JP6384066B2 - Data management apparatus and data management method - Google Patents

Description

  The present invention relates to a data backup technique, and more particularly to a technique for storing data in an online storage.

  With the development of the information and communication society, various information is handled as electronic data, and important information is often processed and stored as electronic data. Since electronic data including such information is not allowed to be lost, it is important to safely save a backup of the electronic data in preparation for a failure of the information processing device or the storage device.

  A method of storing data that needs to be backed up by providing a storage device having a sufficient capacity for data backup for data backup is conceivable. However, it is not efficient to provide a storage device for backup so as to cope with the varying data amount. Further, when a system configuration is provided that has redundancy in case a backup storage device or auxiliary device fails, the configuration of the backup system can be large.

  As a method corresponding to the amount of data fluctuation, there is a method in which a plurality of users share a storage device via a network. By sharing the storage device, it becomes unnecessary for each user to have a storage device having a storage capacity that matches the increase in data. As such a shared storage device, it is possible to use a plurality of online storages operated by an operator other than the data owner, that is, a plurality of storage devices connected via a network. Further, as a measure for redundancy, there is a method of ensuring redundancy by distributing data as backups in a plurality of storage devices connected via a network. Thus, by storing online storage data, it may be possible to cope with changes in data amount and to ensure redundancy.

  However, when using online storage, the user often does not have management authority, and cannot directly manage safety and reliability. For example, there is a concern that the operation may be stopped due to a reason on the administrator side of the online storage or the occurrence of a failure, making it unusable. In addition, since they are connected via a network, there is a risk that data will be leaked by an attack from the outside. For this reason, when online storage is used as a storage location for important data, it is necessary to take measures for when operation stops and measures for maintaining data safety.

  In addition, online storage has different performance and specifications, and there may be variations in the time required for writing data when backing up data and the time required for reading data that has been backed up. However, it is desirable to be able to process data in real time, and it is desirable to be able to read it quickly and reliably when the backed up data is needed. Therefore, there is a high demand for processing related to data backup while maintaining certain processing performance while ensuring safety. In order to meet such demands, development of technologies related to data backup to online storage has been actively conducted. As a technique for storing backup data in an online storage, for example, a technique as disclosed in Patent Document 1 is disclosed.

  Patent Document 1 relates to a data backup system that backs up data to an online storage. The backup system of Patent Document 1 encrypts backup data, divides a block, which is a unit in which encryption processing is performed, and saves the data in online storage. The backup system of Patent Document 1 stores data by dividing blocks so that continuous data necessary for restoring encrypted data is not stored in one online storage. According to Patent Document 1, it is possible to store data while ensuring the safety of data in an online storage operated by a third party by performing backup by dividing the data.

JP 2011-175578 A

However, the technique of Patent Document 1 is not sufficient in the following points. In Patent Literature 1, data to be backed up is encrypted and divided so that continuous data is not stored in the same online storage to ensure safety. However, in Patent Document 1, data backup is determined using a predetermined online storage. For this reason, the technique of Patent Document 1 cannot cope with occurrence of a failure or an operation stop in online storage. That is, in the data backup system of Patent Document 1, when a failure or the like occurs in the online storage, it is not possible to select an online storage that can maintain performance from other online storages and continue the processing.
Therefore, Patent Document 1 is not sufficient as a technique for use in data backup that requires both continuous operation with high processing performance and high safety.

  An object of the present invention is to obtain a data management device capable of ensuring the safety of data to be backed up while maintaining processing performance.

  In order to solve the above problems, the data management apparatus of the present invention includes a storage device evaluation unit, a storage device selection unit, a data division unit, a storage destination determination unit, and a data transmission unit. The storage device evaluation means evaluates predetermined characteristics of a plurality of storage devices connected via a network. The storage device selection means selects a storage destination of data to be backed up from a plurality of storage devices based on the evaluation points. The data dividing means divides the data to be backed up so as to satisfy the redundancy and generates the divided data. The storage destination determination unit determines that all the divided data is not stored in the same storage device. The data transmission means writes the divided data to the storage device at the storage destination determined by the storage destination determination means.

  The data management method of the present invention evaluates predetermined characteristics of a plurality of storage devices connected via a network. In the data management method of the present invention, a storage destination of data to be backed up is selected from the storage device based on an evaluation result of predetermined characteristics. According to the data management method of the present invention, data to be backed up is divided and generated as divided data so as to satisfy redundancy. The data management method of the present invention determines that not all the divided data are stored in the same storage device. According to the data management method of the present invention, each of the divided data is written into the determined storage device.

  According to the present invention, it is possible to ensure the safety of data to be backed up while maintaining processing performance.

It is a figure which shows the outline | summary of a structure of the 1st Embodiment of this invention. It is a figure which shows the outline | summary of a structure of the 2nd Embodiment of this invention. It is a figure which shows the outline | summary of a structure of the data management apparatus of the 2nd Embodiment of this invention. It is a figure which shows the example of the data structure in the 2nd Embodiment of this invention. It is a figure which shows the example of the data structure in the 2nd Embodiment of this invention. It is a figure which shows the example of the data structure in the 2nd Embodiment of this invention. It is the figure which showed typically the relationship of each data in the 2nd Embodiment of this invention. It is the figure which showed the outline | summary of the operation | movement flow in the 2nd Embodiment of this invention. It is the figure which showed the outline | summary of the operation | movement flow in the 2nd Embodiment of this invention. It is the figure which showed the outline | summary of the operation | movement flow in the 2nd Embodiment of this invention. It is a figure explaining the example of the data allocation method in the 2nd Embodiment of this invention. It is the figure which showed the outline | summary of the operation | movement flow in the 2nd Embodiment of this invention. It is the figure which showed the outline | summary of the operation | movement flow in the 2nd Embodiment of this invention.

  A first embodiment of the present invention will be described in detail with reference to the drawings. FIG. 1 shows an outline of the configuration of the data management apparatus of this embodiment. The data management apparatus according to this embodiment includes a storage device evaluation unit 11, a storage device selection unit 12, a data division unit 13, a storage destination determination unit 14, and a data transmission unit 15.

  The storage device evaluation unit 11 evaluates predetermined characteristics of a plurality of storage devices connected via a network. The storage device selection unit 12 selects a storage destination of data to be backed up from a plurality of storage devices based on an evaluation result of predetermined characteristics. The data dividing means 13 divides the data to be backed up so as to satisfy a predetermined redundancy and generates it as divided data. The storage destination determination unit 14 determines that all the divided data are not stored in the same storage device. The data transmission unit 15 writes the divided data to the storage device at the storage destination determined by the storage destination determination unit 14.

  The data management apparatus of this embodiment evaluates a plurality of storage devices connected via a network in the storage device evaluation means 11, and the storage device selection means 12 stores data to be backed up based on the evaluation result. The previous storage device is selected from a plurality. In the data management apparatus of this embodiment, the processing performance can be maintained by evaluating a predetermined characteristic of the storage device and selecting a storage destination. In the data management apparatus according to the present embodiment, the data to be backed up by the data dividing unit 13 is divided so as to satisfy predetermined redundancy. Further, all the divided data necessary for restoring the data are stored in the storage device so that they are not stored in the same storage device. Therefore, not all of the divided data necessary for data restoration is stored in the same storage device, and safety can be ensured. As described above, the data management apparatus according to the present embodiment can ensure the safety of the backed up data while maintaining the processing performance.

  A second embodiment of the present invention will be described in detail with reference to the drawings. FIG. 2 shows an outline of the configuration of the information processing system of this embodiment.

  The information processing system according to this embodiment includes a data management apparatus 100, a backup server 201, an online storage 202, an internal network 203, and an external network 204. A plurality of online storages 202 are provided. The data management apparatus 100 and the backup server 201 are connected via an internal network 203. The data management apparatus 100 and the online storage 202 are connected via an external network 204.

  FIG. 3 shows an outline of the configuration of the data management apparatus 100 of this embodiment. The data management apparatus 100 includes a backup data transmission / reception unit 110, a storage monitoring unit 120, a storage management unit 130, a data management unit 140, a data operation unit 150, and a storage data operation unit 160.

  The storage monitoring unit 120 has a function of monitoring the operating state and performance of the online storage 202. In addition, it has a function of monitoring whether data stored in the online storage 202 has been altered. The storage monitoring unit 120 includes a data modification monitoring unit 121, a performance monitoring unit 122, and an operation monitoring unit 123.

  The data modification monitoring unit 121 has a function of confirming whether data written in the online storage 202 has been modified. When the data modification monitoring unit 121 detects data modification, the online storage 202 in which the data is written is excluded from data backup candidates. That is, the online storage 202 in which data alteration is detected is not used as a data backup destination. The online storage 202 in which data modification is not detected by the data modification monitoring unit 121 is continuously used as a backup destination or a backup destination candidate.

  The performance monitoring unit 122 has a function of measuring a response time required for writing and reading data in the online storage 202 and calculating a writing speed and a reading speed. The performance monitoring unit 122 stores the calculated writing speed and reading speed information in the service management table stored in the service management unit 131 in association with the identification information of the online storage 202. The identification information of the online storage 202 refers to identifier information for identifying each online storage 202.

  The operation monitoring unit 123 has a function of monitoring the operation status of the online storage 202. When the operation monitoring unit 123 detects a failure or the like of the online storage 202, the online storage 202 is excluded from data backup destination candidates. The operation monitoring unit 123 determines that a failure or the like has occurred in the corresponding online storage 202 when data cannot be written or read or when a timeout occurs, that is, when it cannot be completed within a predetermined time. Further, the online storage 202 determined to be in an operating state by the operation monitoring unit 123 is continuously used as a backup destination or a backup destination candidate.

  The storage management unit 130 has a function of acquiring and managing information as to whether each online storage 202 is suitable as a data storage destination. The storage management unit 130 includes a service management unit 131 and a score calculation unit 132.

  The service management unit 131 stores information of each online storage 202 as a service management table. FIG. 4 shows an example of the service management table of this embodiment. The online storage in FIG. 4 is identification information of the online storage 202. In the example of FIG. 4, the identification information of the online storage 202 is set such that the name of the business that provides the online storage 202 is set as an identifier, and is stored like Company A or Company B. The operating state indicates whether the online storage 202 is operating. The information on the operating state is saved as “◯” when operating normally, and “X” when some trouble occurs or when it is completely stopped.

  As for the presence / absence of data modification in FIG. 4, the record of the presence / absence of modification of data written in the online storage 202 is recorded. Data modification refers to data corruption that has occurred after data writing or intentional data modification by a third party. The data alteration presence / absence information is stored as “Yes” when data alteration has occurred, and “No” when data alteration has never occurred. Information on the presence / absence of data modification is reset after maintenance of the online storage 202 and returned to “none”.

  The writing speed is information on the speed at which data is written to the online storage 202. In the example of FIG. 4, the information on the writing speed is stored as 10 Mbps (Megabits Per Second). In this embodiment, the writing speed is stored as an average value of the data writing operation to each online storage 202 performed after a predetermined time point.

  The reading speed is a speed at which data stored in the online storage 202 is read. In the example of FIG. 4, the reading speed information is stored as 25 Mbps. In this embodiment, the reading speed is stored as an average value of data reading operations from each online storage 202 performed after a predetermined time point.

  Pay-per-use indicates whether or not there is a charge per data amount when using each online storage 202. The pay-per-use information is stored as “present” when charging per data amount is performed, and “no” when charging per data amount is not performed. The 1 GB (Gigabyte) charge indicates a charge per 1 GB required for storing data when the pay-per-use charge is “present”.

  The capacity limit indicates whether there is a limit on the total capacity of data to be stored for each online storage 202. For example, when the maximum value of the amount of data used by the user is set by a business operator or the like that manages each online storage 202, the capacity limit is “present”. The capacity limit information is stored as “Yes” when the data storage amount is limited, and “No” when there is no limit. The remaining capacity indicates the capacity of data that can be further saved in addition to the already saved data when the capacity limit is “present”. The remaining capacity information is stored as 1.4 TB (Terabyte). The transfer amount restriction indicates the transfer amount, that is, whether or not there is a restriction on the bandwidth at the time of data transmission / reception. The transfer amount restriction information is stored as “present” when there is a restriction on the transfer amount, and “no” when there is no restriction on the transfer amount. The remaining transfer amount indicates the capacity of a band that can be used in addition to the currently used band when the transfer amount restriction is “present”.

  The score indicates the evaluation score of each online storage 202 calculated by the score calculation unit 132. The score information is set so that the highest evaluation score is 1 and the lowest evaluation score is 0. The online storage 202 with a score of 0 is not used as a data storage destination.

  The score calculation unit 132 has a function of calculating a score that is an evaluation value of each online storage 202 based on information in the service management table. An example of a score calculation method will be described later.

  The data management unit 140 has a function of managing data stored in each online storage 202. The data management unit 140 includes a divided data management unit 141, a storage data management unit 142, a storage location determination unit 143, a storage location rearrangement unit 144, a redundancy confirmation unit 145, and a retransmission determination unit 146. .

  The divided data management unit 141 has a function related to storing and associating data block divided data, data blocks, and backup data with each other as a divided data management table. The backup data is data to be backed up that is sent from the backup server 201 to the data management apparatus 100. The data block is data generated by dividing backup data. The data block division data is data generated by further dividing the data block. Data storage in the online storage 202 is performed in units of data block division data. FIG. 5 shows an example of the divided data management table of this embodiment. As shown in FIG. 5, the divided data management table includes data block divided data, data blocks, backup data, size, and data block divided data information necessary for restoration.

  The data block division data of the division data management table is information of an identifier for identifying individual data block division data. The data block is identifier information for identifying individual data blocks. The backup data is identifier information for identifying individual backup data. The size is information on the data amount of the data block divided data. The data block division data necessary for restoration is information indicating the number of data block division data necessary for restoring the data block.

  The stored data management unit 142 has a function of storing and managing information on the storage destination of the data block division data as a stored data management table. FIG. 6 shows an example of the stored data management table of this embodiment. As shown in FIG. 6, the stored data management table is composed of data block division data, write response, read response, write success / failure, read success / failure, and write destination information. The data block division data is information on the identifier of the data block division data. The response at the time of writing is information on the time required from the transmission of data to be written to the online storage 202 until the reception of the write completion signal. The write success / failure is information indicating whether or not the online storage 202 has been normally written. The write success / failure information is saved as “◯” when the writing is successful, and “X” when the writing is not successful.

  The response at the time of reading is information on the time required from when the data transmission is requested to the online storage 202 to read the data until the data is received. The read success / failure is information indicating whether data has been normally read from the online storage 202. The reading success / failure information is stored as “◯” when the reading is successful, and “×” when the reading is not successful. The write destination is information for identifying the write destination of each data block divided data, that is, the storage destination online storage 202. In this embodiment, the information of the write destination stores information on the name of the business operator that operates each online storage 202.

  The storage location determination unit 143 has a function of calculating the number of data block division data stored in each online storage 202. The storage location determination unit 142 determines the number of data block division data to be stored in each online storage 202 so as to satisfy predetermined confidentiality and redundancy based on the score of the service management table. In the present embodiment, the confidentiality requirement is set such that not all data block division data necessary for data block restoration is stored in one online storage 202. In addition, the redundancy requirement is set such that even if a predetermined number of online storages 202 stop operating, data blocks can be restored based on the data block division data stored in other online storages 202. Yes.

  The storage location rearrangement unit 144 has a function of determining a backup destination again when an online storage 202 that cannot be used as a data storage destination occurs due to a failure or the like. The storage location rearrangement unit 144 again determines the storage destination of the data block in which the data block division data necessary for restoration is stored in the unusable online storage 202. The storage location rearrangement unit 144 determines the number of data block division data to be stored in each online storage 202 so as to satisfy confidentiality and redundancy based on the score of the service management table.

  The redundancy confirmation unit 145 has a function of referring to the stored data management table to confirm the presence / absence of a data block whose redundancy is lost. When the redundancy confirmation unit 145 detects a data block in which redundancy is lost, the redundancy confirmation unit 145 sends information on the data block in which redundancy is lost to the storage location rearrangement unit 144.

  The retransmission determination unit 146 has a function of determining whether to transmit the same data again when data writing to the online storage 202 fails. When the writing failure occurs, the retransmission determining unit 146 requests the redundancy checking unit 145 for information on the presence / absence of redundancy of the data block regarding the data block division data for which the writing has failed. When receiving information indicating that the redundancy is insufficient from the redundancy confirmation unit 145, the retransmission determination unit 146 determines that the data needs to be retransmitted. When the retransmission determining unit 146 determines that the data needs to be retransmitted, a process related to the retransmission of the corresponding data block divided data is executed. Upon receiving information from the redundancy confirmation unit 145 that the redundancy is satisfied, the retransmission determination unit 146 determines that data retransmission is unnecessary.

  The data operation unit 150 has a function of dividing backup data and reconstructing original data from the divided data. The data operation unit 150 includes a data division unit 151 and a data reconstruction unit 152.

  The data dividing unit 151 has a function of dividing backup data sent from the backup server and generating data blocks. The data dividing unit 151 has a function of dividing the data block so as to satisfy predetermined redundancy and generating data block divided data. The data dividing unit 151 stores information associating correspondence between data blocks and data block divided data generated by dividing the data block as a divided data management table. FIG. 7 schematically shows the relationship among backup data, data blocks, and data block division data. As shown in FIG. 7, the backup sent from the backup server 201 and the target backup data are divided into data blocks. The data block is further divided into data block division data. The data block division data is a unit of data when stored in the online storage 202. In addition, when the data dividing unit 151 divides the data block to generate the data block divided data, the data dividing unit 151 may generate the data block divided data by combining the fragment data obtained by dividing the data block into a plurality of pieces. When combining the fragment data, the data dividing unit 151 performs the combination so that the same data block divided data does not include all the data contents of the data block before the division.

  The data restructuring unit 152 has a function of reconstructing data blocks by combining the data block division data stored in the online storage 202 with reference to the data management table. The data reconstruction unit 152 has a function of reconstructing backup data by combining data blocks with reference to the data management table.

  The storage data operation unit 160 has a function of writing data to the online storage 202 and reading data from the online storage 202. The storage data operation unit 160 includes a data transmission unit 161, a data reception unit 162, a data confirmation unit 163, and a data deletion unit 164.

  The data transmission unit 161 has a function of writing data block division data in the online storage 202. In addition, the data transmission unit 161 has a function of storing a response time of writing, calculating a writing speed, and sending information on the writing speed to the performance monitoring unit 122.

  The data receiving unit 162 has a function of reading data block division data from the online storage 202. In addition, the data receiving unit 162 has a function of storing a response time of reading, calculating a reading speed, and sending information on the reading speed to the performance monitoring unit 122.

  The data confirmation unit 163 has a function of comparing whether the written data and the data stored in the online storage 202 match each other. The data confirmation unit 163 compares the data written by the data transmission unit 161 to the online storage 202 and the data read by the data reception unit 162 from the online storage 202. When the data confirmation unit 163 detects a mismatch between the written data and the read data, the data confirmation unit 163 sends information on the occurrence of the data mismatch to the retransmission determination unit 146.

  The data deleting unit 164 has a function of deleting data block division data stored in the online storage 202. The data deletion unit 164 deletes test data saved in the online storage 202 and data that is no longer needed.

  The backup server 201 has a function of sending data requiring backup to the data management apparatus 100. A plurality of backup servers 201 may be provided. The online storage 202 has a function of storing data sent from the data management apparatus 100 and transmitting the data to the data management apparatus 100 in response to a request. The online storage 202 is a storage device connected via a network. Each of the plurality of online storages 202 provided may have a different configuration or may include the same configuration.

  The internal network 203 of this embodiment is configured as a private network such as an intranet. In addition, the external network 204 of the present embodiment is configured as a public network using an Internet line. The external network 204 can also be configured using a dedicated line. The external network 204 can also be configured using both the Internet and a dedicated line.

  The operation of the information processing system of this embodiment will be described. First, an operation flow when the data management apparatus 100 calculates the score of each online storage 202 will be described with reference to FIG. FIG. 8 shows an outline of the operation flow when the data management apparatus 100 calculates the score of each online storage 202 in the information processing system of this embodiment.

  The score calculation unit 132 of the storage management unit 130 refers to the service management table and confirms the operating state of the online storage 202 that calculates the score. When the operating state information is “x” and some abnormality has occurred in the operating state (No in step 301), the score calculation unit 132 sets the evaluation score of the operating state of the corresponding online storage 202 to 0. The online storage 202 having 0 in the evaluation score of each evaluation item for calculating the score is excluded from the writing target (step 312).

  When the operation state information is “◯” and the device is operating normally (Yes in step 301), the score calculation unit 132 sets the evaluation point of the operation state to 1, and confirms the presence or absence of data modification. When the data modification presence / absence information is “Yes” (Yes in Step 302), the score calculation unit 132 sets the evaluation score of the data modification presence / absence of the corresponding online storage 202 to 0. That is, the online storage 202 whose data alteration presence / absence information is “exist” is excluded from the write target (step 312).

  When the data modification presence / absence information is “none” (No in step 302), the score calculation unit 132 sets the evaluation score for data modification presence / absence to 1. When the evaluation score for the presence or absence of data modification is set to 1, the score calculation unit 132 calculates an evaluation score for writing speed (step 303). The score calculation unit 132 sets a value obtained by dividing the write speed of each online storage 202 by the value of the write speed of the online storage 202 having the fastest write speed as an evaluation point of the write speed. That is, the evaluation point of the writing speed is a value normalized with the writing speed value of the online storage 202 having the fastest writing speed as 1.

  After calculating the writing speed evaluation score, the score calculation unit 132 calculates the reading speed evaluation score (step 304). The reading speed evaluation point is calculated by the same method as the writing speed. The score calculation unit 132 sets a value obtained by dividing the reading speed of each online storage 202 by the reading speed value of the online storage 202 having the highest reading speed as an evaluation point of the reading speed.

  When the evaluation score for the reading speed is calculated, it is confirmed whether the online storage 202 is pay-per-use. Pay-per-use refers to charging, that is, a charge, for the online storage 202 according to the amount of data from the operator operating each online storage 202. When the metered charge information in the service management table is “none” (No in step 305), the score calculation unit 132 sets the metered charge evaluation score to 1 and proceeds to step 307 (step 313).

  When the usage-based charging information in the service management table is “Yes” (Yes in Step 305), the score calculation unit 132 calculates an evaluation score for the usage-based charging (Step 306). The score calculation unit 132 calculates a value obtained by dividing the charge of each online storage 202 by the charge of the online storage 202 having the highest charge per 1 GB stored in the service management table. The score calculation unit 132 further calculates a value obtained by subtracting a value obtained by dividing the charge of each online storage 202 from the charge of the online storage 202 having the highest charge as an evaluation point for pay-per-use.

  When calculating the evaluation score for pay-per-use, the score calculation unit 132 refers to the service management table and confirms whether a limit is set for the capacity that can be stored in the online storage 202. If the information on the capacity limit for service management is “none” (No in step 307), the score calculation unit 132 sets the evaluation score for capacity limit to 1 and proceeds to step 309 (step 314).

  When the information on the capacity limit for service management is “Yes” (Yes in Step 307), the score calculation unit 132 calculates an evaluation score for the capacity limit (Step 308). The score calculation unit 132 sets a value obtained by dividing the value of the remaining capacity of the service management table by the average data amount of the data block as an evaluation point for capacity limitation. When the value obtained by dividing the value of the remaining capacity of the service management table by the average data amount of the data block exceeds 1, the score calculation unit 132 sets the evaluation score for capacity limitation to 1.

  When the capacity limit evaluation score is calculated, the score calculation unit 132 refers to the service management table to check whether or not the transfer amount is limited. When the transfer amount restriction information in the service management table is “none” (No in Step 309), the score calculation unit 132 sets the transfer amount restriction evaluation score as 1, and proceeds to Step 311 (Step 315).

  When the transfer amount restriction information in the service management table is “Yes” (Yes in Step 309), the score calculation unit 132 calculates an evaluation score for the transfer amount restriction (Step 310). The score calculation unit 132 sets a value obtained by dividing the transfer amount remaining value in the service management table by the average data amount of the data block as an evaluation point for the transfer amount restriction. When the value obtained by dividing the transfer amount remaining value in the service management table by the average data amount of the data block exceeds 1, the score calculation unit 132 sets the transfer amount restriction evaluation score to 1.

  When the evaluation score for the transfer amount restriction is calculated, the score calculation unit 132 calculates the score, which is the overall evaluation score, for each online storage 202 by multiplying the evaluation score of each item (step 131). Thus, the operation for the data management apparatus 100 to calculate the score of each online storage 202 is completed.

  Next, an operation when the characteristics of the online storage 202 are periodically evaluated in order to update the service management table referred to when calculating the score will be described with reference to FIG. FIG. 9 shows an outline of the operation flow when the characteristics of the online storage 202 are evaluated. Periodic evaluation of the characteristics of the online storage 202 is periodically performed at predetermined intervals or based on set timing.

  The storage monitoring unit 120 creates temporary data that is test data (step 321). The temporary data includes, for example, information indicating test data and sender identification information. When the temporary data is created, the storage monitoring unit 120 sends the temporary data to the storage data operation unit 160. Temporary data sent to the storage data operation unit 160 is stored in the data confirmation unit 163. When the temporary data is stored in the data confirmation unit 163, the data transmission unit 161 transmits the temporary data to the online storage 202 (step 322). In addition, the data transmission unit 161 stores time information when the temporary data is transmitted.

  When the online storage 202 receives temporary data from the data management apparatus 100, the online storage 202 stores the temporary data. When the online storage 202 performs temporary data storage, the online storage 202 transmits a signal indicating the storage to the data management apparatus 100 as a storage completion signal.

  When the storage completion signal is received (step 323), the data transmission unit 161 of the data management apparatus 100 calculates the time from when the temporary data is transmitted to the online storage 202 until the storage completion signal is received. The data transmission unit 161 calculates the time from when the temporary data is transmitted until the storage completion signal is received as the write response time. After calculating the response time, the data transmission unit 161 calculates the writing speed from the data amount of temporary data, and stores the calculated writing speed value (step 324).

  When the data transmission unit 161 stores the write response time when storing the data, the data reception unit 162 transmits a signal requesting temporary data transmission to the online storage 202 as a data request signal (step 325). When receiving the data request signal, the online storage 202 transmits the stored temporary data to the data management apparatus 100. When temporary data is received from the online storage 202 (step 326), the data receiving unit 162 sends the received data to the data confirmation unit 163. In addition, the data reception unit 162 calculates a read response time from the time from when the data request signal is transmitted until the data is received. When the response time is calculated, the data receiving unit 162 calculates the reading speed from the received temporary data amount, and stores the calculated reading (step 327).

  When the temporary data is received, the data confirmation unit 163 compares the data received from the online storage 202 with the data stored in the data management apparatus 100 to determine whether the data has been altered (step 328).

  The data confirmation unit 163 compares the data written in the online storage 202 with the read data. The data confirmation unit 163 compares the two data, and determines that the modification has not been performed if the two data match. In addition, when the two data do not match, the data confirmation unit 163 determines that the modification has been performed. The data confirmation unit 163 sends information on the determination result to the data modification monitoring unit 121. The data modification monitoring unit 121 determines whether data has been modified based on the information sent from the data confirmation unit 163. When the data modification monitoring unit 121 determines whether the data has been modified, the data modification monitoring unit 121 updates the information on the presence / absence of data modification in the service management table stored in the service management unit 131 (step 329).

  In addition, the performance monitoring unit 122 acquires information on the writing speed and the reading speed held by the data transmission unit 161 and the data reception unit 162, respectively. Based on the acquired write speed and read speed information, the performance monitoring unit 122 updates the online storage 202 write and read speed information stored in the service management table stored in the service management unit 131.

  When the data confirmation unit 163 compares the data, the data confirmation unit 163 stores the presence / absence of data modification as a comparison result. When the data confirmation unit 163 stores the comparison result, the storage data operation unit 160 deletes the stored temporary data (step 229). Further, the data deletion unit 164 sends a signal requesting deletion of temporary data stored in the online storage 202 to the online storage 202 as a data deletion request signal. When the online storage 202 receives the data deletion request signal, the online storage 202 stores the stored temporary data.

  When the service management table is updated, the score calculation unit 132 calculates the score of the online storage 202 by the operations of steps 301 to 315 and updates the score information of the service management table. Thus, the operation of evaluating the characteristics of the online storage 202 for updating the service management table is completed.

  Next, an operation when the data of the backup server 201 is stored in the online storage 202 will be described with reference to FIG. FIG. 10 shows an outline of an operation flow when the data of the backup server 201 is stored in the online storage 202 in the information processing system of this embodiment.

  Backup data, that is, data to be backed up is sent from the backup server 201 to the backup data transmitting / receiving unit 110 of the data management apparatus 100. When the backup data is received (step 331), the data management apparatus 100 starts an operation of dividing the backup data and storing it in each online storage 202.

  When the backup operation is started, the storage location determination unit 143 refers to the service management table of the service management unit 131 and selects the online storage 202 as a backup destination candidate (step 332). The storage location determination unit 143 selects a plurality of online storages 202 as backup destination candidates based on the scores of the online storages 202 stored in the service management table.

  The data division unit 151 of the data operation unit 150 divides the backup data to generate a data block (step 333). In the data dividing unit 151, conditions relating to division such as the number of data divisions when generating data blocks and the data size of one data block are set and stored in advance.

  The data division unit 151 divides the data block so as to have redundancy by a predetermined division method, and generates data block division data (step 335). Based on the set conditions, the data dividing unit 151 divides the data by a predetermined data dividing method so that the divided data has redundancy. In this embodiment, the data block is divided based on the secret sharing method.

  The storage location determination unit 143 determines the number of divisions when the data block is divided to generate the data block divided data. The storage location determination unit 143 determines the number of data divisions based on the online storage 202 score stored in the service management table and the requirements for redundancy and confidentiality.

  An example of how to determine the number of divisions when dividing a data block will be described. The storage location determination unit 143 refers to the score of the service management table and selects a predetermined number of online storages 202 as data storage destinations from the top. In the present embodiment, description will be made assuming that five online storages 202 are selected. The number of selected online storages 202 may be variable depending on the amount of data to be stored and the number of active online storages 202.

  In the following description, it is assumed that storage A, storage B, storage C, storage D, and storage E are selected as the online storage 202 as the data storage destination. The score of each online storage 202 will be described assuming that storage A is 0.8, storage B is 0.06, storage C is 0.5, storage D is 0.8, and storage F is 0.1. Assume that the score is set between 0 and 1.

  A case where the backup operation is set to continue even if a failure occurs in one of the five online storages 202 will be described with reference to the upper part of FIG. FIG. 11 is a diagram showing the relationship between the score and the number of allocations when data block division files are allocated to the five online storages 202.

  The storage location determination unit 143 sets the number of divisions so that even if a failure occurs in one of the five online storages 202 that is the data storage destination, the remaining four data can be restored. The number of data block division data required at the time of restoration is set to four so that the data can be restored even if each of the four online storages 202 has only one data block division data. When the number of data block division data necessary for restoration is set as four, up to three data block division data stored in one online storage 202 is set. This is to prevent a third party from obtaining all data block division data necessary for restoration when information leaks from one online storage 202.

  In addition, data block division data is generated so that the same data is included in at least two or more data block division data so that the data block can be restored even if one online storage 202 cannot be used due to a failure or the like. Is done.

  When the number of data block division data stored in one online storage 202 is determined to be three, the storage location determination unit 143 classifies the online storage 202 into three groups based on the score value. For example, groups according to three score values are divided into three groups: a group having a score of less than 0.33, a group of 0.33 or more and less than 0.66, and a group of 0.66 or more.

  At this time, the storage location determination unit 143 assigns three data block division files to groups with a high score of 0.66 or higher. In addition, the data storage location determination unit 142 assigns two data block division files to groups of 0.33 or more and less than 0.66. Only a minimum of one data block division file is assigned to a group with a low score of less than 0.33.

  Data block division data including the same data is allocated to at least two or more online storages 202. By generating such data block division data and assigning it to the online storage 202, redundancy can be ensured. In addition, since the online storage 202 with a high score is expected to have high performance and reliability, only a large number of data block division files are allocated. On the other hand, since the online storage 202 with a low score is expected to have low performance and reliability, a large number of allocated data block divided files are set to be small. As described above, the online storage 202 that can maintain the performance and is less likely to cause a failure is used as an allocation destination of a large amount of data, thereby improving the effect of maintaining both the performance and the data safety.

  When allocation is performed as described above, three data block divided files are allocated to storage A, one to storage B, two to storage C, three to storage D, and one to storage F. It is done.

  Next, a case where the backup operation can be continued even if a failure occurs in two of the five online storages 202 will be described with reference to the middle part of FIG. The storage location determination unit 143 sets the number of divisions so that even if a failure occurs in two of the five online storages 202 serving as data storage destinations, the remaining three can be restored. The number of data block division data required at the time of restoration is set to three so that the data can be restored even if the number of data block division data is one each in the three online storages 202. When the number of data block division data necessary for restoration is set as three, up to two data block division data stored in one online storage 202 is set. This is to prevent a third party from obtaining all data block division data necessary for restoration when information leaks from one online storage 202.

  In addition, data block division data is generated so that the same data is included in at least three or more data block division data so that the data block can be restored even if the two online storages 202 cannot be used due to a failure or the like. Is done.

  When the data block division data stored in one online storage 202 is determined to be up to two, the storage location determination unit 143 classifies the online storage 202 into two groups based on the score. When divided into two, for example, the score is divided into two groups, a group having a score of less than 0.50 and a group having a score of 0.50 or more.

  At this time, the storage location determination unit 143 assigns two data block division files to a group having a high score of 0.50 or higher. Only one data block division file is assigned to a group with a low score of less than 0.50. When allocation is performed as described above, two data blocks are allocated to storage A, one to storage B, two to storage C, two to storage D, and one data block to storage F. It is done. Data block division data including the same data is allocated to at least three or more online storages 202.

  A case in which the backup operation can be continued even if a failure occurs in three of the five online storages 202 will be described with reference to the lower part of FIG. The storage location determination unit 143 sets the number of divisions so that even if a failure occurs in three of the five online storages 202 serving as data storage destinations, the remaining two can be restored. The number of data block division data required at the time of restoration is set to two so that the data can be restored even if the number of data block division data is one each in the two online storages 202. When the number of data block division data necessary for restoration is set as two, up to one data block division data stored in one online storage 202 is set.

  Therefore, the maximum number of data block divided data allocated to one online storage 202 is 1, and the minimum number is 1. In such a case, one data block division file is allocated to all the online storages 202 one by one.

  Data block division data in which data is overlapped with each other is generated by data block division data of any two online storages 202 so that the data block can be restored. That is, each data block divided data is in a state in which some data is not included as compared with the data block, but there is no state where the same data is not in two or more data block divided data. Split data is generated.

  Assume that the number of online storages 202 to be allocated as data storage destinations is N, and the number of online storages 202 required is at least n in order to continue the operation when a failure or the like occurs. At this time, the number of data block division data necessary at the time of restoration is set as N−n. In order to prevent information leakage, the maximum number of data block division data stored in one online storage 202 is N−n−1. However, N is n + 2 or more.

  Further, in the case of a setting assuming that N-n online storages are stopped, the data block division data is generated so that the same data is included in N-n + 1 or more data block division data. Further, the data block division files including the same data are stored in N−n + 1 or more online storages 202, respectively. Thus, redundancy can be ensured by generating the data block division data and determining the storage destination. Since the same data is stored in more online storages 202 than the setting that assumes operation stoppage, data necessary for restoration can be read from normal online storage 202 even if operation stoppage occurs. Because.

  When setting the minimum number of online storages 202 required, it is possible to make a determination based on the past failure record. For example, it is assumed that a failure has occurred in the A online storages 202 from a certain point in the past in the selected online storage 202. In such a case, for example, the value of n can be set so that it can operate even if a failure occurs in the A + 1 online storage 202. In this case, a margin for one vehicle is taken into account for the past occurrence of failure.

  When the storage location determination unit 143 determines the number of data block division data to be stored for each online storage 202, the storage location determination unit 143 sends the determined information to the data division unit 151.

  When the data block division data is generated in step 335, the data division unit 151 sends the generated data block division data to the storage data operation unit 160 for writing. The online storage operation unit 160 temporarily stores the data block division data received from the data division unit 151. The data transmission unit 161 writes and stores the data block division data in the online storage 202 determined as the data write destination (step 336).

  When the data is normally written to the online storage 202 (Yes in Step 337), the data transmission unit 161 calculates the response time of the writing (Step 338). In addition, the data transmission unit 161 calculates the writing speed from the writing response time and the data amount. The data transmission unit 161 and the data reception unit 162 of the present embodiment have a function of measuring the data amount of transmitted / received data.

  The data confirmation unit 163 requests the data reception unit 162 to read the data written in the online storage 202 (step 339). The data receiving unit 162 reads the data block division data from the online storage 2020 and sends it to the data confirmation unit 163. In addition, the data receiving unit 162 calculates the read response time from the response time and the data amount (step 340).

  When the writing speed and the reading speed are calculated, the performance monitoring unit 122 acquires the writing speed and the reading speed from the data transmitting unit 161 and the data receiving unit 162. Based on the acquired write speed, the performance monitoring unit 122 updates the write speed and read speed information of the corresponding online storage 202 stored in the service management table of the service management unit 131.

  The data confirmation unit 163 compares the data stored in the data transmission unit 161 with the data read by the data reception unit 162, and confirms the presence or absence of data modification (step 341). If there is no data modification (No in step 342), the operation of storing one data block divided data in the online storage 202 is completed. If there is still data block division data that has not been saved (Yes in step 343), the operation from step 336 is repeated. Further, the data modification monitoring unit 121 updates the information on the presence / absence of data modification in the corresponding online storage 202 stored in the service management table based on the comparison result of the data confirmation unit 163.

  If there is no remaining data block division data that has not been saved (No in step 343), the operation of saving the data block division data in the online storage 202 is completed. When the data block division data 202 is stored in the online storage 202, the score calculation unit 132 calculates the score of the online storage 202 of the service management table and updates the service management table.

  If the data block division data cannot be normally written in the online storage 202 in step 337 (No in step 337), a data retransmission flow is performed (step 334). The data retransmission flow will be described later. When the execution of the data retransmission flow is completed, the operation from step 343 is performed.

If the data has been altered in step 342 (Yes in step 342), a data retransmission flow is performed (step 334). When the execution of the data retransmission flow is completed, the operation from step 343 is performed. Thus, the operation for saving the data of the backup server 201 in the online storage 202 is completed.

  Next, with reference to FIG. 12, an explanation will be given on the operation of executing the data retransmission flow, that is, the flow of step 344, when a failure in writing the data block division data to the online storage 202 or data modification is detected. To do. FIG. 12 shows an outline of a flow for determining whether or not data retransmission is necessary when a write failure to the online storage 202 occurs.

  When the data sent from the data management apparatus 100 cannot be stored, the online storage 202 sends a signal indicating a write processing error to the data management apparatus 100 as a write error signal. When receiving the write error signal, the data management apparatus 100 determines that the writing has failed. In addition, when the data transmission unit 161 of the data management apparatus 100 cannot perform the writing process within a predetermined time, it determines that the writing has failed and stops the writing operation. Further, the data confirmation unit 163 determines that the data has been altered when the data at the time of reading does not match the data at the time of writing. When data writing failure or modification occurs, the storage data operation unit 160 sends information on the data writing failure or modification to the data management unit 140.

  When the data management unit 140 detects a write failure or data modification (step 351), the data management unit 140 refers to the stored data management table of the stored data management unit 141 and acquires information related to the data block division data. The data management unit 140 acquires from the stored data management table of the stored data management unit 142 the number of data block divided data and a list of data block divided data stored in the online storage 202 in which the writing failure or the like has occurred ( Step 352).

  The redundancy confirmation unit 144 confirms the success or failure of writing each data block divided data based on the data acquired in Step 352 (Step 353). The redundancy confirmation unit 144 confirms whether or not redundancy is ensured with the data block division data that has been successfully written to the online storage 202 (step 354).

  The securing of redundancy means that data blocks can be restored even if a predetermined number of online storages 202 are stopped due to data stored in other online storages 202. The predetermined number is set as a total of two, including the amount already stopped, for example, when two online storages 202 are set to operate with the assumption of two stops. In this case, it is determined that redundancy is ensured when data block division data including the same data content is stored in three or more online storages 202. The redundancy confirmation unit 144 sends information on whether or not redundancy is ensured to the retransmission determination unit 145.

  When redundancy is ensured (Yes in step 355), the retransmission determination unit 145 determines that data retransmission is unnecessary. If retransmission determining section 145 determines that data retransmission is unnecessary, the data block division data in which an error has occurred is not retransmitted and the processing of other data is continued (step 356). When redundancy cannot be ensured (No in step 355), the retransmission determination unit 145 determines that data retransmission is necessary. If it is determined that retransmission is necessary, the storage location determination unit 143 selects a storage destination of data to be retransmitted from the online storage 202 that has not reached the maximum number of storages per unit. When the storage destination is determined, the corresponding data block division data is transmitted from the data transmission unit 161 to the online storage 202 determined as the storage destination (step 357). As a data storage destination, for example, it is possible to select the one having the highest score from the online storage 202 that has not reached the maximum number. This completes the operation flow of data retransmission.

  Next, an operation when the online storage 202 becomes unusable due to operation stop or the like will be described with reference to FIG. FIG. 13 shows an outline of an operation flow when an unusable online storage 202 occurs in the information processing system of this embodiment.

  When a failure or operation stop occurs in the online storage 202, the operation monitoring unit 123 detects that the online storage 202 whose operation has stopped has occurred (step 361). When the operation monitoring unit 123 detects an operation stop, the storage location rearrangement unit 144 refers to the stored data management table and acquires the number and list of data block division data stored in the online storage 202 that has stopped operating. (Step 362). The storage location rearrangement unit 144 refers to the information in the divided data management table and extracts data block information corresponding to the data block divided data stored in the online storage 202 whose operation has stopped. The storage location rearrangement unit 144 reads the data block division data corresponding to the extracted data block from the other online storage 202 that is operating normally via the data reception unit 162 (step 364).

  When the data block division data is read, the data reconstruction unit 152 restores the data block from the data block division data (step 365). When the data block is restored, the data management apparatus 100 divides the data block into other normal online storages 202 by a normal method based on the restored data block (step 366). The data management apparatus 100 divides the restored data block by the operation from step 334 to step 344 and stores it in the online storage 202. This completes the operation when the online storage 202 becomes unusable due to operation stoppage or the like.

  Further, in the information processing system of this embodiment, when restoring backup data from data block division data stored in the online storage 202, it is performed as follows. A request for backup data is sent from the backup server 201 to the data management apparatus 100. When receiving a request for backup data, the data management device 100 refers to the stored data management table and reads the necessary data block division data from each online storage 202. When the reading of the data block division data 202 is completed, the data reconstruction unit 152 restores the data block according to the data correspondence information in the stored data management table. When the restoration of the data block is completed, the data reconstruction unit 152 restores the backup data based on the data block. The data management device 100 transmits the restored backup data to the backup server 201. With the above operation, the backup data is restored.

  Each function of the data management apparatus 100 of the present embodiment may be configured to be executed by a computer program that operates on an information processing apparatus such as a server. In such a configuration, the job management apparatus may be configured by a single information processing apparatus, or may be configured by connecting a plurality of information processing apparatuses via a line.

  In the information processing system of this embodiment, the data management apparatus 100 evaluates each online storage 200 and calculates a score, which is an evaluation score for each online storage 202. The data management apparatus 100 selects a storage device as a storage destination based on the evaluation result. In the information processing system according to the present embodiment, it is possible to maintain the information processing performance as the information processing system by scoring the online storage 202 and selecting a storage destination based on the score.

  The data management apparatus 100 of the information processing system according to this embodiment generates data block divided data by dividing a data block obtained by dividing backup data so as to satisfy redundancy. In addition, the data management apparatus 100 determines the storage destination so that all data block division data necessary for restoring the data block is not stored in the same online storage 202. Therefore, even if data leaks from one online storage 202, there is a low risk that the content of the information will be known to a third party and the confidentiality is high.

  In addition, since all necessary data block division data is not stored in the same online storage 202, it is possible to simplify encryption processing and the like for maintaining confidentiality. Thereby, in the information processing system of this embodiment, it may be possible to reduce the amount of processing when data is divided and maintain the processing speed.

  The data management apparatus 100 divides the data block so as to satisfy the redundancy, and a large number of data block divided data is stored in the online storage 202 with a high score, that is, the online storage 202 with high reliability. Therefore, even if one online storage 202 is stopped, there is a high possibility that data block division data necessary for data block restoration can be obtained from the other online storage 202. Therefore, the information processing system according to the present embodiment has high safety with low possibility that the backup data is lost or leaked to a third party. In addition, since the online storage 202 with a high score has a high processability, it is possible to maintain the processing performance by storing a large amount of data in the online storage 202 with a high score. As described above, in the information processing system of the present embodiment, it is possible to ensure high safety of data that has been backed up while maintaining information processing performance.

  In the second embodiment, data storage destination candidates to be backed up are selected from a plurality of online storages. Instead of such a configuration, all operable online storages connected via a network may be used as data storage destinations. Even when all operable online storages are used, each online storage is evaluated, and the number of data block division files stored in each online storage is determined based on the score. By adopting such a configuration, it is possible to maintain both performance and ensure data safety even in a small-scale information processing system using a small number of online storages.

  A part or all of the above-described embodiment can be described as in the following supplementary notes, but is not limited thereto.

(Appendix 1)
Storage device evaluation means for evaluating predetermined characteristics of a plurality of storage devices connected via a network;
Storage device selection means for selecting a storage destination of data to be backed up from the storage device based on an evaluation result of the predetermined characteristic;
Data dividing means for generating data as divided data by dividing the data to be backed up so as to satisfy redundancy;
A storage destination determining means for determining not to store all the divided data in the same storage device;
A data management apparatus comprising: data transmission means for writing the divided data into the storage device at the storage destination determined by the storage destination determination means.

(Appendix 2)
An allocation number calculating means for calculating the number of allocation of the divided data for each storage device based on the evaluation result of the predetermined characteristic;
The data dividing unit generates the divided data so as to satisfy a total number of numbers allocated to the storage device calculated by the allocation number calculating unit,
The data management apparatus according to appendix 1, wherein the storage destination determination unit determines the storage destination of the divided data according to the number allocated to each storage device calculated by the allocation number calculation unit.

(Appendix 3)
An operating state monitoring means for monitoring the operating state of the storage device;
When the operation state monitoring unit detects the stop of the operation of the storage device, the storage device selection unit does not select the storage device in which the operation stop is detected as a storage destination of the data to be backed up. The data management device according to Supplementary Note 1 or 2, which is characterized.

(Appendix 4)
Data receiving means for reading the divided data from the storage device;
Data division means for determining whether the divided data read by the data receiving means has not been altered since the data dividing means has written, and
When the data confirmation unit detects the modification of the divided data, the storage device selection unit does not select the storage device in which the divided data where the modification is detected is stored as a storage destination. The data management device according to any one of appendices 1 to 3.

(Appendix 5)
When the stop of the operation of the storage device or the modification of the divided data is detected,
The divided data necessary for restoring the data backed up by the data receiving means is read from the storage device, and after the restoration of the data, the data is again divided and stored in the storage device. The data management apparatus according to appendix 4.
(Appendix 6)
The data management device according to any one of appendices 1 to 5;
An information processing apparatus having transmission means for transmitting data to be backed up;
A plurality of storage devices,
The data management system divides the data to be backed up received from the information processing apparatus and stores the divided data in the storage device.
(Appendix 7)
A storage device evaluation process for evaluating predetermined characteristics of a plurality of storage devices connected via a network;
A storage device selection process for selecting a storage destination of data to be backed up from the storage device based on an evaluation result of the predetermined characteristic;
A data division process for dividing the data to be backed up so as to satisfy redundancy and generating it as divided data;
A storage destination determination process for determining not to store all the divided data in the same storage device;
A computer program for performing a data transmission process for writing each of the divided data to the storage device at the storage destination determined in the storage destination determination process.

(Appendix 8)
Further performing an allocation number calculation process for calculating the number of allocation of the divided data for each storage device based on the evaluation result of the predetermined characteristic,
In the data division processing, the divided data is generated so as to satisfy the total number of numbers allocated to the storage device calculated by the allocation number calculation means,
The computer program according to appendix 7, wherein in the storage destination determination process, the storage destination of the divided data is determined according to the number assigned to each storage device calculated in the allocation number calculation process.

(Appendix 9)
Further performing an operation state monitoring process for monitoring the operation state of the storage device,
When detecting the stop of the operation of the storage device in the operation state monitoring process, the storage device selection process does not select the storage device in which the stop of the operation is detected as a storage destination of the data to be backed up. 9. The computer program according to appendix 7 or 8, which is characterized.

(Appendix 10)
A data reception process for reading the divided data from the storage device;
Further performing a data confirmation process for determining whether the divided data read in the data reception process has not been altered since the data was written in the data division process;
In the data confirmation process, when the modification of the divided data is detected, the storage device selection process does not select the storage device in which the divided data where the modification is detected is stored as a storage destination. The computer program according to any one of appendices 7 to 9.

(Appendix 11)
When the stop of the operation of the storage device or the modification of the divided data is detected,
The divided data necessary for restoring the data that was backed up in the data reception process is read from the storage device, and after the data is restored, the data is again divided and stored in the storage device. The computer program according to appendix 10.

(Appendix 12)
Evaluate predetermined characteristics of multiple storage devices connected via a network,
Select a storage destination of data to be backed up from the storage device based on the evaluation result of the predetermined characteristic,
The data to be backed up is divided to satisfy redundancy and generated as divided data,
Determining not to store all the divided data in the same storage device;
A data management method, wherein each of the divided data is written into the storage device at the determined storage destination.

(Appendix 13)
The number of allocation of the divided data for each storage device is calculated based on the evaluation result of the predetermined characteristic,
The divided data is generated so as to satisfy the total number of the numbers assigned to the calculated storage device,
13. The data management method according to appendix 12, wherein a storage destination of the divided data is determined according to the calculated number assigned to each storage device.

(Appendix 14)
Monitoring the operating state of the storage device;
14. The data management method according to appendix 12 or 13, wherein when the operation stop of the storage device is detected, the storage device in which the operation stop is detected is not selected as a storage destination of the data to be backed up. .

(Appendix 15)
Read the divided data from the storage device,
Determine whether the divided data that has been read has not been altered since it was written,
15. The data management according to any one of appendices 12 to 14, wherein when the modification of the divided data is detected, the storage device in which the divided data in which the modification is detected is stored is not selected as a storage destination. Method.

(Appendix 16)
When the stop of the operation of the storage device or the modification of the divided data is detected,
Item 15. The supplementary note 15, wherein the divided data necessary for restoring the data that has been backed up is read from the storage device, and after the data is restored, the data is again divided and stored in the storage device. Data management method.

  INDUSTRIAL APPLICABILITY The present invention can be used in an information processing system that saves data that requires backup in an online storage.

DESCRIPTION OF SYMBOLS 11 Storage device evaluation means 12 Storage device selection means 13 Data division means 14 Storage destination determination means 15 Data transmission means 100 Data management device 110 Backup data transmission / reception part 120 Storage monitoring part 121 Data modification monitoring part 122 Performance monitoring part 123 Operation monitoring part 130 Storage management unit 131 Service management unit 132 Score calculation unit 140 Data management unit 141 Divided data management unit 142 Stored data management unit 143 Storage location determination unit 144 Storage location relocation unit 145 Redundancy confirmation unit 146 Retransmission determination unit 150 Data operation unit 151 Data division unit 152 Data reconstruction unit 160 Storage data operation unit 161 Data transmission unit 162 Data reception unit 163 Data confirmation unit 164 Data deletion unit 201 Backup server 202 Online storage 203 Internal Network 204 External Network 301-315 Operation Step of Data Management Device 321-330 Operation Step of Data Management Device 331-344 Operation Step of Data Management Device 351-357 Operation Step of Data Management Device 361-366 Operation of Data Management Device Step

Claims (8)

A plurality of storage devices connected via a network, a storage device evaluation means for calculating and evaluating a comprehensive evaluation score based on evaluation of characteristics of a plurality of items for each storage device;
Storage device selection means for selecting a plurality of storage destinations of data to be backed up from the storage device based on the overall evaluation point ;
An allocation number calculating unit configured to divide the number of divided data for each storage device, divide the overall evaluation score in a plurality of stages, and set the number of allocated storage devices to be higher as the storage device belongs to a higher level ,
A data dividing means for generating the data to be backed up, filled the total number of numbers to be allocated to the storage device the allocation number calculation means has calculated, as the divided data by dividing so as to satisfy a predetermined redundancy,
According to the number allocated for each storage device calculated by the allocation number calculation means, a confidentiality condition that does not store all of the divided data necessary for restoring the data in the same storage device, and a predetermined number of the storages The storage destination of the divided data so as to satisfy the redundancy condition of storing the data so that the data can be restored based on the divided data stored in the other storage device even if the apparatus stops operating A storage location determination means for determining
A data management device comprising: a data transmission unit that writes the divided data to the storage device at the storage destination determined by the storage destination determination unit. An operating state monitoring means for monitoring the operating state of the storage device;
When the operation state monitoring unit detects the stop of the operation of the storage device, the storage device selection unit does not select the storage device in which the operation stop is detected as a storage destination of the data to be backed up. The data management apparatus according to claim 1, wherein the data management apparatus is a data management apparatus. Data receiving means for reading the divided data from the storage device;
Data division means for determining whether the divided data read by the data receiving means has not been altered since the data dividing means has written, and
When the data confirmation unit detects the modification of the divided data, the storage device selection unit does not select the storage device in which the divided data where the modification is detected is stored as a storage destination. The data management device according to claim 1 or 2. When the stop of the operation of the storage device or the modification of the divided data is detected,
The divided data necessary for restoring the data backed up by the data receiving means is read from the storage device, and after the restoration of the data, the data is again divided and stored in the storage device. The data management apparatus according to claim 3. A data management device according to any one of claims 1 to 4,
An information processing apparatus having transmission means for transmitting data to be backed up;
A plurality of storage devices,
The data management system divides the data to be backed up received from the information processing apparatus and stores the divided data in the storage device. A storage device evaluation process for calculating and evaluating each of a plurality of storage devices connected via a network based on evaluation of characteristics of a plurality of items for each storage device;
  A storage device selection process for selecting a storage destination of data to be backed up from the storage device based on the overall evaluation score;
The number of allocation of divided data for each storage device is divided into a plurality of stages for the overall evaluation score, the storage device belonging to the higher overall evaluation score is set so that the number assigned is larger, and the backup is performed. A data dividing process for generating data as the divided data by dividing the data so as to satisfy a predetermined redundancy and satisfy the total number assigned to the calculated storage device;
According to the calculated number assigned to each storage device, the confidentiality condition that all of the divided data necessary for restoring the data is not stored in the same storage device, and a predetermined number of the storage devices stop operating. However, the storage destination determination for determining the storage destination of the divided data so as to satisfy the redundancy condition for storing the data so that the data can be restored based on the divided data stored in the other storage device. Processing,
A data transmission process for writing the divided data to the storage device at the storage destination determined in the storage destination determination process;
The computer program characterized by performing. Each of a plurality of storage devices connected via a network is evaluated by calculating a comprehensive evaluation score based on evaluation of characteristics of a plurality of items for each storage device,
Select a storage location of data to be backed up from the storage device based on the overall evaluation score,
The number of division data to be assigned to each storage device is set such that the overall evaluation score is divided into a plurality of stages, and the storage device belonging to the stage with the higher overall evaluation score is assigned a larger number.
The data to be backed up is generated as the divided data by satisfying a predetermined redundancy and dividing it so as to satisfy the total number of the numbers assigned to the calculated storage device,
According to the calculated number assigned to each storage device, the confidentiality condition that all of the divided data necessary for restoring the data is not stored in the same storage device, and a predetermined number of the storage devices stop operating. However, the storage location of the divided data is determined so as to satisfy the redundancy condition for storing the data so that the data can be restored based on the divided data stored in the other storage device,
A data management method, wherein each of the divided data is written into the storage device at the determined storage destination. Monitoring the operating state of the storage device;
8. The data management method according to claim 7, wherein when the stop of the operation of the storage device is detected, the storage device in which the stop of the operation is detected is not selected as a storage destination of the data to be backed up.

Images