Clustered file systems for mix of trusted and untrusted nodes
First Claim
Patent Images
1. A method of operating a cluster of computer system nodes sharing direct read/write access to filesystems, comprising:
- assigning a mandatory access control label as an extended attribute of a filesystem object administered by at least one trusted metadata server node, the mandatory access control label including a first indication of sensitivity and a first indication of integrity, wherein the extended attribute includes a free form data area associated with the filesystem object;
assigning a mandatory access control label having a second indication of sensitivity and a second indication of integrity to each node in the cluster; and
permitting access to the filesystem object by any node in the cluster when the second indication of sensitivity and the second indication of integrity assigned thereto meets criteria defined by the first indication of sensitivity and the first indication of integrity in the mandatory access control label of the filesystem object.
7 Assignments
0 Petitions
Accused Products
Abstract
A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.
159 Citations
20 Claims
-
1. A method of operating a cluster of computer system nodes sharing direct read/write access to filesystems, comprising:
-
assigning a mandatory access control label as an extended attribute of a filesystem object administered by at least one trusted metadata server node, the mandatory access control label including a first indication of sensitivity and a first indication of integrity, wherein the extended attribute includes a free form data area associated with the filesystem object; assigning a mandatory access control label having a second indication of sensitivity and a second indication of integrity to each node in the cluster; and permitting access to the filesystem object by any node in the cluster when the second indication of sensitivity and the second indication of integrity assigned thereto meets criteria defined by the first indication of sensitivity and the first indication of integrity in the mandatory access control label of the filesystem object. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable storage medium including code for operating a cluster of computer system nodes sharing direct read/write access to filesystem objects, the code operable to:
-
assign a mandatory access control label as an extended attribute of a filesystem object administered by at least one trusted metadata server node, the mandatory access control label including a first indication of sensitivity and a first indication of integrity, wherein the extended attribute includes a free form data area associated with the filesystem object; assigning a mandatory access control label including a second indication of sensitivity and a second indication of integrity to each node of the cluster; and permitting access to the filesystem object by any node when the second indication of sensitivity and the second indication of integrity assigned thereto meets criteria defined by the first indication of sensitivity and the first indication of integrity in the mandatory access control label of the filesystem object. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A cluster of computer systems, comprising:
-
storage devices storing at least one filesystem object; a storage area network coupled to the storage devices; metadata client nodes coupled to the storage area network; and a trusted metadata server node coupled to the storage area network, wherein the trusted metada server node assigns a mandatory access control label as an extended attribute of the at least one filesystem object, wherein the extended attribute includes a free form data area associated with the at least one filesystem object, wherein the mandatory access control label includes a first indication of sensitivity and a first indication of integrity, wherein the trusted metadata server node assigns a mandatory access control label including a second indication of sensitivity and a second indication of integrity to each node, and wherein the trusted metadata server node permits access to the filesystem object by any node when the second indication of sensitivity and the second indication of integrity assigned thereto meets criteria defined by the first indication of sensitivity and the first indication of integrity in the mandatory access control label of the filesystem object. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system of operating a cluster of computer system nodes sharing direct read/write access to filesystems, comprising:
a trusted metadata server node, wherein access to mass storage is shared by a mixture of trusted and untrusted nodes, wherein shared data is stored with labeling used by the trusted nodes in the cluster of computer system nodes, and wherein the trusted metadata server node; assigns a mandatory access control label as an extended attribute of a filesystem object, the mandatory access control label including a first indication of sensitivity and a first indication of integrity, wherein the extended attribute includes a free form data area associated with the filesystem object; assigns a mandatory access control label having a second indication of sensitivity and a second indication of integrity to each node in the cluster; and permits access to the filesystem object by any node when the second indication of sensitivity and the second indication of integrity assigned thereto meets criteria defined by the first indication of sensitivity and the first indication of integrity in the mandatory access control label of the filesystem object. - View Dependent Claims (17, 18, 19, 20)
Specification