Metadirectory namespace and method for use of the same
First Claim
Patent Images
1. A method for accessing a file or directory at a storage system, the method comprising:
- receiving a file access request for the file or directory;
determining, in response to receiving the file access request, whether the requested file or directory is accessible through a metadirectory namespace containing files and directories which are not visible to one or more co-existing user-accessible namespaces, wherein the metadirectory namespace stores protected files and directories and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces;
determining, in response to determining that the file or directory is accessible through the metadirectory namespace, whether an originator of the file access request is authorized to access the requested file or directory in the restricted-access metadirectory namespace; and
processing, in response to determining that the originator is authorized to access the file or directory, the received file access request.
0 Assignments
0 Petitions
Accused Products
Abstract
A metadirectory namespace is provided for storing files and directories “hidden” from one or more user-accessible namespaces. The metadirectory namespace is a separate, parallel namespace that coexists with other user-accessible namespaces in a storage operating system. Files and directories may be identified as being stored in a metadirectory based on their location or based on their associated flags. The metadirectory namespace may be selectively exported only to clients, users and applications given special file access permissions.
31 Citations
26 Claims
-
1. A method for accessing a file or directory at a storage system, the method comprising:
-
receiving a file access request for the file or directory; determining, in response to receiving the file access request, whether the requested file or directory is accessible through a metadirectory namespace containing files and directories which are not visible to one or more co-existing user-accessible namespaces, wherein the metadirectory namespace stores protected files and directories and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces; determining, in response to determining that the file or directory is accessible through the metadirectory namespace, whether an originator of the file access request is authorized to access the requested file or directory in the restricted-access metadirectory namespace; and processing, in response to determining that the originator is authorized to access the file or directory, the received file access request. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A storage system, comprising:
-
a processor; a network adapter configured to receive a file access request for a file or directory; and a memory configured to store one or more user-accessible namespaces and a metadirectory namespace, the metadirectory namespace containing protected files and directories which are not visible to users outside the storage system and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces, the memory being further configured to store instructions for execution by the processor for performing the steps of; determining whether the requested file or directory is accessible through the restricted-access metadirectory namespace; determining, in response to determining that the file or directory is accessible through the metadirectory namespace, whether an originator of the file access request is authorized to access the requested file or directory in the restricted-access metadirectory namespace; and processing, in response to determining that the originator is authorized to access the file or directory, the received file access request. - View Dependent Claims (8, 9, 10)
-
-
11. A method for accessing data structures, comprising:
-
receiving an access request for a data structure; determining whether the requested data structure is stored in a separate metadirectory namespace that is independent of one or more user-accessible namespaces, wherein the metadirectory namespace stores protected data structures and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces; and in response to determining the requested data structure is stored in the metadirectory namespace, processing the access request upon determining an originator of the access request is permitted to access the requested data structure. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A storage system, comprising:
-
a processor; a network adapter configured to receive a access request for a data structure; and a memory configured to store one or more user-accessible namespaces and a metadirectory namespace, the metadirectory namespace containing protected data structures which are not visible to the one or more co-existent user-accessible namespaces and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces, the memory being further configured to store instructions for execution by the processor for performing the steps of; determining whether the requested data structure is accessible through the restricted-access metadirectory namespace; determining, in response to determining that the file or directory is accessible through the metadirectory namespace, whether an originator of the access request is authorized to access the requested data structure; and processing, in response to determining that the originator is authorized to access the data structure, the received access request. - View Dependent Claims (21, 22)
-
-
23. A computer-readable storage medium containing executable program instructions executed by a processor, comprising:
-
program instructions that receive an access request for a data structure; program instructions that determine whether the requested data structure is accessible through a metadirectory namespace which is separate from one or more user-accessible namespaces, wherein the metadirectory namespace stores protected data structures and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces; program instructions that determine, in response to determining that the requested data structure is accessible through the restricted-access metadirectory namespace, whether an requestor is authorized to access the data structure; and program instructions that access, in response to determining that the requestor is authorized, the requested data structure. - View Dependent Claims (24, 25)
-
-
26. A method, comprising:
-
receiving a first file access request for a file or a directory from a first client; determining, in response to receiving the first file access request, whether the requested file or directory is accessible through a metadirectory namespace containing files and directories which are not visible to one or more co-existing user-accessible namespaces, wherein the metadirectory namespace stores protected files and directories and the metadirectory namespace is a separate restricted-access hierarchical structure then the one or more user-accessible namespaces; determining, in response to determining that the file or directory is accessible through the metadirectory namespace, whether the first client is authorized to access the requested file or directory stored in the restricted-access metadirectory namespace; processing, in response to determining that the first client is authorized to access the file or directory, the first file access request; receiving a second file access request for a second file from a second client; determining the second file is stored with the metadirectory namespace; and restricting access to the second file in response to determining the second client is not authorized to access the metadirectory namespace.
-
Specification