You are here
Online SNIA Dictionary
[Storage System]
Synonym for Cylinder-Head-Sector addressing.
[Data Security]
Acronym for Certificate Authority.
[Network]
All of an installation's passive communications elements (e.g., optical fiber, twisted pair, or coaxial cable, connectors, splices, etc.) between transmitters and receivers.
[Computer System]
1. To store data temporarily for expedited access.
2. The location in which data is stored temporarily.
There are a variety of cache types. Read cache holds data in anticipation that it will be requested. Write cache holds data written by a client until it can be stored on other (typically slower) storage media such as disk or tape. See buffer, disk cache, write back cache, write through cache.
[Storage System]
An enclosure for a single disk or tape.
Canisters are usually designed to mount in shelves that supply power, cooling, and I/O interconnect services to the devices. They are used to minimize RF emissions and to simplify insertion and removal of devices in multi-device storage subsystems. See shelf.
A hypothesis that it is impossible for a distributed system to provide Consistency, Availability, and Partition Tolerance guarantees at the same time.
See eventual consistency.
[Storage System]
Methods which reduce the consumption of space required to store a data set, such as compression, data deduplication, thin provisioning, and delta snapshots.
RAID 5 and 6 may also be considered as capacity optimizing methods, as they use less space than ordinary mirroring to perform a necessary function: protecting data from storage device failure.
[Storage System]
A system which employs at least one capacity optimization method.
[General]
The process of optimizing supply of a given resource to satisfy current and future demand for that resource.
Common methods used for capacity planning include tracking, trending, forecasting and scenario planning to predict future demand.
[Network]
A physical layer data transmission protocol used in Ethernet and fast Ethernet networks.
Carrier sense refers to arbitration for a shared link. Unlike "always on" physical protocols, carrier sense protocols require a node wishing to transmit to wait for the absence of carrier (indicating that another node is transmitting) on the link. Multiple access refers to the party line nature of the link. A large number of nodes (up to 500 in the case of Ethernet) share access to a single link. Collision detection refers to the possibility that two nodes will simultaneously sense absence of carrier and begin to transmit, interfering with each other. Nodes are required to detect this interference, and cease transmitting. In the case of Ethernet, each node detecting a collision is required to wait for a random interval before attempting to transmit again.
The process of connecting two or more Fibre Channel hubs or switches together to increase the number of ports or extend distances.
[Data Security]
Acronym for Cipher Block Chaining.
[Data Security]
Acronym for Common Criteria.
[SCSI]
Acronym for Command Descriptor Block.
[Standards]
Acronym for Cloud Data Management Interface.
[Data Recovery]
Acronym for Continuous Data Protection.
[Data Security]
A data structure signed with a digital signature that is based a public key and which asserts that the key belongs to a subject identified in the structure.
[Data Security]
In a Public Key Infrastructure (PKI), the authority and organization responsible for issuing and revoking user certificates, and ensuring compliance with the PKI policies and procedures.
The reputation of the certificate authority determines the trust that may be placed in the identity assurance provided by the certificates issued by the authority.
[Data Security]
A time-stamped list of certificates, signed by the issuing Certification Authority, that have been revoked by that CA.
The CRL is made available to entities that need to rely on a certificate for authentication.
[Legal]
A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time it was collected or transferred, and the purpose for the transfer. [NIST SP 800-72]
[Data Security]
A step in an authentication dialog that must be answered using either a secret or process assumed to be known only by the other party.
A challenge can be as simple as "What's your password?" or as complex as "Send me the result of a retinal scan of your right eye."
[Data Security]
A password-based authentication protocol that uses a challenge to verify that a user has access rights to a system.
A hash of the supplied password with the challenge is sent for comparison so the cleartext password is never sent over the connection.
[Storage System]
Deprecated synonym for delta snapshot.
[Storage System] [Computer System]
1. The electrical circuits that sense or cause the state changes in recording media and convert between those state changes and electrical signals that can be interpreted as data bits.
2. Synonym for I/O interconnect.
The term channel has other meanings in other branches of computer technology. The definitions given here are commonly used when discussing storage and networking. See device channel, I/O interconnect, host I/O bus.
[Computer System]
1. Synonym for byte.
2. A 10-bit information unit transmitted and received by FC-1, consisting of 8 bits of data encoded as a 10 bit transmission character using 8B/10B encoding
Some transmission characters used in FC-1 correspond to special codes and some 10 bit sequences represent invalid transmission characters.
[Computer System]
Synonym for Command Line Interface.
[Storage System]
Synonym for parity data.
[Data Recovery] [File System]
1. The recorded state of an application at an instant of time, including data, in-memory variables, program counter, and all other context that would be required to resume application execution from the recorded state.
2. An activity of a file system, such as the High Performance File System, (HPFS) or the Andrew File System (AFS), in which cached metadata (data about the structures of the file system) is periodically written to the file system's permanent store, allowing the file system to maintain consistency if an unexpected stop occurs.
[Data Security]
A value computed across a set of data, used to detect change.
A checksum is often used for error and manipulation detection.
[Storage System]
Deprecated synonym for stripe depth and strip size.
[iSCSI]
Acronym for Connection Identifier.
[File System]
Acronym for Common Internet File System.
[Management] [Network]
Acronym for Common Information Model.
[Data Security]
A cryptographic system where plaintext is rearranged through transposition and/or substitution under direction of a cryptographic key.
When a cipher is applied to plaintext to produce ciphertext, the process is called encryption. When the cipher is applied to ciphertext to produce plaintext, the process is called decryption.
[Data Security]
A block cipher mode of operation, in which each block of plaintext is XORed with the previous ciphertext block before being encrypted, making each ciphertext block dependent on all preceding plaintext blocks.
[Data Security]
A named combination of a key exchange algorithm (for authentication), a bulk encryption algorithm, a message authentication code (MAC) algorithm, and a pseudorandom function (PRF) that may be negotiated and used to establish the security settings for a network connection using the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) network protocol.
[Network]
Synonym for communication circuit.
[Data Communication]
[Storage System]
Synonym for Count-Key-Data disk architecture.
A connection-oriented class of Fibre Channel communication service in which the entire bandwidth of the link between two ports is dedicated for communication between the ports and not used for other purposes.
Class 1 is also known as dedicated connection service, and is not widely implemented. See intermix.
A connectionless Fibre Channel communication service which multiplexes frames from one or more N-Ports or NL-Ports.
Class 2 frames are explicitly acknowledged by the receiver, and notification of delivery failure is provided. This class of service includes end to end flow control.
A connectionless Fibre Channel communication service that multiplexes frames to or from one or more N-Ports or NL-Ports.
Class 3 frames are datagrams, that is they are not explicitly acknowledged, and delivery is on a "best effort" basis.
[Network]
1. A mechanism for managing traffic in a network by specifying message or packet priority or delivery acknowledgement.
Network mechanisms include identification and grouping of data packets based on a priority label (in the packet header) or via mechanisms such as "per hop behavior", defined by the IETF's Differentiated Services.
2. The characteristics and guarantees of the transport layer of a Fibre Channel circuit.
Fibre Channel classes of service include connection-based services (Class 1), acknowledged frame delivery with end to end flow control (Class 2), and packetized frame datagrams (Class 3). Different classes of service may simultaneously exist in a fabric. The form and reliability of delivery in Class 3 circuits may vary with the topology.
[Data Security]
Alternative term for plaintext. Stating that data is in cleartext implies that the data is not scrambled or rearranged, and is in its raw form.
[Computer System]
Acronym for Command Line Interface.
[Computer System] [General]
1. An intelligent device or system that requests services from other intelligent devices, systems, or appliances.
See server.
2. An asymmetric relationship with a second party (a server) in which the client initiates requests and the server responds to those requests.
[Capacity Optimization]
Deprecated synonym for source data deduplication.
[Data Management]
Synonym for snapshot.
Clones and snapshots are full copies. See delta snapshot.
[Cloud]
A party trusted conduct independent assessment of cloud services, information system operations, performance and information security of the cloud implementation.
[Cloud]
An intermediary that provides connectivity and transport of cloud services between cloud providers and cloud consumers.
[Cloud]
A person or organization that uses cloud services.
[Standards]
A SNIA Architecture standard for Data storage as a Service (DaaS).
CDMI is an interface for both the data path and the control path of cloud storage.
CDMI can also be used to manage storage in Cloud Computing deployments.
[Data Management]
A cloud-based offering providing a digital archive service.
[Cloud]
A set of data processing components that can be automatically provisioned by consumers, accessed over a network and that provide secure multitenancy.
[Cloud]
An entity responsible for making cloud services available to cloud consumers. [ISO/IEC 17788].
[Cloud]
Systematic evaluation of a cloud system by assessing how well it conforms to a set of established security criteria.
[Cloud]
A function useful to a cloud consumer provided by a cloud provider.
[Services]
Synonym for Data storage as a Service.
[Computer System]
A collection of computers that are interconnected (typically at high speeds) for the purpose of improving reliability, availability, serviceability, load balancing and/or performance.
Often, clustered computers have access to a common pool of storage, and run special software to coordinate the component computers' activities.
[Management] [Network]
Acronym for Common Management Information Protocol.
[Network]
An electrical transmission medium consisting of two concentric conductors separated by a dielectric material with the spacings and material arranged to give a specified electrical impedance.
See triaxial cable.
[Computer System]
A bit (binary digit) of an encoded datum.
Sequences of code bits make up symbols, each of which corresponds to a data element (word, byte, or other unit).
[Computer System]
A byte of an encoded datum.
Sometimes called a symbol. Code bytes are the output of encoding or encryption processes. In communication theory contexts, a code byte is often referred to as a code word. See data byte.
The error condition that occurs when a received transmission character cannot be decoded into a valid data byte or special code using the validity checking rules specified by the transmission code.
[Data Recovery]
Synonym for offline backup.
See hot backup, online backup.
[Data Management]
Data that is accessed infrequently.
[Data Management]
Data storage device, system, or service used to store cold data at a cost that is at least an order of magnitude less than the cost of primary storage.
Cold Storage features large capacity, energy saving and long-term data preservation, in order to achieve low-cost rather than performance.
[Computer System]
The substitution of a replacement unit (RU) in a system for a defective one, where external power must be removed from the system in order to perform the substitution.
A cold swap is a physical substitution as well as a functional one. See automatic swap, hot swap, warm swap.
In an encoded data stream using 8B/10B encoding, either of the seven bit sequences 0011111 or 1100000.
[SCSI]
A sequence of bytes that defines a single SCSI command sent to a SCSI target.
A CDB may have a fixed length of up to 16 bytes or a variable length of between 12 and 260 bytes. A CDB may specify a logical block address; contrast with C-H-S addressing.
[Computer System]
A form of human interface to intelligent devices characterized by non-directive prompting and character string user input.
CLIs are used by system consoles and remote shell sessions (RSH, SSH). They are very useful for scripting and other administrative purposes, but are usually perceived by end users to be more difficult to comprehend and use than graphical user interfaces (GUIs).
[SCSI]
The application of security techniques such as authentication, integrity checking and encryption to individual SCSI commands.
[Storage System]
Data that has been written to stable storage.
[Data Security]
A multi-part International Standard that is meant to be used as the basis for evaluation of security properties of IT products and systems.
The CC is specified in ISO/IEC 15408-1:1999, ISO/IEC 15408-2:1999, and ISO/IEC 15408-3:1999.
[Data Management] [Network]
An object oriented description of the entities and relationships in a business' management environment maintained by the Distributed Management Task Force.
CIM is divided into a Core Model and Common Models. The Core Model addresses high-level concepts (such as systems and devices), as well as fundamental relationships (such as dependencies). The Common Models describe specific problem domains such as computer system, network, user or device management. The Common Models are subclasses of the Core Model and may also be subclasses of each other.
[Network]
A network file system access protocol primarily used by Windows clients to communicate file access requests to Windows servers.
CIFS was originally called Server Message Block (SMB). Today, other implementations of the CIFS protocol allow other clients and servers to use it for intercommunication and interoperation with Microsoft operating systems.
[Management]
An OASIS standard language used to define a model over which an OData service acts.
[Network]
1. A bidirectional path for message exchange within a Fibre Channel fabric.
2. A specific logical or physical path between two points over which communications occur.
[Network] [Data Security]
Protection of information while it's being transmitted, particularly via telecommunications.
A particular focus of communications security is message authenticity. Communications security may include cryptography, transmission security, emission security, and physical security.
[Cloud]
A cloud infrastructure shared by several organizations and supporting a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).
[Data Security]
A way - also known as a band-aid - of mitigating a known risk where it may not be feasible to deploy specific technical enablement.
[Storage System]
A disk array whose control software protects and maps data according to more complex algorithms than those of the Berkeley RAID Levels.
The most common complex arrays are multi-level disk arrays, which perform more than one level of data address mapping, and adaptive arrays, which are capable of changing data address mapping dynamically.
[General] [Legal]
1. The state of being in accordance with a standard, specification, or clearly defined requirements.
2. The state of being in accordance with legal requirements.
The "compliance market" is centered around storage and systems that support the retention and discovery of data as required by law or regulation.
[Data Communication]
A test pattern for jitter testing.
[General]
Synonym for data compression.
[Storage System]
A space reduction ratio that only includes the effects of compression.
[Data Security]
An incident that subjects data to unauthorized disclosure, modification, destruction, or loss.
[Computer System]
Architectures that provide Computational Storage Services coupled to storage, offloading host processing or reducing data movement.
These architectures enable improvements in application performance and/or infrastructure efficiency through the integration of compute resources (outside of the traditional compute & memory architecture) either directly with storage or between the host and the storage. The goal of these architectures is to enable parallel computation and/or to alleviate constraints on existing compute, memory, storage, and I/O.
[Computer System]
A collection of Computational Storage Devices, control software, and optional storage devices.
[Computer System]
A Computational Storage Drive, Computational Storage Processor, or Computational Storage Array.
[Computer System]
A storage element that provides Computational Storage Services and persistent data storage.
[Computer System]
A component that provides Computational Storage Services for an associated storage system without providing persistent data storage.
[Computer System]
A data service or information service that performs computation on data where the service and the data are associated with a storage device.
The Computational Storage Service may be a Fixed Computational Storage Service or a Programmable Computational Storage Service.
[Computer System]
Software that enables a single server hardware platform to support multiple concurrent instances of an operating system and applications.
[Data Security]
Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated.
[Network] [Storage System]
A logical joining of two series of data, usually represented by the symbol "|".
In data communications, two or more datums are often concatenated to provide a unique name or reference (e.g., S-ID | X-ID). Volume managers concatenate disk address spaces to present a single larger address spaces.
[Computer System]
The property of overlapping in time, often in reference to the execution of I/O operations or I/O requests.
[Storage System]
A hybrid point in time copy mechanism which creates a split mirror copy by copying blocks from the source as they are requested by the host, while copying so-far unrequested blocks in the background until the mirror is complete.
A concurrent copy initially occupies at least the amount of storage required to hold accessed blocks and grows to occupy as much storage as the copy source.
[Computer System]
Operations that overlap in time.
The concept of concurrent I/O operations is central to the use of independent access arrays in throughput-intensive applications.
[General]
The processing of a signal for the purpose of making it conform more closely to an ideal.
Power conditioning is used to minimize voltage and frequency variations in an external power. Signal conditioning is used to reduce noise in logic or data signals.
[Data Security]
The property that data cannot be accessed by unauthorized parties.
Confidentiality may be created by the use of encryption or access controls.
[Storage System]
1. The process of installing or removing hardware or software components required for a system or subsystem to function.
2. Assignment of the operating parameters of a system, subsystem or device, such as designating a disk array's member disks or extents and parameters such as stripe depth, RAID model, cache allowance, etc.
3. The collection of a system's hardware and software components and operating parameters. See array configuration, physical configuration.
[General]
The management of system features and behaviors through the control of changes made to hardware, software, firmware documentation and related resources throughout the life cycle of an information system.
[iSCSI]
An identifier generated by the initiator and sent to the target upon logging in or out, that uniquely identifies each connection within a session.
An N-Port that initiates a Class 1 connection with a destination N_Port through a connect-request and which receives a valid response from the destination N_Port to establish the connection.
An N-Port that receives a Class 1 connect-request from a connection initiator and accepts the connection request by transmitting a valid response.
A receive buffer used in a connectionless service that is capable of receiving connectionless frames.
Communication between two N_Ports or NL_Ports without a dedicated connection.
[Storage System]
A collection of replication sets grouped together to ensure write order consistency across all the replication sets' primary volumes.
An operation on a consistency group, such as changing replication from asynchronous to synchronous, applies to all the replication sets within the consistency group, and consequently their volumes.
[Storage System] [File System]
1. A volume that satisfies the consistency criteria of the system on which it is hosted.
2. In LTFS, a volume in which all partitions are complete, and the last LTFS Index in the Index Partition has a back pointer to the last LTFS Index in the Data Partition.
If an LTFS volume is not consistent, some form of recovery may be necessary.
[Computer System]
1. A device for graphical or textual visual output from a computer system.
2. In systems, network and device management, an application that provides graphical and textual feedback regarding operation and status, and that may accept operator commands and input influencing operation and status.
Sophisticated consoles designed for the management of many systems from one location are sometimes called enterprise management consoles.
[Storage System]
A data deduplication method that does not require awareness of specific application data formats.
[Storage System]
A data deduplication method that leverages knowledge of specific application data formats.
[Data Recovery]
A class of mechanisms that continuously capture or track data modifications enabling recovery to previous points in time.
A transmission control algorithm in which the frames containing the subblocks that comprise a block of information are transmitted strictly in the order of the subblocks.
Continuously increasing relative offset offers simpler reassembly and detection of lost frames compared to random relative offset.
[Storage System]
A body of software that provides common control and management for one or more disk arrays or tape arrays.
Control software presents the arrays of disks or tapes it controls to its operating environment as one or more virtual disks or tapes. Control software may execute in a disk controller or intelligent host bus adapter, or in a host computer. When it executes in a disk controller or adapter, control software is often referred to as firmware.
[Storage System] [Management]
1. The control logic in a disk or tape that performs command decoding and execution, host data transfer, serialization and deserialization of data, error detection and correction, and overall management of device operations.
2. The control logic in a storage subsystem that performs command transformation and routing, aggregation (RAID, mirroring, striping, or other), high-level error recovery, and performance optimization for multiple storage devices.
[Storage System]
A disk array whose control software executes in a disk subsystem controller.
[Storage System]
A cache that resides within a controller and whose primary purpose is to improve disk or array I/O performance.
See cache, disk cache, host cache.
A controlling switch that supports lossless Ethernet MACs.
A switch able to control a set of FCDFs in order to create a distributed switch.
[Computer System]
The pooling of compute, storage, and networking resources using either common management tools or common (shared) physical resources.
[Storage System] [Backup]
A technique for maintaining a point in time copy of a collection of data by copying only data that is modified after the instant of replicate initiation; the original source data is used to satisfy read requests for both the source data itself and for the unmodified portion of the point in time copy.
See pointer remapping.
[Storage System]
The replacement of a properly functioning array member by another disk, including copying of the member's contents to the replacing disk.
Copyback, which is most often used to create or restore a particular physical configuration for an array (e.g., a particular arrangement of array members on device I/O interconnects), is accomplished without reduction of the array.
A set of entities with the same Core Switch_Name that may host multiple Virtual Switches.
A Core Switch may be a set of ports in a physical chassis, or in multiple physical chassis.
An N-Port-Name associated with the Physical N-Port of a VFT Tagging N-Port, and not with any other FC-Port within the scope of its Name_Identifier format.
In a Virtual Fabric capable Switch, the Switch-Name identifying the Core Switch.
[Storage System]
A disk data organization model in which the disk is assumed to consist of a fixed number of tracks, each having a maximum data capacity.
Multiple records of varying length may be written on each track of a Count-Key-Data disk, and the usable capacity of each track depends on the number of records written to it. The CKD architecture derives its name from the record format, which consists of a field containing the number of bytes in the key and data fields and a record address, an optional key field by which particular records can be easily recognized, and the data itself. CKD is the storage architecture used by IBM Corporation's System 390 series of mainframe computer systems. See fixed block architecture.
[Data Security]
Any action, device, procedure, technique, or other measure that reduces the vulnerability of or threat to a system.
[Data Security]
An unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates a security policy.
[Computer System]
Acronym for Copy On Write.
[Data Communication] [Storage System]
Acronym for Cyclic Redundancy Check.
[Data Security]
Information, passed from one entity to another, used to establish the sending entity's identity and/or access rights.
1. The number of receive buffers allocated to a transmitting N-Port, NL-Port, or F-Port.
2. For links using buffer to buffer flow control, the number of receive buffers allocated to a transmitting N-Port, NL-Port, or F-Port.
The credit is the maximum number of outstanding frames that can be transmitted by that N-Port, NL-Port, or F-Port without causing a buffer overrun condition at the receiver.
[Data Security]
Acronym for Certificate Revocation List.
[General]
Acronym for Customer Replaceable Unit.
[Data Security]
A set of operations performed in converting encrypted information to plaintext without initial knowledge of the algorithm and/or key employed in the encryption.
[Data Security]
An algorithm whose outputs have cryptanalytic security properties with respect to its inputs, or vice versa.
[Data Security]
Method of sanitization in which the encryption key for the encrypted target data is sanitized, making recovery of the decrypted target data infeasible. [ISO/IEC 27040]
[Data Security]
A method for rendering encrypted data unrecoverable by securely deleting the keying material required to decrypt the data.
The encrypted data itself is not modified. The protection offered by cryptographic erasure is bounded by the work factor involved in discovering the decryption key or mounting a cryptanalytic attack on the encryption algorithm itself.
[Data Security]
A function that maps plaintext strings of any length to bit strings of fixed length, such that it is computationally infeasible to find correlations between inputs and outputs, and such that given one part of the output, but not the input, it is computationally infeasible to predict any bit of the remaining output.
Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. The output from a cryptographic hash function is known as a message digest or hash value.
[Data Security]
The principles, means and methods for rendering information unintelligible, and for restoring encrypted information to intelligible form.
[Data Security]
The time span during which a specific key is authorized for use or in which the keys for a given system or application may remain in effect. [NIST SP 800-57 Part 1]
[Data Security]
A system for encrypting and decrypting data.
[Management]
Shorthand for Common Schema Definition Language.
[Network]
Acronym for Carrier Sense Multiple Access with Collision Detection.
[Data Recovery]
A backup in which all data objects modified since the last full backup are copied.
To restore data when cumulative incremental backups are in use, only the latest full backup and the latest cumulative incremental backup are required. See differential incremental backup, full backup.
The running disparity present at a transmitter when the encoding of a valid data byte or special code is initiated, or at a receiver when the decoding of a transmission character is initiated.
[General]
A unit, or component of a system that is designed to be replaced by "customers;" i.e., individuals who may not be trained as computer system service personnel.
A switching technique that allows a routing decision to be made and acted upon as soon as the destination address of a frame is received.
[Data Communication] [Storage System]
A scheme for checking the integrity of data that has been transmitted or stored and retrieved.
A CRC consists of a fixed number of bits computed as a function of the data to be protected, and appended to the data. When the data is read or received, the function is recomputed, and the result is compared to that appended to the data. Cyclic redundancy checks differ from error correcting codes in that they can detect a wide range of errors, but are not capable of correcting them. See error correcting code.
[Storage System]
A form of addressing data stored on a disk in which the cylinder, head/platter combination, and relative sector number on a track are specified.
See block addressing.
Advancing Storage and Information Technology
Explore, discover, share, and meet other like-minded industry members. Get ahead, stay ahead, and create industry curves. Become a SNIA member today!