[Fibre Channel] A three-byte field encoding the Destination_ID, that contains the address identifier of the destination Nx_Port.


[Services] Acronym for Data storage as a Service.


1. [Data Security] Acronym for Discretionary Access Control.

2. [Hardware] Acronym for Digital Analog Converter.


[Operating System] A process that is kept running on a computer system to service a particular set of requests.

By way of example, lpd is a daemon in UNIX that handles printing requests. Daemons are independent processes, and not part of an application program. Application requests may be serviced by a daemon.


[Storage System] Acronym for Direct Attached Storage.


[Computer System] The digital representation of anything in any form.

data at rest

[Data Security] Data stored on stable non-volatile storage. [ISO/IEC 27040].

data authentication

[Legal] The process of substantiating that the data is an accurate representation of what it purports to be. [SWGDE/ SWGIT Glossary]

data availability

[Storage System] The amount of time that data is accessible by applications during those time periods when it is expected to be available.

See availability, high availability.

data breach

[Data Security] A compromise of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to protected data transmitted, stored or otherwise processed. [ISO/IEC 27040]

data byte

[Network] [Storage System] A byte of user data as presented to a storage or communication facility.

See code byte, data character.

Data Center Bridging (DCB)

[Network] The suite of Ethernet protocol extensions defined for reliable storage transports such as FCoE.

DCB includes the following protocols: IEEE 802.1Qau (CN), IEEE 802.1Qaz (ETS and DCBX), and IEEE 802.1Qbb (PFC).

A data center bridge implements the above protocols and capabilities for use in the data center.

Data Center Bridging eXchange protocol (DCBX)

[Network] A DCB component for discovery and exchange of DCB information.

data character

[Fibre Channel] [Network] Any transmission character associated by the transmission code with a valid data byte.

data classification

[Data Management] An organization of data into groups for management purposes.

A frequent purpose of a classification scheme is to associate service level objectives with groups of data based on their value to the business.

data compression

[General] The process of encoding data to reduce its size.

Lossy compression (i.e., compression using a technique in which a portion of the original information is lost) is acceptable for some forms of data (e.g., digital images) in some applications, but for most IT applications, lossless compression (i.e., compression using a technique that preserves the entire content of the original data, and from which the original data can be reconstructed exactly) is required.

data deduplication

[Storage System] The replacement of multiple copies of data—at variable levels of granularity—with references to a shared copy in order to save storage space and/or bandwidth.

See also inline data deduplication, post-process data deduplication.

data deduplication ratio

[Storage System] A space reduction ratio that only includes the effects of data deduplication.

Data Encryption Standard (DES)

[Data Security] A cryptographic data protection algorithm published by the National Institute of Standards and Technology in Federal Information Processing Standard (FIPS) Publication 46.

This algorithm is obsolete.

data frame

[Fibre Channel] A frame containing information meant for FC-4 (ULP) or the link application.

data in flight

[Data Security] Synonym for data in motion.

data in motion

[Data Security] Data being transferred from one location to another.

data in transit

1. [Data Security] Synonym for data in motion.

2. [Legal] Data in motion across a jurisdictional boundary.

Jurisdictions (usually nation states) may have policies and enforcement points that determine whether data may cross their borders.

data in use

[Data Security] Data in the process of being created, retrieved, manipulated, updated, or deleted.    

data ingestion

[Data Management] A process for depositing data into a storage system.

data integrity

[Data Security] The property that data has not been altered or destroyed in an unauthorized manner [ISO 7498-2:1988].

[Data Management] The property that data has not been altered or destroyed, in an unintended manner, due to physical or logical events.

data lake

[Data management] A large repository for storing data in an unstructured way, in anticipation of future analytics.

This term originated in the big data community.

Data Lifecycle Management (DLM)

[Data Management] The policies, processes, practices, services and tools used to align the business value of data with the most appropriate and cost-effective storage infrastructure from the time data is created through its final disposition.

Data is aligned with business requirements through management policies and service levels associated with performance, availability, recoverability, cost, etc. DLM is a subset of ILM.

data management

[Management] The discipline and function of oversight and control of data resources.

data management services

[Data Management] A set of services that control of data from the time it is created until it no longer exists.

Data Management Services are not in the data path; rather, they provide control of, or utilize, data in the delivery of their services. This includes services such as data movement, data redundancy, and data deletion.

data manager

[File System] A computer program whose primary purpose is to present a convenient view of data to applications, and map that view to an internal representation on a system, subsystem or device.

File systems and database management systems are the most common forms of a data manager.

data model

[Data Management] A repository-specific representation of a data model.

A database representation of the CIM schemas is an example of a data model.

data optimization

[Storage System] The process of reducing the amount of storage space used to store ingested data, using capacity optimization methods.

data portability

[Data Communication] The ability to transfer data from one system to another without being required to recreate or reenter data descriptions.

data preservation

[Data Management] The processes of ensuring the fidelity and continued existence of stored data over a period of time.

data protection

[Data Management] The combination of data integrity, data availability, and confidentiality.

data reliability

[Data Management] The length of the statistically expected continuous span of time over which data stored by a population of identical storage subsystems can be correctly retrieved, expressed as Mean Time to Data Loss (MTDL).

data replication

[Storage System] Continuously maintaining a secondary copy of data—possibly at a remote site—from a primary volume for the purposes of providing high availability and redundancy.

Data replication is used for disaster recovery and business continuance, among other uses.

data repository

[Data Security] A central place of storage in which data is kept and maintained in an organized way.

data resource domain

[Management] The category of resources that exclusively encompass data services.

data retention

[Long Term Retention] Preserving the existence and integrity of data for some period of time or until certain events have transpired, or any combination of the two.

Retention requirements are expressed either as a time period, an event (e.g., the death of a patient), or a combination (e.g., 3 years after said death). Multiple requirements may be active, and some (e.g., judicial holds) may trump others.

data service

[Data Management] A set of functions that treat data without interpretation.

This treatment may, for example, involve copying, movement, security and/or protection, but not the actual storage of the data.

data shredding

[Data Management] A process for deleting data that is intended to make the data unrecoverable.

One such process consists of repeated overwrites of data on disk. Data shredding is not generally held to make data completely unrecoverable in the face of modern forensic techniques—that requires shredding of the disks themselves. Forensic techniques, however, do require physical access to the storage media.

Data storage as a Service (DSaaS)

[Services] Delivery of appropriately configured virtual storage and related data services over a network, based on a request for a given service level.

Typically, DSaaS hides limits to scalability, is either self-provisioned or provisionless and is billed based on consumption.

data stripe depth

[Storage System] Synonym for user data extent stripe depth.

data striping

[Storage System] A disk array data mapping technique in which fixed-length sequences of virtual disk data addresses are mapped to sequences of member disk addresses in a regular rotating pattern.

Disk striping is commonly called RAID Level 0 or RAID 0 because of its similarity to common RAID data mapping techniques. It includes no redundancy, however, so strictly speaking, the appellation RAID is a misnomer.

data transfer capacity

[Computer System] The maximum rate at which data can be transmitted.

Bandwidth is sometimes expressed in terms of signaling capacity and sometimes in terms of data transmission capacity inclusive of protocol overhead (e.g., Fibre Channel). See throughput, data transfer rate.

data transfer device

[SCSI] A removable media storage device in a library.

Examples are magnetic disk drives, cartridge tape drives, optical disk drives, and CD-ROM drives.

data transfer-intensive (application)

[Computer System] An I/O intensive application that makes large—usually sequential—I/O requests.

data transfer rate

[Computer System] The amount of data per unit time actually moved across an I/O interconnect in the course of executing an I/O load.

The data transfer capacity of an I/O subsystem is an upper bound on its data transfer rate for any I/O load. For disk subsystem I/O, data transfer rate is usually expressed in MBytes/second (millions of bytes per second, where 1 million = 106) or Gbits/second (billions of bits per second, where 1 billion = 109). See data transfer capacity.

Database Management System (DBMS)

[Database] An set of computer programs with a user and/or programming interface that supports the definition of the format of a database and the creation of and access to its data.

A database management system removes the need for a user or program to manage low level database storage. It also provides security for and assures the integrity of the data it contains. Types of database management systems are relational (table-oriented), network, hierarchical and object oriented.


[Fibre Channel] [Network] A message sent between two communicating entities for which no explicit link level acknowledgement is expected.

Datagrams are often said to be sent on a best effort basis.


[Database] Acronym for Database Management System.


[Network] Acronym for Data Center Bridging.


[Fibre Channel] Validity checking of received transmission characters and generation of valid data bytes and special codes from those characters.


[Data Security] The operations performed in converting encrypted information to plaintext with full knowledge of the algorithm and key(s) used to encrypt it.

Decryption is the intended method for an authorized user to decrypt encrypted information.

dedicated connection

[Fibre Channel] A communication circuit between two N_Ports maintained by a Fibre Channel fabric.

The port resources used by a dedicated connection cannot be used for other purposes during the life of the dedicated connection.

dedicated connection service

[Fibre Channel] Synonym for Class 1 service.


See data deduplication.


[Data Security] An information assurance strategy integrating people, technology, and operations capabilities to establish multiple security barriers across layers and dimensions of a protected system. [NIST SP 800-53]


1. [Data Security] A procedure that renders data unreadable by applying a strong magnetic field to the media.

2. [Data Security] Applying a degaussing procedure.

Degaussing is also called demagnetizing and erasure. Both of these terms are misleading, because in magnetic digital media the individual magnetic domains are not erased or demagnetized, but simply made to line up in the same direction, which eliminates any previous digital structure.

degraded mode

[Storage System] A mode of RAID array operation in which not all of the array’s member disks are functioning, but the array as a whole is able to respond to application read and write requests to its virtual disks.


[Fibre Channel] An ordered set used to indicate a frame boundary.

delta snapshot

[Data Recovery] A type of point in time copy that preserves the state of data at an instant in time, by storing only those blocks that are different from an already existing full copy of the data.

delta-based data deduplication

[Storage System] A method of performing data deduplication by storing or transmitting data in the form of differences from a baseline point in time copy.

See hash-based data deduplication.


[Network] Acronym for Directory Enabled Network.

Denial of Service (DoS)

[Data Security] Result of any action or series of actions that prevents any part of an information system from functioning.


[Data Security] Acronym for Data Encryption Standard.

This algorithm is obsolete.

Desktop Management Interface (DMI)

[Management] [Network] Initiative that became a precursor to the Distributed Management Task Force (DMTF).

destination identifier

[Fibre Channel] An address contained in a Fibre Channel frame that identifies the destination of the frame.

destination Nx_Port

[Fibre Channel] The Nx_Port to which a frame is addressed.


[Storage System] Synonym for storage device.

device bus
device I/O bus

[Storage System] Synonyms for I/O interconnect.

device channel

[Storage System] A channel used to connect storage devices to a host bus adapter or an intelligent controller.

The preferred term is I/O interconnect.

device fanout

[Storage System] The ability of a storage controller to connect host computers to multiple storage devices using a single host I/O interconnect address.

Device fanout allows computer systems to connect to substantially more storage devices than could be connected directly.


[Fibre Channel] Acronym for Destination Fabric_Identifier.


[Data Security] Acronym for Diffie-Hellman.


[Data Security] Acronym for Diffie-Hellman augmented Challenge Handshake Authentication Protocol.


[Network] Acronym for Dynamic Host Control Protocol.

differential incremental backup

[Data Recovery] A backup in which data objects modified since the last full backup or incremental backup are copied.

To restore data when differential incremental backups are in use, the newest full backup and all differential backups newer than the newest full backup are required. See cumulative incremental backup, full backup.

Differential Mirror Resynchronization (DMR)

Differential resynchronization

[Data Recovery] Synonyms for incremental mirror resynchronization.

differential (signaling)

[SCSI] A SCSI electrical signaling technique in which each control and data signal is represented by a voltage differential between two signal lines.

Differential signaling can be used over longer distances than the alternative single ended signaling. See single ended (signaling).

Differentiated Services

[Management] A protocol defined by the IETF for managing network traffic based on the type of packet or message being transmitted.

The Differentiated Services protocol is often abbreviated as DiffServ. DiffServ rules define how a packet flows through a network based on a 6 bit field (the Differentiated Services Code Point) in the IP header. The Differentiated Services Code Point specifies the "per hop behavior" (bandwidth, queuing and forward/drop status) for the packet or message.

Diffie-Hellman (DH)

[Data Security] A key agreement protocol that was developed by W. Diffie and M. E. Hellman in allowing two entities to exchange a secret key over an insecure medium without any prior secrets.

Diffie-Hellman augmented Challenge Handshake Authentication Protocol (DH-CHAP)

[Data Security] A password based Authentication and key management protocol that uses the CHAP algorithm (RFC 1994) augmented with an optional Diffie-Hellman algorithm.

DH-CHAP provides bidirectional and may provide unidirectional Authentication between a Fibre Channel Initiator and Responder. DH-CHAP is defined by Fibre Channel – Security Protocols - 2 (FC-SP-2).


[Management] Abbreviation for Differentiated Services.


[Data Security] A binary string of some fixed length derived by a computationally efficient function from a binary input string of arbitrary length.

A key feature of cryptographic digests is that given a digest, it is computationally infeasible to find another plaintext string that generates the same digest.

Digital Analog Converter (DAC)

[Hardware] A device that converts a discretely valued (digital) input to a continuously valued (analog) output.

digital archive

[Data Management] A storage repository or service used to secure, retain, and protect digital information and data for periods of time less than that of long-term data retention.

A digital archive can be an infrastructure component of a complete digital preservation service, but is not sufficient by itself to accomplish digital preservation, i.e., long-term data retention.

digital forensics

[Legal] The identification, collection, preservation and analysis of digital evidence for use in legal proceedings.

Digital Linear Tape (DLT)

[Data Recovery] A family of tape device and media technologies.

digital object auditing

[Long Term Retention] A methodology to verify and detect threats to the validity of digital preservation objects.

Digital object auditing is a process of routine periodic testing of stored digital objects, usually using cryptographic techniques, by comparing their previous signatures and time stamps to their current to verify that change, loss of access, or data loss has not occurred.

digital preservation

[Long Term Retention] Ensuring continued access to, and usability of, digital information and records, especially over long periods of time.

digital preservation object

[Long Term Retention] A collection of data, metadata and possibly other resources treated as a unit for digital preservation purposes.

A preservation object provides the functionality required to assure the future ability to use, secure, interpret, and verify authenticity of the metadata, information, and data in the container and is the foundational element for digital preservation of information and data.

digital preservation service

[Long-Term Retention] A service providing digital preservation.

A digital preservation service includes a comprehensive management and curation function that controls its supporting infrastructure, information, data, and storage services in accordance with the requirements of the information objects it manages to accomplish the goals of digital preservation.

digital signature

[Data Security] A cryptographically derived binary string used to assure information authenticity, integrity, and nonrepudiation.

Digital signatures can generally be externally verified by entities not in possession of the key used to sign the information. For example, a secure hash of the information encrypted with the originator's private key when an asymmetric cryptosystem is used. Some algorithms that are used in digital signatures cannot be used to encrypt data. (e.g., DSA).

Digital Signature Algorithm (DSA)

[Data Security] A subset of the Digital Signature Standard that represents a specific public key algorithm that is only used for digital signatures.

The secret key used in DSA operates on the message hash generated by SHA-1; to verify a signature, one recomputes the hash of the message, uses the public key to decrypt the signature and then compares the results.

This algorithm is obsolete.

Digital Signature Standard (DSS)

[Data Security] A standard for digital signature that is published by the National Institute of Standards and Technology (NIST) in Federal Information Processing Standard (FIPS) Publication 186-4.

DSS specifies DSA as the algorithm for digital signatures and SHA-x for hashing.


[Hardware] Acronym for Dual Inline Memory Module.

Direct Attached Storage (DAS)

[Storage System] One or more dedicated storage devices connected to one or more servers.

direct routing method

[SCSI] A method used by expanders to route connection requests to directly attached devices, including other expanders.


1. [File System] A mechanism for organizing information.

Directories are usually organized hierarchically. I.e., a directory may contain both information about files and objects, and other directories. They are used to organize collections of files and other objects for application or human convenience.

2. [File System] A file or other persistent data structure in a file system that contains information about other files.

3. [Management] An LDAP-based repository consisting of class definitions and instances of those classes.

Microsoft's Active Directory (AD) and Novell's NetWare Directory Service (NDS) are examples of enterprise-wide LDAP directories.

Directory Enabled Network (DEN)

[Management] [Network] An initiative of the DMTF to map the CIM schema to an LDAP Directory.

DEN's goals are to provide a consistent and standard data model to describe a network, its elements and its policies/rules. Policies are defined to provide quality of service or to manage to a specified class of service.

directory tree

[File System] A collective term for a directory, all of its files, and the directory trees of each of its subdirectories.

Disaster Recovery (DR)

[General] The recovery of data, access to data and associated processing through a comprehensive process of setting up a redundant site (equipment and work space) with recovery of operational data to continue business operations after a loss of use of all or part of a data center.

This involves not only an essential set of data but also an essential set of all the hardware and software to continue processing of that data and business. Any disaster recovery may involve some amount of down time.

discard policy

[Fibre Channel] An error handling policy that allows an N_Port or NL_Port to discard data frames received following detection of a missing frame in a sequence.


[Fibre Channel] The process of removing a dedicated connection between two N_Ports.


1. [Legal] Process by which each party obtains information held by another party or non-party concerning a matter.
[ISO/IEC 27050-1]

Discovery is applicable more broadly than to parties in adversarial disputes. Discovery is also the disclosure of hardcopy documents, Electronically Stored Information and tangible objects by an adverse party. In some jurisdictions the term disclosure is used interchangeably with discovery.

2. [Storage System] The process of finding devices attached to a storage infrastructure.

3. [Networking] The process of finding network interfaces in a networking infrastructure.

Discretionary Access Control (DAC)

[Data Security] A type of access control that allows a principal owning an object to grant or deny access to other principals.

disk drive

[Storage System] A non-volatile, randomly addressable, re-writable data storage device.

This definition includes rotating magnetic and optical disks and solid-state disks, or non-volatile electronic storage elements. It does not include specialized devices such as write-once-read-many (WORM) optical disks, nor does it include so-called RAM disks implemented using software to control a dedicated portion of a host computer's volatile random access memory.

disk array

[Storage System] A set of disks from one or more commonly accessible disk subsystems, combined with a body of control software.

The control software presents the disks' storage capacity to hosts as one or more virtual disks. Control software is often called firmware or microcode when it runs in a disk controller. Control software that runs in a host computer is usually called a volume manager.

disk array subsystem

[Storage System] A disk subsystem that includes control software with the capability to organize its disks as disk arrays.

disk block

[Storage System] The unit in which data is stored and retrieved on a fixed block architecture disk.

Disk blocks are of fixed usable size (with the most common being 512 bytes), and are usually numbered consecutively. Disk blocks are also the unit of on-disk protection against errors; whatever mechanism a disk employs to protect against data errors (e.g., ECC) protects individual blocks of data. See sector.

disk cache

1. [Storage System] A cache that resides within a disk.

2. [Storage System] A cache that resides in a controller or host whose primary purpose is to improve disk or array I/O performance. See cache, controller cache, host cache.

disk image backup

[Data Recovery] [Windows] A backup consisting of a copy of each of the blocks comprising a disk's usable storage area.

A disk image backup incorporates no information about the objects contained on the disk beyond what is stored in the image itself, and hence cannot always be used for individual object restoration.

disk scrubbing

[Storage System] A function that reads all of the user data and check data blocks in a RAID array and relocates them if media defects are found.

disk shadowing

[Storage System] Deprecated synonym for mirroring.

disk striping

[Storage System] Synonym for data striping.

disk subsystem

[Storage System] A storage subsystem that supports only disk devices.


[Fibre Channel] For a data stream using 8B/10B encoding, the difference between the number of ones and the number of zeros in a transmission character.


[Legal] Range of processes associated with implementing records retention, destruction or transfer decisions that are documented in disposition authorities or other instruments.
[ISO 30300:2011]

disposition policy

[Data Management] A policy that defines when lifecycle deletion should occur, and/or what actions to perform.

distributed FCF

[Fibre Channel] A set of FDFs associated with at least one controlling FCF that controls the operations of the set of FDFs.

Distributed Management Task Force (DMTF)

[Management] An industry organization that develops management standards for computer system and enterprise environments.

DMTF standards include WBEM, CIM, DMI, DEN and ARM. The DMTF has a web site at www.dmtf.org.

distributed switch

[Fibre Channel] A set of FCDFs associated with at least one controlling switch that controls the operations of the set of FCDFs.


[Data Management] Acronym for Data Lifecycle Management.


[Storage System] Acronym for Digital Linear Tape.


[Management] [Network] Acronym for Desktop Management Interface.


[Data Recovery] Acronym for Differential Mirror Resynchronization.


[Management] Acronym for Distributed Management Task Force.


[Network] Acronym for Domain Name Service.

Document Type Definition (DTD)

[Standards] In XML, a specification of the permissible tags or "markup codes" in a document, and their meanings.

XML tags are delimited by the characters, "<" and ">". When a DTD is available for a document, a universal reader (program) can parse the document and display or print it.


1. [General] A shared user authorization database that contains users, groups, and their security policies.

2. [Network] A set of interconnected network elements and addresses that are administered together and that may communicate.

3. [Fibre Channel] The highest level in a three-level addressing hierarchy used in the Fibre Channel address identifier. A domain typically is associated with a single Fibre Channel switch.

domain controller

1. [Windows] A Windows server that contains a copy of a user account database. A Windows domain may contain both primary and backup domain controllers.

2. [Fibre Channel] The control function accessible directly by an N_Port attached to a switch and also addressable in other domains using the Domain Controller address identifier of ""FF FC nn"" hex, where nn is the remote Domain Controller being accessed.

Domain Name Service (DNS)

[Network] A computer program that converts between IP addresses and symbolic names for nodes on a network in a standard way.

Most operating systems include a version of DNS. The service is defined by the IETF Standard RFCs 974, 1034, 1035, 1122, and 1123, and over a hundred subsequent RFCs that have not yet achieved full standard status.


[Data Security] Acronym for Denial of Service.

double buffering

[Computer System] A technique used to increase data transfer rate by constantly keeping two I/O requests for consecutively addressed data outstanding.

A software component begins a double-buffered I/O stream by making two I/O requests in rapid sequence. Thereafter, each time an I/O request completes, another is immediately made, leaving two outstanding. If a disk subsystem can process requests fast enough, double buffering allows data to be transferred at a disk or disk array's full volume transfer rate.


[General] Acronym for Disaster Recovery.


[Hardware] Acronym for Dynamic Random Access Memory.


[Storage System] Synonym for storage element (e.g., disk drive or tape drive).

drive letter

[Windows] A single letter of the alphabet by which applications and users identify a partition or physical or virtual disk to the Windows operating system.

driver software

[Computer System] Synonyms for I/O driver.


[Data Security] Acronym for Digital Signature Algorithm.


[Data Security] Acronym for Digital Signature Standard.


[General] Acronym for Document Type Definition.

dual active (components)

[Computer System] A pair of components, such as the controllers in a failure tolerant storage subsystem that share a task or class of tasks when both are functioning normally, but take on the entire task or tasks when one of the components fails.

Dual active controllers are connected to the same set of storage devices, and improve both I/O performance and failure tolerance compared to a single controller. Dual active components are also called active-active components.

Dual Inline Memory Module (DIMM)

[Hardware] A set of random access memory integrated circuits or chips mounted on a circuit board, providing a 64-bit or greater data path using connectors on both sides of a single edge.

dual parity

[Storage System] An extension of single parity RAID techniques in which parity data is stored in two independent locations.

Dual parity is applicable to multiple RAID levels (e.g., RAID 3, 4, and 5); the result is some form of RAID 6.

due care

[Data Security] The responsibility that managers and their organizations have a duty to provide for information security to ensure that the type of control, the cost of control, and the deployment of control are appropriate for the system being managed. [NIST SP 800-30]


1. [Data Management] A general term for a copy of a collection of data, including point in time copies.

2. [Data Management] The action of making a duplicate as defined above.

See replicate, snapshot.

3. [Data Management] Any redundant component in a system.

duplicate data

[Storage System] Data which is redundant with data that is already in a dataset or I/O stream.

Dynamic Host Control Protocol (DHCP)

[Network] An Internet protocol that allows nodes to dynamically acquire ("lease") network addresses for periods of time rather than having to pre-configure them.

DHCP greatly simplifies the administration of large networks, and networks in which nodes such as laptops frequently join and depart.

dynamic mapping

[Storage System] A form of mapping in which the correspondence between addresses in the two address spaces can change over time.

See algorithmic mapping, tabular mapping.

Dynamic Random Access Memory (DRAM)

[Hardware] Byte-addressable computer memory that requires periodic refreshing.