专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08914858B2 Methods and apparatus for security over fibre channel 有权
标题翻译：光纤通道安全的方法和装置
公开(公告)号：US08914858B2
公开(公告)日：2014-12-16
申请号：US13107521
申请日：2011-05-13
申请人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
发明人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
IPC分类号： H04L9/00 , H04L9/08 , H04L9/32 , H04L29/06
CPC分类号： H04L63/123 , H04L9/0838 , H04L9/3239 , H04L63/12
摘要： Methods and apparatus are provided for improving both node-based and message-based security in a fiber channel network. Entity to entity authentication and key exchange services can be included in existing initialization messages used for introducing fiber channel network entities into a fiber channel fabric, or with specific messages exchanged over an already initialized communication channel. Both per-message authentication and encryption mechanisms can be activated using the authentication and key exchange services. Messages passed between fiber channel network entities can be encrypted and authenticated using information provided during the authentication sequence. Security services such as per-message authentication, confidentiality, integrity protection, and anti-replay protection can be implemented.
摘要翻译：提供了用于改进光纤通道网络中的基于节点和基于消息的安全性的方法和装置。可以将实体认证和密钥交换服务的实体包括在用于将光纤信道网络实体引入光纤信道结构的现有初始化消息中，或者通过已经初始化的通信信道交换的特定消息。可以使用认证和密钥交换服务来激活每消息认证和加密机制。在光纤通道网络实体之间通过的消息可以使用在认证序列期间提供的信息进行加密和认证。可以实现诸如每消息认证，机密性，完整性保护和反重放保护等安全服务。

2. 发明申请

US20110219438A1 METHODS AND APPARATUS FOR SECURITY OVER FIBRE CHANNEL 审中-公开
标题翻译：用于光纤通道安全的方法和装置
公开(公告)号：US20110219438A1
公开(公告)日：2011-09-08
申请号：US13107521
申请日：2011-05-13
申请人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
发明人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
IPC分类号： G06F21/20
CPC分类号： H04L63/123 , H04L9/0838 , H04L9/3239 , H04L63/12
摘要： Methods and apparatus are provided for improving both node-based and message-based security in a fibre channel network. Entity to entity authentication and key exchange services can be included in existing initialization messages used for introducing fibre channel network entities into a fibre channel fabric, or with specific messages exchanged over an already initialized communication channel. Both per-message authentication and encryption mechanisms can be activated using the authentication and key exchange services. Messages passed between fibre channel network entities can be encrypted and authenticated using information provided during the authentication sequence. Security services such as per-message authentication, confidentiality, integrity protection, and anti-replay protection can be implemented.
摘要翻译：提供了用于改进光纤通道网络中的基于节点和基于消息的安全性的方法和装置。可以将实体认证和密钥交换服务的实体包括在用于将光纤信道网络实体引入光纤信道结构的现有初始化消息中，或者通过已经初始化的通信信道交换的特定消息。可以使用认证和密钥交换服务来激活每消息认证和加密机制。在光纤通道网络实体之间通过的消息可以使用在认证序列期间提供的信息进行加密和认证。可以实现诸如每消息认证，机密性，完整性保护和反重放保护等安全服务。

3. 发明授权

US07965843B1 Methods and apparatus for security over fibre channel 有权
标题翻译：光纤通道安全的方法和装置
公开(公告)号：US07965843B1
公开(公告)日：2011-06-21
申请号：US10034367
申请日：2001-12-27
申请人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
发明人： Fabio R. Maino , Marco Di Benedetto , Claudio Desanti
IPC分类号： H04L9/12
CPC分类号： H04L63/123 , H04L9/0838 , H04L9/3239 , H04L63/12
摘要： Methods and apparatus are provided for improving both node-based and message-based security in a fibre channel network. Entity to entity authentication and key exchange services can be included in existing initialization messages used for introducing fibre channel network entities into a fibre channel fabric, or with specific messages exchanged over an already initialized communication channel. Both per-message authentication and encryption mechanisms can be activated using the authentication and key exchange services. Messages passed between fibre channel network entities can be encrypted and authenticated using information provided during the authentication sequence. Security services such as per-message authentication, confidentiality, integrity protection, and anti-replay protection can be implemented.
摘要翻译：提供了用于改进光纤通道网络中的基于节点和基于消息的安全性的方法和装置。可以将实体认证和密钥交换服务的实体包括在用于将光纤信道网络实体引入光纤信道结构的现有初始化消息中，或者通过已经初始化的通信信道交换的特定消息。可以使用认证和密钥交换服务来激活每消息认证和加密机制。在光纤通道网络实体之间通过的消息可以使用在认证序列期间提供的信息进行加密和认证。可以实现诸如每消息认证，机密性，完整性保护和反重放保护等安全服务。

4. 发明申请

US20080159172A1 APPARATUS AND METHOD FOR PREVENTING DISRUPTION OF FIBRE CHANNEL FABRICS CAUSED BY RECONFIGURE FABRIC (RCF) MESSAGES 有权
标题翻译：用于防止由重建织物（RCF）消息引起的纤维通道织物的破坏的装置和方法
公开(公告)号：US20080159172A1
公开(公告)日：2008-07-03
申请号：US12049932
申请日：2008-03-17
申请人： Claudio Desanti , Marco Di Benedetto
发明人： Claudio Desanti , Marco Di Benedetto
IPC分类号： G01R31/08
CPC分类号： H04Q11/0005 , H04Q2011/0039
摘要： An apparatus and method for preventing the disruption of Fibre Channel Fabrics caused by ReConfigure Fabric (RCF) messages is disclosed. The apparatus includes a storage area network and a plurality of Fibre Channel Switches arranged in a Fabric. Each of the plurality of Switches includes logic to selectively configure their Ports to either reject or accept RCF messages. When configured to reject RCF messages, the Switch Port that receives an RCF message will generate a reject message along with a reason code explanation “E_Port Isolated”, and then transition into an Isolated state. When the Switch that generated the RCF message receives the reject message, its Port also transition into the Isolated state. In accordance with the method of the present invention, either a Storage Service Provider or a client can access the Switches of the Fabric through either a command line interpreter or a management application. Once access to the Fabric is established, the logic of the Ports of the Switches can be selectively configured to reject or accept RCF messages as described above.
摘要翻译：公开了一种用于防止由ReConfigure Fabric（RCF）消息引起的光纤通道结构中断的设备和方法。该装置包括存储区域网络和布置在织物中的多个光纤通道交换机。多个开关中的每一个包括用于选择性地配置其端口以拒绝或接受RCF消息的逻辑。当配置为拒绝RCF消息时，接收RCF消息的交换机端口将生成拒绝消息以及原因代码说明“E_Port Isolated”，然后转换到隔离状态。当生成RCF消息的交换机接收到拒绝消息时，其端口也转换到隔离状态。根据本发明的方法，存储服务提供商或客户端可以通过命令行解释器或管理应用程序访问结构的交换机。一旦建立了对Fabric的访问，交换机端口的逻辑可以有选择地配置为拒绝或接受RCF消息，如上所述。

5. 发明申请

US20090327518A1 APPARATUS AND METHOD FOR DEFINING A STATIC FIBRE CHANNEL FABRIC 有权
标题翻译：用于定义静态光纤通道织物的装置和方法
公开(公告)号：US20090327518A1
公开(公告)日：2009-12-31
申请号：US12555768
申请日：2009-09-08
申请人： Claudio DeSanti , Marco Di Benedetto
发明人： Claudio DeSanti , Marco Di Benedetto
IPC分类号： G06F15/173
CPC分类号： H04L41/0879 , H04L41/00 , H04L41/0803 , H04L45/00
摘要： A storage area network and method for defining a static Fibre Channel Fabric that does not require a Principal Switch. The storage area network comprises one or more hosts, one or more storage devices, and a static Fabric connecting the one or more hosts and storage devices. Within the static Fabric, the Switches have their Domain_ID and Fabric_Name statically set. The method comprises accessing the Fabric, selecting a Switch in the Fabric, and statically configuring the Domain_ID and Fabric_Name for the selected Switch. The above sequence is repeated for each Switch in the static Fabric. In one embodiment, after being statically configured, the Switch is isolated from any dynamically set Switches in the Fabric. The Switch detects which of its Ports are connected to dynamically set Switches, and then isolates them, while maintaining operational the Ports connected to statically configured Switches.
摘要翻译：用于定义不需要主交换机的静态光纤通道结构的存储区域网络和方法。存储区域网络包括一个或多个主机，一个或多个存储设备和连接一个或多个主机和存储设备的静态Fabric。在静态Fabric中，交换机的Domain_ID和Fabric_Name静态设置。该方法包括访问Fabric，选择Fabric中的Switch，并静态配置所选Switch的Domain_ID和Fabric_Name。对静态Fabric中的每个交换机重复上述顺序。在一个实施例中，在静态配置之后，交换机与Fabric中任何动态设置的交换机隔离。交换机检测到哪个端口连接到动态设置的交换机，然后隔离它们，同时保持端口连接到静态配置的交换机的操作。

6. 发明授权

US07606167B1 Apparatus and method for defining a static fibre channel fabric 有权
标题翻译：用于定义静态光纤通道结构的设备和方法
公开(公告)号：US07606167B1
公开(公告)日：2009-10-20
申请号：US10118386
申请日：2002-04-05
申请人： Claudio DeSanti , Marco Di Benedetto
发明人： Claudio DeSanti , Marco Di Benedetto
IPC分类号： H04L12/28
CPC分类号： H04L41/0879 , H04L41/00 , H04L41/0803 , H04L45/00
摘要： A storage area network and method for defining a static Fibre Channel Fabric that does not require a Principal Switch. The storage area network comprises one or more hosts, one or more storage devices, and a static Fabric connecting the one or more hosts and storage devices. Within the static Fabric, the Switches have their Domain_ID and Fabric_Name statically set. The method comprises accessing the Fabric, selecting a Switch in the Fabric, and statically configuring the Domain_ID and Fabric_Name for the selected Switch. The above sequence is repeated for each Switch in the static Fabric. In one embodiment, after being statically configured, the Switch is isolated from any dynamically set Switches in the Fabric. The Switch detects which of its Ports are connected to dynamically set Switches, and then isolates them, while maintaining operational the Ports connected to statically configured Switches.
摘要翻译：用于定义不需要主交换机的静态光纤通道结构的存储区域网络和方法。存储区域网络包括一个或多个主机，一个或多个存储设备和连接一个或多个主机和存储设备的静态Fabric。在静态Fabric中，交换机的Domain_ID和Fabric_Name静态设置。该方法包括访问Fabric，选择Fabric中的Switch，并静态配置所选Switch的Domain_ID和Fabric_Name。对静态Fabric中的每个交换机重复上述顺序。在一个实施例中，在静态配置之后，交换机与Fabric中任何动态设置的交换机隔离。交换机检测到哪个端口连接到动态设置的交换机，然后隔离它们，同时保持端口连接到静态配置的交换机的操作。

7. 发明授权

US08514856B1 End-to-end fibre channel over ethernet 有权
标题翻译：端到端光纤通道以太网
公开(公告)号：US08514856B1
公开(公告)日：2013-08-20
申请号：US12822551
申请日：2010-06-24
申请人： Silvano Gai , Claudio Desanti , Marco Di Benedetto
发明人： Silvano Gai , Claudio Desanti , Marco Di Benedetto
IPC分类号： H04L12/56
CPC分类号： H04L29/08702 , H04L12/462 , H04L49/351 , H04L49/357 , H04L49/602
摘要： In one embodiment, one or more Fiber Channel over Ethernet (FCoE) proxy points (FPPs) communicates control and management information with a separately housed FCoE control and management plane (F-CMP) server in order to direct data plane functionality of the FPPs. Each FPP also proxies control and management protocols between the F-CMP server and one or more FCoE end-point devices for which the FPP is responsible (on FCoE ports). Traffic received by the FPP may then be processed according to the directed data plane functionality, such that FCoE traffic transmitted between first and second FCoE end-point devices separated by the Ethernet network is directed over the Ethernet network end-to-end between correspondingly responsible FPPs without traversing the F-CMP server.
摘要翻译：在一个实施例中，一个或多个以太网光纤通道（FCoE）代理点（FPP）通过单独容纳的FCoE控制和管理平面（F-CMP）服务器来传送控制和管理信息，以便引导FPP的数据平面功能。每个FPP还代理F-CMP服务器与FPP负责的一个或多个FCoE端点设备（FCoE端口）之间的控制和管理协议。然后可以根据定向数据平面功能来处理由FPP接收的业务，使得由以太网网络分离的第一和第二FCoE端点设备之间传输的FCoE流量在相应负责的端到端 FPP不经过F-CMP服务器。

8. 发明授权

US08098595B2 Apparatus and method for defining a static fibre channel fabric 有权
标题翻译：用于定义静态光纤通道结构的设备和方法
公开(公告)号：US08098595B2
公开(公告)日：2012-01-17
申请号：US12555768
申请日：2009-09-08
申请人： Claudio DeSanti , Marco Di Benedetto
发明人： Claudio DeSanti , Marco Di Benedetto
IPC分类号： H04L12/28
CPC分类号： H04L41/0879 , H04L41/00 , H04L41/0803 , H04L45/00
摘要： A storage area network and method for defining a static Fibre Channel Fabric that does not require a Principal Switch. The storage area network comprises one or more hosts, one or more storage devices, and a static Fabric connecting the one or more hosts and storage devices. Within the static Fabric, the Switches have their Domain_ID and Fabric_Name statically set. The method comprises accessing the Fabric, selecting a Switch in the Fabric, and statically configuring the Domain_ID and Fabric_Name for the selected Switch. The above sequence is repeated for each Switch in the static Fabric. In one embodiment, after being statically configured, the Switch is isolated from any dynamically set Switches in the Fabric. The Switch detects which of its Ports are connected to dynamically set Switches, and then isolates them, while maintaining operational the Ports connected to statically configured Switches.
摘要翻译：用于定义不需要主交换机的静态光纤通道结构的存储区域网络和方法。存储区域网络包括一个或多个主机，一个或多个存储设备和连接一个或多个主机和存储设备的静态Fabric。在静态Fabric中，交换机的Domain_ID和Fabric_Name静态设置。该方法包括访问Fabric，选择Fabric中的Switch，并静态配置所选Switch的Domain_ID和Fabric_Name。对静态Fabric中的每个交换机重复上述顺序。在一个实施例中，在静态配置之后，交换机与Fabric中任何动态设置的交换机隔离。交换机检测到哪个端口连接到动态设置的交换机，然后隔离它们，同时保持端口连接到静态配置的交换机的操作。

9. 发明授权

US07821969B2 Apparatus and method for preventing disruption of fibre channel fabrics caused by reconfigure fabric (RCF) messages 有权
标题翻译：用于防止由重新配置结构（RCF）消息引起的光纤通道结构中断的设备和方法
公开(公告)号：US07821969B2
公开(公告)日：2010-10-26
申请号：US12049932
申请日：2008-03-17
申请人： Claudio DeSanti , Marco Di Benedetto
发明人： Claudio DeSanti , Marco Di Benedetto
IPC分类号： H04L12/28
CPC分类号： H04Q11/0005 , H04Q2011/0039
摘要： An apparatus and method for preventing the disruption of Fibre Channel Fabrics caused by ReConfigure Fabric (RCF) messages is disclosed. The apparatus includes a storage area network and a plurality of Fibre Channel Switches arranged in a Fabric. Each of the plurality of Switches includes logic to selectively configure their Ports to either reject or accept RCF messages. When configured to reject RCF messages, the Switch Port that receives an RCF message will generate a reject message along with a reason code explanation “E_Port Isolated”, and then transition into an Isolated state. When the Switch that generated the RCF message receives the reject message, its Port also transition into the Isolated state. In accordance with the method of the present invention, either a Storage Service Provider or a client can access the Switches of the Fabric through either a command line interpreter or a management application. Once access to the Fabric is established, the logic of the Ports of the Switches can be selectively configured to reject or accept RCF messages as described above.
摘要翻译：公开了一种用于防止由ReConfigure Fabric（RCF）消息引起的光纤通道结构中断的设备和方法。该装置包括存储区域网络和布置在织物中的多个光纤通道交换机。多个开关中的每一个包括用于选择性地配置其端口以拒绝或接受RCF消息的逻辑。当配置为拒绝RCF消息时，接收RCF消息的交换机端口将生成拒绝消息以及原因代码说明“E_Port Isolated”，然后转换到隔离状态。当生成RCF消息的交换机接收到拒绝消息时，其端口也转换到隔离状态。根据本发明的方法，存储服务提供商或客户端可以通过命令行解释器或管理应用程序访问结构的交换机。一旦建立了对Fabric的访问，交换机端口的逻辑可以有选择地配置为拒绝或接受RCF消息，如上所述。

10. 发明授权

US07808924B2 Apparatus and method for preventing disruption of fibre channel fabrics caused by ReConfigure Fabric (RCF) messages 有权
标题翻译：用于防止由ReConfigure Fabric（RCF）消息引起的光纤通道结构中断的设备和方法
公开(公告)号：US07808924B2
公开(公告)日：2010-10-05
申请号：US10155698
申请日：2002-05-24
申请人： Claudio DeSanti , Marco Di Benedetto
发明人： Claudio DeSanti , Marco Di Benedetto
IPC分类号： H04L12/28
CPC分类号： H04Q11/0005 , H04Q2011/0039
摘要： An apparatus and method for preventing the disruption of Fiber Channel Fabrics caused by ReConfigure Fabric (RCF) messages is disclosed. The apparatus includes a storage area network and a plurality of Fiber Channel Switches arranged in a Fabric. Each of the plurality of Switches includes logic to selectively configure their Ports to either reject or accept RCF messages. When configured to reject RCF messages, the Switch Port that receives an RCF message will generate a reject message along with a reason code explanation “E_Port Isolated”, and then transition into an Isolated state. When the Switch that generated the RCF message receives the reject message, its Port also transition into the Isolated state. In accordance with the method of the present invention, either a Storage Service Provider or a client can access the Switches of the Fabric through either a command line interpreter or a management application. Once access to the Fabric is established, the logic of the Ports of the Switches can be selectively configured to reject or accept RCF messages as described above.
摘要翻译：公开了一种用于防止由ReConfigure Fabric（RCF）消息引起的光纤通道结构中断的设备和方法。该装置包括存储区域网络和布置在织物中的多个光纤通道交换机。多个开关中的每一个包括用于选择性地配置其端口以拒绝或接受RCF消息的逻辑。当配置为拒绝RCF消息时，接收RCF消息的交换机端口将生成拒绝消息以及原因代码说明“E_Port Isolated”，然后转换到隔离状态。当生成RCF消息的交换机接收到拒绝消息时，其端口也转换到隔离状态。根据本发明的方法，存储服务提供商或客户端可以通过命令行解释器或管理应用程序访问结构的交换机。一旦建立了对Fabric的访问，交换机端口的逻辑可以有选择地配置为拒绝或接受RCF消息，如上所述。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式