An ever-increasing amount of data and services are being made available for access over distributed systems, such as computer networks. Storage area networks (SANs) are one example of distributed data storage network. A typical SAN includes multiple storage devices and servers or hosts that are networked together to provide a corresponding increase in the amount of storage available to the hosts. The storage devices in a typical SAN can be networked together using a variety of networking technologies. For example, Fibre Channel (FC) is one networking technology used in SANs.
One drawback of networked data storage systems, such as SANs, is that they can be vulnerable to unauthorized access, for example, break-ins by hackers. For this reason, many SANs include an authentication system that prevents a user from accessing a storage device in the SAN until the authentication system authenticates the user's identity and determines that the user is authorized to access the SAN. For example, the requesting device sends a name/password combination to the SAN, and the SAN's authentication process checks the name/password against a list of authorized name/password combinations. In another example, the requesting device sends a cryptographically hashed code to the SAN, and the authentication process runs the same algorithm to determine the authenticity and the authorization of the user.
Authentication servers in SAN's can authenticate devices as described in the prior paragraph. They also can typically be used as a way to authenticate users who login into devices in a network, in this case a SAN.