Abstract: Techniques for achieving tenant data confidentiality in a cloud environment are presented. A daemon process within a Tenant Storage Machine (TSM) manages a key store for a particular tenant of a cloud storage environment having multiple other tenants. Just TSM storage processes are given access to the key store. Data is decrypted for the particular tenant when access is needed and data is encrypted using encryption keys of the key store when written in the cloud storage environment.
Type:
Grant
Filed:
September 12, 2012
Date of Patent:
February 23, 2016
Assignee:
CloudByte, Inc.
Inventors:
Umasankar Mukkara, Felix Xavier, Shyamsundar Ranganathan
Abstract: Techniques for translating Service Level Agreement (SLA) policy into storage controller requirements within a cloud storage environment are presented. System resource metrics for a storage controller are derived. The SLA policy is defined in terms of SLA parameters. Heuristics are used to translate the SLA parameters into defined percentages of system resources for the storage controller, which are compared to the system resource metrics and adjustments are updates are made as needed.
Type:
Grant
Filed:
September 18, 2012
Date of Patent:
December 22, 2015
Assignee:
CloudByte, Inc.
Inventors:
Felix Xavier, Umasankar Mukkara, Shyamsundar Ranganathan
Abstract: Techniques for tenant-bases storage security and service level assurances in a cloud environment are presented. A Tenant Storage Machine (TSM) for each tenant uses a unique identifier. The TSM is dynamically allocated with operating system resources to run processes based on agreed service level assurances. The service level assurances are stored in a Service Level Assurance (SLA) policy store. The TSM communicates with the SLA policy store via a TSM bus to acquire a SLA policy configured for the tenant and based on which resources are dynamically allocated. Processes running under the TSM run with root privileges to provide security.
Type:
Grant
Filed:
July 26, 2012
Date of Patent:
September 22, 2015
Assignee:
CloudByte, Inc.
Inventors:
Umasankar Mukkara, Felix Xavier, Srivibhavan Balaram, Shailesh Bam
Abstract: Techniques for achieving storage and network isolation in a cloud environment are presented. A single Internet Protocol (IP) address is presented to multiple storage tenants that use storage in a cloud environment. When each tenant accesses the IP address, a specific identity of the tenant is resolved and the storage stack for that tenant is sent to the tenant's storage machine having the tenant's storage. The tenant is directly connected to its tenant storage machine thereafter.
Abstract: Techniques for achieving high availability (HA) in a cloud environment are presented. Cloud storage provided to multiple tenants is accessed via a plurality of controllers via a switch. The controllers are organized in a ring and each controller is responsible for detecting failures in adjoining controllers within the ring. Storage services for the tenants are serviced without disruptions even when multiple nodes completely fail at the same time.
Type:
Grant
Filed:
September 7, 2012
Date of Patent:
October 14, 2014
Assignee:
CloudByte, Inc.
Inventors:
Felix Xavier, Umasankar Mukkara, Vishnu Govind Attur
Abstract: Techniques for achieving high availability (HA) in a cloud environment are presented. Cloud storage provided to multiple tenants is accessed via a plurality of controllers via a switch. The controllers are organized in a ring and each controller is responsible for detecting failures in adjoining controllers within the ring. Storage services for the tenants are serviced without disruptions even when multiple nodes completely fail at the same time.
Type:
Application
Filed:
September 7, 2012
Publication date:
March 21, 2013
Applicant:
CloudByte, Inc.
Inventors:
Felix Xavier, Umasankar Mukkara, Vishnu Govind Attur
Abstract: Techniques for achieving parallel scalability, storage capacity, and improved storage performance in a multi-tenant storage cloud environment are presented. A Tenant Storage Machine (TSM) of a tenant for the multi-tenant storage cloud environment is portable and can be dynamically detached from one or more storage controllers and dynamically moved to provide scalability, capacity, and improved storage performance.
Type:
Application
Filed:
September 18, 2012
Publication date:
March 21, 2013
Applicant:
CLOUDBYTE, INC.
Inventors:
Felix Xavier, Umasankar Mukkara, Ratna Kiran Mova
Abstract: Techniques for ensuring performance metrics are met by resources in a multi-tenant storage controller are presented. Each resource of the multi-tenant storage controller is tracked on a per tenant bases. Usage limits are enforced on per resource and per tenant bases for the multi-tenant storage controller.
Abstract: Techniques for managing and monitoring multi-tenant storage in a cloud environment are presented. Storage resources are monitored on a per tenant bases and as a whole for the cloud environment. New and existing administrative types can be dynamically created and managed within the cloud environment.
Type:
Application
Filed:
September 14, 2012
Publication date:
March 21, 2013
Applicant:
CLOUDBYTE, INC.
Inventors:
Umasankar Mukkara, Felix Xavier, Ratna Kiran Mova
Abstract: Techniques for translating Service Level Agreement (SLA) policy into storage controller requirements within a cloud storage environment are presented. System resource metrics for a storage controller are derived. The SLA policy is defined in terms of SLA parameters. Heuristics are used to translate the SLA parameters into defined percentages of system resources for the storage controller, which are compared to the system resource metrics and adjustments are updates are made as needed.
Type:
Application
Filed:
September 18, 2012
Publication date:
March 21, 2013
Applicant:
CLOUDBYTE, INC.
Inventors:
Felix Xavier, Umasankar Mukkara, Shyamsundar Ranganathan
Abstract: Techniques for achieving storage and network isolation in a cloud environment are presented. A single Internet Protocol (IP) address is presented to multiple storage tenants that use storage in a cloud environment. When each tenant accesses the IP address, a specific identity of the tenant is resolved and the storage stack for that tenant is sent to the tenant's storage machine having the tenant's storage. The tenant is directly connected to its tenant storage machine thereafter.
Abstract: Techniques for tenant-bases storage security and service level assurances in a cloud environment are presented. A Tenant Storage Machine (TSM) for each tenant uses a unique identifier. The TSM is dynamically allocated with operating system resources to run processes based on agreed service level assurances. The service level assurances are stored in a Service Level Assurance (SLA) policy store. The TSM communicates with the SLA policy store via a TSM bus to acquire a SLA policy configured for the tenant and based on which resources are dynamically allocated. Processes running under the TSM run with root privileges to provide security.
Type:
Application
Filed:
July 26, 2012
Publication date:
February 7, 2013
Applicant:
CLOUDBYTE, INC.
Inventors:
Umasankar Mukkara, Felix Xavier, Srivibhavan Balaram, Shailesh Bam
Abstract: Techniques for achieving tenant data confidentiality in a cloud environment are presented. A daemon process within a Tenant Storage Machine (TSM) manages a key store for a particular tenant of a cloud storage environment having multiple other tenants. Just TSM storage processes are given access to the key store. Data is decrypted for the particular tenant when access is needed and data is encrypted using encryption keys of the key store when written in the cloud storage environment.
Type:
Application
Filed:
September 12, 2012
Publication date:
December 27, 2012
Applicant:
CloudByte,Inc.
Inventors:
Umasankar Mukkara, Felix Xavier, Shyamsundar Ranganathan