Data access management in a hybrid memory server

US 9,542,322 B2
Filed: 03/15/2013
Issued: 01/10/2017
Est. Priority Date: 06/24/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method, on a server system in an out-of-core processing environment, for managing access to data by accelerator systems, the method comprising:

receiving a request from an accelerator system for access to a given data set;

determining an access context associated with the given data set;

selecting an access configuration from a plurality of different access configurations available for the accelerator system based on the access context that has been determined;

dynamically configuring the accelerator system according to the access configuration to one ofaccess the given data set directly from the server system,locally store a portion of the given data set in a memory, andlocally store all of the given data set in the memory,receiving a security request from a user associated with the request for access to the given data set;

determining if the security request accelerator system indicates that the user is requesting a fully encrypted communication link;

in response to determining that the accelerator system has requested a fully encrypted communication link, establishing a fully encrypted communication link with the accelerator system;

in response to determining that the user has not requested a fully encrypted communication link, determining if the accelerator system has been configured to access the given data set directly from the server system;

in response to determining that the accelerator system has been configured to access the given data set directly from the server system, establishing a fully encrypted communication link with the accelerator system; and

in response to determining that the accelerator system has not been configured to access the given data set directly from the server system,establishing a partially encrypted communication link with the accelerator system to transfer information associated, the partially encrypted communication link comprising a lower encryption strength than a fully encrypted communication link, andinstructing the accelerator system to maintain a security counter that indicates when to remove the one of the portion or all of the given data set from the memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Once or more embodiments manage access to data by accelerator systems in an out-of-core processing environment. In one embodiment, a request from an accelerator system is received for access to a given data set. An access context associated with the given data set is determined. The accelerator system is dynamically configured, based on the access context that has been determined, based on the access context that has been determined, to one of access the given data set directly from the server system; locally store a portion of the given data set in a memory; and locally store all of the given data set in the memory.

41 Citations

9 Claims

1. A method, on a server system in an out-of-core processing environment, for managing access to data by accelerator systems, the method comprising:
- receiving a request from an accelerator system for access to a given data set;
  
  determining an access context associated with the given data set;
  
  selecting an access configuration from a plurality of different access configurations available for the accelerator system based on the access context that has been determined;
  
  dynamically configuring the accelerator system according to the access configuration to one ofaccess the given data set directly from the server system,locally store a portion of the given data set in a memory, andlocally store all of the given data set in the memory,receiving a security request from a user associated with the request for access to the given data set;
  
  determining if the security request accelerator system indicates that the user is requesting a fully encrypted communication link;
  
  in response to determining that the accelerator system has requested a fully encrypted communication link, establishing a fully encrypted communication link with the accelerator system;
  
  in response to determining that the user has not requested a fully encrypted communication link, determining if the accelerator system has been configured to access the given data set directly from the server system;
  
  in response to determining that the accelerator system has been configured to access the given data set directly from the server system, establishing a fully encrypted communication link with the accelerator system; and
  
  in response to determining that the accelerator system has not been configured to access the given data set directly from the server system,establishing a partially encrypted communication link with the accelerator system to transfer information associated, the partially encrypted communication link comprising a lower encryption strength than a fully encrypted communication link, andinstructing the accelerator system to maintain a security counter that indicates when to remove the one of the portion or all of the given data set from the memory.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein determining the access context further comprises:
    - identifying at least one ofa set of attributes associated with a user requesting access to the given data set;
      
      a set of security attributes associated with the given data set; and
      
      a set of data ports to be used to transmit and receive the given data set.
  - 3. The method of claim 1, further comprising:
    - determining a type of processing core associated with the accelerator system; and
      
      transforming the given data set from a first format to a second format that is associated with the type of processing core that has been determined.

4. A server system in an out-of-core processing environment, the server system comprising:
- a memory;
  
  a processor communicatively coupled to the memory; and
  
  a data manager communicatively coupled to the memory and the processor, wherein the data manager is configured to perform a method comprising;
  
  receiving a request from an accelerator system for access to a given data set;
  
  determining an access context associated with the given data set; and
  
  selecting an access configuration from a plurality of different access configurations available for the accelerator system based on the access context that has been determined; and
  
  dynamically configuring the accelerator system according to the access configuration to one ofaccess the given data set directly from the server system,locally store a portion of the given data set in a memory, andlocally store all of the given data set in the memory,receiving a security request from a user associated with the request for access to the given data set;
  
  determining if the security request accelerator system indicates that the user is requesting a fully encrypted communication link;
  
  in response to determining that the accelerator system has requested a fully encrypted communication link, establishing a fully encrypted communication link with the accelerator system;
  
  in response to determining that the user has not requested a fully encrypted communication link, determining if the accelerator system has been configured to access the given data set directly from the server system;
  
  in response to determining that the accelerator system has been configured to access the given data set directly from the server system, establishing a fully encrypted communication link with the accelerator system; and
  
  in response to determining that the accelerator system has not been configured to access the given data set directly from the server system,establishing a partially encrypted communication link with the accelerator system to transfer information associated, the partially encrypted communication link comprising a lower encryption strength than a fully encrypted communication link, andinstructing the accelerator system to maintain a security counter that indicates when to remove the one of the portion or all of the given data set from the memory.
- View Dependent Claims (5, 6)
- - 5. The server system of claim 4, wherein determining the access context further comprises:
    - identifying at least one ofa set of attributes associated with a user requesting access to the given data set;
      
      a set of security attributes associated with the given data set; and
      
      a set of data ports to be used to transmit and receive the give data set.
  - 6. The server system of claim 4, wherein the method further comprises:
    - determining a type of processing core associated with the accelerator system; and
      
      transforming the given data set from a first format to a second format that is associated with the type of processing core that has been determined.

7. A computer program product for managing access to data by accelerator systems, the computer program product comprising:
- a non-transitory storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method comprising;
  
  receiving a request from an accelerator system for access to a given data set;
  
  determining an access context associated with the given data set; and
  
  selecting an access configuration from a plurality of different access configurations available for the accelerator system based on the access context that has been determined; and
  
  dynamically configuring the accelerator system according to the access configuration to one ofaccess the given data set directly from the server system,locally store a portion of the given data set in a memory, andlocally store all of the given data set in the memory,receiving a security request from a user associated with the request for access to the given data set;
  
  determining if the security request accelerator system indicates that the user is requesting a fully encrypted communication link;
  
  in response to determining that the accelerator system has requested a fully encrypted communication link, establishing a fully encrypted communication link with the accelerator system;
  
  in response to determining that the user has not requested a fully encrypted communication link, determining if the accelerator system has been configured to access the given data set directly from the server system;
  
  in response to determining that the accelerator system has been configured to access the given data set directly from the server system, establishing a fully encrypted communication link with the accelerator system; and
  
  in response to determining that the accelerator system has not been configured to access the given data set directly from the server system,establishing a partially encrypted communication link with the accelerator system to transfer information associated, the partially encrypted communication link comprising a lower encryption strength than a fully encrypted communication link, andinstructing the accelerator system to maintain a security counter that indicates when to remove the one of the portion or all of the given data set from the memory.
- View Dependent Claims (8, 9)
- - 8. The computer program product of claim 7, wherein determining the access context further comprises:
    - identifying at least one ofa set of attributes associated with a user requesting access to the given data set;
      
      a set of security attributes associated with the given data set; and
      
      a set of data ports to be used to transmit and receive the given data set.
  - 9. The computer program product of claim 7, wherein the method further comprises:
    - determining a type of processing core associated with the accelerator system; and
      
      transforming the given data set from a first format to a second format that is associated with the type of processing core that has been determined.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Chan, Yuk Lung, Krishnamurthy, Rajaram B., Parris, Carl Joseph
Primary Examiner(s)
BILGRAMI, ASGHAR H

Application Number

US13/837,245
Publication Number

US 20130212376A1
Time in Patent Office

1,397 Days
Field of Search

709/203, 709/213, 709/216, 709/220, 709/223, 713/150
US Class Current

1/1
CPC Class Codes

G06F 12/0862   with prefetch

G06F 12/0868   Data transfer between cache...

G06F 15/177   Initialisation or configura...

G06F 16/172   Caching, prefetching or hoa...

G06F 16/182   Distributed file systems

G06F 21/602   Providing cryptographic fac...

G06F 2212/264   Remote server

G06F 2212/602   Details relating to cache p...

G06F 3/0608   Saving storage space on sto...

G06F 3/061   Improving I/O performance

G06F 3/0644   Management of space entitie...

G06F 3/065   Replication mechanisms

G06F 3/0653   Monitoring storage devices ...

G06F 3/067   Distributed or networked st...

G06F 3/0685   Hybrid storage combining he...

G06F 3/0688   Non-volatile semiconductor ...

H04L 41/5054   Automatic deployment of ser...

H04L 47/24   Traffic characterised by sp...

H04L 67/568   Storing data temporarily at...

Data access management in a hybrid memory server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

41 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Data access management in a hybrid memory server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links