Abstract: A card can be communicationally coupled to a storage device. The card can then cause the storage device to perform stand-alone tasks without a computing device. The card can invoke instructions already present in the firmware of the storage device or the card can first copy instructions to the firmware and then invoke them. The card can cause the storage device to perform actions, such as a secure erase, and the storage device can remain inaccessible until such actions are performed, even if power is interrupted. The card can also receive information from the storage devices and then use that information with a new storage device to, for example, enable the new storage device to take the place of, and reconstruct the data of, the old storage device in a storage array directly from other storage devices in the array and without burdening a computing device or array controller.

Abstract: An access control device can be communicationally coupled to a storage device and can control access thereto. The access control device can comprise information, such as identities of authorized entities, to enable the access control device to independently determine whether to provide access to an associated storage device. Alternatively, the access control device can comprise information to establish a secure connection to an authorization computing device and the access control device can implement the decisions of the authorization computing device. The access control device can control access by instructing a storage device to execute specific firmware instructions to prevent meaningful responses to data storage related requests. The access control device can also comprise storage-related cryptographic information utilized by the storage device to encrypt and decrypt data.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: An access control device can be communicationally coupled to a storage device and can control access thereto. The access control device can comprise information, such as identities of authorized entities, to enable the access control device to independently determine whether to provide access to an associated storage device. Alternatively, the access control device can comprise information to establish a secure connection to an authorization computing device and the access control device can implement the decisions of the authorization computing device. The access control device can control access by instructing a storage device to execute specific firmware instructions to prevent meaningful responses to data storage related requests. The access control device can also comprise storage-related cryptographic information utilized by the storage device to encrypt and decrypt data.

Abstract: A multi-device storage system can be arranged into power saving systems by placing one or more storage devices into a reduced power consuming state when the storage activity associated with the system is sufficiently reduced that an attendant decrease in throughput will not materially affect users of the storage system. Where data redundancy is provided for, a redundant storage device can be placed into the reduced power consuming state and its redundancy responsibilities can be transitioned to a partition of a larger storage device. Such transitions can be based on specific parameters, such as write cycles or latency, crossing thresholds, including upper and lower thresholds, they can also be based on pre-set times, or a combination thereof. Lifecycle information, including lifecycle information collected in real-time by storage devices on a block-by-block basis, can be utilized to obtain historical empirical data from which to select the pre-set times.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: An access control device can be communicationally coupled to a storage device and can control access thereto. The access control device can comprise information, such as identities of authorized entities, to enable the access control device to independently determine whether to provide access to an associated storage device. Alternatively, the access control device can comprise information to establish a secure connection to an authorization computing device and the access control device can implement the decisions of the authorization computing device. The access control device can control access by instructing a storage device to execute specific firmware instructions to prevent meaningful responses to data storage related requests. The access control device can also comprise storage-related cryptographic information utilized by the storage device to encrypt and decrypt data.

Abstract: A card can be communicationally coupled to a storage device. The card can then cause the storage device to perform stand-alone tasks without a computing device. The card can invoke instructions already present in the firmware of the storage device or the card can first copy instructions to the firmware and then invoke them. The card can cause the storage device to perform actions, such as a secure erase, and the storage device can remain inaccessible until such actions are performed, even if power is interrupted. The card can also receive information from the storage devices and then use that information with a new storage device to, for example, enable the new storage device to take the place of, and reconstruct the data of, the old storage device in a storage array directly from other storage devices in the array and without burdening a computing device or array controller.

Abstract: A multi-device storage system can be arranged into power saving systems by placing one or more storage devices into a reduced power consuming state when the storage activity associated with the system is sufficiently reduced that an attendant decrease in throughput will not materially affect users of the storage system. Where data redundancy is provided for, a redundant storage device can be placed into the reduced power consuming state and its redundancy responsibilities can be transitioned to a partition of a larger storage device. Such transitions can be based on specific parameters, such as write cycles or latency, crossing thresholds, including upper and lower thresholds, they can also be based on pre-set times, or a combination thereof. Lifecycle information, including lifecycle information collected in real-time by storage devices on a block-by-block basis, can be utilized to obtain historical empirical data from which to select the pre-set times.

Abstract: A storage system can comprise multiple storage devices with differing characteristics, including differing power-related characteristics. A storage power manager can redirect Input/Output (I/O) communications to storage devices to maximize the power efficiency of the storage system. The storage power manager can reference metadata associated with the data of an I/O request, as well as power-related data, including continuously varying data and storage device characteristics, to select one or more storage devices to which to redirect the I/O. The storage power manager can also move or copy data between storage devices to facilitate maximum utilization of power efficient storage devices with limited storage capacity and to enable the placing of one or more storage devices into a reduced power consuming state. The moving or copying of data can be performed with reference to lifecycle information to identify data that has changed since a storage device was last active.

Abstract: A secure container can comprise a security server, one or more container servers, and one or more sensors that can detect a breach of the physically secure computing environment provided by the container. A management server external to the container can be informed when the container is sealed and authorized and can subsequently provide a cryptographic key enabling the security server in the container to boot. Each container server can request and receive a cryptographic key from the security server enabling them to boot. If the container is breached, such keys can be withheld and any computing device that is powered off, or restarted, will be unable to complete a subsequent boot. If the container loses a support system and is degraded, so long as the security server does not lose power, it can provide the cryptographic keys to container servers restarted after the degradation is removed.

Abstract: A LUN is provided that can store multiple datasets (e.g., data and/or applications, such as virtual machines stored as virtual hard drives). The LUN is partitioned into multiple partitions. One or more datasets may be stored in each partition. As a result, multiple datasets can be accessed through a single LUN, rather than through a number of LUNs proportional to the number of datasets. Furthermore, the datasets stored in the LUN may be pivoted. A second LUN may be generated that is dedicated to storing a dataset of the multiple datasets stored in the first LUN. The dataset is copied to the second LUN, and the second LUN is exposed to a host computer to enable the host computer to interact with the dataset. Still further, the dataset may be pivoted from the second LUN back to a partition of the first LUN.

Abstract: Storage devices can provide for hardware encryption and decryption of data stored by them. The hardware cryptographic functions can be applied with reference to cryptographic information of a communicationally, and physically, separable key device. Disconnection of the separable key device can render encrypted data inaccessible. Destruction of the separable key device can result in virtual destruction of the encrypted data. The cryptographic information on the separable key device can be provided by a storage device manufacturer, or by a provisioning computing device. The separable key device can be directly communicationally coupled to a provisioning computing device or it can establish a secure communication tunnel with the provisioning device through a computing device to which the separable key device is communicationally coupled. Cryptographic information can be provided by, and deleted from, the provisioning computing device prior to completion of the booting of that device.