parameters including a first access control parameter to identify a particular time period during which a resource of the cartridge library can be accessed, and a second access control parameter to identify one of a user, a server, or a command;
  
  receiving, in an interface controller coupled to the cartridge library, a request to access a storage cartridge of the cartridge library; and
  
  implementing an access control routine in the interface controller, wherein the access control routine accesses the first and second access control parameters to limit, in response to the request, a user'"'"'s ability to perform at least one command on the resource of the cartridge library during the particular time period identified by the first access control parameter.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The computer program product of claim 17, further comprising logic instructions stored on the computer readable medium which, when executed by the one or more processors, cause the interface controller to receive the access control parameters by receiving via a user interface instructions from a management component which assign access rights to a user of the cartridge library.
  - 19. The computer program product of claim 18, wherein the access rights limit the user'"'"'s ability to perform at least one command on at least one resource of the cartridge library during the particular time period.
  - 20. The computer program product of claim 17, further comprising logic instructions stored on the computer readable medium which, when executed by the one or more processors, cause the one or more processors to further:
    - verify, in a management component, the access control parameters by confirming that the resource identified by the first and second access control parameters is a valid resource;
      
      after the verifying, transmit the access control parameters to the interface controller; and
      
      store the access control parameters in a data file maintained by the interface controller.
  - 21. The computer program product of claim 20, wherein the verifying further comprises confirming that an administrator providing the access control parameters has predefined rights.
  - 22. The computer program product of claim 17, wherein the request is associated with a time stamp, and wherein the time stamp is compared to the particular time period of the first access control parameter to determine whether the at least one command can be performed on the resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Valtrus Innovations Limited (f/k/a Dolya Holdco 9 Limited) (Key Patent Innovations Limited)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Ballard, Curtis C, Feather, Stan, Billimoria, Shiraz, Maddocks, Steven
Primary Examiner(s)
Bataille; Pierre-Michel

Application Number

US11/879,399
Publication Number

US 20080212222A1
Time in Patent Office

1,526 Days
Field of Search

711/154, 711/170, 711/111, 711/156, 711/12.008 E
US Class Current

711/111
CPC Class Codes

G11B 15/6835 the cassettes being transfe...

G11B 17/225 wherein the disks are trans...

Access control management

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Access control management

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links