Abstract: Mechanisms are provided for performing a data replication operation to replicate data from a first data processing system to a second data processing system. The mechanisms store a compression ratio history in association with data to be replicated. The compression ratio history stores one or more compression ratios for one or more previously executed data replication operations. The mechanisms determine whether a data compression operation should be applied to the data for a current data replication operation based on the compression ratio(s) in the compression ratio history. In response to determining that data compression should be applied to the data, the data compression operation is performed and the compressed data is replicated to the second data processing system. In response to determining that data compression should not be applied, the data is replicated without compression.

Abstract: The method includes identifying, by one or more computer processors, a live file. The method further includes identifying, by one or more computer processors, a snapshot that corresponds to the live file. The method further includes amending, by one or more computer processors, data corresponding to the identified live file to include tracking data for the identified snapshot. The method further includes amending, by one or more computer processors, data corresponding to the identified snapshot of the live file to include tracking data for the identified live file. The method further includes determining, by one or more computer processors, a difference in the data between the identified live file and the identified snapshot. The method further includes amending, by one or more computer processors, the identified snapshot to include only the determined difference in data between the identified live file and the identified snapshot.

Abstract: Methods, systems, and computer program products are provided for performing a secure delete operation in a wide area network (WAN) including a cache site and a home site. A method includes identifying a file for deletion at the cache site, determining whether the file has a copy stored at the home site, detecting a location of the copy at the home site prior to a disconnection event of the cache site from the home site, deleting the file from the cache site during the disconnection event, and in response to the secure deletion of the file not being complete during the disconnection event, indicating on a table a remote inode number assigned to the copy associated with the file at the home site, a name under which the copy is saved, and a list of data chunk tuples specifying selected data of the copy to undergo secure deletion.

Abstract: In an approach to encryption key management, a computing device, responsive to a key storage condition, stores, in a cache memory, a first e/d key. The computing device receives a request to read a first file. The computing device, responsive to the request, accesses the first file, with the accessing of the first file including: accessing, from the cache memory, the first e/d key, decrypting the first file using the first e/d key and a second e/d key, and accessing the decrypted version of the first file.

Abstract: Methods, systems, and computer program products are provided for performing a secure delete operation in a wide area network (WAN) including a cache site and a home site. A method includes identifying a file for deletion at the cache site, determining whether the file has a copy stored at the home site, detecting a location of the copy at the home site prior to a disconnection event of the cache site from the home site, deleting the file from the cache site during the disconnection event, and in response to the secure deletion of the file not being complete during the disconnection event, indicating on a table a remote inode number assigned to the copy associated with the file at the home site, a name under which the copy is saved, and a list of data chunk tuples specifying selected data of the copy to undergo secure deletion.

Abstract: Methods, systems, and computer program products are provided for performing a secure delete operation in a wide area network (WAN) including a cache site and a home site. A method includes identifying a file for deletion at the cache site, determining whether the file has a copy stored at the home site, detecting a location of the copy at the home site prior to a disconnection event of the cache site from the home site, deleting the file from the cache site during the disconnection event, and in response to the secure deletion of the file not being complete during the disconnection event, indicating on a table a remote inode number assigned to the copy associated with the file at the home site, a name under which the copy is saved, and a list of data chunk tuples specifying selected data of the copy to undergo secure deletion.

Abstract: In an approach to encryption key management, a computing device, responsive to a key storage condition, stores, in a cache memory, a first e/d key. The computing device receives a request to read a first file. The computing device, responsive to the request, accesses the first file, with the accessing of the first file including: accessing, from the cache memory, the first e/d key, decrypting the first file using the first e/d key and a second e/d key, and accessing the decrypted version of the first file.

Abstract: The method includes identifying, by one or more computer processors, a live file. The method further includes identifying, by one or more computer processors, a snapshot that corresponds to the live file. The method further includes amending, by one or more computer processors, data corresponding to the identified live file to include tracking data for the identified snapshot. The method further includes amending, by one or more computer processors, data corresponding to the identified snapshot of the live file to include tracking data for the identified live file. The method further includes determining, by one or more computer processors, a difference in the data between the identified live file and the identified snapshot. The method further includes amending, by one or more computer processors, the identified snapshot to include only the determined difference in data between the identified live file and the identified snapshot.

Abstract: Mechanisms are provided for performing a data replication operation to replicate data from a first data processing system to a second data processing system. The mechanisms store a compression ratio history in association with data to be replicated. The compression ratio history stores one or more compression ratios for one or more previously executed data replication operations. The mechanisms determine whether a data compression operation should be applied to the data for a current data replication operation based on the compression ratio(s) in the compression ratio history. In response to determining that data compression should be applied to the data, the data compression operation is performed and the compressed data is replicated to the second data processing system. In response to determining that data compression should not be applied, the data is replicated without compression.

Abstract: Methods, systems, and computer program products are provided for performing a secure delete operation in a wide area network (WAN) including a cache site and a home site. A method includes identifying a file for deletion at the cache site, determining whether the file has a copy stored at the home site, detecting a location of the copy at the home site prior to a disconnection event of the cache site from the home site, deleting the file from the cache site during the disconnection event, and in response to the secure deletion of the file not being complete during the disconnection event, indicating on a table a remote inode number assigned to the copy associated with the file at the home site, a name under which the copy is saved, and a list of data chunk tuples specifying selected data of the copy to undergo secure deletion.

Abstract: Provided are a computer program product, system, and method for allocating network bandwidth to prefetch requests to prefetch data from a remote storage to cache in a local storage. A determination is made of access rates for applications accessing a plurality of files, wherein the access rate is based on a rate of application access of the file over a period of time. A determination is made of an access rate weight for each of the files based on the access rates of the plurality of files. The determined access rate weight for each of the files is used to determine network bandwidth to assign to access the files from the remote storage to store in the local storage.

Abstract: Provided are a computer program product, system, and method for using different secure erase algorithms to erase chunks from a file associated with different security levels. A request is received to secure erase a file having a plurality of chunks stored in at least one storage device. A determination is made of a first secure erase algorithm to apply to a first chunk in the file in response to the request and of a second secure erase algorithm to apply to a second chunk in the file in response to the request. The first secure erase algorithm is applied to erase the first chunk and the second secure erase algorithm is applied to erase the second chunk. The first and second secure erase algorithms use different processes to erase the chunks to which they are applied.

Abstract: Provided are a computer program product, system, and method for allocating network bandwidth to prefetch requests to prefetch data from a remote storage to cache in a local storage. A determination is made of access rates for applications accessing a plurality of files, wherein the access rate is based on a rate of application access of the file over a period of time. A determination is made of an access rate weight for each of the files based on the access rates of the plurality of files. The determined access rate weight for each of the files is used to determine network bandwidth to assign to access the files from the remote storage to store in the local storage.

Abstract: Provided are a computer program product, system, and method for using different secure erase algorithms to erase chunks from a file associated with different security levels. A request is received to secure erase a file having a plurality of chunks stored in at least one storage device. A determination is made of a first secure erase algorithm to apply to a first chunk in the file in response to the request and of a second secure erase algorithm to apply to a second chunk in the file in response to the request. The first secure erase algorithm is applied to erase the first chunk and the second secure erase algorithm is applied to erase the second chunk. The first and second secure erase algorithms use different processes to erase the chunks to which they are applied.

Abstract: Provided are a method, system, and computer program product for providing multiple authentications to authenticate users with respect to a system and file systems offered through the system. A request is received from a user to access a system, wherein the system provides access to a plurality of file systems. A first authentication of the user with respect to the system is performed. In response to success of the first authentication with respect to the system, a request by the user is received to access a selected one of the file systems. A second authentication is performed of the user with respect to the selected file system. The user is allowed access to the selected file system in response to success of the second authentication.

Abstract: Provided are a computer program product, system, and method for determining priorities for cached objects to order the transfer of modifications of cached objects based on measured network bandwidth. Objects are copied from a primary site to a secondary site to cache at the secondary site. The primary site includes a primary server and primary storage and the secondary site includes a secondary server and a secondary storage. Priorities are received from the secondary server for the objects at the secondary site based on determinations made by the secondary server with respect to the objects cached at the secondary storage. A determination is made of modifications to the objects at the primary storage that are cached at the secondary storage. The received priorities for the objects from the secondary server are used to control a transfer of the determined modifications to the objects to the secondary server.

Abstract: Provided are a computer program product, system, and method for determining priorities for cached objects to order the transfer of modifications of cached objects based on measured network bandwidth. Objects are copied from a primary site to a secondary site to cache at the secondary site. The primary site includes a primary server and primary storage and the secondary site includes a secondary server and a secondary storage. Priorities are received from the secondary server for the objects at the secondary site based on determinations made by the secondary server with respect to the objects cached at the secondary storage. A determination is made of modifications to the objects at the primary storage that are cached at the secondary storage. The received priorities for the objects from the secondary server are used to control a transfer of the determined modifications to the objects to the secondary server.

Abstract: Provided are a method, system, and computer program product for providing multiple authentications to authenticate users with respect to a system and file systems offered through the system. A request is received from a user to access a system, wherein the system provides access to a plurality of file systems. A first authentication of the user with respect to the system is performed. In response to success of the first authentication with respect to the system, a request by the user is received to access a selected one of the file systems. A second authentication is performed of the user with respect to the selected file system. The user is allowed access to the selected file system in response to success of the second authentication.

Abstract: Provided are a computer program product, system, and method for using different secure erase algorithms to erase chunks from a file associated with different security levels. A request is received to secure erase a file having a plurality of chunks stored in at least one storage device. A determination is made of a first secure erase algorithm to apply to a first chunk in the file in response to the request and of a second secure erase algorithm to apply to a second chunk in the file in response to the request. The first secure erase algorithm is applied to erase the first chunk and the second secure erase algorithm is applied to erase the second chunk. The first and second secure erase algorithms use different processes to erase the chunks to which they are applied.

Abstract: Provided are a method, system, and computer program product for providing multiple authentications to authenticate users with respect to a system and file systems offered through the system. A request is received from a user to access a system, wherein the system provides access to a plurality of file systems. A first authentication of the user with respect to the system is performed. In response to success of the first authentication with respect to the system, a request by the user is received to access a selected one of the file systems. A second authentication is performed of the user with respect to the selected file system. The user is allowed access to the selected file system in response to success of the second authentication.