System and method to control access to data stored in a data storage device

US 8,543,737 B2
Filed: 02/03/2005
Issued: 09/24/2013
Est. Priority Date: 05/12/2004
Status: Active Grant

First Claim

Patent Images

1. A network attached storage device comprising:

one or more data storage drives defining storage space, the storage space divided into a plurality of data pools;

a plurality of communication interfaces for external data communication;

memory to store information defining selective access to the plurality of data pools;

a storage controller in data communication with the memory, the one or more data storage drives and the plurality of communication interfaces, the storage controller operative toreceive from an administrative user information defining a specific data pool among the plurality of data pools and a specific communication interface of the plurality of communication interfaces from which a received request will be authenticated to access the specific data pool,identify a request to access a respective data pool of the plurality of data pools and identify a respective communication interface of the plurality of communication interfaces with which the identified request is received at the network attached storage device, the storage controller further operative to authenticate the identified request to access the respective data pool when access to the respective data pool has been previously authorized using the stored information defining selective access to the plurality of data pools.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various aspects of the invention provide a plurality of systems and methods of selectively enabling access to data stored in a data storage device, by one or more data processing devices communicatively coupled to the data storage device. In a representative embodiment, selective access to one or more data pools may be made as a function of one or more interfaces of the data storage device. In a representative embodiment, selective access to one or more data pools may be made as a function of one or more data file types associated with one or more data pools of the data storage device. In a representative embodiment, access to data stored in one or more data pools of the data storage device may be based on or associated with one or more types networks associated with the data storage device.

Citations

21 Claims

1. A network attached storage device comprising:
- one or more data storage drives defining storage space, the storage space divided into a plurality of data pools;
  
  a plurality of communication interfaces for external data communication;
  
  memory to store information defining selective access to the plurality of data pools;
  
  a storage controller in data communication with the memory, the one or more data storage drives and the plurality of communication interfaces, the storage controller operative toreceive from an administrative user information defining a specific data pool among the plurality of data pools and a specific communication interface of the plurality of communication interfaces from which a received request will be authenticated to access the specific data pool,identify a request to access a respective data pool of the plurality of data pools and identify a respective communication interface of the plurality of communication interfaces with which the identified request is received at the network attached storage device, the storage controller further operative to authenticate the identified request to access the respective data pool when access to the respective data pool has been previously authorized using the stored information defining selective access to the plurality of data pools.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The network attached storage device of claim 1 further comprising a control circuit operative to provide a user interface to the administrative user to receive access configuring information from the administrative user and to store the access configuring information in the memory.
  - 3. The network attached storage device of claim 2 wherein the storage controller is responsive to receive access configuring information and thereby to define a new data pool among the storage space and to store in the memory information defining selective access to the new data pool.
  - 4. The network attached storage device of claim 3 wherein the user interface is operative to receive from the administrative user information defining a share name for the new data pool and information defining a password for user authentication during subsequent access to the new data pool.
  - 5. The network attached storage device of claim 2 wherein the control circuit is further operative to receive from the administrative user information defining a specific data pool among the plurality of data pools and an identifier for a specific network or subnetwork from which a received request will be authenticated to access the specific data pool.
  - 6. The network attached storage device of claim 2 wherein the plurality of communication interfaces comprises a wireline interface and a wireless interface and wherein the stored information defining selective access to the plurality of data pools associates a first particular data pool for access by the wireline interface and a second particular data pool for access by the wireless interface.

7. A method for a network attached storage device, the method comprising:
- at the network attached storage device,receiving from an administrative user information defining a plurality of data pools;
  
  receiving from the administrative user information defining access to respective data pools of the plurality of data pools, the information associating a respective file type of one or more file types with the respective data pools of the plurality of data pools so that only data files having the associated respective file type can be read from or written to the respective data pool;
  
  subsequently, receiving from a user a request for access to a data pool, the user request specifying a data file and a file type for the data file;
  
  categorizing the user request using the file type;
  
  comparing the file type of the categorized user request with the information defining access to the respective data pools; and
  
  permitting access for the user and the data file to a respective data pool only if the file type of the categorized user request matches the information defining access to the respective data pool.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7 further comprising:
    - receiving from the administrative user information defining access to respective data pools of the plurality of data pools, the information associating a respective data communication port of the one or more data communication ports of the network attached storage device with the respective data pools so that only data files communicated through the associated respective data communication port are accessible in the respective data pools;
      
      subsequently, receiving at a particular data communication port of the network attached storage device a user request for access to a data pool;
      
      comparing identification of the particular data communication port of the received user request with the information defining access to respective data pools of the plurality of data pools; and
      
      permitting access for the user and the data file to a respective data pool of the plurality of data pools only if the identification of the particular data communication port matches the information defining access to the respective data port based on the comparison.
  - 9. The method of claim 8 wherein receiving the information associating one or more data communication ports of the network attached storage device with the respective data pools comprises:
    - receiving from the administrative user information associating a wireless communication port of the of the network attached storage device with a first data pool;
      
      receiving from the administrative user information associating a wireline communication port of the of the network attached storage device with a second data pool; and
      
      storing the received administrative user information in a memory of the network access storage device.
  - 10. The method of claim 9 further comprising:
    - receiving at the wireless communication port a user request for access to the second data pool;
      
      comparing identification of the wireless communication port with the stored administrative user information; and
      
      denying the request to access the second data pool based on the comparison.
  - 11. The method of claim 7 further comprising:
    - receiving from the administrative user information defining access to respective data pools of the plurality of data pools, the information associating a respective network or subnetwork of one or more networks or subnetworks in data communication with the network attached storage device with the respective data pools of the plurality of data pools so that only data files associated with the respective network or subnetwork are accessible in the respective data pools;
      
      subsequently, receiving at the network attached storage device a user request for access to a data pool;
      
      identifying a network or subnetwork from which the user request was received;
      
      comparing the identification of the network or subnetwork for the received user request with the information defining access to respective data pools of the plurality of data pools; and
      
      permitting access for the user and the data file to a respective data pool only if the identification of the network or subnetwork matches the information defining access to the respective data pool.

12. A network attached storage device comprising:
- a wireline interface circuit operable for data communication over one or more wireline networks with remote data devices;
  
  a wireless interface operable for wireless data communication with remote wireless sources;
  
  disk storage segmented into a plurality of data pools, the data pools formed by selectively concatenating one or more portions of one or more hard disk drives of the disk storage;
  
  memory to store data; and
  
  a controller in data communication with the wireline interface circuit, the wireless interface circuit, the memory and the disk storage and operable toprovide user interface data over either a wireline network or to a remote wireless source to form a user interface at a remote data processing device, the user interface adapted to receive access configuration data from an administrative user at the remote data processing device, andcontrol access to respective data pools of the plurality of data pools based on the access configuration data.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The network attached storage device of claim 12 wherein the controller is operative to provide user interface data to the remote processing device to prompt the administrative user to enable share authentication to limit access to a specified data pool for only a remote data device or a remote wireless source providing authentic credentials.
  - 14. The network attached storage device of claim 12 wherein the controller is operative to provide user interface data to the remote processing device to prompt the administrative user to enable share authentication to limit access to a specified data pool for only a remote data device or a remote wireless source providing a password initially set by the administrative user.
  - 15. The network attached storage device of claim 12 wherein the controller is operative to provide user interface data to the remote processing device to prompt the administrative user to enable access to a specified data pool for only a remote data device accessing the network attached storage via the wireline interface circuit.
  - 16. The network attached storage device of claim 12 wherein the controller is operative to provide user interface data to the remote processing device to prompt the administrative user to enable access to a specified data pool for only a remote wireless source accessing the network attached storage via the wireless interface.
  - 17. The network attached storage device of claim 16 wherein the controller is further operative to store in the memory access control data provided by the administrative user for controlling access to respective data pools.

18. A method for a network attached storage device, the method comprising:
- at the network attached storage device,communicating data to a remote data processing device to establish a user interface at the remote data processing device, the user interface accessible by an administrative user to provide access control data to the network attached storage device;
  
  receiving from the remote data processing device data pool data defining one or more data pools for storage of user data;
  
  in response to the data pool data, concatenating one or more portions of disk storage of the network attached storage device to define one or more data pools;
  
  receiving from the remote data processing device data pool access data;
  
  subsequently using the received data pool access data to limit access to the one or more data pools.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18 wherein receiving data pool access data comprises:
    - receiving file type data defining for a particular data pool of the one or more data pools a type of data file that may be stored or read from the particular data pool, andstoring the received file type data in the memory in association with information for the particular data pool,and further comprising receiving a request to access a data file stored with the particular data pool, and wherein using the received data pool access data to limit access comprises comparing the file type data stored in the memory with a file type of the request to access and authenticating the access only in the case of a file type match.
  - 20. The method of claim 18 wherein receiving data pool access data comprises:
    - receiving port type data defining for a particular data pool of the one or more data pools a type of data communication port of the network attached storage device will be authenticated to access the particular data pool, andstoring the received port type data in the memory in association with information for the particular data pool,and further comprising receiving at a particular data port of the network attached storage device a request to access a data file stored with the particular data pool, and wherein using the received data pool access data to limit access comprises comparing the port type data stored in the memory with information about the particular port and authenticating the access only in the case of a port type match.
  - 21. The method of claim 20 further comprising:
    - communicating data to the remote processing device to establish on the user interface;
      
      a data pool identifier for specified data pool, andselection buttons specifying one or more ofpermitted wireless access at the network attached storage device to the specified data pool, orpermitted wireline access at the network attached storage device to the specified data pool, or both.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Ma, Kenneth
Primary Examiner(s)
Nam, Hyun

Application Number

US11/049,772
Publication Number

US 20050256983A1
Time in Patent Office

3,155 Days
Field of Search

710/8
US Class Current

710/8
CPC Class Codes

G06F 13/385 for adaptation of a particu...

System and method to control access to data stored in a data storage device

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to control access to data stored in a data storage device

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links