Running third party applications as embedded agents in a storage management server
First Claim
1. A storage management server comprising:
- a set of one or more processors to execute operations of a management module, a network module and a data module, wherein;
the storage management server is a special-purpose processing system configured to store, manage, and retrieve data in a set of mass storage devices on behalf of one or more network storage clients, the network module is configured to enable the storage management server to communicate with the one or more network storage clients, and the data module is configured to manage data retrieval and storage in the set of mass storage devices;
the management module is configured to establish a sandbox to operate a third-party application as an embedded agent within the storage management server, wherein the management module is configured to establish the sandbox by implementing a plurality of enforcements to constrain operation of the third-party application within a controlled set of the storage management server'"'"'s resources, and wherein the management module is configured to implement the plurality of enforcements by establishing a specific role for the sandbox in a role based access control mechanism of the storage management server;
the sandbox uses the role based access control mechanism to enable the third-party application to communicate with the management module, wherein the third-party application is entirely enabled and operable from within the storage management server as a native service offered from within the storage management server independent of and without need for communication with any third-party server for operation of the third-party application, and wherein the third-party application is configured to provide a service related to the providing of data access services by the storage management server to the one or more network storage clients; and
the management module provides the third-party application restricted access to an operating system of the storage management server to enable operation of the third-party application as an embedded agent within the storage management server; and
a memory coupled to the one or more processors to store the operating system of the storage management server.
1 Assignment
0 Petitions
Accused Products
Abstract
Running applications to support a storage server is made more efficient by at least establishing a sandbox to run the applications as embedded agents within the storage server. To accomplish this, in at least one embodiment, a management module of the storage server designates resources of the storage server to establish the sandbox using a role based access control mechanism. The sandbox communicates with the management module to access the resources of an operating system of the storage server to run the applications. Based on this, the need for separate external computers to run the applications is eliminated. Additionally, an administrator can control operations of the applications through the management module, thus providing the administrator a uniform interface for controlling both the storage server and the applications. The applications also utilize an existing user interface of the storage server to display logs and events to the administrator.
41 Citations
37 Claims
-
1. A storage management server comprising:
-
a set of one or more processors to execute operations of a management module, a network module and a data module, wherein; the storage management server is a special-purpose processing system configured to store, manage, and retrieve data in a set of mass storage devices on behalf of one or more network storage clients, the network module is configured to enable the storage management server to communicate with the one or more network storage clients, and the data module is configured to manage data retrieval and storage in the set of mass storage devices; the management module is configured to establish a sandbox to operate a third-party application as an embedded agent within the storage management server, wherein the management module is configured to establish the sandbox by implementing a plurality of enforcements to constrain operation of the third-party application within a controlled set of the storage management server'"'"'s resources, and wherein the management module is configured to implement the plurality of enforcements by establishing a specific role for the sandbox in a role based access control mechanism of the storage management server; the sandbox uses the role based access control mechanism to enable the third-party application to communicate with the management module, wherein the third-party application is entirely enabled and operable from within the storage management server as a native service offered from within the storage management server independent of and without need for communication with any third-party server for operation of the third-party application, and wherein the third-party application is configured to provide a service related to the providing of data access services by the storage management server to the one or more network storage clients; and the management module provides the third-party application restricted access to an operating system of the storage management server to enable operation of the third-party application as an embedded agent within the storage management server; and a memory coupled to the one or more processors to store the operating system of the storage management server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of operating a third-party application within a storage management server, the method comprising:
-
the storage management server including a network module, a data module, and a management module, the storage management server configured to store, manage, and retrieve data in a set of mass storage devices on behalf of one or more network storage clients, wherein the network module is configured to enable the storage management server to communicate with the one or more network storage clients, and the data module is configured to manage data retrieval and storage in the set of mass storage devices; establishing a sandbox by the management module within the storage management server by implementing a plurality of enforcements to constrain operation of the third-party application within a controlled set of the storage management server'"'"'s resources, wherein the management module of the storage management server implements the plurality of enforcements by establishing a specific role for the sandbox in a role based access control mechanism of the storage management server; operating the third-party application within the sandbox, wherein the sandbox uses the role based access control mechanism to enable the third-party application to communicate with the management module, wherein the third-party application is a entirely enabled and operable from within the storage management server as a native service offered from within the storage management server independent of and without need for communication with any third-party servers for operation of the third-party application, and wherein the third-party application is configured to provide a service related to the providing of data access services by the storage management server to the one or more network storage clients; and providing, using the management module, restricted access to an operating system of the storage management server to operate the third-party application as an embedded agent within the storage management server. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer implemented method for protecting data in a storage management server, the method comprising:
-
the storage management server including a network module, a data module, and a management module, the storage management server configured to store, manage, and retrieve data in a set of mass storage devices on behalf of one or more network storage clients, wherein the network module is configured to enable the storage management server to communicate with the one or more network storage clients, and the data module is configured to manage data retrieval and storage in the set of mass storage devices; establishing, using the management module of the storage management server, a sandbox to operate a plurality of third-party applications within the storage management server, wherein the management module establishes the sandbox by implementing a plurality of enforcements to constrain operation of the plurality of third-party applications within a controlled set of the storage management server'"'"'s resources; operating the plurality of third-party applications as embedded agents in the sandbox, wherein the sandbox uses a role based access control mechanism of the storage management server to enable the plurality of third-party applications to communicate with the management module, wherein the third-party applications are entirely enabled and operable from within the storage management server as a native service offered from within the storage management server independent of and without need for communication with any third-party servers for operation of the third-party application, and wherein the third-party applications are configured to provide services related to the providing of data access services by the storage management server to the one or more network storage clients; and providing, using the management module, restricted access to an operating system of the storage management server to operate each of the plurality of third-party applications as embedded agents within the storage management server. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A storage management server for protecting data, the storage management server comprising:
-
a set of one or more processors to execute operations of the storage management server, comprising a management module, a network module, and a data module, wherein; the storage management server is configured to store, manage, and retrieve data in a set of mass storage devices on behalf of one or more network storage clients, the network module is configured to enable the storage management server to communicate with the one or more network storage clients, and the data module is configured to manage data retrieval and storage in the set of mass storage devices; the storage management server establishes a sandbox to operate a plurality of third-party applications by implementing a plurality of enforcements to constrain operation of the plurality of third-party applications within a controlled set of the storage management server'"'"'s resources; the storage management server implements the plurality of enforcements by establishing a specific role for the sandbox in a role based access control mechanism of the storage management server, wherein the third-party applications are entirely enabled and operable from within the storage management server as a native service offered from within the storage management server independent of and without need for communication with any third-party servers for operation of the third-party application, and wherein the third-party applications are configured to provide services related to the providing of data access services by the storage management server to the one or more network storage clients; the sandbox uses the role based access control mechanism to constrain operation of each of the plurality of third-party applications within the controlled set of the storage management'"'"'s resources; and the sandbox enables the plurality of third-party applications to be operated within the storage management server without requiring use of an additional computer to operate each of the plurality of applications; and a memory coupled to the one or more processors to store the plurality of applications.
-
Specification