公开(公告)号：US20240303381A1

公开(公告)日：2024-09-12

申请号：US18181721

申请日：2023-03-10

申请人： Dell Products, L.P.

发明人： Viswanath Ponnuru ,  Chandrashekar Nelogal ,  Dharma Bhushan Ramaiah ,  Vineeth Radhakrishnan ,  Mini Thottunkal Thankappan ,  Rama Rao Bisa ,  Shinose Abdul Rahiman

IPC分类号： G06F21/85 ,  G06F13/40 ,  G06F13/42

CPC分类号： G06F21/85 ,  G06F13/4027 ,  G06F13/4282

摘要： According to embodiments of the present disclosure, systems and methods to manage Security Protocol and Data Model (SPDM) secure communication sessions are provided. According to one embodiment, an Information Handling System (IHS) includes a Security Protocol and Data Model (SPDM)-enabled device conforming to a SPDM specification in which the SPDM-enabled device has a specified quantity of supported private communication sessions. The IHS also includes computer-executable instructions to, when an application requests use of one of the private communication sessions, determine whether one of the private communication sessions is available, and enable the application to communicate with the SPDM-enabled device through the one private communication session based on the determination.

公开(公告)号：US20230342504A1

公开(公告)日：2023-10-26

申请号：US17729732

申请日：2022-04-26

申请人： Dell Products L.P.

发明人： Deepu Syam Sreedhar M ,  Chandrashekar Nelogal ,  Marcelo S. Saraiva ,  Sanjeev S. Dambal

IPC分类号： G06F21/78

CPC分类号： G06F21/78

摘要： In general, embodiments of the invention relate to a method and system for managing a storage system. In many traditional implementations host bus adapter (HBA) manages the storage device, however frequently the HBA cannot implement the necessary methods to secure a self-encrypting drive (SED). One or more embodiments of the invention use a baseboard management controller (BMC) to manage the security of the SEDs as well as the security life cycle of the SEDs, while the HBA acts as a passthrough conduit between the SED and BMC.

公开(公告)号：US11720517B2

公开(公告)日：2023-08-08

申请号：US17511163

申请日：2021-10-26

申请人： Dell Products, L.P.

发明人： Austin P. Bolen ,  Chandrashekar Nelogal ,  Kevin Thomas Marks

IPC分类号： G06F13/42

CPC分类号： G06F13/4221 ,  G06F2213/0026

摘要： An information handling system bus port above a subject information handling system bus device may host an information handling system bus out of band message access control list of information handling system bus target device identifiers of other information handling system bus connected devices that the subject device is permitted to communicate with. The port may compare an information handling system bus target device identification field in out of band messages from the subject device to the list and route only out of band messages from the subject device in which the target device identification in the target device identification field is on the access control list through the information handling system bus. The port may discard (and generate error notifications, statuses, etc.) for out of band messages in which the target device identification in the target device identification field is not on the access control list.

公开(公告)号：US20230237204A1

公开(公告)日：2023-07-27

申请号：US17580907

申请日：2022-01-21

申请人： Dell Products L.P.

发明人： Mukund Khatri ,  Sanjeev S. Dambal ,  Chandrashekar Nelogal ,  Karthikeyan Rajagopalan ,  Craig Warren Phelps

IPC分类号： G06F21/78 ,  G06F21/60 ,  G06F21/31 ,  G06F3/06

CPC分类号： G06F21/78 ,  G06F21/602 ,  G06F21/31 ,  G06F3/0622 ,  G06F3/0632 ,  G06F3/0673 ,  G06F2221/0751

摘要： A method for managing a storage system includes initiating, by a hardware resource manager, a boot-up of a storage controller managing the storage system comprising a plurality of storage devices, making a determination, by the storage controller, that the storage controller is in a secured mode, based on the determination: identifying a security state of each of the plurality of storage devices, determining that a storage device of the plurality of storage devices is in an unsecured state, and based on the unsecured state, sending, by the storage controller, a security operation request for securing the storage device, obtaining a secure state response from the hardware resource manager corresponding to securing the storage device, and based on the secure state response, resuming operation of the storage controller based on the secure mode.

公开(公告)号：US20230126468A1

公开(公告)日：2023-04-27

申请号：US17511163

申请日：2021-10-26

申请人： Dell Products, L.P.

发明人： Austin P. Bolen ,  Chandrashekar Nelogal ,  Kevin Thomas Marks

IPC分类号： G06F13/42

摘要： An information handling system bus port above a subject information handling system bus device may host an information handling system bus out of band message access control list of information handling system bus target device identifiers of other information handling system bus connected devices that the subject device is permitted to communicate with. The port may compare an information handling system bus target device identification field in out of band messages from the subject device to the list and route only out of band messages from the subject device in which the target device identification in the target device identification field is on the access control list through the information handling system bus. The port may discard (and generate error notifications, statuses, etc.) for out of band messages in which the target device identification in the target device identification field is not on the access control list.

公开(公告)号：US20230087829A1

公开(公告)日：2023-03-23

申请号：US17477622

申请日：2021-09-17

申请人： Dell Products L.P.

发明人： Viswanath Ponnuru ,  Chandrashekar Nelogal ,  Chandrasekhar Mugunda ,  Dharma Bhushan Ramaiah ,  Shinose Abdul Rahiman ,  Vineeth Radharisknan ,  Rama Rao Bisa

IPC分类号： G06F21/57 ,  G06F21/44 ,  G06F21/64 ,  G06F21/60

摘要： A system and method are disclosed for delegating, by a resource-constrained device, a privilege to a basic input/output system, wherein the privilege allows the basic input/output system to authenticate an endpoint device on behalf of the resource-constrained device. The system and method also includes generating an asymmetric security key that includes a private key and a public key and transmitting the public key to the basic input/output system, wherein the public key is included in a proxy certificate generated by the basic input/output system. In addition, the system and method includes establishing a secure session between the basic input/output system and the endpoint device using the private key and the proxy certificate, wherein the secure session is used by the basic input/output system to authenticate and verify that the endpoint device is authorized to perform an operation.

公开(公告)号：US11500718B2

公开(公告)日：2022-11-15

申请号：US17238708

申请日：2021-04-23

申请人： Dell Products L.P.

发明人： Gary Benedict Kotzur ,  William Emmett Lynn ,  Kevin Thomas Marks ,  Chandrashekar Nelogal ,  James Peter Giannoules ,  Austin Patrick Bolen

IPC分类号： G06F11/00 ,  G06F11/10 ,  G06F3/06 ,  G06F13/28

摘要： A RAID storage controller storage-device-assisted data update system includes a RAID storage controller device coupled to a host system and RAID storage devices in a “look aside” RAID storage controller device configuration. Based on command(s) from the RAID storage controller device, a first RAID primary data storage device may perform a first DMA operation to access first primary data stored on the host system, and write the first primary data to its first buffer subsystem. The first RAID primary data storage device may then perform a first XOR operation using the first primary data stored in its first buffer subsystem and second primary data stored in its first storage subsystem in order to produce first interim parity data, and write the first interim parity data to its second buffer subsystem. The first RAID primary data storage device may then update the second primary data with the first primary data.

公开(公告)号：US11436086B2

公开(公告)日：2022-09-06

申请号：US17308390

申请日：2021-05-05

申请人： Dell Products L.P.

发明人： Gary Benedict Kotzur ,  William Emmett Lynn ,  Kevin Thomas Marks ,  Chandrashekar Nelogal ,  James Peter Giannoules ,  Austin Patrick Bolen

IPC分类号： G06F11/10 ,  G11C29/52 ,  G11C29/04 ,  H04L1/00 ,  H03M13/00 ,  H03M13/11 ,  G11C16/26 ,  G11C16/34 ,  G11C16/04 ,  G11C11/56 ,  G06F13/28

摘要： A RAID storage-device-assisted deferred parity data update system includes a RAID primary data drive that retrieves second primary data via a DMA operation from host system, and XOR's it with first primary data to produce first interim parity data, which causes a RAID storage controller device to provide an inconsistent parity stripe journal entry in the host system. The RAID primary data drive then retrieves third primary data via a DMA operation from the host system, XORs it with the second primary data and the first interim parity data to produce second interim parity data. A RAID parity data drive retrieves the second interim parity data via a DMA operation, and XORs it with first parity data to produce second parity data that it uses to overwrite the first parity data, which causes the RAID storage controller device to remove the inconsistent parity stripe journal entry from the host system.

公开(公告)号：US20210311663A1

公开(公告)日：2021-10-07

申请号：US16839428

申请日：2020-04-03

申请人： Dell Products L.P.

发明人： Gary Benedict Kotzur ,  William Emmett Lynn ,  Kevin Thomas Marks ,  Chandrashekar Nelogal ,  James Peter Giannoules ,  Austin Patrick Bolen

IPC分类号： G06F3/06 ,  G06F9/30 ,  G06F11/10

摘要： An autonomous RAID data storage system includes a RAID storage controller device that communicates with RAID data storage devices in order to configure them to perform direct command operations with each other. A first RAID data storage device receives a multi-step command from the RAID storage controller device and performs a first subset of operations associated with the multi-step command, while also performing direct command operations with a second RAID data storage device in order to cause it to perform a second subset of operations associated with the multi-step command, When the first RAID data storage device completes the first subset of operations and receives a first completion communication from the second RAID data storage device that indicates that the second subset of operations are completed, it sends a second completion communication to the RAID storage controller device that indicates that the multi-step command is completed.

公开(公告)号：US20210311662A1

公开(公告)日：2021-10-07

申请号：US16838919

申请日：2020-04-02

申请人： Dell Products L.P.

发明人： Gary Benedict Kotzur ,  William Emmett Lynn ,  Kevin Thomas Marks ,  Chandrashekar Nelogal ,  James Peter Giannoules ,  Austin Patrick Bolen

IPC分类号： G06F3/06

摘要： A RAID data storage device multi-step command coordination system includes a RAID storage controller device that generates and transmits a first multi-step command that includes a barrier instruction, and a second multi-step command that includes a notification instruction. A first RAID data storage device receives the first multi-step command, identifies the barrier instruction in the first multi-step command and, in response, pauses performance of first multi-step command. A second RAID data storage device receives the second multi-step command, identifies the notification instruction in the second multi-step command and, in response, transmits a notification to the first RAID data storage device. While pausing the performance of the first multi-step command, the first RAID data storage device determines that the notification has been received and, in response, resumes the performance of the first multi-step command.