Secure high performance multi-level security database systems and methods
First Claim
1. A system for sharing data over one or more networks, the system comprising:
- a storage area network configured to communicate with the one or more networks;
a first component configured to route data to and from the storage area network via a first storage network connection;
a second component configured to route data to and from the storage area network via a second storage network connection;
a gateway component configured to control the routing of data between the first and second components and the storage area network; and
a metadata controller configured to separate metadata from the data, store the metadata in a first database, and store the data without metadata in a second database, whereinthe metadata includes the data location of and is required to access the data without metadata stored in the second database,the metadata controller is located behind the gateway component,the gateway component includes a security component that directly controls and authorizes access to the metadata controller and the metadata,requests for data are made by a client through the gateway component via a first channel network connection, andtransfers of data are made directly from the storage area network to the client through a second channel and without passing through the gateway component.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with one or more embodiments of the present disclosure, systems and methods described herein provide for transferring data over one or more networks. A storage area network is adapted to communicate with the one or more networks. A first component is adapted to route data to and from the storage area network. A second component is adapted to route data to and from the storage area network. A gateway component is adapted to control the routing of data between the first and second components and the storage area network. The storage area network is adapted to separate metadata from the data and store the metadata in a secure server positioned behind the gateway component.
-
Citations
24 Claims
-
1. A system for sharing data over one or more networks, the system comprising:
-
a storage area network configured to communicate with the one or more networks; a first component configured to route data to and from the storage area network via a first storage network connection; a second component configured to route data to and from the storage area network via a second storage network connection; a gateway component configured to control the routing of data between the first and second components and the storage area network; and a metadata controller configured to separate metadata from the data, store the metadata in a first database, and store the data without metadata in a second database, wherein the metadata includes the data location of and is required to access the data without metadata stored in the second database, the metadata controller is located behind the gateway component, the gateway component includes a security component that directly controls and authorizes access to the metadata controller and the metadata, requests for data are made by a client through the gateway component via a first channel network connection, and transfers of data are made directly from the storage area network to the client through a second channel and without passing through the gateway component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for sharing data over one or more networks, the method comprising:
-
establishing a storage area network to facilitate communication with the one or more networks; routing data to and from a first component over the storage area network via a first storage network connection; routing data to and from a second component over the storage area network via a second storage network connection; controlling the routing of data between the first and second components and the storage area network with a gateway component; and using a metadata controller to; separate metadata from the data; store the metadata in a first database; and store the data without metadata in a second database, wherein the metadata includes the data location of and is required to access the data without metadata stored in the second database, the metadata controller is located behind the gateway component, the gateway component includes a security component that directly controls and authorizes access to the metadata controller and the metadata, requests for data are made by a client through the gateway component via a first channel network connection, and transfers of data are made directly from the storage area network to the client through a second channel and without passing through the gateway component. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A non-transitory machine-readable medium comprising a plurality of machine-readable instructions which, when executed by one or more processors of a server, are configured to cause the server to perform a method comprising:
-
establishing a storage area network to facilitate communication with the one or more networks; routing data to and from a first component over the storage area network via a first storage network connection; routing data to and from a second component over the storage area network via a second storage network connection; controlling the routing of data between the first and second components and the storage area network with a gateway component; and using a metadata controller to; separate metadata from the data; store the metadata in a first database; and store the data without metadata in a second database, wherein the metadata includes the data location of and is required to access the data without metadata stored in the second database, the metadata controller is located behind the gateway component, the gateway component includes a security component that directly controls and authorizes access to the metadata controller and the metadata, requests for data are made by a client through the gateway component via a first channel network connection, and transfers of data are made directly from the storage area network to the client through a second channel and without passing through the gateway component.
-
Specification