1. Field of the Invention
The present invention relates to a technique of cache control in a node device, which relays data between a storage device and clients.
2. Description of the Related Art
A large scale computing system connecting with a plurality of client computers (Hereinafter referred to as a “client”) via a network is typically constructed in companies. Such a computer system requires a mass memory device, what is called a storage device, to provide a variety of data and programs used for operations on respective clients. The storage device with a high capacity hard disk enables users of clients to store and read out data and programs in the allocated area for themselves or in the shared area. One typical protocol to access to the storage device is SCSI (Small Computer System Interface). Recently, another protocol called iSCSI has been applied to divide a SCSI command into IP packets to be transmitted via a network. The use of iSCSI attempts to provide an environment where a greater number of clients or clients located in a remote place can access to the storage device.
One typical method for utilizing the storage device is a remote boot, that is, a start-up of the client. In case of the remote boot, an operating system required to the start-up and a variety of files, such as a configuration file are pre-stored in an area corresponding to the individual user on the storage device. Each client is capable of start-up with reading of these files from the storage device via the network.
When executing the remote boot, each client is not required to incorporate a hard disk but it is sufficient to include a ROM for storing relatively smaller boot program to achieve the access to the storage device. Unifying the management of the data on the storage device, instead of storing the data in the hard disk of each client, prevents important data from being lost or leaked even if the client is damaged or stolen, and thereby enhances the security. This application also has practical advantage that allows users to start up any client connected on the network with a certain setup proper to the user. The details of the remote boot has been disclosed in, for example, JP1994-332716A, JP2001-75853A and JP2000-259583A.
One available application includes a node device, equipped with a cache memory, between clients and the storage device to reduce accesses to the storage device. In this system, the cached data in the node device may be supplied to clients without accessing to the storage device, and thus reduces the number of accesses to the storage device.
One problem with a system including a node device is that security on the node device inclines to fragile. Storage devices are generally managed with highly strict security as secret data of a company centers thereon. For example, it is strictly limited to enter the room where the storage device is located along with the access to the storage device in the software system using a fire wall or the like. Also, applying a diskless computer, that is, a computer without a hard disk, to the client prevents the leakage of the data. Even if the client is equipped with the hard disk, it is assumed that the user be concerned about his own device to avoid theft or unauthorized use, and thus ensures a certain level of security. The security level of the node device, on the other hand, is not as high as that of the storage device, and users are less concerned about the security. The secret data, transmitted and received between the storage device and the client, is cached in the node device under such an environment. The node device is in danger of the theft or the unauthorized access, which can cause the leakage of the data. One typical example of such secret data is a core dump, which is output from the client when troubles occur in an operation. The core dump is written in the internal hard disk on an ordinary computer while being written in the storage device on a diskless computer after process of cache in the node device. The core dump includes various secret information, which has been stored in the computer, such as a password to access to the storage device, and thus the leakage of the core dump causes the unauthorized access to the storage device to be permitted. The object of the present invention is thus to provide a technique that enhances security of the node device.