Centralized role-based access control for storage servers

Assignee

• NetApp, Inc. · US

Inventors

• Joshua Flank · Redwood City, US
• Steven R. Klinkner · Palo Alto, US
• Benjamin Swartzlander · San Jose, US
• Timothy J. Thompson · San Jose, US
• Alan G. Yoder · Sunnyvale, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0281
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Centralized role-based access control (RBAC) for storage servers can include operating multiple storage servers, each configured to provide a set of clients with access to stored data, and using a separate network server to provide centralized RBAC. The network server may include an API proxy to proxy requests to access individual APIs of a storage server by an application which is external to the network server and the storage server and may control access to the individual APIs of the storage servers on a per-API, per-user and per-object basis. The API proxy may filter responses to API calls based on the access privileges of the user of the application which sent the API call. In some embodiments, the network server may implement a Windows domain server, an LDAP server or the like to evaluate security credentials of administrative users on behalf of multiple storage servers.