JP2009526286A - Long-term backup on disk - Google Patents

Abstract

  A backup appliance for verifying and restoring computed data includes a computer attached to a computer network, a first storage medium for storing the computed data, and a second storage medium. The second storage medium is partitioned into storage bins. Each storage bin is operably attached (mounted) to the computer or operably removed (unmounted) from the computer. When the computer's processor stores a computed copy of the data in one of the storage bins, the storage bin is operably attached or mounted for read operations only, and the copy parameters (eg, checksum) ) Stored value is maintained. The processor periodically compares the stored value with the corresponding value of the computer data parameter. When a mismatch between a stored value and a corresponding value is detected, if the mismatch occurs from the calculated data, the calculated data is restored from the copy, and a mismatch occurs from the copy (I) restore the copy from the computed data, or (ii) restore another copy of the computed data in another storage bin. The storage bin is operably attached (mounted) for write operations to update the copy. The logging mechanism documents all phases of operably attaching to the storage bin for write operations for inspection applications.

Description

  The present invention relates to storage of computed data. In particular, the present invention provides long-term backup and storage of computed data while maintaining data availability for several years for inspection applications and historical data information retrieval.

  Backup operations in enterprise data networks are often time consuming, expensive and unreliable operations. As the amount of data generated by the average enterprise is increasing, the time available for backup is decreasing and backups are expected to occur more frequently. In order to build an effective data protection system, in addition to the recurring costs of data storage media such as tape media, a significant investment in servers, networks, tape technology and skilled personnel is required. Tape backup and restore operations are often expensive and reduce productivity because they often interfere with business operations and data availability. Tape restore operations often fail due to the low reliability of physical media. There is typically no automatic checking procedure, so if there is a need for restoration, there are many cases where old tapes are lost or all the necessary related data is missing.

  Similarly, one problem for data recovery operations is that the recovery operations are extremely slow and labor intensive: most recovery operations typically involve small amounts of files such as single files or directories. Intended for data. However, to restore these data, the appropriate tape or tape set must be placed and mounted. Also, sufficient disk space must be allocated to restore all volumes of data, all volumes must be restored, and then the desired file or directory must be placed. Often, the entire process will have to be repeated until the desired file is located. In addition, restoring a failed or corrupted volume requires its own dedicated block-level backup and restore process because file level backups cannot restore system files.

  US Patent Application Publication No. 2005/0216788, entitled Fast Backup Storage and Fast Data Recovery Method (FBSRD), is hereby incorporated by reference as if set forth in its entirety for all purposes. It is included in the book. FBSRD is coupled to the network along with servers and workstations and operates in both storage mode and restore mode. The FBSRD includes a first storage, repository, and backup alliance (BA) computer that executes a backup application. In storage mode, data is retrieved from the first storage for backup by taking a snapshot. The retrieved data is stored in the repository in block format. In the restoration mode, the backup data is taken out from the repository and restored to the first storage by either the block format or the file format. The BA is executed interactively together with an agent computer program operating on a server and a workstation, and a backup user interface management computer program operated by a user.

  Due to regulatory compliance and legal enforcement, business data must be stored for a long time in a reliable and accessible manner.

  The US Department of Health and Human Services (HHS) promulgated the privacy standards (Privacy Rules) for personally identifiable medical information and enforced the requirements of the Act on Transfer and Accountability of Medical Insurance (HIPAA) in 1996. Privacy Regulation standards address the norm for the use and disclosure of personal medical information and the privacy rights of individuals who understand and manage how their medical information is used. The primary purpose of the privacy rules is to ensure that medical information is provided to the place where it is needed, promotes high-quality health care, while ensuring that personal medical information is legitimately protected. It is to protect hygiene and welfare.

  The 2002 Sarbanes-Oxley Act (Pub. L. No. 107-204, 116 Stat. 745, also known as the 2002 Listed Corporate Accounting Reform and Investor Protection Act (July 30, 2002)) US federal law that has been passed to address several large corporate accounting scandals that have resulted in the loss of public trust in accounting reporting practices, with special reference to the integrity, reliability, and information retrieval of stored business records. Have requirements.

  The United States Securities and Exchange Commission (SEC) Rule 17a-4 (in combination with 17a-3) of the Securities and Exchange Act of 1934 is a comprehensive agreement between brokers and distributors on each securities transaction and their securities business in general. Requires the creation and storage of such records so that they are readily available. These stored records are used by the SEC to monitor compliance with securities compliance laws, including anti-fraud regulations and compensation standards. To ensure compliance with SEC Rule 17a-4, the broker-seller must maintain and maintain a solid record for the required retention period and be overwritten, erased or altered. Records must be stored, and there must be an appropriate system for showing the audit trail of each record, and a certificate must be provided that the records have not been altered. .

  NASD (National Securities Dealers Association) is the first self-regulatory body delegated by the US Securities and Exchange Commission, responsible for the regulation of individuals and legal entities related to the securities industry in the United States. The NASD 3110 indicates that all books, calculations, records, in-house memos, and communication documents should be retained in the same format as specified in the SEC rule 17a-4 (that is, non-rewritable, non-erasable, stamped). Request. All e-mail and internet communications regarding broker / dealer transactions must be kept in an easily accessible location for at least three years and the first two years.

Part 11 of the Federal Administrative Ordinance Part 21 (CFR) promulgated by the US Food and Drug Administration (FDA) is that electronic records, electronic signatures, and handwritten signatures implemented on electronic records are reliable and reliable. It prescribes criteria that are considered equivalent to handwritten signatures made on paper and on paper.
US Patent Application Publication No. 2005/0216788

  Therefore, it guarantees integrity and availability for a pre-defined period of several years, provides backup and storage of computed data according to regulatory requirements, and provides data for inspection purposes. It is required to protect data while maintaining direct availability, and obtaining a system would be very advantageous.

Definitions The following terms are used in this specification:
Operating system (OS): A software program used to control computer resources such as input / output operations, memory resources and program execution.

  File system volume: A volume or fixed capacity storage used by the operating system to store and organize tracks of file system data such as directories and files.

Kernel: The kernel is the core component of most computer operating systems (OSs). The kernel manages system resources and communication between hardware and software components. The kernel, as an operating system infrastructure component, provides the lowest level abstraction layer for resources (eg, memory, processors, input / output devices) that an application must control in order to perform its functions. Make resources available to application processes via communication mechanisms and system calls.
(Http://en.wikipedia.org/wiki/Kernel_%28computer_science%29)

  SCSI (Small Computer System Interface) is a standard interface and command set for data transfer between devices on both internal and external computer buses. SCSI is most commonly used for hard disk and tape storage devices, but connects a wide range of other devices including scanners, printers, CD-ROM drives, CD recorders, DVD drives, and the like.

A checksum is a form of error detection that protects data integrity by detecting errors in the data, typically by summing the asserted bits and storing the calculated value. The simplest form of checksum, summing the assert bits in the data, cannot detect many types. In particular, such a checksum does not change due to: reordering of bytes in the message, insertion and deletion of zero-valued bytes, multiple errors summed to zero. More sophisticated types of error detection, including Fletcher checksum, Adler-32, and cyclic redundancy check (CRCs) are designed to address these weaknesses by considering not only the value of each byte but also its position. It has been done. The cost for the ability to detect more types of errors is the increased complexity of calculating error detection values. These types of error detection are useful in detecting accidental alterations such as stored data corruption and errors in the communication channel.
(Http://en.wikipedia.org/wiki/Checksum)

  Write-once-read-many (WORM) is a data storage technology that allows information to be written to the disk only once, preventing the drive from erasing and otherwise altering the data. It is.

  Computer: A machine that executes the instructions of a computer program recorded on a computer-readable medium and has a memory for storing the computer program, typically coupled to a communication link.

  A local area network (LAN) such as Ethernet (registered trademark) is used for communication between computers located in close proximity (typically 500 m or less).

  Storage Area Network (SAN): A dedicated network used to connect many computers and storage devices at high speed.

  Workstation: A computer that is attached to a LAN but not attached to a SAN.

  Server: A computer attached to a LAN and a SAN.

  Data block: A fixed size unit of multiple consecutive sectors accessed as a single unit. The data in the block format is organized as at least one continuous data block and is tagged with physical location information that is stored with the data. The block structure is flat in the sense that it does not have the relevance of blocks that become a higher level structure.

  First storage medium: A storage device (usually a block storage device such as a magnetic disk) that is used by a computer to store nonvolatile data.

  Second storage medium: A storage device or repository for storing data backed up from the first storage.

  The terms "restore" or "restoration" restore the original data block on storage attached to a networked server and / or workstation, as described above. Used to refer to that. Hereinafter, the terms “restore” and “restoration” refer to data that is restored between the first storage and the second storage, the first storage and the second Together, the storage forms part of the backup appliance of the present invention.

  The term “computer” refers hereinafter to a machine that performs the backup, verification, and restore processes of embodiments of the present invention, rather than a server computer or workstation computer, unless otherwise noted.

  The term “parameter” as used herein with reference to data is error detection or other value derived from the data to determine the integrity of the data.

  The terms “mount (as a verb)” and “operably attach” are used interchangeably herein.

  The terms “unmount” and “operably remove” are used interchangeably herein.

  In accordance with the present invention, a computerized method is provided for validating and restoring computed data stored in a backup appliance connected to a computer network. The backup appliance includes a computer connected to the computer network and a first storage medium connected to the computer and storing the computed data. The second storage medium is partitioned into storage bins. Each storage bin is operably attached or mounted to the computer or operably removed or unmounted from the computer. After the computed copy of the data is stored in one or more storage bins, the storage bins are operably attached only for read operations. The stored value is maintained for parameters such as a copy checksum. The stored value is periodically compared with the corresponding value of the parameter of the calculated data. When a discrepancy is detected between the stored value and the corresponding value, if the discrepancy occurs from the computed data, the computed data is restored from the copy, and a discrepancy occurs from the copy Either (i) a copy is restored from the computed data or (ii) another copy of the computed data is restored in another storage bin. Preferably, a storage bin is operably attached for write operations only for copy updates. The step of operably attaching to write operation is logged or documented for inspection applications. The backup is preferably performed by operably attaching a storage bin for a write operation. Computed data is backed up by writing the latest copy of computed data to the storage bin; and when the backup is complete, the storage bin is operably attached only for read operations It is done. All write operations to the second storage medium and all read operations from the second storage medium are preferably logged with the time stamp. If a failure is detected while writing to the storage bin, another copy of the computed data is preferably restored in the other storage bin.

  The second storage medium is preferably protected to prevent direct access using any of the operating system, file system manager and volume manager running on the computer. The protection preferably uses a software driver that controls all read and write operations to the second storage medium, such as a dedicated block level kernel driver, and the second storage only via a single I / O interface. This is done by accessing the medium. Protection is also preferably done by placing a private signature on the second storage medium, thereby hiding the contents of the second storage medium from the operating system, file system manager and volume manager. The The stored value of the parameter and the corresponding value include a checksum of the file of all copies and processed data, respectively.

  In accordance with the present invention, a backup appliance is provided that includes a computer, a first storage, and a second storage that is partitioned into storage bins for performing the methods disclosed herein.

  According to the present invention, for verifying and restoring calculated data, including a computer connected to a computer network, a first storage medium for storing the calculated data, and a second storage medium. A backup appliance is provided. The second storage medium is partitioned into a plurality of storage bins. Each storage bin is operably attached (mounted) to the computer or operably removed (unmounted) from the computer. When the computer's processor stores a computed copy of the data in one of the storage bins, the storage bin is operably attached or mounted for read operations only, and the copy parameters (eg, checksum) ) Stored value is maintained. The processor periodically compares the stored value with the corresponding value of the parameter of the calculated data. When a mismatch between a stored value and a corresponding value is detected, if the mismatch occurs from the calculated data, the calculated data is restored from the copy, and a mismatch occurs from the copy (I) restore the copy from the computed data, or (ii) restore another copy of the computed data in another storage bin. The stored value of the parameter and the corresponding value include a checksum or error detection value for each copy and calculated data file, respectively. The backup appliance is preferably operatively attached to the storage bin for write operations and a mechanism for operably attaching (mounting) the storage bin to write operations only for copy updates A logging mechanism that documents all stages for inspection use and a second storage medium that protects one of the operating system, file system manager and volume manager running on the computer And a protection mechanism that stops access to the used second storage mechanism. The protection mechanism preferably includes a software driver that controls all read and write operations to the second storage medium via a single input / output interface. The protection mechanism preferably places a private signature on the second storage medium, thereby hiding the contents of the second storage medium from the operating system, file system manager and volume manager running on the computer.

  According to the present invention, a program storage device readable by a machine, which tangibly embodies a program of instructions executable by the machine and stored in a first storage medium operably connected to a computer. A program storage device is provided that allows the methods disclosed herein to be performed for verification and restoration of the computed data.

  The present invention will now be described, by way of example only, with reference to the accompanying drawings.

  The present invention is an invention of a system and method for providing backup and storage of computed data. The present invention simplifies the processing of calculated data while ensuring integrity and availability for a predefined period spanning several years and complying with regulatory agency requirements for data integrity, data privacy and accountability. Provide long-term backup and storage with fast recovery. In particular, embodiments of the present invention use a storage repository that includes a set of storage media such as, for example, two disks (first disk and second disk). The first disk is typically managed by a conventional file system. The second disk stores a copy of the data on the first disk in a storage bin or small disk partition of the present invention that stores the data components in a static and protected form and is opened or written according to rules. The storage bin does not interact with the operating system in the conventional manner using a volume manager and / or file system manager. The storage bin is accessible only when requested using the software driver of the present invention that interacts at a physical level with a hardware interface of a storage medium such as SCSI. The first and second disks as a set can be arranged in different storage devices. Devices can be physically placed in separate rooms to allow further redundancy and can be connected to different power supplies.

  Embodiments of the present invention perform a process of automatic verification and self-healing of data stored in the first disk and in the second disk in the storage bin. Problems and / or corruptions are typically detected in backup snapshots stored on disk, typically all copies of files stored in storage bins on the second disk, and This is performed using data parameters such as error detection using a similar file stored in the first disk and checksum as an example. If the checksum indicates that one or more files in the storage bin are corrupted or tampered, the storage bin files can be recovered from the corresponding files in the first disk. Similarly, if one or more files in the first disk are corrupted, the files are restored from a copy in the storage bin. The automatic verification and self-repair process is preferably performed periodically in the background when the computer system is in a relatively inactive state.

  Some embodiments of the present invention perform Disk and Data Life Management (DDLM), which is the physical state or “health” of the disk, life span, or imminent It even monitors disk failures, performs automatic data relocation based on the physical state of the disk, and / or invalidates a preset current expiration period.

  Some embodiments of the present invention detect file system corruption and stop storage activity until the problem is identified and resolved.

  Embodiments of the present invention preferably include a reporting mechanism that indicates that the data in the repository is valid for regulatory purposes and for the peace of mind of the owner.

  Each repository disk storage has an expiration date, and data is moved from one physical disk to the other when it is about to expire or when it is indicated that the storage will soon fail.

  This document describes a backup storage medium connected directly to a local area or enterprise network as a stand-alone backup storage system. However, the principles of the present invention can be adapted and effective for use in a backup storage system connected to a storage area network or a wide area network. Furthermore, it should be noted that the storage mechanism can be any mechanism known in the prior art.

  The principles and operation of the system and method for providing computed data backup and storage of the present invention will be better understood with reference to the drawings and corresponding descriptions.

  Before describing embodiments of the present invention in detail, it is understood that the present invention is not limited in its application to the details of the design and arrangement of components set forth in the following description or drawings. Should. The present invention can be practiced or realized in other embodiments and in various ways. It is also to be understood that the terminology and terminology used herein is for the purpose of description and should not be regarded as limiting.

  Embodiments of the present invention include a general purpose or special purpose computer system that includes various computer hardware components, which will be described in more detail below. Embodiments within the scope of the present invention may also include a computer-readable medium for storing or retaining stored computer-executable instructions, computer-readable instructions or data structures. Such computer-readable media can include any available media that can be accessed by a general purpose or special purpose computer system. By way of example, and not limitation, such computer readable media include RAM, ROM, EPROM, CO-ROM or other optical disk storage, magnetic disk storage or other magnetic storage device, or any desired computer. Any other medium that can be used to store or store program code means in the form of executable instructions, computer readable instructions, or data structures and that can be accessed by a general purpose or special purpose computer system, etc. Mention may be made of physical media.

  In this specification and the claims that follow, a “network” is defined as any architecture that allows two or more computer systems to exchange data. The data exchanged can be in the form of electrical signals that are significant for two or more computer systems. If data is transferred or provided over a network or other communication connection (either wired or wireless or a combination of wired and wireless) to a computer system or computer device, the connection is suitable as a computer-readable medium. Considered. Therefore, any of the above-described connections is appropriately a computer-readable medium. Combinations of the above are also included within the scope of computer-readable media. Computer-executable instructions comprise, for example, instructions and data which cause a general purpose or special purpose computer system to perform a certain function or group of functions.

  In this specification and the claims that follow, the term “computer” or “computer system” refers to one or more software modules and one or more hardware modules that operate in conjunction to perform operations on electronic data. Or a combination of these. For example, a computer system definition includes software modules such as personal computer hardware components, personal computer operating systems, and the like. The physical configuration of the module is not important. The computer system can include one or more computers coupled via a computer network. Similarly, a computer system includes a single physical device (such as a cell phone or personal digital assistant “PDA”) that operates on electronic data with internal modules (such as a memory and processor) working together. be able to.

  Those skilled in the art will recognize that the present invention is a mobile phone, PDA, pager, handheld device, laptop computer, personal computer, multiprocessor system, microprocessor-based or programmable home appliance, network PC, minicomputer It will be appreciated that it can be implemented in a network computing environment with many types of computer system configurations, including mainframe computers and the like. The present invention also allows both local and remote computer systems to perform tasks linked via a communication network (either by wired or wireless links or by a combination of wireless or wired links). It can also be implemented in a distributed computing environment. In a distributed computing environment, program modules can be located in both local and remote memory storage devices.

  Implementation of the method and system of the present invention involves performing or completing selected tasks or steps manually, automatically, or a combination thereof. Furthermore, according to the actual apparatus and equipment of the preferred embodiment of the method and system of the present invention, some selected steps can be hardware, software on any firmware operating system, or a set of these. Can be implemented by matching. For example, as hardware, selected steps of the present invention can be implemented as a chip or circuit. As software, selected steps of the present invention can be implemented as a plurality of software instructions that are executed by a computer using a suitable operating system. In some cases, selected steps of the methods and systems of the present invention may be described as being performed by a data processor such as a computing platform for executing instructions in a plurality.

  Referring now to the drawings, FIG. 1 illustrates a network environment 10 according to an embodiment of the present invention. According to an embodiment of the present invention, the network environment 10 includes a network 100, for example a LAN, a workstation computer 106, a server 108, and a product stored on a product storage 114 attached to the server 108. And a backup storage system 101 that performs data backup. The backup storage system 101 or repository storage 101 is attached to the network 100 via a network interface 104 and includes a first storage medium 110 and a second storage medium 112 such as a magnetic storage disk. A suitable server 108 for embodiments of the present invention is an HP ProLiant DL380 G4 server. The repository storage that implements the first storage medium 110 and the second storage medium 112 is, for example, EMC CLARiiON CX500 (EMC Corporation, Hopkinton, Mass., USA) that provides storage that spans 64 terabytes.

  Reference is now made to FIG. 2, which schematically illustrates the backup storage system 101. The backup storage system 101 includes a processor 201, a storage mechanism including a memory bus 207 for storing information in the random access memory 209, and a network operably connected to the processor 201 by the peripheral device bus 203. Interface 104. The backup storage system 101 further includes a data input mechanism 205 such as a disk drive from a program storage device 213 such as an optical disk. The data input mechanism 205 is operably connected to the processor 201 by the peripheral device bus 203. An interface 215 such as SCSI connects the first storage medium 110 and the second storage medium 112 to the processor 201 via the peripheral device bus 203. The second storage medium 112 is shown schematically as being partitioned into storage bins 217. Storage bins can be implemented as individual disks managed together in a second storage medium, or as different partitions within a single large disk.

  Reference is now made to FIG. 3 which is a schematic diagram of the abstraction layer 30 in the system 101. The lowest level abstraction layer is a physical layer 309 that includes physical operations such as reading and writing to the first storage medium 110 and the second storage medium 112, for example. The operation of the physical layer 309 is controlled by an interface layer 307 such as SCSI. Above the interface layer 307 is a kernel layer of a volume manager 305 that manages volumes and a file system manager 303 that manages files on the first storage medium 110. The application layer 301 can access user applications. According to an embodiment of the present invention, access to the second storage medium 112 is restricted to the layer 307, and access from the layers 301, 302, and 305 to the second storage medium 112 is performed in the SCSI layer 307. Permitted only by arbitration by drivers. The WORM manager for the second storage medium 112 is preferably implemented in layer 307 by a SCSI driver. The SCSI driver is used to control and monitor all read / write operations for the second storage medium 112.

  Another level of protection against repository data is achieved by the protection of the second storage medium 112 by placing a signature on the second storage medium 112 that allows it to be recognized as storage, according to embodiments of the present invention.

  Reference is now made to FIG. 4, a schematic flow diagram of a backup procedure 40 according to an embodiment of the present invention. A backup is generally a backup of one or more data files on the first storage medium 110. Backups are often performed when a snapshot is initiated, and files stored on the first storage medium are copied to the storage bin of the second storage medium 112. When the backup procedure is initiated (step 401), one or more storage bins 217 are allocated on the second storage medium 112 (step 403). When the active storage bin 217 in use is full, new storage bins are created and allocated accordingly. Storage bin 217 is mounted for read and write operations (step 405). The backup is performed on the exemplary storage 114 attached directly to the server computer 108 (step S407), and the data file is stored in the first repository 110 in the storage bin 217 allocated on the second storage medium 112. Is copied into the corresponding file. When all the indicated files have been backed up and verified, the backup procedure is terminated (step 409) and one or more storage bins 217 are unmounted (step 411) to prevent further read or write operations. )

  Reference is now made to FIG. 5, which illustrates a flow diagram of a verification and restoration process 50 according to an exemplary embodiment of the present invention. There are several procedures for handling data during long periods of time when backup copies of the data are stored on the second storage media 112. Preferably, a backup copy of the data is maintained in the unmounted storage bin 217 and mounted and accessed only for read operations as needed. The storage bin 217 is partitioned (step 502) and allocated on the second storage medium 112, and the storage bin 217 is mounted for read / write operations (step 405) from the first storage medium 110. A copy of the data file is stored in the storage bin 217. Periodically, for example over a long period of several years, and preferably as a background task, the storage bin 217 is mounted only for read operations (step 508). Other parameters indicating error detection or integrity, such as a checksum, for example, are calculated for both the original data stored in the first storage medium 110 and the copy stored in the storage bin 217. If the checksums are the same, the storage bin is unmounted (not shown), then after a certain time the storage bin 217 is mounted only for the read operation of the bin 217 (step 508) and the checksum is compared again (Step 510). However, if the checksums are different (decision box 512), a determination is made as to which checksum has changed (decision box 514). Which checksum has changed indicates whether the data stored in the first storage medium 110 or the copy of the second storage medium 112 has been damaged or altered. If the copy of the second storage medium 112 has a modified checksum, the storage bin 217 is mounted for read / write operations (step 405) and stored in the first storage medium 110. A copy is restored from the stored data (step 520). If the data stored in the first storage medium 110 has a modified checksum (decision box 514), then the data is restored from the copy of the second storage medium 112 (step 518). During the steps of the verify and restore process 50, the storage bin is preferably unmounted (not shown) when not in use for reading and writing.

  Reference is now made to FIG. 6, which illustrates a logging process 60 according to an embodiment of the present invention. The logging process 60 preferably meets the WORM (Write-Once-Read-Many) regulatory requirements. If the storage bin 217 is mounted only for read operations (step 508), preferably it is stamped and the log is opened, preferably all read operations are logged (step 607). . If storage bin 217 is opened for read / write operations (step 405), the log is opened for both read and write operations. Write operations are logged (step 605), and read operations are also logged (step 607). After the read or write operation is complete, the log is closed (step 609), and the storage bin 217 is unmounted (step 609) with time stamping as appropriate.

  Logging (steps 605, 607) and / or documentation for storage bin 217 inspection applications mounted for write operations is typically accessed only by a dedicated kernel driver that performs read and write operations. This is done by writing to one or more possible storage bins 217L. Alternatively, logging for inspection applications (steps 605, 607) or other documentation may be written on a WORM medium such as optical disk 213 in read / write optical disk drive 205 without erasure capability. Can also be executed.

  Reference is now made to FIG. 7 illustrating a storage bin repair process 70 according to an embodiment of the present invention. If a failure is detected or suspected in storage bin 217 (step 701), repair process 70 is initiated. A new storage bin 217 is allocated (step 703) and the newly allocated storage bin 217 is mounted for read / write operations (step 405). Data is copied from the first storage medium 110 to the new storage bin 217 (step 707). The new storage bin is unmounted (step 709) or mounted only for read operations on demand.

  A cleanup operation according to an embodiment of the present invention is illustrated in FIG. The storage bin 217 is mounted for read / write operations and the data in the storage bin and the partition of the storage bin 217 as appropriate are deleted (step 803).

  Although the invention has been described with reference to a limited number of embodiments, it will be appreciated that many variations, modifications, and other applications of the invention may be made.

1 is a system schematic diagram illustrating a network environment according to an embodiment of the present invention. The system schematic by embodiment of this invention. 1 is a schematic diagram of a computer architecture abstraction layer according to an embodiment of the present invention. FIG. Figure 3 is a schematic flow diagram of a backup process according to an embodiment of the present invention. Figure 3 is a schematic flow diagram of a verification and restoration process according to an embodiment of the present invention. FIG. 3 is a schematic flow diagram of a logging process according to an embodiment of the invention. FIG. 3 is a schematic flow diagram of a repair / replication process according to an embodiment of the invention. Figure 3 is a schematic flow diagram of a cleanup process according to an embodiment of the present invention.

Claims (20)

A computerized method for verifying and restoring computed data connected to a computer network and stored in a backup appliance including a computer, wherein the backup appliance is for the computer A first storage medium operably connected to store the computed data, the method comprising:
(A) partitioning the second storage medium into a plurality of storage bins, wherein each of the storage bins is operably attached to or removed from the computer; The step to be executed by selecting
(B) storing the calculated copy of the data in at least one of the storage bins, operably attaching the at least one storage bin only for read operations, and at least one parameter of the copy Maintaining the stored value of
(C) periodically comparing the stored value with a corresponding value of the at least one parameter to the calculated data;
(D) When a mismatch between the stored value and the corresponding value is detected, and the mismatch occurs from the calculated data, the calculated data is restored from the copy And if the discrepancy arises from the copy, (i) restore the copy from the computed data, or (ii) the computed data in at least one other storage bin. A method comprising the step of selecting and performing another copy of the restoration.   The method of claim 1, further comprising: (e) operably attaching the at least one storage bin to perform a write operation only for updating the copy. The method of claim 2, further comprising: (f) documenting all of the steps of (e) operably attaching for inspection use. Before the storage
(E) operably attaching the at least one storage bin for a write operation;
(F) backing up the computed data by writing a latest copy of the computed data to the at least one storage bin;
The method of claim 1, further comprising: (g) operably attaching the at least one storage bin only for read operations when the backup step is completed.   The method of claim 1, further comprising: (h) logging all write operations to the second storage medium along with a time stamp. The method of claim 1, further comprising: (h) logging all read operations from the second storage medium along with a time stamp.   The method of claim 1, wherein (ii) restoring another copy is performed when a failure is detected while writing to the at least one storage bin. (E) protecting the second storage medium, thereby accessing the second storage mechanism using any of an operating system, file system manager, and volume manager running on the computer; The method of claim 1, further comprising stopping. (F) providing the protection by accessing the second storage medium only via a single input / output interface using a software driver that controls all read and write operations to the second storage medium; The method of claim 8 further comprising a step. (F) performing the protection by placing a private signature on the second storage medium, thereby concealing the contents of the second storage medium from the operating system, file system manager and volume manager; The method of claim 8, further comprising:   The method of claim 1, wherein the stored value and the corresponding value of the at least one parameter include a checksum of a file of all the copies and the processed data, respectively.   A backup appliance comprising a computer, a first storage, and a second storage partitioned into storage bins for performing the method steps of claim 1. A backup appliance including a computer connected to a computer network, the backup appliance operably connected to the computer and including a first storage medium for storing computed data, the backup appliance The appliance
(A) a second storage medium partitioned into a plurality of storage bins, wherein each of the storage bins is operably attached to or removed from the computer The second storage medium to be selected and executed; and
(B) storing the calculated copy of the data in at least one of the storage bins, operably attaching the at least one storage bin only for read operations, and at least one parameter of the copy A processor of the computer for maintaining a stored value of the computer, the processor periodically comparing the stored value with a corresponding value of the at least one parameter to the computed data When a mismatch between a value and the corresponding value is detected and the mismatch occurs from the calculated data, the calculated data is restored from the copy, and the mismatch is (I) restore the copy from the computed data if it occurs from the copy, or (ii) Both the calculated processed by selecting to restore the other copies of the data to execute in a storage bin, the backup appliance.   The backup appliance of claim 13, wherein the stored value and the corresponding value of the at least one parameter include a checksum of all the copies and files of the computed data, respectively. 14. The backup appliance of claim 13, further comprising: (c) a mechanism for operably attaching the at least one storage bin to perform a write operation only for updating the copy. 14. The backup appliance of claim 13, further comprising a logging mechanism that documents (c) all operatively attaching to the at least one storage bin for a write operation for inspection applications. (C) protecting the second storage medium, thereby accessing the second storage mechanism using any of the operating system, file system manager, and volume manager running on the computer The backup appliance of claim 13, further comprising a protection mechanism for stopping.   18. The backup appliance of claim 17, wherein the protection mechanism includes a software driver that controls all read and write operations to the second storage medium via a single input / output interface.   The protection mechanism places a private signature on the second storage medium, thereby hiding the contents of the second storage medium from the operating system, file system manager and volume manager running on the computer. The backup appliance according to claim 17.   A program storage device readable by a machine, wherein the computer-executable instruction program according to claim 1 is embodied in realization to verify and restore the computed data. A program storage device that causes the steps of the method of claim 1 to be executed.

Images