An apparatus includes an extended capability register and an input/output (I/O) memory management circuitry. The I/O memory management circuitry is to receive, from an I/O device, an address translation request referencing a guest virtual address associated with a guest virtual address space of a virtual machine. The I/O memory management circuitry may translate the guest virtual address to a guest physical address associated with a guest physical address space of the virtual machine, and, responsive to determining that a value stored by the extended capability register indicates a restrict-translation-request-response (RTRR) mode, transmit, to the I/O device, a translation response having the guest physical address.

A storage network processing system includes a processor, a network interface and memory that stores operational instructions. The operation instructions enable the processor to receive a data object for storage and dispersed error encode the data object in accordance with dispersed error encoding parameters to produce a plurality of encoded data slices. The operation instructions further enable the processor to generate to determine a plurality of site slice sets from the plurality of encoded data slices, where each site slice set of the plurality of site slice sets includes a number of unique encoded data slices of the plurality of encoded data slices that is greater than or equal to a site write threshold value. The operation instructions further enable the processor to a designate one of a plurality of storage sites for each of the plurality of site slice sets and transmit each of the plurality of site slice sets to a corresponding designated one of the plurality of storage sites via the network.

Apparatus comprising translation circuitry to perform a translation operation to generate a translated second memory address within a second memory address space as a translation of a first memory address within a first memory address space, in which the translation circuitry is configured to generate the translated second memory address in dependence upon translation information stored at one or more translation information addresses; permission circuitry to perform an operation to detect permission information to indicate, for a given second memory address, whether memory access is permitted to the given second memory address; and access circuitry to allow access to data stored at the given second memory address when the permission information indicates that memory access is permitted to the given second memory address.

An edge accelerator card has a first interface, a second interface, a memory and a processor. The first interface is to couple to a server. The second interface is to couple to a storage system. The processor is to handle communication between the server and the storage system through the first interface and the second interface. The processor is to perform at least one task as directed by the storage system, using the memory and communication through at least the second interface.

A data management method includes receiving, by a management server, a first request, determining, based on an identifier of a first user in the first request, whether a shadow tenant bucket associated with the identifier of the first user exists, and if the shadow tenant bucket associated with the identifier of the first user exists, storing, in the shadow tenant bucket associated with the identifier of the first user, an acceleration engine image (AEI) that the first user requests to register, where a shadow tenant bucket is used to store an AEI of a specified user, and each shadow tenant bucket is in a one-to-one correspondence with a user.

The described technology is generally directed towards managing accounts for connecting applications to (e.g., third party) cloud storage providers. Various types of cloud storage providers and different accounts, e.g. corresponding to different usage scenarios with properties such as regions, storage tier levels, costs and so forth, are available to user applications. In one implementation, a user application provides desired account properties to a cloud credential manager via a REST API call to obtain the account information for an account, including credentials, configuration data and the like, returned in in a REST API response. The described technology facilitates selection of an account by the cloud credential manager based on matching the specified properties. Load balancing and storage costs can also be factors in the selection, and random selection is also available.

A method of writing data to a protected region in response to a request from a host includes receiving a first write request including a first host message authentication code and a first random number from the host, verifying the first write request based on a write count, the first random number, and the first host message authentication code, updating the write count based on a result of verifying the first write request, generating a first device message authentication code based on the updated write count and the first random number, and providing the host with a first response including the first device message authentication code and a result of the verifying of the first write request.

Memory devices, systems including memory devices, and methods of operating memory devices are described, in which security measures may be implemented to control access to a fuse array (or other secure features) of the memory devices based on a secure access key. In some cases, a customer may define and store a user-defined access key in the fuse array. In other cases, a manufacturer of the memory device may define a manufacturer-defined access key (e.g., an access key based on fuse identification (FID), a secret access key), where a host device coupled with the memory device may obtain the manufacturer-defined access key according to certain protocols. The memory device may compare an access key included in a command directed to the memory device with either the user-defined access key or the manufacturer-defined access key to determine whether to permit or prohibit execution of the command based on the comparison.

A data management system comprises: an outsourcer terminal outsourcing a fabrication by an instruction document; an outsourcee terminal receiving outsourcing and/or sub-outsourcing; and a server device. The server device comprises: a data management unit managing a proprietary authority of data stored in a data storage unit; an order container storage unit storing an order container with which data stored in the data storage unit is correlated, for each order created in an order creation unit of the outsourcer terminal and/or the outsourcee terminal; and an order container management unit managing sharing of the order container, based on an instruction from an order container sharing authority management unit of the outsourcer terminal and/or the outsourcee terminal. The server device, for each order, correlates any format of data element stored with the order container, for management.

A method may select a surviving storage node based on environmental conditions. A request for exclusive access to a volume is received. A score based on data associated with an environment of the node is determined for each node in a cluster. Based on the scores, a node to grant exclusive access to the volume is identified, and such exclusive access is granted to the identified node.