公开(公告)号：US09882913B1

公开(公告)日：2018-01-30

申请号：US15000822

申请日：2016-01-19

Applicant: Pure Storage, Inc.

Inventor： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

公开(公告)号：US09300660B1

公开(公告)日：2016-03-29

申请号：US14726446

申请日：2015-05-29

Applicant: Pure Storage, Inc.

Inventor： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/32 ,  G06F9/46

CPC classification number: H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

Abstract translation: 在云中为存储阵列的用户提供授权和认证包括：从客户端阵列服务模块的基于云的安全模块接收用户凭证; 由基于云的安全模块验证用户凭证; 由基于云的安全模块识别定义用户可访问的一个或多个存储阵列服务的授权访问权限; 由基于云的安全模块生成表示用户凭证的认证和授权的访问权限的令牌; 并且由基于云的安全模块向客户端阵列服务模块提供令牌。

公开(公告)号：US11936719B2

公开(公告)日：2024-03-19

申请号：US17536969

申请日：2021-11-29

Applicant: PURE STORAGE, INC.

Inventor： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L9/40 ,  H04L67/10 ,  H04L67/1097

CPC classification number: H04L67/10 ,  H04L63/0807 ,  H04L67/1097

Abstract: Managing a storage system, including: receiving, over a first network, user credentials associated with an access request to a storage system; sending, over a second network to a cloud-based security module, the user credentials; receiving, over the second network from the cloud-based security module, a token representing that the user credentials were successfully authenticated by the cloud-based security module; and sending, over the first network to the storage system, the token with a management instruction, wherein the storage system is not coupled for data communications to the cloud-based security module.

公开(公告)号：US11503031B1

公开(公告)日：2022-11-15

申请号：US17064419

申请日：2020-10-06

Applicant: PURE STORAGE, INC.

Inventor： Jimmy T. Hu ,  Benjamin Borowiec ,  Ethan Miller ,  Terence Noonan ,  Constantine Sapuntzakis ,  Neil Vachharajani ,  Daquan Zuo

IPC: H04L9/40 ,  H04L9/32 ,  G06F9/455 ,  H04L67/1097

Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a storage array access module from a client-side array services module, a token representing authentication of user credentials and authorized access privileges defining one or more storage array services accessible by the user, where the token is generated by a cloud-based security module upon authentication of the user credentials and identification of authorized access privileges for the user; receiving, by the storage array access module from the user, a user access request to one or more storage array services; and determining, by the storage array access module, whether to grant the user access request in dependence upon the authorized access privileges represented by the token.

公开(公告)号：US10560517B1

公开(公告)日：2020-02-11

申请号：US15966891

申请日：2018-04-30

Applicant: PURE STORAGE, INC.

Inventor： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: G06F7/04 ,  H04L29/08 ,  H04L29/06

Abstract: Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.

公开(公告)号：US11789831B2

公开(公告)日：2023-10-17

申请号：US17957045

申请日：2022-09-30

Applicant: PURE STORAGE, INC.

Inventor： John Colgrove ,  Ronald Karr ,  Steven Hodgson ,  Daquan Zuo ,  Roland Dreier ,  David Grunwald

IPC: G06F11/20 ,  H04L45/12 ,  G06F3/06 ,  G06F16/178 ,  G06F16/182 ,  G06F12/06 ,  G06F12/1072 ,  G06F16/27 ,  G06F11/07 ,  G06F11/14 ,  G06F9/445 ,  H04L67/1095 ,  H04L67/1097 ,  H04L45/00 ,  H04L47/125

CPC classification number: G06F11/2076 ,  G06F3/061 ,  G06F3/0604 ,  G06F3/065 ,  G06F3/067 ,  G06F3/0619 ,  G06F3/0632 ,  G06F3/0659 ,  G06F3/0683 ,  G06F9/44505 ,  G06F11/0727 ,  G06F11/0751 ,  G06F11/1464 ,  G06F11/1471 ,  G06F11/2064 ,  G06F11/2082 ,  G06F12/0684 ,  G06F12/1072 ,  G06F16/178 ,  G06F16/182 ,  G06F16/1844 ,  G06F16/27 ,  G06F16/275 ,  H04L45/12 ,  G06F3/06 ,  G06F11/2053 ,  G06F2003/0697 ,  H04L45/38 ,  H04L47/125 ,  H04L67/1095 ,  H04L67/1097

Abstract: Managing connectivity to synchronously replicated storage systems, including: identifying a plurality of storage systems across which a dataset is synchronously replicated; identifying a host that can issue I/O operations directed to the dataset; identifying a plurality of data communications paths between the host and the plurality of storage systems across which a dataset is synchronously replicated; identifying, from amongst the plurality of data communications paths between the host and the plurality of storage systems across which a dataset is synchronously replicated, one or more optimal paths; and issuing, to the host, an identification of the one or more optimal paths.

公开(公告)号：US11500745B1

公开(公告)日：2022-11-15

申请号：US16891398

申请日：2020-06-03

Applicant: PURE STORAGE, INC.

Inventor： John Colgrove ,  Roland Dreier ,  David Grunwald ,  Steven Hodgson ,  Ronald Karr ,  Daquan Zuo

IPC: G06F11/20 ,  G06F16/178 ,  G06F16/182 ,  G06F3/06 ,  G06F12/06 ,  G06F12/1072 ,  G06F16/27 ,  G06F11/07 ,  G06F11/14 ,  G06F9/445 ,  H04L45/12 ,  H04L47/125 ,  H04L67/1095 ,  H04L67/1097 ,  H04L45/00

Abstract: Managing connectivity to synchronously replicated storage systems, including: identifying a plurality of storage systems across which a dataset is synchronously replicated; identifying a host that can issue I/O operations directed to the dataset; identifying a plurality of data communications paths between the host and the plurality of storage systems across which a dataset is synchronously replicated; identifying, from amongst the plurality of data communications paths between the host and the plurality of storage systems across which a dataset is synchronously replicated, one or more optimal paths; and issuing, to the host, an identification of the one or more optimal paths.

公开(公告)号：US10021170B2

公开(公告)日：2018-07-10

申请号：US14726442

申请日：2015-05-29

Applicant: Pure Storage, Inc.

Inventor： Jimmy T. Hu ,  Terence W. Noonan ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/10 ,  H04L63/0807 ,  H04L67/1097

Abstract: Managing a storage array includes: receiving, by a client-side array services module from a cloud-based security module through data communications on a wide area network, a token representing authentication of user credentials; and managing, by the client-side array services module, a storage array only through data communications on a local area network, including sending, to the storage array, the token with a management instruction.

公开(公告)号：US12181981B1

公开(公告)日：2024-12-31

申请号：US16855348

申请日：2020-04-22

Applicant: PURE STORAGE, INC.

Inventor： Marten Heidemeyer ,  Vivekkumar Patel ,  Neale Genereux ,  David Grunwald ,  Thomas Gill ,  Daquan Zuo

IPC: G06F11/14 ,  G06F9/455 ,  G06F16/27

Abstract: A recovery storage system asynchronously protecting a synchronously replicated dataset, where the asynchronous protection of the synchronously replicated dataset includes: receiving, by a recovery storage system, an identifier of a synchronously replicated dataset, wherein the synchronously replicated dataset is a dataset synchronously replicated across the plurality of storage systems; asynchronously replicating, on the recovery storage system, the synchronously replicated dataset from the plurality of storage systems; detecting that each dataset in the synchronously replicated dataset on the plurality of storage systems has become unavailable; and restoring the dataset on the recovery storage system.

公开(公告)号：US11882179B2

公开(公告)日：2024-01-23

申请号：US17731294

申请日：2022-04-28

Applicant: PURE STORAGE, INC.

Inventor： Logan Jennings ,  Aaron Dailey ,  Roland Dreier ,  Ganga Kondapalli ,  Nicole Tselentis ,  Stephen Whitney ,  Daquan Zuo ,  Ronald Karr ,  John Colgrove

IPC: G06F15/173 ,  H04L67/1095 ,  H04L67/1097 ,  H04L69/16 ,  H04L41/0816 ,  H04L41/08

CPC classification number: H04L67/1095 ,  H04L41/0816 ,  H04L41/0886 ,  H04L67/1097 ,  H04L69/16

Abstract: Supporting multiple replication schemes across distinct network layers, including: replicating, over a first type of network messaging layer, data between a first storage system and a second storage system; selecting a different messaging layer for data replication; and replicating, over a second type of network messaging layer, data between the first storage system and the second storage system.