Computer architectures using shared storage

US 8,972,515 B2
Filed: 03/30/2010
Issued: 03/03/2015
Est. Priority Date: 03/30/2009
Status: Active Grant

First Claim

Patent Images

1. An Enterprise Service Bus (ESB) system, comprising:

a shared storage including data and file system metadata separated from the data, wherein the file system metadata includes location data and at least on of encryption keys associated with encrypted data, a security level of the data, or structured information to retrieve, to use or to manage an information resource, wherein the file system metadata is included in at least one registry and access to the at least one registry is controlled, and wherein an infrastructure function of the ESB system is provided to enable messaging between providers and consumers as message data stored in the shared storage, wherein messaging between providers and consumers includes;

receiving a request from a consumer device to access the message data generated by a provider device; and

in response to the request, transmitting a location in the shared storage of the message data to the consumer device if the consumer device is authorized to access the message data;

wherein access to the at least one registry is controlled based on authorization information associated with an accessing device, wherein access to the one registry is controlled by generating modified metadata in response to a request from the accessing device, and wherein the modified metadata does not include storage information regarding portions of the data that the accessing device is not authorized to view based on the authorization information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Shared storage architectures are provided. A particular shared storage architecture includes an Enterprise Service Bus (ESB) system. The ESB system includes shared storage including data and file system metadata separated from the data. The file system metadata includes location data specifying storage location information related to the data. An infrastructure function of the ESB system is provided to enable messaging between providers and consumers through the shared storage.

94 Citations

View as Search Results

43 Claims

1. An Enterprise Service Bus (ESB) system, comprising:
- a shared storage including data and file system metadata separated from the data, wherein the file system metadata includes location data and at least on of encryption keys associated with encrypted data, a security level of the data, or structured information to retrieve, to use or to manage an information resource, wherein the file system metadata is included in at least one registry and access to the at least one registry is controlled, and wherein an infrastructure function of the ESB system is provided to enable messaging between providers and consumers as message data stored in the shared storage, wherein messaging between providers and consumers includes;
  
  receiving a request from a consumer device to access the message data generated by a provider device; and
  
  in response to the request, transmitting a location in the shared storage of the message data to the consumer device if the consumer device is authorized to access the message data;
  
  wherein access to the at least one registry is controlled based on authorization information associated with an accessing device, wherein access to the one registry is controlled by generating modified metadata in response to a request from the accessing device, and wherein the modified metadata does not include storage information regarding portions of the data that the accessing device is not authorized to view based on the authorization information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The ESB system of claim 1, wherein the shared storage stores instructions to implement the infrastructure function, and wherein the infrastructure function is data-agnostic.
  - 3. The ESB system of claim 1, wherein the data in the shared storage is read from the shared storage in an order that the data was written to the shared storage.
  - 4. The ESB system of claim 1, wherein a capacity of the ESB system to enable messaging between the providers and the consumers expands as a storage capacity of the shared storage is expanded.
  - 5. The ESB system of claim 1, wherein the shared storage is persistent.
  - 6. The ESB system of claim 1, wherein the shared storage reconfigures in response to at hardware failure.
  - 7. The ESB system of claim 1, wherein the infrastructure function is hosted on the shared storage independent of a CPU core, a processing thread, and a server instance.
  - 8. The ESB system of claim 1, wherein the at least one registry including the file system metadata is not associated with a particular server.
  - 9. The ESB system of claim 1, wherein the shared storage functions as an ESB that is not tied to a particular server.
  - 10. The ESB system of claim 1, wherein access to the at least one registry is restricted based on at least one of a second security level of a user, a third security level of an application, or the security level of the data in the shared storage.
  - 11. The ESB system of claim 10, wherein at least one of the data or the infrastructure function of the ESB system can be at least one of hidden or restricted through controlled access in the at least one registry.
  - 12. The ESB system of claim 10, wherein the security level of the data is determined based on at least one of rule sets or policies.

13. A method, comprising:
- enabling communication between a consumer and a producer, wherein an infrastructure function of an enterprise service bus (ESB) is provided through a shared storage to enable messaging between the producer and the consumer as message data stored in the shared storage, wherein the shared storage includes data and file system metadata separated from the data, wherein the file system metadata includes location data and at least one of encryption keys associated with encrypted data, a security level of the data, or structured information to retrieve, to use or to manage an information resource, and wherein the file system metadata is included in at least one registry and access to the at least one registry is controlled, wherein messaging between the producer and the consumer includes;
  
  receiving a request from a consumer device to access the message data generated by a producer device; and
  
  in response to the request, transmitting a location in the shared storage of the message data to the consumer device if the consumer device is authorized to access the message data;
  
  wherein access to the at least one registry is controlled based on authorization information associated with an accessing device, wherein access to the one registry is controlled by generating modified metadata in response to a request from the accessing device, and wherein the modified metadata does not include storage information regarding portions of the data that the accessing device is not authorized to view based on the authorization information.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 14. The method of claim 13, wherein the ESB is data-agnostic.
  - 15. The method of claim 13, further comprising transferring at least one of the data stored at the shared storage or the infrastructure function without using a server-to-server session.
  - 16. The method of claim 13, further comprising maintaining a registry of available wherein the infrastructure functions of the ESB in the shared storage.
  - 17. The method of claim 16, wherein maintaining the registry comprises identifying in the registry the data available in the shared storage.
  - 18. The method of claim 13, further comprising restricting access to the at least one registry based on at least one of a second security level of a user, a third security level of an application, or the security level of the data in the shared storage.
  - 19. The method of claim 18, wherein at least one of the data or the infrastructure function of the ESB can be at least one of bidden or restricted through controlled access in the at least one registry.
  - 20. The method of claim 18, further comprising determining the security level of the data based on at least one of rule sets or policies.
  - 21. The method of claim 13, further comprising publishing the infrastructure function in a directory structure.
  - 22. The method of claim 13, wherein the data in the shared storage and the infrastructure function can be at least one of added, removed, or acted upon independent of time.
  - 23. The method of claim 13, wherein, when a requester causes the infrastructure function to be accessed, the infrastructure function inherits at least one identity attribute of the requestor associated with a second security level of the requestor.
  - 24. The method of claim 13, wherein, when the requester causes particular data on the shared storage to be accessed, the particular data inherits at least one of the identity of the requester or the security level of the requestor.
  - 25. The method of claim 13, wherein the infrastructure function is stateless, wherein the infrastructure function does not retain any information regarding usage, current state, and security level of the infrastructure function after use.
  - 26. The method of claim 13, further comprising generating at least one of a first persistent record of requests to access the infrastructure function on the shared storage or a second persistent record of requests to access the data on the shared storage.
  - 27. The method of claim 13, further comprising modifying, the infrastructure function while the infrastructure function is being used to enable communication between the consumer and the producer.
  - 28. The method of claim 13, further comprising performing diagnostics against at least one of hardware of the shared storage, the infrastructure function, or the data in the shared storage.
  - 29. The method of claim 28, further comprising recovering faulted data.
  - 30. The method of claim 13, wherein instructions to implement the infrastructure function are striped across the shared storage.
  - 31. The method of claim 13, wherein the shared storage provides an architecture to loosely integrate a suite of services.

32. A service-oriented architecture (SOA) system, comprising a shared storage including data and file system metadata separated from the data, wherein the file system metadata includes location data and at least one of encryption keys associated with encrypted data, a security level of the data, or structured information to retrieve, to use or to manage an information resource, wherein the file system metadata is included in at least one registry and access to the at least one registry is controlled, wherein the shared storage provides an architecture to loosely integrate a suite a services, wherein an infrastructure function of the SOA system is provided to enable messaging between providers and consumers as message data stored in the shared storage, wherein messaging between providers and consumers includes:
- receiving a request from a consumer device to access the message data generated by a provider device; and
  
  in response to the request, transmitting a location in the share storage of the message data to the consumer device if the consumer device is authorized to access the message data;
  
  wherein access to the at least one registry is controlled based on authorization information associated with an accessing device, wherein access to the one registry is controlled by generating modified metadata in response to a request from the accessing device, and wherein the modified metadata does not include storage information regarding portions of the data that the accessing device is not authorized to view based on the authorization information.
- View Dependent Claims (33, 34)
- - 33. The SOA system of claim 32, wherein all the services of the suite of services are provided through the shared storage.
  - 34. The SOA system of claim 32, wherein access to the at least one registry is restricted based on at least one of a second security level of a user, a third security level of a first service of the suite of services, or the security level of the data in the shared storage.

35. A method, comprising:
- enabling communication between a consumer and a producer through message data stored in a shared storage, wherein a service-oriented architecture on the share storage is provided to loosely integrate a suite of services, wherein the shared storage includes data and file system metadata separated from the data, wherein the file system metadata includes location data and at least one of encryption keys associated with encrypted data, a security level of the data, or structured information to retrieve, to use or to manage an information resource, wherein the file system metadata is included in at least one registry and access to the at least one registry is controlled, wherein communication between the producer and the consumer includes;
  
  receiving a request from a consumer device to access the message data generated by a producer device; and
  
  in response to the request, transmitting a location in the shared storage of the message data to the consumer device if the consumer device is authorized to access the message data;
  
  wherein access to the at least one registry is controlled based on authorization information associated with an accessing device, wherein access to the one registry is controlled by generating modified metadata in response to a request from the accessing device, and wherein the modified metadata does not include storage information regarding portions of the data that the accessing device is not authorized to view based on the authorization information.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
- - 36. The method of claim 35, further comprising maintaining registry of available service'"'"'s of the suite of services in the shared storage.
  - 37. The method of claim 36, wherein maintaining the registry comprises identifying in the registry the data available in the shared storage.
  - 38. The method of claim 35, further comprising restricting access to the at least one registry based on at least one of a second security level of a user, a third security level of a first service of the suite of services, or the security level of the data in the shared storage.
  - 39. The method of claim 38, wherein at least one the data or the first service of the suite of services can be at least one of hidden or restricted through controlled access in the at least one registry.
  - 40. The method of claim 38, further comprising determining the security level of the data based on at least one of rule sets or policies.
  - 41. The method of claim 35, wherein, when a requestor causes a particular service of the suite of services to be accessed, the particular service of the suite of services inherits at least one of an identity of the requestor or a security level of the requestor.
  - 42. The method of claim 41, wherein, when the requester causes particular data on the shared storage to be accessed, the particular data inherits at least one identity attribute of the requestor associated with the security level of the requestor.
  - 43. The method of claim 35, further comprising generating at least one of a first persistent record of requests to access the services of the suite of services on the shared storage or a second persistent record of requests to access data on the shared storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Kuehn, Dennis L., Bettger, David D., Stone, Kevin A., Peters, Marc A.
Primary Examiner(s)
Lazaro, David
Assistant Examiner(s)
HENRY, MARIEGEORGES A

Application Number

US12/750,582
Publication Number

US 20100257374A1
Time in Patent Office

1,799 Days
Field of Search

709/213, 714/4.1
US Class Current

709/213
CPC Class Codes

G06F 12/0813   with a network or matrix co...

G06F 13/4221   being an input/output bus, ...

G06F 16/176   Support for shared access t...

G06F 16/28   Databases characterised by ...

G06F 3/0607   by facilitating the process...

G06F 3/0608   Saving storage space on sto...

G06F 3/0655   Vertical data movement, i.e...

G06F 3/067   Distributed or networked st...

G06F 3/0689   Disk arrays, e.g. RAID, JBOD

G06F 9/50   Allocation of resources, e....

Computer architectures using shared storage

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Computer architectures using shared storage

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links