Storage solutions generally include disk storage arrays which are defined and managed by one or more file systems. A file system includes software programs and data structures which define the use of underlying data storage devices. File systems are responsible for organizing disk sectors into files and directories and keeping track of which sectors belong to which file and which are not being used.
A file server is a computer responsible for the central storage and management of data files so that other computers on the same network can access the files. A file server allows users to share information over a network without having to physically transfer files by floppy diskette or some other external storage device. Any computer can be configured to be a host and act as a file server. In its simplest form, a file server may be an ordinary PC that handles requests for files and sends them over the network. In a more sophisticated network, a file server might be a dedicated network-attached storage (NAS) device that also serves as a remote hard disk drive for other computers, allowing anyone on the network to store files on it as if to their own hard drive.
Clients request access to the file system using a file system protocol. One file system protocol is the Network File System (NFS). NFS is a client/server application of Sun Microsystems, Inc. that lets a computer user view and optionally store and update files on a remote computer as though they were on the user's own computer. Other file system protocols in addition to NFS include the Common Internet File System (CIFS), which is a public variation of the Server Message Block Protocol (SMBP) developed and used by Microsoft. The SMB Protocol is widely used in today's local area networks for server file access and printing. CIFS is viewed as a complement to the existing Internet application protocols such as the File Transfer Protocol (FTP) and the Hypertext Transfer Protocol (HTTP).
The file system software translates client requests into disk operations which are forwarded to the storage arrays using a disk protocol such as the Small Computer System Interconnect (SCSI), Internet SCSI (iSCSI), or the Fibre Channel protocol. SCSI and Fibre channel are standard electronic interfaces that allow computers to communicate with peripheral hardware such as disk drives at high speed.
The disk interfaces are high speed interfaces that are capable of providing large amounts of data to satisfy client requests at any given period in time. However, the potential of the disk arrays to deliver the data is limited by the ability of the file server to handle client access requests. Thus the file server becomes a bottleneck that limits the performance of the storage system to the request handling capacity of the file server.
One mechanism that has been introduced to overcome the problems associated with a file server bottleneck is a Fragment Mapping Protocol (FMP). The Fragment Mapping Protocol is an Remote Procedure Call (RPC) protocol which allows local clients to directly read and write file data to and from networked storage devices, rather than sending I/O requests through the file server. The FMP works in tandem with the file system protocol to expose the file system to applications on the client. Allowing the client to have direct access to the storage devices reduces the delays associated with retrieving data, and improves the performance of client applications.
The FMP generally works as follows. An FMP client communicates file descriptors to an FMP file server to obtain file mapping meta-data that describes how and where the files are stored in the disk arrays. Clients dynamically request meta-data from the server during normal operation in a manner transparent to the client's operating system and applications. Access controls and coherency checks may be applied at a volume granularity. Once the client retrieves the meta-data, it can use file handle information provided in the meta-data to directly access the storage devices via a SCSI or Fibre channel interface, or via an Internet SCSI (iSCSI) interface.
FMP allows the performance capabilities of disk arrays to be more thoroughly utilized by off-loading data transfer tasks from the file server. Although control operations (such as obtaining the meta-data) may be subject to the performance issues of the file server, data transfer, which encompasses the larger portion of an exchange, can be provided directly via the disk interface, thereby more fully realizing the performance potentials of the disk arrays.
One disadvantage of FMP is that it requires FMP clients to have full access to storage volumes used to store data on their file systems, even if the file systems utilize only a portion of the volume. As a result, an FMP client that is compromised by a malicious user or system software could read or modify data that it is not authorized to access. As a result, the use of FMP is generally limited to network configurations where clients are co-located with the storage arrays and can be trusted.
One method of preventing this vulnerability is to use additional host based software such as custom drivers in the file server that would consult with the FMP client to validate file storage accesses. However, even with such a solution it remains possible that such techniques may be bypassed by a malicious client. It would be desirable to identify another type of authentication mechanism to secure FMP operations.