SYSTEM AND METHOD FOR IMPLEMENTING DATA MIGRATION WHILE PRESERVING SECURITY POLICIES OF A SOURCE FILER

US 20150067759A1
Filed: 08/27/2013
Published: 03/05/2015
Est. Priority Date: 08/27/2013
Status: Active Grant

First Claim

Patent Images

1. A method for implementing a data migration, the method being implemented by one or more processors and comprising:

implementing a data migration in which data is migrated from a source file system to a destination file system;

identifying individual clients who direct communications to the source file system while the data migration is in progress;

determining a set of credentials for each identified client;

issuing, on behalf of each identified client and from a location that is external to the source file system, a request to the source file system to access a reference file system object, the reference file system object being associated with a known permission level;

determining a permission level of each client based on a response from the source file system;

implementing a security policy of the source file system for each client when, during the data migration, data from the destination file system is used to provide a response to a file system operation originating from any of the plurality of clients.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data migration system in which security policies of a source file system are preserved, in an environment in which clients actively issue communications for the source filer while data is migrated to a destination file system.

31 Citations

View as Search Results

20 Claims

1. A method for implementing a data migration, the method being implemented by one or more processors and comprising:
- implementing a data migration in which data is migrated from a source file system to a destination file system;
  
  identifying individual clients who direct communications to the source file system while the data migration is in progress;
  
  determining a set of credentials for each identified client;
  
  issuing, on behalf of each identified client and from a location that is external to the source file system, a request to the source file system to access a reference file system object, the reference file system object being associated with a known permission level;
  
  determining a permission level of each client based on a response from the source file system;
  
  implementing a security policy of the source file system for each client when, during the data migration, data from the destination file system is used to provide a response to a file system operation originating from any of the plurality of clients.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising creating a test file as the reference file system object.
  - 3. The method of claim 2, wherein the test file corresponds to a root access level file system object.
  - 4. The method of claim 2, wherein the test file corresponds to an unrestricted file system object used to determine read-only access.
  - 5. The method of claim 1, wherein determining the set of credentials includes determining a set of Remote Procedure Call (RPC) credentials for each client.
  - 6. The method of claim 5, wherein issuing the request on behalf of the identified client includes issuing a request using the identified RPC credentials.
  - 7. The method of claim 1, wherein identifying individual clients includes receiving, at the location that is external to the source file system, a request for access to the source file system from individual clients in the plurality of clients.
  - 8. The method of claim 1, wherein implementing the security policy includes implementing an Internet-Protocol (IP) based security policy.

9. A data migration system comprising:
- a memory that stores a set of instructions;
  
  one or more processors that use the instructions to;
  
  migrate data from a source file system to a destination file system;
  
  identify individual clients who direct communications to the source file system while migrating the data;
  
  determine a set of credentials for each identified client;
  
  issue, on behalf of each identified client and from a location that is external to the source file system, a request to the source file system to access a reference file system object, the reference file system object being associated with a known permission level;
  
  determine a permission level of each client based on a response from the source file system;
  
  implement a security policy of the source file system for each client when, during the data migration, data from the destination file system is used to provide a response to a file system operation originating from any of the plurality of clients.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The data migration system of claim 9, wherein the one or more processors create a test file as the reference file system object.
  - 11. The data migration system of claim 10, wherein the test file corresponds to a root access level file system object.
  - 12. The data migration system of claim 10, wherein the test file corresponds to an unrestricted read-only access file system object.
  - 13. The data migration system of claim 9, wherein the one or more processors determine the set of credentials by determining a set of Remote Procedure Call (RPC) credentials for each client.
  - 14. The data migration system of claim 13, wherein the one or more processors issue the request on behalf of the identified client by issuing a request using the identified RPC credentials.
  - 15. The data migration system of claim 9, wherein the one or more processors identify individual clients by receiving, at the location that is external to the source file system, a request for access to the source file system from individual clients in the plurality of clients.
  - 16. The data migration system of claim 9, wherein the one or more processors implement the security policy by implementing an Internet-Protocol (IP) based security policy.

17. A computer-readable medium for implementing a data migration, the computer-readable medium storing instructions that, when executed by one or more processors, cause the one or more processors to perform operations that include:
- implementing a data migration in which data is migrated from a source file system to a destination file system;
  
  identifying individual clients who direct communications to the source file system while the data migration is in progress;
  
  determining a set of credentials for each identified client;
  
  issuing, on behalf of each identified client and from a location that is external to the source file system, a request to the source file system to access a reference file system object, the reference file system object being associated with a known permission level;
  
  determining a permission level of each client based on a response from the source file system;
  
  implementing a security policy of the source file system for each client when, during the data migration, data from the destination file system is used to provide a response to a file system operation originating from any of the plurality of clients.
- View Dependent Claims (18, 19, 20)
- - 18. The computer-readable medium of claim 17, further comprising instructions for creating a test file as the reference file system object.
  - 19. The computer-readable medium of claim 18, wherein the test file corresponds to a root access level file system object.
  - 20. The computer-readable medium of claim 18, wherein the test file corresponds to an unrestricted read-only access file system object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NetApp, Inc.
Original Assignee
NetApp, Inc.
Inventors
Beard, Derek, Hsiao, Duen-Wen

Granted Patent

US 9,300,692 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 16/119   Details of migration of fil...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

SYSTEM AND METHOD FOR IMPLEMENTING DATA MIGRATION WHILE PRESERVING SECURITY POLICIES OF A SOURCE FILER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR IMPLEMENTING DATA MIGRATION WHILE PRESERVING SECURITY POLICIES OF A SOURCE FILER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links