You are here
Online SNIA Dictionary
[Storage System]
Acronym for Cylinder-Head-Sector addressing.
[Data Security]
Acronym for Certificate Authority.
[Network]
All of an installation's passive communications elements (e.g., optical fiber, twisted pair, coaxial cable, connectors, splices, etc.) between transmitters and receivers.
[Computer System]
1. To store data temporarily for expedited access.
2. The location in which data is stored temporarily for expedited access.
There are a variety of cache types. Read cache holds data in anticipation that it will be requested. Write cache holds data written by a client until it can be stored on other (typically slower) storage media such as disk or tape. See buffer, disk cache, write back cache, write through cache.
[Storage System]
An enclosure for one or more storage devices.
A canister is usually designed to mount in a shelf or other enclosure that supplies power, cooling, and I/O interconnect services. It is used to minimize RF emissions and to simplify insertion and removal in multi-device storage subsystems. See shelf.
A hypothesis that it is impossible for a distributed system to provide Consistency, Availability, and Partition Tolerance guarantees at the same time.
See eventual consistency.
[Storage System]
Methods which reduce the consumption of space required to store a data set, such as compression, data deduplication, thin provisioning, and delta snapshots.
RAID 5 and RAID 6 may also be considered as capacity optimizing methods, as they use less space than ordinary mirroring to perform a necessary function: protecting data from storage device failure.
[Storage System]
A system which employs at least one capacity optimization method.
[General]
The process of optimizing supply of a given resource to satisfy current and future demand for that resource.
Common methods used for capacity planning include tracking, trending, forecasting and scenario planning to predict future demand.
[Data Recovery]
A library or a component of a library in which the media are stored in and selected from a rotating assembly.
The process of connecting two or more hubs or switches together to increase the number of ports or extend distances.
[Data Security]
Acronym for Cipher Block Chaining.
[Data Security]
Acronym for Common Criteria.
[SCSI]
Acronym for Command Descriptor Block.
[Standards]
Acronym for Cloud Data Management Interface.
[Data Recovery]
Acronym for Continuous Data Protection.
[Data Security]
A data structure signed with a digital signature that is based on a public key and which asserts that the key belongs to a subject identified in the structure.
[Data Security]
In a Public Key Infrastructure (PKI), the authority and organization responsible for issuing and revoking user certificates, and ensuring compliance with the PKI policies and procedures.
The reputation of the certificate authority determines the trust that may be placed in the identity assurance provided by the certificates issued by the authority.
[Data Security]
A time-stamped list of certificates, signed by the issuing Certification Authority, that have been revoked by that CA.
The CRL is made available to entities that need to rely on a certificate for authentication.
[Legal]
A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time it was collected or transferred, and the purpose for the transfer. [NIST SP 800-72]
[Data Security]
A step in an authentication dialog that must be answered using either a secret or process assumed to be known only by the other party.
A challenge can be as simple as "What's your password?" or as complex as "Send me the result of a retinal scan of your right eye."
[Data Security]
A password-based authentication protocol that uses a challenge to verify that a user has access rights to a system.
A hash of the supplied password with the challenge is sent for comparison so the cleartext password is never sent over the connection.
[Storage System] [Computer System]
1. The electrical circuits that sense or cause the state changes in recording media and convert between those state changes and electrical signals that can be interpreted as data bits.
2. Synonym for I/O interconnect.
The term channel has other meanings in other branches of computer technology. The definitions given here are commonly used when discussing storage and networking. See device channel, I/O interconnect, host I/O bus.
[Computer System]
A 10-bit information unit transmitted and received certain protocols, consisting of 8 bits of data encoded as a 10 bit transmission character using 8B/10B encoding
[Data Recovery] [File System]
1. [Data Recovery] (noun) The recorded state of an application at an instant of time, including data, in-memory variables, program counter, and all other context that would be required to resume application execution from the recorded state.
2. [File System] (verb) An activity of a file system, such as the High Performance File System, (HPFS) or the Andrew File System (AFS), in which cached metadata (data about the structures of the file system) is periodically written to the file system's permanent store, allowing the file system to maintain consistency if an unexpected stop occurs.
[Data Security]
A value computed across a set of data, used to detect change.
A checksum is often used for error and manipulation detection.
[iSCSI]
Acronym for Connection Identifier.
[File System]
Acronym for Common Internet File System.
[Management]
Acronym for Common Information Model.
[Data Security]
A cryptographic system where plaintext is rearranged through transposition and/or substitution under direction of a cryptographic key.
When a cipher is applied to plaintext to produce ciphertext, the process is called encryption. When the cipher is applied to ciphertext to produce plaintext, the process is called decryption.
[Data Security]
A block cipher mode of operation, in which each block of plaintext is XORed with the previous ciphertext block before being encrypted, making each ciphertext block dependent on all preceding plaintext blocks.
[Data Security]
A named combination of a key exchange algorithm (for authentication), a bulk encryption algorithm, a message authentication code (MAC) algorithm, and a pseudorandom function (PRF) that may be negotiated and used to establish the security settings for a network connection using the Transport Layer Security (TLS) or Secure Sockets Layer (SSL) network protocol.
[Storage System]
Acronym for Count-Key-Data.
[Fibre Channel]
A connection-oriented class of Fibre Channel communication service in which the entire data transfer rate of the link between two ports is dedicated for communication between the ports and not used for other purposes.
Class 1 is also known as dedicated connection service, and is not widely implemented. See intermix.
[Fibre Channel]
A connectionless Fibre Channel communication service which multiplexes frames from one or more N-Ports or NL-Ports.
Class 2 frames are explicitly acknowledged by the receiver, and notification of delivery failure is provided. This class of service includes end to end flow control.
[Fibre Channel]
A connectionless Fibre Channel communication service that multiplexes frames to or from one or more N-Ports or NL-Ports.
Class 3 frames are datagrams, that is they are not explicitly acknowledged, and delivery is on a "best effort" basis.
[Network] [Fibre Channel]
1. [Network] A mechanism for managing traffic in a network by specifying message or packet priority or delivery acknowledgement.
Network mechanisms include identification and grouping of data packets based on a priority label (in the packet header) or via mechanisms such as "per hop behavior", defined by the IETF's Differentiated Services.
2. [Fibre Channel] The characteristics and guarantees of the transport layer of a Fibre Channel network.
Fibre Channel classes of service include connection-based services (Class 1), acknowledged frame delivery with end to end flow control (Class 2), and packetized frame datagrams (Class 3). Different classes of service may simultaneously exist in a fabric. The form and reliability of delivery in Class 3 circuits may vary with the topology.
[Data Security]
Alternative term for plaintext. Stating that data is in cleartext implies that the data is not scrambled or rearranged, and is in its raw form.
[Computer System]
Acronym for Command Line Interface.
[Computer System] [General]
1. An intelligent device or system that requests services from other intelligent devices, systems, or appliances.
See server.
2. An asymmetric relationship with a second party (a server) in which the client initiates requests and the server responds to those requests.
[Data Management]
Synonym for snapshot.
Clones and snapshots are full copies. See delta snapshot.
[Cloud]
A party trusted conduct independent assessment of cloud services, information system operations, performance and information security of the cloud implementation. [ISO/IEC 17788]
[Cloud]
An intermediary that provides connectivity and transport of cloud services between cloud providers and cloud consumers. [ISO/IEC 17788]
[Cloud]
A person or organization that uses cloud services. [ISO/IEC 17788]
[Cloud] [Standards]
[Standards] A SNIA Technical Position for Data storage as a Service (DaaS).
[Cloud] CDMI is an interface for both the data path and the control path of cloud storage. CDMI can also be used to manage storage in Cloud Computing deployments.
[Cloud]
A set of data processing components that can be automatically provisioned by consumers, accessed over a network and that provide secure multitenancy. [ISO/IEC 17788]
[Cloud]
An entity responsible for making cloud services available to cloud consumers. [ISO/IEC 17788].
[Cloud] [Data Security]
Systematic evaluation of a cloud system by assessing how well it conforms to a set of established security criteria. [ISO/IEC 17788]
[Cloud]
A function useful to a cloud consumer provided by a cloud provider. [ISO/IEC 17788]
[Services]
Synonym for Data storage as a Service. [ISO/IEC 17788]
[Computer System]
A collection of computers that are interconnected (typically at high speeds) for the purpose of improving reliability, availability, serviceability, load balancing and/or performance.
Often, clustered computers have access to a common pool of storage and run special software to coordinate the component computers' activities.
[Management] [Network]
Acronym for Common Management Information Protocol.
[Computer System]
A bit (binary digit) of an encoded datum.
Sequences of code bits make up symbols, each of which corresponds to a data element (word, byte, or other unit). For an example see 8b/10b encoding.
[Fibre Channel]
The error condition that occurs when a received transmission character cannot be decoded into a valid data byte or special code using the validity checking rules specified by the transmission code.
[Data Recovery]
Synonym for offline backup.
See hot backup, online backup.
[Data Management]
Data that is accessed infrequently.
[Data Management]
Data storage device, system, or service used to store cold data at a cost that is at least an order of magnitude less than the cost of primary storage.
Cold Storage features large capacity, energy saving and long-term data preservation, in order to achieve low-cost rather than performance.
[Computer System]
The substitution of a replacement unit (RU) in a system for a defective one, where external power must be removed from the system in order to perform the substitution.
A cold swap is a physical substitution as well as a functional one. See automatic swap, hot swap, warm swap.
[Computer System]
A form of human interface to intelligent devices characterized by non-directive prompting and character string user input.
CLIs are used by system consoles and remote shell sessions (RSH, SSH). They are very useful for scripting and other administrative purposes.
[Storage System]
Data that has been written to stable storage.
[Data Security]
A multi-part International Standard that is meant to be used as the basis for evaluation of security properties of IT products and systems.
The CC is specified in ISO/IEC 15408-1:1999, ISO/IEC 15408-2:1999, and ISO/IEC 15408-3:1999.
[Data Management] [Network]
An object oriented description of the entities and relationships in a business' management environment maintained by the Distributed Management Task Force.
CIM is divided into a Core Model and Common Models. The Core Model addresses high-level concepts (such as systems and devices), as well as fundamental relationships (such as dependencies). The Common Models describe specific problem domains such as computer system, network, user or device management. The Common Models are subclasses of the Core Model and may also be subclasses of each other.
[Management]
An OASIS standard language used to define a model over which an OData service acts.
For more information and current state see https://www.odata.org/documentation/.
[Network] [Data Security]
Protection of information while it's being transmitted, particularly via telecommunications.
A particular focus of communications security is message authenticity. Communications security may include cryptography, transmission security, emission security, and physical security.
[Cloud]
A cloud infrastructure shared by several organizations and supporting a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations).
[Data Security]
A way - also known as a band-aid - of mitigating a known risk where it may not be feasible to deploy specific technical enablement.
[General] [Legal]
1. The state of being in accordance with a standard, specification, or clearly defined requirements.
2. The state of being in accordance with legal requirements.
The "compliance market" is centered around storage and systems that support the retention and discovery of data as required by law or regulation.
[Data Communication]
A test pattern for jitter testing.
[General]
Synonym for data compression.
[Storage System]
A space reduction ratio that is the ratio of the size of the uncompressed data to the size of the compressed data.
[Data Security]
An incident that subjects data to unauthorized disclosure, modification, destruction, or loss.
[Computer System]
Architectures that provide Computational Storage Services coupled to storage, offloading host processing or reducing data movement.
These architectures enable improvements in application performance and/or infrastructure efficiency through the integration of compute resources (outside of the traditional compute & memory architecture) either directly with storage or between the host and the storage. The goal of these architectures is to enable parallel computation and/or to alleviate constraints on existing compute, memory, storage, and I/O.
[Computer System]
A collection of Computational Storage Devices, control software, and optional storage devices.
[Computer System]
A Computational Storage Drive, Computational Storage Processor, or Computational Storage Array.
[Computer System]
A storage element that provides Computational Storage Services and persistent data storage.
[Computer System]
A component that provides Computational Storage Services for an associated storage system without providing persistent data storage.
[Computer System]
A data service or information service that performs computation on data where the service and the data are associated with a storage device.
The Computational Storage Service may be a Fixed Computational Storage Service or a Programmable Computational Storage Service.
[Computer System]
Software that enables a single server hardware platform to support multiple concurrent instances of an operating system and applications.
[Data Security]
Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated.
[Computer System]
The property of overlapping in time, often in reference to the execution of I/O operations or I/O requests.
[Data Security]
The property that data cannot be accessed by unauthorized parties.
Confidentiality may be created by the use of encryption or access controls.
[General]
The management of system features and behaviors through the control of changes made to hardware, software, firmware documentation and related resources throughout the life cycle of an information system.
[Network]
A notification mechanism that supports congestion management for long-lived data flows within network domains of constrained data transfer rate.
A value that uniquely identifies an NVMe-oF/FC connection.
[iSCSI]
An identifier generated by the initiator and sent to the target upon logging in or out, that uniquely identifies each connection within a session.
[Network]
A frame used in a connectionless service (i.e., Class 2, and Class 3 frames referred to individually or collectively).
[Network] [Data Security]
A security service that provides data integrity service for an individual IP datagram by detecting modification of the datagram without regard to the ordering of the datagram in a stream of datagrams.
[Fibre Channel]
Communication between two N_Ports or NL_Ports for connectionless frames.
[Storage System]
A collection of replication sets grouped together to ensure write order consistency across all the replication sets' primary volumes.
An operation on a consistency group, such as changing replication from asynchronous to synchronous, applies to all the replication sets within the consistency group, and consequently their volumes.
[Storage System] [File System]
1. [Storage System] A volume that satisfies the consistency criteria of the system on which it is hosted.
2. [File System] In LTFS, a volume in which all partitions are complete, and the last LTFS Index in the Index partition has a back pointer to the last LTFS Index in the data partition.
If an LTFS volume is not consistent, some form of recovery may be necessary.
[Computer System]
1. A device for graphical or textual visual output from a computer system.
2. In systems, network and device management, an application that provides graphical and textual feedback regarding operation and status, and that may accept operator commands and input influencing operation and status.
Sophisticated consoles designed for the management of many systems from one location are sometimes called enterprise management consoles.
[Storage System]
A data deduplication method that does not require awareness of specific application data formats.
[Storage System]
A data deduplication method that leverages knowledge of specific application data formats.
[Data Recovery]
A class of mechanisms that continuously capture or track data modifications enabling recovery to previous points in time.
[Network]
A transmission control algorithm in which the frames containing the subblocks that comprise a block of information are transmitted strictly in the order of the subblocks.
Continuously increasing relative offset offers simpler reassembly and detection of lost frames compared to random relative offset.
[Computer System]
A body of software that provides common control and management.
When it executes on a device, control software is often referred to as firmware.
[Hardware] [NVMe] [Storage System] [Management]
1. [Hardware] A device or component of a system that performs a control function.
2. [Storage System] The control logic in a disk or tape that performs command decoding and execution, host data transfer, serialization and deserialization of data, error detection and correction, and overall management of device operations.
3. [Management] The control logic in a storage subsystem that performs command transformation and routing, aggregation (RAID, mirroring, striping, or other), high-level error recovery, and performance optimization for multiple storage devices.
4. [NVMe] The interface between a host and an NVM subsystem.
[Storage System]
A disk array whose control software executes in a disk subsystem controller.
[Storage System]
A cache that resides within a controller and whose primary purpose is to improve storage performance.
See cache, disk cache, host cache.
[Fibre Channel]
A controlling switch that supports lossless Ethernet MACs.
[Fibre Channel]
A switch able to control a set of FCDFs in order to create a distributed switch.
[Computer System]
The pooling of compute, storage, and networking resources using either common management tools or common (shared) physical resources.
[Data Recovery]
A technique for maintaining a point in time copy of a collection of data such that when a logical data location is written, a new physical location is chosen for the existing data, and the existing data is copied to that new physical location.
See pointer remapping.
[Storage System]
Deprecated synonym for rebuild / rebuilding.
A set of entities with the same Core Switch_Name that may host multiple Virtual Switches.
A Core Switch may be a set of ports in a physical chassis, or in multiple physical chassis.
An N-Port-Name associated with the Physical N-Port of a VFT Tagging N-Port, and not with any other FC-Port within the scope of its Name_Identifier format.
In a Virtual Fabric capable Switch, the Switch-Name identifying the Core Switch.
[Storage System]
A disk data organization model in which the disk is assumed to consist of a fixed number of tracks, each having a maximum data capacity.
Multiple records of varying length may be written on each track of a Count-Key-Data disk, and the usable capacity of each track depends on the number of records written to it. The CKD architecture derives its name from the record format, which consists of a field containing the number of bytes in the key and data fields and a record address, an optional key field by which particular records can be easily recognized, and the data itself. CKD is the storage architecture used by IBM Corporation's mainframe computer systems. See fixed block architecture.
[Data Security]
Any action, device, procedure, technique, or other measure that reduces the vulnerability of or threat to a system.
[Data Security]
An unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates a security policy.
[Data Recovery]
Abbreviation for copy on write.
[Data Communication] [Storage System]
Acronym for Cyclic Redundancy Check.
[Data Security]
Information, passed from one entity to another, used to establish the sending entity's identity and/or access rights.
[Fibre Channel]
The maximum number of receive buffers at a recipient to receive frames from a transmitting FC_Port.
[Data Security]
Acronym for Certificate Revocation List.
[General]
Acronym for Customer Replaceable Unit.
[Data Security]
A set of operations performed in converting encrypted information to plaintext without initial knowledge of the algorithm and/or key employed in the encryption.
[Data Security]
An algorithm whose outputs have cryptanalytic security properties with respect to its inputs, or vice versa.
[Data Security]
Method of sanitization in which the encryption key for the encrypted target data is sanitized, making recovery of the decrypted target data infeasible. [ISO/IEC 27040]
[Data Security]
A method for rendering encrypted data unrecoverable by securely deleting the keying material required to decrypt the data.
The encrypted data itself is not modified. The protection offered by cryptographic erasure is bounded by the work factor involved in discovering the decryption key or mounting a cryptanalytic attack on the encryption algorithm itself.
[Data Security]
A function that maps plaintext strings of any length to bit strings of fixed length, such that it is computationally infeasible to find correlations between inputs and outputs, and such that given one part of the output, but not the input, it is computationally infeasible to predict any bit of the remaining output.
Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. The output from a cryptographic hash function is known as a message digest or hash value.
[Data Security]
The principles, means and methods for rendering information unintelligible, and for restoring encrypted information to intelligible form.
[Data Security]
The time span during which a specific key is authorized for use or in which the keys for a given system or application may remain in effect. [NIST SP 800-57 Part 1]
[Data Security]
A system for encrypting and decrypting data.
[Management]
Acronym for Common Schema Definition Language.
[Network]
Acronym for Carrier Sense Multiple Access with Collision Detection.
[Data Recovery]
A backup in which all data objects modified since the last full backup are retained as the backup.
To restore data when cumulative incremental backups are in use, only the latest full backup and the latest cumulative incremental backup are required.
The running disparity present at a transmitter when the encoding of a valid data byte or special code is initiated, or at a receiver when the decoding of a transmission character is initiated.
[Network] [Fibre Channel]
The running disparity present at a transmitter when 8B/10B encoding of a data byte or special code is initiated, or at a receiver when 8B/10B decoding of a Transmission Character is initiated
[General]
A unit, or component of a system that is designed to be replaced by "customers;" i.e., individuals who may not be trained as computer system service personnel.
A switching technique that allows a routing decision to be made and acted upon as soon as the destination address of a frame is received.
[Network] [Fibre Channel]
Synonym for cut through switching.
[Network] [Fibre Channel]
A switching technique that allows a routing decision to be made and acted upon as soon as the destination address of a frame is received.
[Data Communication] [Storage System]
A scheme for checking the integrity of data that has been transmitted or stored and retrieved.
A CRC consists of a fixed number of bits computed as a function of the data to be protected, and appended to the data. When the data is read or received, the function is recomputed, and the result is compared to that appended to the data. Cyclic redundancy checks differ from error correcting codes in that they can detect a wide range of errors, but are not capable of correcting them. See error correcting code.
[Storage System]
A form of addressing data stored on a disk in which the cylinder, head/platter combination, and relative sector number on a track are specified.
See block addressing.
Advancing Storage and Information Technology
Explore, discover, share, and meet other like-minded industry members. Get ahead, stay ahead, and create industry curves. Become a SNIA member today!