专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07383462B2 Method and apparatus for encrypted remote copy for secure data backup and restoration 有权
标题翻译：用于加密远程复制的安全数据备份和恢复方法和装置
公开(公告)号：US07383462B2
公开(公告)日：2008-06-03
申请号：US10882432
申请日：2004-07-02
申请人： Nobuyuki Osaki , Yuichi Yagawa
发明人： Nobuyuki Osaki , Yuichi Yagawa
IPC分类号： G06F11/00 , H04K1/00 , H04L9/32
CPC分类号： G06F11/1458 , G06F11/1464 , G06F11/1469 , G06F21/6218 , H04L9/0894
摘要： Data at a primary storage system is encrypted and remote copied to a secondary storage system. A Remote Copy Configuration Information (RCCI) is created that identifies the encryption mechanism, keys, data source volume, and target volume for the remote copy. The RCCI is backed up on a trusted computer system. In one embodiment, the secondary storage system is an off-site data storage system managed by a third party. Upon detection of a failure in the primary storage system, the encrypted data and RCCI are transferred to a tertiary server, which is optionally created upon detection of the failure, and operations of the failed primary server are resumed by the tertiary server. In one embodiment, the failure is detected by loss of a heart beat signal transmitted from the primary storage system to a management server that initiates the transfers to the tertiary server.
摘要翻译：主存储系统上的数据被加密并远程复制到辅助存储系统。创建远程复制配置信息（RCCI），用于标识远程副本的加密机制，密钥，数据源卷和目标卷。 RCCI在受信任的计算机系统上进行备份。在一个实施例中，辅助存储系统是由第三方管理的异地数据存储系统。在检测到主存储系统中的故障时，加密数据和RCCI被传送到第三服务器，该第三服务器可选地在检测到故障时创建，并且由第三服务器恢复故障主服务器的操作。在一个实施例中，通过从主存储系统发送到启动向第三服务器的传送的管理服务器的心跳信号的丢失来检测故障。

2. 发明授权

US08151119B2 Method and apparatus for secure data mirroring a storage system 有权
标题翻译：用于安全数据镜像存储系统的方法和装置
公开(公告)号：US08151119B2
公开(公告)日：2012-04-03
申请号：US12784556
申请日：2010-05-21
申请人： Yuichi Yagawa , Nobuyuki Osaki
发明人： Yuichi Yagawa , Nobuyuki Osaki
IPC分类号： H04L9/32 , H04L9/00
CPC分类号： G06F11/2056 , G06F11/2064 , G06F21/80
摘要： A secure data mirroring capability in a storage system includes encrypting data blocks in a primary volume in preparation for a data mirroring operation. The encrypted data blocks are mirrored to a secure secondary volume. Host systems provide keys from which encryption keys are produced for encrypting the data blocks. Access to data on the secure secondary volume requires decryption using the key that was used to produce the encrypted data blocks.
摘要翻译：存储系统中的安全数据镜像功能包括加密主卷中的数据块以准备数据镜像操作。加密的数据块被镜像到安全辅助卷。主机系统提供用于加密数据块的加密密钥的密钥。访问安全辅助卷上的数据需要使用用于生成加密数据块的密钥进行解密。

3. 发明申请

US20060005048A1 Method and apparatus for encrypted remote copy for secure data backup and restoration 有权
标题翻译：用于加密远程复制的安全数据备份和恢复方法和装置
公开(公告)号：US20060005048A1
公开(公告)日：2006-01-05
申请号：US10882432
申请日：2004-07-02
申请人： Nobuyuki Osaki , Yuichi Yagawa
发明人： Nobuyuki Osaki , Yuichi Yagawa
IPC分类号： G06F11/30 , G06F12/14 , H04L9/32 , G06F17/30 , G06F7/04 , G06K9/00 , H03M1/68 , H04K1/00 , H04L9/00 , H04N7/16
CPC分类号： G06F11/1458 , G06F11/1464 , G06F11/1469 , G06F21/6218 , H04L9/0894
摘要： Data at a primary storage system is encrypted and remote copied to a secondary storage system. A Remote Copy Configuration Information (RCCI) is created that identifies the encryption mechanism, keys, data source volume, and target volume for the remote copy. The RCCI is backed up on a trusted computer system. In one embodiment, the secondary storage system is an off-site data storage system managed by a third party. Upon detection of a failure in the primary storage system, the encrypted data and RCCI are transferred to a tertiary server, which is optionally created upon detection of the failure, and operations of the failed primary server are resumed by the tertiary server. In one embodiment, the failure is detected by loss of a heart beat signal transmitted from the primary storage system to a management server that initiates the transfers to the tertiary server.
摘要翻译：主存储系统上的数据被加密并远程复制到辅助存储系统。创建远程复制配置信息（RCCI），用于标识远程副本的加密机制，密钥，数据源卷和目标卷。 RCCI在受信任的计算机系统上进行备份。在一个实施例中，辅助存储系统是由第三方管理的异地数据存储系统。在检测到主存储系统中的故障时，加密数据和RCCI被传送到第三服务器，该第三服务器可选地在检测到故障时创建，并且由第三服务器恢复故障主服务器的操作。在一个实施例中，通过从主存储系统发送到启动向第三服务器的传送的管理服务器的心跳信号的丢失来检测故障。

4. 发明授权

US08341425B2 Storage device and its control method 有权
标题翻译：存储设备及其控制方法
公开(公告)号：US08341425B2
公开(公告)日：2012-12-25
申请号：US12527160
申请日：2009-05-25
申请人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
发明人： Hirotaka Nakagawa , Masayasu Asano , Takeki Okamoto , Nobuyuki Osaki
IPC分类号： G06F11/30 , G06F12/14
CPC分类号： G06F12/1408 , G06F11/0727 , G06F11/1008 , G06F11/2094 , G06F21/78 , G06F21/805 , G06F2221/2107 , G06F2221/2151 , H04L9/0891 , H04L63/0464 , H04L63/065 , H04L67/1097 , H04L69/40
摘要： Provided is a storage device which partitions data from a host into multiple partitioned data and distributes, encrypts and stores them together with a parity to and in multiple memory mediums. This storage device executes processing of restoring the partitioned data or the parity stored in a memory medium to be subject to encryption re-key based on decrypted data of the partitioned data or the parity stored in each memory medium other than the memory medium to be subject to encryption re-key among the multiple memory mediums, storing the restored partitioned data or the parity in a backup memory medium while encrypting the restored partitioned data or the parity with a new encryption key, and thereafter interchanging the backup memory medium and the memory medium to be subject to encryption re-key so that the backup memory medium will be a memory medium configuring the parity group and the memory medium to be subject to encryption re-key will be the backup memory medium.
摘要翻译：提供了一种存储设备，其将来自主机的数据分割成多个分区数据，并以奇偶校验向多个存储介质分发，加密和存储在一起。该存储装置执行基于分割数据的解密数据的解密数据或除存储介质以外的每个存储介质中存储的奇偶校验，将存储在存储介质中的分割数据或奇偶校验恢复为加密重新进行的处理，在多个存储介质之间加密重新键入，将恢复的分区数据或奇偶校验存储在备用存储介质中，同时用新的加密密钥加密恢复的分区数据或奇偶校验，然后将备份存储介质和存储介质要进行加密重新密钥，以便备份存储介质将是配置奇偶校验组的存储介质和要加密的存储介质，密钥将是备份存储介质。

5. 发明授权

US08140864B2 Computer system, storage system, and data management method for updating encryption key 有权
标题翻译：用于更新加密密钥的计算机系统，存储系统和数据管理方法
公开(公告)号：US08140864B2
公开(公告)日：2012-03-20
申请号：US12010049
申请日：2008-01-18
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： H04L29/06
CPC分类号： H04L9/0891 , G06F21/80 , H04L63/0464
摘要： A computer system encrypts write-data to be written to the volume in response to a write command. The system transmits a rekey command from host computer system to the storage system when the key data stored in the host key data memory is changed to second key data. The storage system receives the rekey command transmitted from host computer system and stores the first and second key data contained in the received rekey command to a volume key data memory of the storage system. The storage system reads out data encrypted with the first key data from an original block address in the volume. The storage system decrypts the data read out from the volume using the first key data. The storage system encrypts the data decrypted by the first key data using the second key data, and writs the data encrypted with the second key data to the original block address.
摘要翻译：计算机系统响应于写命令加密要写入卷的写数据。当存储在主机密钥数据存储器中的密钥数据被改变为第二密钥数据时，系统将主机计算机系统的密钥命令发送到存储系统。存储系统接收从主计算机系统发送的重新命令命令，并将包含在接收到的重命令命令中的第一和第二密钥数据存储到存储系统的卷密钥数据存储器。存储系统从卷中的原始块地址读出利用第一密钥数据加密的数据。存储系统使用第一密钥数据解密从卷读出的数据。存储系统使用第二密钥数据对由第一密钥数据解密的数据进行加密，并将用第二密钥数据加密的数据写入原始块地址。

6. 发明申请

US20110258402A1 COMPUTER SYSTEM OR PERFORMANCE MANAGEMENT METHOD OF COMPUTER SYSTEM 有权
标题翻译：计算机系统的计算机系统或性能管理方法
公开(公告)号：US20110258402A1
公开(公告)日：2011-10-20
申请号：US13170409
申请日：2011-06-28
申请人： Jun Nakajima , Daisuke Shinohara , Yuri Hiraiwa , Nobuyuki Osaki , Nobuhiro Maki , Takayuki Nagai
发明人： Jun Nakajima , Daisuke Shinohara , Yuri Hiraiwa , Nobuyuki Osaki , Nobuhiro Maki , Takayuki Nagai
IPC分类号： G06F12/02
CPC分类号： G06F3/0653 , G06F3/0605 , G06F3/065 , G06F3/067 , G06F3/0689 , G06F11/2069 , G06F11/2076 , G06F11/3409 , G06F11/3485 , G06F11/349 , G06F2201/81 , G06F2201/815 , G06F2201/885
摘要： This invention provides a system including a computer and a storage-subsystem comprising at least either a first storage area for storing data sent from the computer or a second storage area to be associated with the first storage area, for storing replicated data of data stored in the first storage area. This system includes a replication processing status referral unit for referring to a replication processing status of data of the first storage area and the second storage area to be associated, and an output unit for outputting first performance information concerning data I/O stored in the first storage area, and outputting second performance information concerning data I/O stored in the second storage area together with the first performance information when the replicated data is being subject to replication processing from the first storage area to the second storage area as a result of referring to the replication processing status.
摘要翻译：本发明提供了一种包括计算机和存储子系统的系统，该系统至少包括用于存储从计算机发送的数据的第一存储区域或与第一存储区域相关联的第二存储区域，用于存储存储在存储器中的数据的复制数据第一个存储区域。该系统包括用于参考要关联的第一存储区域和第二存储区域的数据的复制处理状态的复制处理状态转介单元，以及用于输出关于存储在第一存储区域中的数据I / O的第一性能信息的输出单元存储区域，并且作为参考的结果，当复制数据正在进行从第一存储区域到第二存储区域的复制处理时，将存储在第二存储区域中的数据I / O的第二演示信息与第一演奏信息一起输出到复制处理状态。

7. 发明授权

US07912223B2 Method and apparatus for data protection 有权
标题翻译：用于数据保护的方法和装置
公开(公告)号：US07912223B2
公开(公告)日：2011-03-22
申请号：US11537550
申请日：2006-09-29
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： H04L9/00 , G06F12/14 , G06F17/30
CPC分类号： H04L9/0891 , G06F21/62 , G06F21/78 , G06F2221/2143 , H04L9/0894
摘要： Described is a method for secure data disposal. Data stored in storage volume(s) is encrypted with a specific encryption key. Before the key is disposed of, a clear text string is encrypted with the same key and the encrypted data is associated with the clear text string and stored in a repository. When a new key is created to encrypt a new volume, each of the encrypted data in the repository is checked to determine whether the encryption of the associated clear text string using the new key generates the same encrypted string as the stored encrypted data. If the result of the encryption of the clear text string matches at least one stored encrypted string, the associated new key is not used and another key is generated until the new key results in an encrypted string which does not match any stored encrypted strings.
摘要翻译：描述了一种用于安全数据处理的方法。存储在存储卷中的数据用特定加密密钥加密。在处理密钥之前，使用相同的密钥对明文本字符串进行加密，并且加密数据与清除文本字符串相关联并存储在存储库中。当创建新密钥以加密新卷时，检查存储库中的每个加密数据以确定使用新密钥对相关联的明文字符串的加密是否生成与存储的加密数据相同的加密字符串。如果清除文本字符串的加密结果与至少一个存储的加密字符串相匹配，则不使用关联的新密钥，并且生成另一个密钥，直到新密钥产生与任何存储的加密字符串不匹配的加密字符串。

8. 发明授权

US07581136B2 Method and apparatus for data recovery 失效
标题翻译：用于数据恢复的方法和装置
公开(公告)号：US07581136B2
公开(公告)日：2009-08-25
申请号：US11436677
申请日：2006-05-19
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： G06F11/00
CPC分类号： G06F21/78 , G06F21/568 , G06F21/6218
摘要： A storage system stores I/O operations in a journal volume in a chronological order and with assigned sequence numbers. When a predefined command to be logged is received, the storage system transmits a log of the command to an external server with the information of a particular sequence number of the I/O operation that is influenced by the command. When a log entry is identified as necessitating data recovery, such as by being issued maliciously, the I/O operations with sequence numbers larger than the particular sequence number of the identified log entry are discarded. A log analysis module is located separately from the storage system on the external server, and is able to identify the particular sequence number of the I/O operation which is affected by the malicious command so that instructions may be sent to the storage system regarding the sequence numbers of the commands to be discarded.
摘要翻译：存储系统按时间顺序将I / O操作存储在日志卷中并具有分配的序列号。当接收到要记录的预定义命令时，存储系统使用受命令影响的I / O操作的特定序列号的信息向外部服务器发送该命令的日志。当日志条目被识别为必需的数据恢复时，例如恶意发出的，具有大于所识别的日志条目的特定序列号的序列号的I / O操作被丢弃。日志分析模块与外部服务器上的存储系统分开定位，并且能够识别受恶意命令影响的I / O操作的特定序列号，以便指令可以发送到存储系统要丢弃的命令的序号。

9. 发明申请

US20080307171A1 SYSTEM AND METHOD FOR INTRUSION PROTECTION OF NETWORK STORAGE 有权
标题翻译：网络存储侵入保护的系统和方法
公开(公告)号：US20080307171A1
公开(公告)日：2008-12-11
申请号：US11761239
申请日：2007-06-11
申请人： Junji Kinoshita , Nobuyuki Osaki
发明人： Junji Kinoshita , Nobuyuki Osaki
IPC分类号： G06F12/14
CPC分类号： G06F3/0637 , G06F3/0622 , G06F3/067 , G06F21/805 , G06F2221/2101
摘要： Protection mechanism is provided for data stored in logical volumes, especially during the time the corresponding host computer is off line. Additionally, integrity check mechanism is provided for logical volume when the host computer is started, so that host computer can detect unauthorized access to its assigned logical volume during off-line period, and execute security check.
摘要翻译：为存储在逻辑卷中的数据提供保护机制，特别是在相应的主机离线时。另外，当主机启动时，为逻辑卷提供了完整性检查机制，使得主机可以在离线期间检测到未分配的对其分配的逻辑卷的访问，并执行安全检查。

10. 发明申请

US20050198453A1 Data synchronization of multiple remote storage 有权
标题翻译：多个远程存储的数据同步
公开(公告)号：US20050198453A1
公开(公告)日：2005-09-08
申请号：US10792550
申请日：2004-03-02
申请人： Nobuyuki Osaki
发明人： Nobuyuki Osaki
IPC分类号： G06F3/06 , G06F12/16
CPC分类号： G06F3/0659 , G06F3/0617 , G06F3/0689 , G06F11/2058 , G06F11/2071 , G06F11/2074 , G06F11/2082 , Y10S707/99953 , Y10S707/99955
摘要： A storage system comprises a plurality of storage subsystems. One storage subsystem as a succeeding subsystem is configured to receive and store one or more blocks of data from another storage subsystem as a preceding subsystem. Each block of data has an associated sequence number in ascending order. The memory in each storage subsystem includes a queue to store the blocks of data and a sequence number associated with each block of data, a record to store a last sequence number associated with a last block of data received by the queue, and a table to store last sequence numbers stored in the last sequence number record gathered from each succeeding storage system. In some embodiments, a smallest last sequence number is determined from the last sequence numbers associated with the blocks of data in the storage subsystems. Blocks of data in the queue of each storage subsystem having associated sequence numbers less than or equal to the determined smallest last sequence number are deleted. In case of a failure of one or more storage subsystems, blocks of data are copied from the surviving storage subsystem having associated sequence numbers higher than the last sequence number of other surviving storage subsystems.
摘要翻译：存储系统包括多个存储子系统。作为后续子系统的一个存储子系统被配置为从另一个存储子系统接收并存储一个或多个数据块作为先前的子系统。每个数据块按照升序具有相关序列号。每个存储子系统中的存储器包括存储数据块的队列和与每个数据块相关联的序列号，存储与由队列接收的最后一个数据块相关联的最后序列号的记录，以及一个表存储存储在从每个后续存储系统收集的最后序列号记录中的最后序列号。在一些实施例中，从与存储子系统中的数据块相关联的最后序列号确定最小的最后序列号。具有小于或等于所确定的最小最后序列号的相关序列号的每个存储子系统的队列中的数据块被删除。在一个或多个存储子系统发生故障的情况下，从具有高于其他存活子系统的最后序列号的相关序列号的存活存储子系统复制数据块。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式