专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08341425B2 Storage device and its control method 有权
标题翻译：存储设备及其控制方法
公开(公告)号：US08341425B2
公开(公告)日：2012-12-25
申请号：US12527160
申请日：2009-05-25
申请人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
发明人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
IPC分类号： G06F11/30 , G06F12/14
CPC分类号： G06F12/1408 , G06F11/0727 , G06F11/1008 , G06F11/2094 , G06F21/78 , G06F21/805 , G06F2221/2107 , G06F2221/2151 , H04L9/0891 , H04L63/0464 , H04L63/065 , H04L67/1097 , H04L69/40
摘要： Provided is a storage device which partitions data from a host into multiple partitioned data and distributes, encrypts and stores them together with a parity to and in multiple memory mediums. This storage device executes processing of restoring the partitioned data or the parity stored in a memory medium to be subject to encryption re-key based on decrypted data of the partitioned data or the parity stored in each memory medium other than the memory medium to be subject to encryption re-key among the multiple memory mediums, storing the restored partitioned data or the parity in a backup memory medium while encrypting the restored partitioned data or the parity with a new encryption key, and thereafter interchanging the backup memory medium and the memory medium to be subject to encryption re-key so that the backup memory medium will be a memory medium configuring the parity group and the memory medium to be subject to encryption re-key will be the backup memory medium.
摘要翻译：提供了一种存储设备，其将来自主机的数据分割成多个分区数据，并以奇偶校验向多个存储介质分发，加密和存储在一起。该存储装置执行基于分割数据的解密数据的解密数据或除存储介质以外的每个存储介质中存储的奇偶校验，将存储在存储介质中的分割数据或奇偶校验恢复为加密重新进行的处理，在多个存储介质之间加密重新键入，将恢复的分区数据或奇偶校验存储在备用存储介质中，同时用新的加密密钥加密恢复的分区数据或奇偶校验，然后将备份存储介质和存储介质要进行加密重新密钥，以便备份存储介质将是配置奇偶校验组的存储介质和要加密的存储介质，密钥将是备份存储介质。

2. 发明申请

US20110296195A1 STORAGE DEVICE AND ITS CONTROL METHOD 有权
标题翻译：存储设备及其控制方法
公开(公告)号：US20110296195A1
公开(公告)日：2011-12-01
申请号：US12527160
申请日：2009-05-25
申请人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
发明人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
IPC分类号： G06F12/14
CPC分类号： G06F12/1408 , G06F11/0727 , G06F11/1008 , G06F11/2094 , G06F21/78 , G06F21/805 , G06F2221/2107 , G06F2221/2151 , H04L9/0891 , H04L63/0464 , H04L63/065 , H04L67/1097 , H04L69/40
摘要： Provided is a storage device which partitions data from a host into multiple partitioned data and distributes, encrypts and stores them together with a parity to and in multiple memory mediums. This storage device executes processing of restoring the partitioned data or the parity stored in a memory medium to be subject to encryption re-key based on decrypted data of the partitioned data or the parity stored in each memory medium other than the memory medium to be subject to encryption re-key among the multiple memory mediums, storing the restored partitioned data or the parity in a backup memory medium while encrypting the restored partitioned data or the parity with a new encryption key, and thereafter interchanging the backup memory medium and the memory medium to be subject to encryption re-key so that the backup memory medium will be a memory medium configuring the parity group and the memory medium to be subject to encryption re-key will be the backup memory medium.
摘要翻译：提供了一种存储设备，其将来自主机的数据分割成多个分区数据，并以奇偶校验向多个存储介质分发，加密和存储在一起。该存储装置执行基于分割数据的解密数据的解密数据或除存储介质以外的每个存储介质中存储的奇偶校验，将存储在存储介质中的分割数据或奇偶校验恢复为加密重新进行的处理，在多个存储介质之间加密重新键入，将恢复的分区数据或奇偶校验存储在备用存储介质中，同时用新的加密密钥加密恢复的分区数据或奇偶校验，然后将备份存储介质和存储介质要进行加密重新密钥，以便备份存储介质将是配置奇偶校验组的存储介质和要加密的存储介质，密钥将是备份存储介质。

3. 发明申请

US20110307658A1 STORAGE SYSTEM AND METHOD OF OPERATING THE SAME 失效
标题翻译：存储系统及其操作方法
公开(公告)号：US20110307658A1
公开(公告)日：2011-12-15
申请号：US12526780
申请日：2009-03-31
申请人： Kyoko Miwa , Nobuyuki Osaki , Masayasu Asano
发明人： Kyoko Miwa , Nobuyuki Osaki , Masayasu Asano
IPC分类号： G06F12/08
CPC分类号： G06F3/0665 , G06F3/0605 , G06F3/062 , G06F3/067 , G06F21/80
摘要： A storage system comprising a storage apparatus having a storage control unit communicatively coupled to an external apparatus, forming a plurality of virtual storage areas each serving as a unit storage area used by the external apparatus as a data storing area, using a unit logical storage area selected among a plurality of unit logical storage areas provided by a physical storage medium, linking to each of the virtual storage areas, and any one of a plurality of attributes each representing a storage state of data stored in the virtual storage area, and maintaining the link wherein the storage control unit 11 further includes a logical storage area management unit 1140 that manages the link of the virtual storage area and any one of the attributes to each of logical storage area groups each configured to include the unit logical storage area to maintain the link and manage the linking relation, wherein the logical storage area management unit 1140, when receiving a command to change an attribute of any one of the virtual storage areas to a different attribute, determines presence or absence of the unit logical storage area that belongs to the logical storage area group linked to the changed different attribute and that is not yet allocated to any one of the virtual storage areas, and when determining the presence of the unit logical storage area that is not yet allocated to any one of the virtual storage areas, the logical storage area management unit 1140 links the unit logical storage area determined to be present to the virtual storage area, reads out data stored in the unit logical storage area linked to a virtual storage area subjected to the attribute change, and stores the read data in the unit logical storage area determined to be present in accordance with a storage state represented by the different attribute.
摘要翻译：一种存储系统，包括具有通信地耦合到外部设备的存储控制单元的存储设备，形成多个虚拟存储区域，每个虚拟存储区域用作由外部设备使用的单元存储区域作为数据存储区域，使用单元逻辑存储区域在由物理存储介质提供的多个单位逻辑存储区域中选择，链接到每个虚拟存储区域，以及多个属性中的任何一个，其表示存储在虚拟存储区域中的数据的存储状态，并且保持链路，其中存储控制单元11还包括逻辑存储区域管理单元1140，其管理虚拟存储区域的链接和任何一个属性，每个逻辑存储区域组被配置为包括单元逻辑存储区域以维持链接和管理链接关系，其中逻辑存储区域管理单元1140在接收到改变命令时将任何一个虚拟存储区域的属性设置为不同的属性，确定属于与改变的不同属性相关联的逻辑存储区域组的单元逻辑存储区域的存在或不存在，并且尚未分配给任何一个虚拟存储区域，并且当确定尚未分配给虚拟存储区域中的任何一个的单元逻辑存储区域的存在时，逻辑存储区域管理单元1140将确定存在的单元逻辑存储区域链接到虚拟存储器读取存储在与进行属性变更的虚拟存储区域链接的单位逻辑存储区域中的数据，并且将读取的数据存储在根据由不同属性表示的存储状态确定为存在的单位逻辑存储区域中。

4. 发明授权

US08417887B2 Storage system and method for controlling attributes such as encryption attributes in virtual storage areas 失效
标题翻译：用于控制虚拟存储区域中的加密属性等属性的存储系统和方法
公开(公告)号：US08417887B2
公开(公告)日：2013-04-09
申请号：US12526780
申请日：2009-03-31
申请人： Kyoko Miwa , Nobuyuki Osaki , Masayasu Asano
发明人： Kyoko Miwa , Nobuyuki Osaki , Masayasu Asano
IPC分类号： G06F12/08 , G06F12/00
CPC分类号： G06F3/0665 , G06F3/0605 , G06F3/062 , G06F3/067 , G06F21/80
摘要： A storage system for controlling attributes for data stored in virtual storage areas includes a logical storage area management unit 1140 that manages the linking of virtual storage areas and attributes such as encryption attributes to logical storage area groups. When receiving a command to change an attribute of a virtual storage area or virtual volume, the logical storage area management unit determines the presence or absence of a unit logical storage area in a logical storage area group or pool linked to a different attribute and that is not yet allocated to a virtual storage area. The logical storage area management unit links a unit logical storage area determined to be present to a virtual storage area, reads data stored in the unit logical storage area linked to a virtual storage area subjected to an attribute change, and stores the read data in accordance with the different attribute.
摘要翻译：用于控制存储在虚拟存储区域中的数据的属性的存储系统包括管理虚拟存储区域的链接和诸如加密属性的属性到逻辑存储区域组的逻辑存储区域管理单元1140。当接收到更改虚拟存储区域或虚拟卷的属性的命令时，逻辑存储区域管理单元确定在与不同属性相关联的逻辑存储区域组或池中存在或不存在单元逻辑存储区域，即，尚未分配给虚拟存储区域。逻辑存储区域管理单元将确定为存在的单位逻辑存储区域链接到虚拟存储区域，读取存储在与经过属性改变的虚拟存储区域链接的单元逻辑存储区域中的数据，并且依次存储读取的数据具有不同的属性。

5. 发明授权

US08140864B2 Computer system, storage system, and data management method for updating encryption key 有权
标题翻译：用于更新加密密钥的计算机系统，存储系统和数据管理方法
公开(公告)号：US08140864B2
公开(公告)日：2012-03-20
申请号：US12010049
申请日：2008-01-18
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： H04L29/06
CPC分类号： H04L9/0891 , G06F21/80 , H04L63/0464
摘要： A computer system encrypts write-data to be written to the volume in response to a write command. The system transmits a rekey command from host computer system to the storage system when the key data stored in the host key data memory is changed to second key data. The storage system receives the rekey command transmitted from host computer system and stores the first and second key data contained in the received rekey command to a volume key data memory of the storage system. The storage system reads out data encrypted with the first key data from an original block address in the volume. The storage system decrypts the data read out from the volume using the first key data. The storage system encrypts the data decrypted by the first key data using the second key data, and writs the data encrypted with the second key data to the original block address.
摘要翻译：计算机系统响应于写命令加密要写入卷的写数据。当存储在主机密钥数据存储器中的密钥数据被改变为第二密钥数据时，系统将主机计算机系统的密钥命令发送到存储系统。存储系统接收从主计算机系统发送的重新命令命令，并将包含在接收到的重命令命令中的第一和第二密钥数据存储到存储系统的卷密钥数据存储器。存储系统从卷中的原始块地址读出利用第一密钥数据加密的数据。存储系统使用第一密钥数据解密从卷读出的数据。存储系统使用第二密钥数据对由第一密钥数据解密的数据进行加密，并将用第二密钥数据加密的数据写入原始块地址。

6. 发明申请

US20110258402A1 COMPUTER SYSTEM OR PERFORMANCE MANAGEMENT METHOD OF COMPUTER SYSTEM 有权
标题翻译：计算机系统的计算机系统或性能管理方法
公开(公告)号：US20110258402A1
公开(公告)日：2011-10-20
申请号：US13170409
申请日：2011-06-28
申请人： Jun Nakajima , Daisuke Shinohara , Yuri Hiraiwa , Nobuyuki Osaki , Nobuhiro Maki , Takayuki Nagai
发明人： Jun Nakajima , Daisuke Shinohara , Yuri Hiraiwa , Nobuyuki Osaki , Nobuhiro Maki , Takayuki Nagai
IPC分类号： G06F12/02
CPC分类号： G06F3/0653 , G06F3/0605 , G06F3/065 , G06F3/067 , G06F3/0689 , G06F11/2069 , G06F11/2076 , G06F11/3409 , G06F11/3485 , G06F11/349 , G06F2201/81 , G06F2201/815 , G06F2201/885
摘要： This invention provides a system including a computer and a storage-subsystem comprising at least either a first storage area for storing data sent from the computer or a second storage area to be associated with the first storage area, for storing replicated data of data stored in the first storage area. This system includes a replication processing status referral unit for referring to a replication processing status of data of the first storage area and the second storage area to be associated, and an output unit for outputting first performance information concerning data I/O stored in the first storage area, and outputting second performance information concerning data I/O stored in the second storage area together with the first performance information when the replicated data is being subject to replication processing from the first storage area to the second storage area as a result of referring to the replication processing status.
摘要翻译：本发明提供了一种包括计算机和存储子系统的系统，该系统至少包括用于存储从计算机发送的数据的第一存储区域或与第一存储区域相关联的第二存储区域，用于存储存储在存储器中的数据的复制数据第一个存储区域。该系统包括用于参考要关联的第一存储区域和第二存储区域的数据的复制处理状态的复制处理状态转介单元，以及用于输出关于存储在第一存储区域中的数据I / O的第一性能信息的输出单元存储区域，并且作为参考的结果，当复制数据正在进行从第一存储区域到第二存储区域的复制处理时，将存储在第二存储区域中的数据I / O的第二演示信息与第一演奏信息一起输出到复制处理状态。

7. 发明授权

US07912223B2 Method and apparatus for data protection 有权
标题翻译：用于数据保护的方法和装置
公开(公告)号：US07912223B2
公开(公告)日：2011-03-22
申请号：US11537550
申请日：2006-09-29
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： H04L9/00 , G06F12/14 , G06F17/30
CPC分类号： H04L9/0891 , G06F21/62 , G06F21/78 , G06F2221/2143 , H04L9/0894
摘要： Described is a method for secure data disposal. Data stored in storage volume(s) is encrypted with a specific encryption key. Before the key is disposed of, a clear text string is encrypted with the same key and the encrypted data is associated with the clear text string and stored in a repository. When a new key is created to encrypt a new volume, each of the encrypted data in the repository is checked to determine whether the encryption of the associated clear text string using the new key generates the same encrypted string as the stored encrypted data. If the result of the encryption of the clear text string matches at least one stored encrypted string, the associated new key is not used and another key is generated until the new key results in an encrypted string which does not match any stored encrypted strings.
摘要翻译：描述了一种用于安全数据处理的方法。存储在存储卷中的数据用特定加密密钥加密。在处理密钥之前，使用相同的密钥对明文本字符串进行加密，并且加密数据与清除文本字符串相关联并存储在存储库中。当创建新密钥以加密新卷时，检查存储库中的每个加密数据以确定使用新密钥对相关联的明文字符串的加密是否生成与存储的加密数据相同的加密字符串。如果清除文本字符串的加密结果与至少一个存储的加密字符串相匹配，则不使用关联的新密钥，并且生成另一个密钥，直到新密钥产生与任何存储的加密字符串不匹配的加密字符串。

8. 发明授权

US07581136B2 Method and apparatus for data recovery 失效
标题翻译：用于数据恢复的方法和装置
公开(公告)号：US07581136B2
公开(公告)日：2009-08-25
申请号：US11436677
申请日：2006-05-19
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： G06F11/00
CPC分类号： G06F21/78 , G06F21/568 , G06F21/6218
摘要： A storage system stores I/O operations in a journal volume in a chronological order and with assigned sequence numbers. When a predefined command to be logged is received, the storage system transmits a log of the command to an external server with the information of a particular sequence number of the I/O operation that is influenced by the command. When a log entry is identified as necessitating data recovery, such as by being issued maliciously, the I/O operations with sequence numbers larger than the particular sequence number of the identified log entry are discarded. A log analysis module is located separately from the storage system on the external server, and is able to identify the particular sequence number of the I/O operation which is affected by the malicious command so that instructions may be sent to the storage system regarding the sequence numbers of the commands to be discarded.
摘要翻译：存储系统按时间顺序将I / O操作存储在日志卷中并具有分配的序列号。当接收到要记录的预定义命令时，存储系统使用受命令影响的I / O操作的特定序列号的信息向外部服务器发送该命令的日志。当日志条目被识别为必需的数据恢复时，例如恶意发出的，具有大于所识别的日志条目的特定序列号的序列号的I / O操作被丢弃。日志分析模块与外部服务器上的存储系统分开定位，并且能够识别受恶意命令影响的I / O操作的特定序列号，以便指令可以发送到存储系统要丢弃的命令的序号。

9. 发明申请

US20080307171A1 SYSTEM AND METHOD FOR INTRUSION PROTECTION OF NETWORK STORAGE 有权
标题翻译：网络存储侵入保护的系统和方法
公开(公告)号：US20080307171A1
公开(公告)日：2008-12-11
申请号：US11761239
申请日：2007-06-11
申请人： Junji Kinoshita , Nobuyuki Osaki
发明人： Junji Kinoshita , Nobuyuki Osaki
IPC分类号： G06F12/14
CPC分类号： G06F3/0637 , G06F3/0622 , G06F3/067 , G06F21/805 , G06F2221/2101
摘要： Protection mechanism is provided for data stored in logical volumes, especially during the time the corresponding host computer is off line. Additionally, integrity check mechanism is provided for logical volume when the host computer is started, so that host computer can detect unauthorized access to its assigned logical volume during off-line period, and execute security check.
摘要翻译：为存储在逻辑卷中的数据提供保护机制，特别是在相应的主机离线时。另外，当主机启动时，为逻辑卷提供了完整性检查机制，使得主机可以在离线期间检测到未分配的对其分配的逻辑卷的访问，并执行安全检查。

10. 发明授权

US07383462B2 Method and apparatus for encrypted remote copy for secure data backup and restoration 有权
标题翻译：用于加密远程复制的安全数据备份和恢复方法和装置
公开(公告)号：US07383462B2
公开(公告)日：2008-06-03
申请号：US10882432
申请日：2004-07-02
申请人： Nobuyuki Osaki , Yuichi Yagawa
发明人： Nobuyuki Osaki , Yuichi Yagawa
IPC分类号： G06F11/00 , H04K1/00 , H04L9/32
CPC分类号： G06F11/1458 , G06F11/1464 , G06F11/1469 , G06F21/6218 , H04L9/0894
摘要： Data at a primary storage system is encrypted and remote copied to a secondary storage system. A Remote Copy Configuration Information (RCCI) is created that identifies the encryption mechanism, keys, data source volume, and target volume for the remote copy. The RCCI is backed up on a trusted computer system. In one embodiment, the secondary storage system is an off-site data storage system managed by a third party. Upon detection of a failure in the primary storage system, the encrypted data and RCCI are transferred to a tertiary server, which is optionally created upon detection of the failure, and operations of the failed primary server are resumed by the tertiary server. In one embodiment, the failure is detected by loss of a heart beat signal transmitted from the primary storage system to a management server that initiates the transfers to the tertiary server.
摘要翻译：主存储系统上的数据被加密并远程复制到辅助存储系统。创建远程复制配置信息（RCCI），用于标识远程副本的加密机制，密钥，数据源卷和目标卷。 RCCI在受信任的计算机系统上进行备份。在一个实施例中，辅助存储系统是由第三方管理的异地数据存储系统。在检测到主存储系统中的故障时，加密数据和RCCI被传送到第三服务器，该第三服务器可选地在检测到故障时创建，并且由第三服务器恢复故障主服务器的操作。在一个实施例中，通过从主存储系统发送到启动向第三服务器的传送的管理服务器的心跳信号的丢失来检测故障。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式