Secure data replication
First Claim
1. A method comprising:
- associating an access policy with a replication relationship, wherein the access policy is for a storage resource within first storage hosted by a first device, wherein the access policy defines an authentication mechanism, an authorization mechanism, and an access control mechanism, and wherein the replication relationship is between the first device and a second device for replicating data between the first storage and second storage hosted by the second device, wherein the access control mechanism specifies a resource restriction where data is replicated based upon a threshold amount of resources becoming available for executing data replication requests, wherein the threshold amount of resources is negotiated between the first device and the second device;
receiving a data replication request targeting the first storage; and
utilizing the authentication mechanism, the authorization mechanism, and the access control mechanism to selectively implement or deny the data replication request based upon the replication relationship.
0 Assignments
0 Petitions
Accused Products
Abstract
One or more techniques and/or computing devices are provided for secure data replication. For example, a first storage controller may host first storage within which storage resources (e.g., files, logical unit numbers (LUNs), volumes, etc.) are stored. The first storage controller may establish an access policy with a001 second storage controller to which data is to be replicated from the first storage. The access policy may define an authentication mechanism for the first storage controller to authenticate the second storage controller, an authorization mechanism specifying a type of access that the second storage controller has for a storage resource, and an access control mechanism specifying how the second storage controller'"'"'s access to data of the storage resource is to be controlled. In this way, data replication requests may be authenticated and authorized so that data may be provided, according to the access control mechanism, in a secure manner.
26 Citations
20 Claims
-
1. A method comprising:
-
associating an access policy with a replication relationship, wherein the access policy is for a storage resource within first storage hosted by a first device, wherein the access policy defines an authentication mechanism, an authorization mechanism, and an access control mechanism, and wherein the replication relationship is between the first device and a second device for replicating data between the first storage and second storage hosted by the second device, wherein the access control mechanism specifies a resource restriction where data is replicated based upon a threshold amount of resources becoming available for executing data replication requests, wherein the threshold amount of resources is negotiated between the first device and the second device; receiving a data replication request targeting the first storage; and utilizing the authentication mechanism, the authorization mechanism, and the access control mechanism to selectively implement or deny the data replication request based upon the replication relationship. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine readable medium having stored thereon machine executable code which when executed by a machine, causes the machine to:
-
associate an access policy with a replication relationship, wherein the access policy is for a storage resource within first storage hosted by a first device, wherein the access policy defines an authentication mechanism, an authorization mechanism, and an access control mechanism, and wherein the replication relationship is between the first device and a second device for replicating data between the first storage and second storage hosted by the second device, wherein the access control mechanism specifies a resource restriction where data is replicated based upon a threshold amount of resources becoming available for executing data replication requests, wherein the threshold amount of resources is negotiated between the first device and the second device; receive a data replication request targeting the first storage; and utilize the authentication mechanism, the authorization mechanism, and the access control mechanism to selectively implement or deny the data replication request based upon the replication relationship. - View Dependent Claims (16, 17)
-
-
18. A computing device comprising:
-
a memory comprising machine executable code for performing a method; and a processor coupled to the memory, the processor configured to execute the machine executable code to cause the processor to; associate an access policy with a replication relationship, wherein the access policy is for a storage resource within first storage hosted by a first device, wherein the access policy defines an authentication mechanism, an authorization mechanism, and an access control mechanism, and wherein the replication relationship is between the first device and a second device for replicating data between the first storage and second storage hosted by the second device, wherein the access control mechanism specifies a resource restriction where data is replicated based upon a threshold amount of resources becoming available for executing data replication requests, wherein the threshold amount of resources is negotiated between the first device and the second device; receive a data replication request targeting the first storage; and utilize the authentication mechanism, the authorization mechanism, and the access control mechanism to selectively implement or deny the data replication request based upon the replication relationship. - View Dependent Claims (19, 20)
-
Specification