专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07873984B2 Network security through configuration servers in the fabric environment 有权
标题翻译：通过组织环境中的配置服务器进行网络安全
公开(公告)号：US07873984B2
公开(公告)日：2011-01-18
申请号：US10066251
申请日：2002-01-31
申请人： Richard L. Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
发明人： Richard L. Hammons , James Kleinsteiber , Hung Nguyen , Shankar Balasubramanian , Vidya Renganarayanan
IPC分类号： G06F17/00
CPC分类号： H04L63/0823 , H04L63/0428 , H04L63/101
摘要： A network configuration device or entity has control of defined management and security functions in the network, or in many embodiments, in a Fiber Channel fabric. The network configuration device may control many functions. Foremost, it may control the recognition, operation and succession procedure for network configuration entities. It may also control user configurable options for the network, rules for interaction between other entities in the network, rules governing management-level access to the network, and rules governing management-level access to individual devices in the network. In addition, the network configuration entity may exploit policy sets to implement its control.
摘要翻译：网络配置设备或实体具有在网络中或在许多实施例中在光纤通道结构中的定义的管理和安全功能的控制。网络配置设备可以控制许多功能。最重要的是，它可以控制网络配置实体的识别，操作和继承过程。它还可以控制网络的用户可配置选项，网络中其他实体之间的交互规则，管理对网络的管理级访问的规则，以及管理对网络中各个设备的管理级访问的规则。此外，网络配置实体可以利用策略集来实现其控制。

2. 发明授权

US07036013B2 Secure distributed time service in the fabric environment 失效
标题翻译：在Fabric环境中安全分发时间服务
公开(公告)号：US07036013B2
公开(公告)日：2006-04-25
申请号：US10061976
申请日：2002-01-31
申请人： Vidya Renganarayanan , Richard L. Hammons , James Kleinsteiber
发明人： Vidya Renganarayanan , Richard L. Hammons , James Kleinsteiber
IPC分类号： G06F9/00
CPC分类号： H04L41/0893 , H04L41/0213 , H04L63/20
摘要： A secure and distributed time service is discussed for use in a network. In particular, the invention relates to Fiber Channel networks and the secure distribution of time service using a push model. In order to distribute time on a push model, one entity assumes responsibility for time in the network. Other entities in the network receive periodic time updates and check the validity of their own time by gauging the elapsed time since the previous time update. The time service is secured using by applying a unique combination of encryption techniques.
摘要翻译：讨论安全和分布式的时间服务以用于网络。特别地，本发明涉及光纤通道网络和使用推模型的时间服务的安全分发。为了在推模式上分配时间，一个实体对网络中的时间负责。网络中的其他实体通过衡量自上一次更新以来的经过时间来定期接收时间更新并检查其自身时间的有效性。通过应用加密技术的独特组合来保护时间服务。

3. 发明授权

US08621567B2 Network security and applications to the fabric environment 有权
标题翻译：网络安全和应用到面料环境
公开(公告)号：US08621567B2
公开(公告)日：2013-12-31
申请号：US11198834
申请日：2005-08-05
申请人： James Kleinsteiber , Richard L. Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
发明人： James Kleinsteiber , Richard L. Hammons , Dilip Gunawardena , Hung Nguyen , Shankar Balasubramanian , Vidya Renganararayanan
IPC分类号： G06F21/00
CPC分类号： H04L63/08 , H04L63/0428 , H04L63/0823 , H04L63/0869 , H04L63/104 , H04L63/20 , H04L2463/102
摘要： A method and apparatus for securing networks, focusing on application in Fibre Channel networks. A combination of unique security techniques are combined to provide overall network security. Responsibility for security in the network is assigned to one or more designated entities. The designated entities deploy management information throughout the network to enhance security by modifying the capabilities and operational permissions of the devices participating in the network. For example, through network control: logical management access or physical I/O access may be limited on a per device or per I/O basis; and all devices and ports in the network operate only with other approved devices and ports. These designated entities can better manage network security by exploiting a unique link authentication system as well as a unique push-model secure distributed time service. The link authentication involves a multi-phase nonce exchange exploiting various derivations of the nonce and other information such as hashes and encryptions. The push-model secure time distribution departs from the traditional Fibre Channel pull mode time distribution and provides for secure and reliable distributed time so that various security attacks may be defeated.
摘要翻译：一种用于保护网络的方法和设备，专注于光纤通道网络中的应用。组合独特的安全技术，提供整体网络安全。将网络中的安全责任分配给一个或多个指定实体。指定实体在整个网络中部署管理信息，通过修改参与网络的设备的功能和操作许可来增强安全性。例如，通过网络控制：逻辑管理访问或物理I / O访问可能在每个设备或每个I / O的基础上受到限制; 并且网络中的所有设备和端口仅与其他已批准的设备和端口一起工作。这些指定实体可以通过利用独特的链路认证系统以及独特的推模型安全分发时间服务来更好地管理网络安全。链路认证涉及利用随机数的各种推导和其他信息（如散列和加密）的多阶段随机交换。推模型安全时间分配与传统的光纤通道拉模式时间分布不符，提供了安全可靠的分发时间，从而可能会破坏各种安全攻击。

4. 发明授权

US07243367B2 Method and apparatus for starting up a network or fabric 有权
标题翻译：用于启动网络或结构的方法和设备
公开(公告)号：US07243367B2
公开(公告)日：2007-07-10
申请号：US10062860
申请日：2002-01-31
申请人： James Kleinsteiber , Richard L. Hammons , Shankar Balasubramanian
发明人： James Kleinsteiber , Richard L. Hammons , Shankar Balasubramanian
IPC分类号： G06F7/04 , G06F15/16 , H04L9/00 , H04L12/00
CPC分类号： H04L63/0869 , H04L49/357
摘要： A method and system for starting up a network or network device with particular discussion regarding Fibre Channel networks and switches. The method and system relate to powering on or re-starting a plurality of Fibre Channel switching devices, each of those devices having ports. The system generally calls for the selection of a priority threshold that relates to the importance of tasks in fabric formation. Some embodiments of the system exploit a port authentication procedure to separate the execution of tasks higher in priority than the threshold from tasks lower in priority than the threshold.
摘要翻译：一种用于启动网络或网络设备的方法和系统，具体涉及光纤通道网络和交换机。该方法和系统涉及为多个光纤通道交换设备供电或重新启动，每个设备具有端口。系统通常要求选择与织物形成中的任务的重要性有关的优先级阈值。该系统的一些实施例利用端口认证过程，从优先级低于阈值的任务中分离优先级高于阈值的任务的执行。

5. 发明授权

US08320241B2 Fibre channel network employing registered state change notifications with enhanced payload 有权
标题翻译：光纤通道网络采用注册状态更改通知，增强了有效载荷
公开(公告)号：US08320241B2
公开(公告)日：2012-11-27
申请号：US10208375
申请日：2002-07-30
申请人： Xiaoheng Chen , Raymond C. Tsai , Richard L. Hammons , Lalit D. Pathak
发明人： Xiaoheng Chen , Raymond C. Tsai , Richard L. Hammons , Lalit D. Pathak
IPC分类号： H04J3/14 , H04L12/26 , G06F15/16 , G06F15/177 , G06F13/00
CPC分类号： H04L12/24 , H04L41/00 , H04L43/0817
摘要： A network of switches that employ Registered State Change Notifications (RSCNs) with enhanced payloads is disclosed. In one embodiment, the network comprises multiple switches coupled together, and multiple node devices each directly-coupled to at least one other switch. Each of the switches preferably provides RSCNs to other switches when a node device state change is detected. One or more of the RSCNs preferably includes a device entry having more than four properties associated with the node device undergoing the state change. The switches receiving the enhanced RSCNs preferably maintain caches of remote node device entries copied from the RSCN device entries. The device entries preferably include one or more of the following: Owner Identifier, Port Type, Port Identifier, Port Name, Node Name, Initial Process Associator, Node IP Address, Class of Service, FC-4 Types, Port IP Address, Fabric Port Name, and Hard Address. Traffic overhead may advantageously be reduced.
摘要翻译：公开了采用具有增强有效载荷的注册状态变更通知（RSCN）的交换机网络。在一个实施例中，网络包括耦合在一起的多个开关，以及每个直接耦合到至少一个其他开关的多个节点装置。当检测到节点设备状态改变时，每个交换机优选地向其他交换机提供RSCN。一个或多个RSCN优选地包括具有与经历状态改变的节点设备相关联的多于四个属性的设备条目。接收增强型RSCN的交换机优选地保持从RSCN设备条目复制的远程节点设备条目的高速缓存。设备条目优选地包括以下中的一个或多个：所有者标识符，端口类型，端口标识符，端口名称，节点名称，初始过程关联器，节点IP地址，服务等级，FC-4类型，端口IP地址，结构端口名称和硬地址。可以有利地减少业务开销。

6. 发明授权

US07606239B2 Method and apparatus for providing virtual ports with attached virtual devices in a storage area network 有权
标题翻译：用于在存储区域网络中为虚拟端口提供附接的虚拟设备的方法和装置
公开(公告)号：US07606239B2
公开(公告)日：2009-10-20
申请号：US10356659
申请日：2003-01-31
申请人： Naveen S. Maveli , Subhojit Roy , Richard L. Hammons , Carlos Alonso
发明人： Naveen S. Maveli , Subhojit Roy , Richard L. Hammons , Carlos Alonso
IPC分类号： H04L12/28
CPC分类号： H04L12/4641
摘要： Systems particularly a virtualization switch or a storage device, which include virtual ports connected to virtual devices with virtual worldwide names and virtual LUNs. Because Fibre Channel environment hosts can track worldwide names from one port to another and allow continuity in that regard, the virtual worldwide names are provided with relevant virtual LUNs and connected these to virtual ports so that the virtual devices can be moved as desired to overcome failures or to allow load balancing.
摘要翻译：系统特别是虚拟化交换机或存储设备，其中包括虚拟端口连接到具有虚拟全球名称和虚拟LUN的虚拟设备。由于光纤通道环境主机可以跟踪世界各地的名称从一个端口到另一个端口，并允许在这方面的连续性，虚拟全球名称提供有相关的虚拟LUN并将其连接到虚拟端口，以便可以根据需要移动虚拟设备以克服故障或允许负载平衡。

7. 发明授权

US07433299B2 Fault-tolerant updates to a distributed fibre channel database 有权
标题翻译：分布式光纤通道数据库的容错更新
公开(公告)号：US07433299B2
公开(公告)日：2008-10-07
申请号：US10056823
申请日：2002-01-24
申请人： Balakumar N. Kaushik , Richard L. Hammons , Wai-Sze Tam
发明人： Balakumar N. Kaushik , Richard L. Hammons , Wai-Sze Tam
IPC分类号： G06F11/00
CPC分类号： H04L49/557 , H04L29/06 , H04L49/351 , H04L49/357 , H04L67/10 , H04L69/329
摘要： Fault tolerant techniques to update a distributed database in a switched-fabric network. A commit master switch initiates an update operation using a four-phase process that provides for the automatic fail-over to a second (or more) switches if the commit master should not complete the update operation. In response to a lost commit master switch, one or more switches may assume the role of the commit master to either abort or complete the update operation.
摘要翻译：更新交换式网络中的分布式数据库的容错技术。提交主交换机使用四阶段进程启动更新操作，如果提交主机不能完成更新操作，那么它将自动故障切换到第二个（或多个）交换机。响应丢失的提交主交换机，一个或多个交换机可以承担提交主机的角色，以中止或完成更新操作。

8. 发明授权

US07139845B2 Fibre channel fabric snapshot service 有权
标题翻译：光纤通道架构快照服务
公开(公告)号：US07139845B2
公开(公告)日：2006-11-21
申请号：US10425559
申请日：2003-04-29
申请人： Balakumar N. Kaushik , Shankar Balasubramanian , Richard L. Hammons
发明人： Balakumar N. Kaushik , Shankar Balasubramanian , Richard L. Hammons
IPC分类号： G06F3/00 , G06F11/00 , G06F12/00
CPC分类号： G06F11/1464 , G06F11/1466 , G06F2201/84 , H04L49/357 , H04L67/1097 , Y10S707/99953 , Y10S707/99955
摘要： The snapshot capability moving into the SAN fabric and being provided as a snapshot service. A well-known address is utilized to receive snapshot commands. Each switch in the fabric connected to a host contains a front end or service interface to receive the snapshot command. Each switch of the fabric connected to a storage device used in the snapshot process contains a write interceptor module which cooperates with hardware in the switch to capture any write operations which would occur to the snapshot data area. The write interceptor then holds these particular write operations until the original blocks are transferred to a snapshot or separate area so that the original read data is maintained. Should a read operation occur to the snapshot device and the original data from requested location has been relocated, a snapshot server captures these commands and redirects the read operation to occur from the snapshot area. If, however, the read operation is directed to the original drive, the read is provided from the original data areas, even if the data had been replaced. The snapshot server determines the existence of particular snapshot devices, allocates their storage locations, provides this information to both the service interfaces and the write interceptors and handles read and write operations to the snapshot device.
摘要翻译：快照功能进入SAN架构，并作为快照服务提供。利用着名的地址接收快照命令。连接到主机的每个交换机都包含一个前端或服务接口来接收快照命令。连接到快照过程中使用的存储设备的结构的每个交换机都包含一个写入拦截器模块，该模块与交换机中的硬件配合，以捕获快照数据区域将发生的任何写入操作。写拦截器然后保存这些特定的写入操作，直到原始块被传送到快照或分离区域，以便保持原始读取数据。如果快照设备发生读取操作，并且重新定位了来自请求位置的原始数据，则快照服务器捕获这些命令并重定向从快照区域发生的读取操作。但是，如果读取操作指向原始驱动器，则即使已更换数据，也会从原始数据区域提供读取。快照服务器确定特定快照设备的存在，分配其存储位置，将此信息提供给服务接口和写截取器，并处理对快照设备的读写操作。

9. 发明授权

US08228820B2 Port expander for fibre channel fabrics in storage area networks 有权
标题翻译：端口扩展器用于存储区域网络中的光纤通道结构
公开(公告)号：US08228820B2
公开(公告)日：2012-07-24
申请号：US12500441
申请日：2009-07-09
申请人： Manjunath A. Gopal Gowda , Richard L. Hammons
发明人： Manjunath A. Gopal Gowda , Richard L. Hammons
IPC分类号： H04L12/28
CPC分类号： H04L49/45 , H04L45/12 , H04L49/357 , H04L49/552
摘要： An port expander Fibre Channel switch presents F_ports to form a first Fibre Channel fabric and N_ports to a second Fibre Channel fabric to appear as node devices. The port expander may be used to connect a plurality of blade servers to a Fibre Channel fabric. Fabric events engendered by the insertion or removal of hot-pluggable devices are handled by the port expander and “event storms” on the Fibre Channel fabric are avoided. The port expander presents the blade servers to the FC fabric as a virtualized N_port.
摘要翻译：端口扩展器光纤通道交换机提供F_ports以形成第一个光纤通道结构，并将N_ports作为第二个光纤通道结构显示为节点设备。端口扩展器可以用于将多个刀片服务器连接到光纤通道结构。插入或移除热插拔设备引起的布局事件由端口扩展器处理，避免了光纤通道结构上的“事件风暴”。端口扩展器将刀片服务器作为虚拟化N_port提供给FC结构。

10. 发明申请

US20120011297A1 Isolation Switch for Fibre Channel Fabrics in Storage Area Networks 有权
标题翻译：存储区域网络光纤通道结构隔离开关
公开(公告)号：US20120011297A1
公开(公告)日：2012-01-12
申请号：US13238815
申请日：2011-09-21
申请人： Santosh Shanbhag , Richard L. Hammons , Balakumar N. Kaushik , Vincent W. Guan
发明人： Santosh Shanbhag , Richard L. Hammons , Balakumar N. Kaushik , Vincent W. Guan
IPC分类号： G06F13/00
CPC分类号： H04L49/357 , H04L49/3009 , H04L49/356 , H04L49/50 , H04L49/55 , H04L49/70 , H04L63/0227 , H04L67/1097
摘要： An isolation switch blade Fibre Channel switch presents F_ports to form a first Fibre Channel fabric and N_ports to a second Fibre Channel fabric to appear as node devices. The isolation switch blade may be used to connect a plurality of blade servers to a Fibre Channel fabric. Fabric events engendered by the insertion or removal of hot-pluggable devices are handled by the isolation switch blade and “event storms” on the Fibre Channel fabric are avoided. The isolation switch blade presents the blade servers to the FC fabric as a virtualized N_port.
摘要翻译：隔离开关刀片光纤通道交换机提供F_ports以形成第一个光纤通道结构，并将N_ports呈现为第二个光纤通道结构，以显示为节点设备。隔离开关刀片可以用于将多个刀片服务器连接到光纤通道结构。通过插拔热插拔设备引起的结构事件由隔离开关刀片处理，避免了光纤通道结构上的“事件风暴”。隔离开关刀片将刀片服务器作为虚拟化N_port呈现到FC结构。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式