1. Field of the Invention
The present application relates to a method for providing authentication of users accessing a shared NFS (Network File System).
2. Description of the Related Art
NFS (Network File System) is a network file system protocol originally developed by Sun Microsystems in 1984. NFS allows a user on a client computer to access files over a network as if the network devices were part of the client computer. Various network attached storage (NAS) applications use NFS as the file system structure and allow network storage of data that can be “served” to an enterprise.
Various companies offer backup software which allow for “backing up” or copying files stored on an NFS for data protection. This backup software provides for both backup and recovery of files in the NFS. For example, Symantec/Veritas offers a product called Veritas NetBackup™ (or “NBU”). NetBackup performs backup and recovery of data using NDMP (Network Data Management Protocol). The NDMP protocol allows NDMP client software, such as Veritas NetBackup, to send messages over the network to an NDMP server application to initiate and control backup and restore operations.
The various types of backup software maintain a backup area for storing backup images and a catalog for storing metadata related to the backup. For example, the Veritas NetBackup™ software maintains an NBU catalog and NBU backup data area for storing metadata and backup images, respectively.
Backup software can create security issues for the data in an NFS share. For example, metadata and backup images in the NBU catalog and NBU backup data are exposed via the NFS protocol. From a security standpoint, it is undesirable to allow any interested party to access and/or casually browse this data. For example, competitors could easily gain access to the NBU catalog and backup images via this well understood and implemented protocol.
Therefore, improved methods are desired for providing security to data files and metadata maintained by network backup software.