公开(公告)号：US12032724B2

公开(公告)日：2024-07-09

申请号：US17886079

申请日：2022-08-11

Applicant: PURE STORAGE, INC.

Inventor： Kiron Vijayasankar ,  Alexandre Xavier Duchateau ,  Constantine P. Sapuntzakis ,  Yuval Frandzel

IPC: G06F21/78 ,  G06F3/06 ,  G06F21/60 ,  G06F21/64 ,  H04L9/32 ,  H04L9/40 ,  H04L67/1097 ,  H04L69/04 ,  H04L9/00

CPC classification number: G06F21/78 ,  G06F3/0608 ,  G06F3/0623 ,  G06F3/064 ,  G06F3/0661 ,  G06F3/0664 ,  G06F3/067 ,  G06F3/0673 ,  G06F3/0688 ,  G06F21/602 ,  G06F21/606 ,  G06F21/64 ,  H04L9/3239 ,  H04L63/0428 ,  H04L67/1097 ,  H04L69/04 ,  H04L9/50

Abstract: A method includes compressing data to generate compressed data having a first block size corresponding to a block-size requirement of a client device. The method further includes encrypting the compressed data to generate an encrypted data packet. The method further includes adding, by a processing device, a padding bit pattern to the encrypted data packet to generate a data block for storage, the data block having a second block size determined by a buffer size of a storage array.

公开(公告)号：US11921908B2

公开(公告)日：2024-03-05

申请号：US18058504

申请日：2022-11-23

Applicant: PURE STORAGE, INC.

Inventor： Yuval Frandzel ,  Kiron Vijayasankar ,  Alexandre Xavier Duchateau ,  Constantine P. Sapuntzakis

IPC: G06F3/06 ,  G06F21/60 ,  G06F21/64 ,  G06F21/78 ,  H04L9/32 ,  H04L9/40 ,  H04L67/1097 ,  H04L69/04 ,  H04L9/00

CPC classification number: G06F21/78 ,  G06F3/0608 ,  G06F3/0623 ,  G06F3/064 ,  G06F3/0661 ,  G06F3/0664 ,  G06F3/067 ,  G06F3/0673 ,  G06F3/0688 ,  G06F21/602 ,  G06F21/606 ,  G06F21/64 ,  H04L9/3239 ,  H04L63/0428 ,  H04L67/1097 ,  H04L69/04 ,  H04L9/50

Abstract: A method of volume compressed header identification includes reading, by a processing device of a host, compressible data on a sector of a storage volume of a storage array. The method further includes compressing the compressible data to generate compressed data for the sector. The method further includes adding, by the processing device of the host, metadata associated with the storage volume to the compressed data. The method further includes writing the compressed data, including the added metadata, to the sector of the storage volume of the storage array.

公开(公告)号：US11436378B2

公开(公告)日：2022-09-06

申请号：US16943843

申请日：2020-07-30

Applicant: PURE STORAGE, INC.

Inventor： Kiron Vijayasankar ,  Alexandre Xavier Duchateau ,  Constantine P. Sapuntzakis ,  Yuval Frandzel

IPC: G06F21/78 ,  H04L69/04 ,  G06F21/60 ,  H04L9/40 ,  G06F3/06 ,  G06F21/64 ,  H04L67/1097 ,  H04L9/32

Abstract: A method includes compressing data to generate compressed data having a first block size corresponding to a block-size requirement of a client device. The method further includes encrypting the compressed data to generate an encrypted data packet. The method further includes adding, by a processing device, a padding bit pattern to the encrypted data packet to generate a data block for storage, the data block having a second block size determined by a buffer size of a storage array.

公开(公告)号：US11113409B2

公开(公告)日：2021-09-07

申请号：US16172329

申请日：2018-10-26

Applicant: PURE STORAGE, INC.

Inventor： Constantine P. Sapuntzakis ,  Kiron Vijayasankar ,  Yuval Frandzel

IPC: G06F21/60 ,  G06F12/14 ,  H04L9/08 ,  H04L29/08 ,  G06F21/62

Abstract: A method of efficient rekey in a transparent decrypting storage array includes receiving an instruction to rekey data on a storage array, wherein the instruction identifies first encryption information and second encryption information. The method further includes decrypting, by a processing device of a storage array controller, the data using the first encryption information to generate decrypted data. The method further includes encrypting the decrypted data using the second encryption information to generate encrypted data.

公开(公告)号：US12135888B2

公开(公告)日：2024-11-05

申请号：US16508178

申请日：2019-07-10

Applicant: Pure Storage, Inc.

Inventor： Matthew Paul Fay ,  Brandon Davis ,  Nathan David Parrish ,  Yanwei Jiang ,  Constantine P. Sapuntzakis ,  Ronald Karr

IPC: G06F3/06 ,  G06F9/455 ,  G06F12/02 ,  G06F16/9035 ,  G06F16/907 ,  G06N7/01

Abstract: A storage system includes solid-state storage devices and a storage controller operatively coupled to the solid-state storage devices, the storage controller including a processing device, to store sets of data at one or more solid-state storage devices of the plurality of solid-state storage devices. The processing device may also generate tags for each of the sets of data based on one or more metadata items associated with each set of data. The processing device may also determine an expected lifespan for each set of data based on the one or more tags generated for the respective set of data. The processing device may also group each of the one or more sets of data into respective ones of a plurality of memory blocks based on the expected lifespan for each set of data, wherein each memory block corresponds to sets of data of a particular expected lifespan.

公开(公告)号：US11520936B1

公开(公告)日：2022-12-06

申请号：US17130422

申请日：2020-12-22

Applicant: PURE STORAGE, INC.

Inventor： Yuval Frandzel ,  Kiron Vijayasankar ,  Alexandre Xavier Duchateau ,  Constantine P. Sapuntzakis

IPC: G06F3/06 ,  G06F21/78 ,  G06F21/60 ,  H04L9/40 ,  G06F21/64 ,  H04L67/1097 ,  H04L9/32 ,  H04L69/04 ,  H04L9/00

Abstract: A method of volume compressed header identification includes reading, by a processing device of a host, compressible data on a sector of a storage volume of a storage array. The method further includes compressing the compressible data to generate compressed data for the sector. The method further includes adding, by the processing device of the host, metadata associated with the storage volume to the compressed data. The method further includes writing the compressed data, including the added metadata, to the sector of the storage volume of the storage array.

公开(公告)号：US20190065788A1

公开(公告)日：2019-02-28

申请号：US16116772

申请日：2018-08-29

Applicant: PURE STORAGE, INC.

Inventor： Kiron Vijayasankar ,  Alexandre Xavier Duchateau ,  Constantine P. Sapuntzakis ,  Yuval Frandzel

IPC: G06F21/78 ,  H04L29/06 ,  G06F21/60

Abstract: A method of encryption management with host-side data reduction includes identifying data to be written to a storage array and compressing the data to generate compressed data. The method further includes encrypting the compressed data to generate an encrypted data packet. The method further includes adding, by a processing device of a host, a padding bit pattern to the encrypted data packet to generate a data block for storage. The method further includes sending the data block to the storage array.

公开(公告)号：US09882913B1

公开(公告)日：2018-01-30

申请号：US15000822

申请日：2016-01-19

Applicant: Pure Storage, Inc.

Inventor： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

公开(公告)号：US09300660B1

公开(公告)日：2016-03-29

申请号：US14726446

申请日：2015-05-29

Applicant: Pure Storage, Inc.

Inventor： Benjamin P. Borowiec ,  Jimmy T. Hu ,  Ethan L. Miller ,  Terence W. Noonan ,  Constantine P. Sapuntzakis ,  Neil A. Vachharajani ,  Daquan Zuo

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/32 ,  G06F9/46

CPC classification number: H04L63/102 ,  G06F9/45533 ,  G06F9/46 ,  G06F21/335 ,  H04L9/3226 ,  H04L9/3242 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/083 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2209/72

Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a cloud-based security module from a client-side array services module, user credentials; authenticating, by the cloud-based security module, the user credentials; identifying, by the cloud-based security module, authorized access privileges defining one or more storage array services accessible by the user; generating, by the cloud-based security module, a token representing the authentication of the user credentials and the authorized access privileges; and providing, by the cloud-based security module to the client-side array services module, the token.

Abstract translation: 在云中为存储阵列的用户提供授权和认证包括：从客户端阵列服务模块的基于云的安全模块接收用户凭证; 由基于云的安全模块验证用户凭证; 由基于云的安全模块识别定义用户可访问的一个或多个存储阵列服务的授权访问权限; 由基于云的安全模块生成表示用户凭证的认证和授权的访问权限的令牌; 并且由基于云的安全模块向客户端阵列服务模块提供令牌。

公开(公告)号：US11588633B1

公开(公告)日：2023-02-21

申请号：US16355329

申请日：2019-03-15

Applicant: PURE STORAGE, INC.

Inventor： Constantine P. Sapuntzakis ,  Kiron Vijayasankar

IPC: H04L9/08 ,  G06F3/06 ,  H04L9/14

Abstract: A method of decommissioning a key in a decryption storage system includes scanning a storage system to identify metadata associated with a current key to be decommissioned. The method further includes encrypting, with the current key, data corresponding to the metadata to generate encrypted data. The method further includes decrypting the encrypted data with a target key to generate decrypted data. The method further includes modifying, by a processing device, the metadata to identify the target key to generate modified metadata. The method further includes storing the decrypted data and the modified metadata to the storage system.