Method and apparatus for providing secure access to a computer system resource

Assignee

• EMC Corporation · US

Inventors

• Steven M. Blumenau · Holliston, US
• Christopher J. Hackett · Boylston, US
• Matthew J. D'Errico · Upton, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F9/5016
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Method and apparatus for managing access to one of a plurality of raw storage devices in a computer system including a host computer and a storage system. The computer system includes a plurality of logical volumes of data that are visible to the host computer and the storage system and are perceived by the host computer as comprising a plurality of raw storage devices. The host computer includes a file system/LVM mapping layer. In accordance with one aspect of the invention, a request, from a requester having less than system administrator access privileges, to perform an action directly on the one of the plurality of raw storage devices is granted, so that a logical channel is provided to directly access the one of the plurality of raw storage devices without the logical channel being mapped by the file system/LVM mapping layer. Another aspect is directed to a computer system including a host computer comprising an application layer including at least one application program. A plurality of volumes of storage are visible to the application layer, and access privileges less than the root access privileges are assigned to the at least one application program to access the plurality…