The disclosure relates generally to input/output (I/O) on a computer, and more specifically, to access control and security for synchronous I/O links.
Storage Area Networks (SANs), as described by the Storage Networking Industry Association (SNIA), are high performance networks that enable storage devices and computer systems to communicate with each other. In large enterprises, multiple computer systems or servers have access to multiple storage control units within the SAN. Typical connections between the servers and control units use technologies such as Ethernet or Fibre-Channel, with the associated switches, I/O adapters, device drivers and multiple layers of a protocol stack. Fibre-channel, for example, as defined by the INCITS T11 Committee, defines physical and link layers FC0, FC1, FC2 and FC-4 transport layers such as the Fibre Channel Protocol (FCP) for SCSI and FC-SB-3 for Fibre Connectivity (FICON). There are many examples of synchronous and asynchronous I/O access methods, each with their own advantages and disadvantages. Synchronous I/O causes a software thread to be blocked while waiting for the I/O to complete, but avoids context switches and interrupts. This works well when the I/O is locally attached with minimal access latency, but as access times increase, the non-productive processor overhead of waiting for the I/O to complete becomes unacceptable for large multi-processing servers. The current state of the art for server access to SAN storage, with its associated protocol over-head, is to use asynchronous I/O access methods. The large variation in access times, and even the minimum access times, of SAN storage with today's protocols such as Fibre-Channel, make synchronous I/O access unacceptable.