Glossary
access control entry (ACE)
access control entry (ACE)
In an access control list, a grant of permissions to perform various operations on an object. Each access control entry grants permissions to a specific user or group of users.
access control list (ACL)
access control list (ACL)
Optional metadata consisting of a set of grants of permissions to perform various operations on an object. Permissions can be granted to individual users or to groups of users.
ACLs are provided by users or applications and are specified as either XML or JSON in an XML request body or as request headers.
Active Directory (AD)
Active Directory (AD)
A Microsoft product that, among other features, provides user authentication services.
Active Directory domain
Active Directory domain
A structural unit within Active Directory that serves as a container for objects such as users and groups.
Active Directory forest
Active Directory forest
A structural unit within Active Directory that contains collections of Active Directory domains.
alert
alert
A graphic that indicates the status of some particular element of an HCP system in the System or Tenant Management Console.
allow list
allow list
A list of IP addresses that are allowed access to the HCP system when using a particular external interface (such as the System Management Console, a namespace access protocol or the HTTP protocol).
anonymous access
anonymous access
A method of access to a namespace wherein the user or application gains access without presenting any credentials. See also authenticated access.
atime
atime
In POSIX file systems, metadata that specifies the date and time a file was last accessed. In HCP, POSIX metadata that initially specifies the date and time at which an object was ingested. HCP does not automatically change the atime value when the object is accessed.
Users and applications can change this metadata, thereby causing it to no longer reflect the actual ingest time. Additionally, HCP can be configured to synchronize atime values with retention settings.
authenticated access
authenticated access
A method of access to the HCP system or a namespace wherein the user or application presents credentials to gain access. See also anonymous access.
chargeback report
chargeback report
A report that contains historical statistics about tenant or namespace capacity and bandwidth usage, broken out either by hour or by day. You can generate chargeback reports that contain a single set of statistics for each tenant or namespace covering the past 180 days (or as much of that time period for which the statistics are available).
CIFS
CIFS
Common Internet File System. One of the namespace access protocols supported by HCP. CIFS lets Windows clients access files on a remote computer as if the files were part of the local file system.
comma-separated-values (CSV) file
comma-separated-values (CSV) file
A text file containing tabular data. Each line in a CSV file corresponds to a table row and contains a set of comma-separated values, each of which corresponds to a table column.
compliance mode
compliance mode
The retention mode in which objects under retention cannot be deleted through any mechanism. This is the more restrictive retention mode.
content class
content class
A content class is a named construct that is used to characterize objects in one or more namespaces. Content classes use object metadata to impose structure on the unstructured namespace content. They do this through content properties.
content property
content property
A content property is a named construct used to extract an element or attribute value from custom metadata that's well-formed XML. Content properties use XPath expressions to identify the metadata of interest.
cryptographic hash value
cryptographic hash value
A system-generated metadata value calculated by a cryptographic hash algorithm from object data or object data and metadata. This value is used to verify that the content of an object has not changed.
custom metadata
custom metadata
User-supplied information about an HCP object. Custom metadata is specified as one or more annotations, where each annotation is a discrete unit of information about the object. Users and applications can use custom metadata to understand repurpose object content.
data access permission mask
data access permission mask
A set of permissions that determine which of these operations are allowed in a namespace: read (including read ACL), write (including write ACL and change owner), delete, purge, privileged operations, and search. Data access permission masks are defined at the system, tenant, and namespace level. The effective permissions for a namespace are those that are allowed at all three levels.
data migrator
Data Migrator
Trademarks and Legal Disclaimer
© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.
data protection level (DPL)
data protection level (DPL)
The number of copies of the data for an object HCP must maintain in the repository. The DPL for an object is determined by the service plan that applies to the namespace containing the object.
dead properties
dead properties
For WebDAV only, arbitrary name/value pairs that the server stores but does not use or modify in any way.
deny list
deny list
A list of IP addresses that are denied access to the HCP system when using a particular external interface (such as the System Management Console, a namespace access protocol, or the HTTP protocol).
domain name system
domain name system
A network service that resolves domain names into IP addresses for client access.
dynamic DPL
dynamic DPL
A namespace data protection level that, at any given time, matches the system-level DPL setting.
enterprise mode
enterprise mode
The retention mode in which these operations are allowed:
oPrivileged delete
oChanging the retention class of an object to one with a shorter duration
oReducing retention class duration
oDeleting retention classes
This is the less restrictive retention mode.
erasure coding
erasure coding
A method of data protection where data is encoded and broken into multiple chunks that are then stored across multiple HCP systems. All but one chunk contains object data. The other chunk contains parity for the object data.
fixed-content data
fixed-content data
A digital asset ingested into HCP and preserved in its original form as the core part of an object. Once stored, fixed-content data cannot be modified.
group account
group account
A representation of an Active Directory group in HCP. A group account enables Active Directory users in the Active Directory group to access one or more HCP interfaces.
hard quota
hard quota
The total amount of storage available to the tenant for allocation to its namespaces or, in the context of an HCP namespace, the total amount of storage available for storing objects in the namespace.
HCP Data Migrator (HCP-DM)
HCP Data Migrator (HCP-DM)
An HCP utility that can transfer data from one location to another, delete data from a location, and change object metadata in a namespace. Each location can be a local file system, an HCP namespace, a default namespace, or an HCP 2.x archive.
HCP file system (HCP-FS)
HCP file system (HCP-FS)
The HCP runtime component that represents each object in a namespace as a set of files. One of these files contains the object data. The others contain the object metadata.
HCP management API
HCP management API
A RESTful HTTP interface to a subset of the administrative functions of an HCP system. Using this API, you can manage tenants, namespaces, content classes, retention classes, and tenant-level user and group accounts.
HCP namespace
HCP namespace
A namespace that supports user authentication for data access through the REST, S3 compatible, HSwift, and CIFS namespace access protocols. HCP namespaces also support storage usage quotas, access control lists (HCP 5.0 and later), and versioning. An HCP system can have multiple HCP namespaces.
HDDS search facility
HDDS search facility
One of the search facilities available for use with the HCP Search Console. This facility interacts with Hitachi Data Discovery Suite. To use this facility, HDDS needs to be installed and configured. HDDS is a separate product from HCP.
Hitachi Content Platform (HCP)
Hitachi Content Platform (HCP)
A distributed object-based storage system designed to support large, growing repositories of fixed-content data. HCP provides a single scalable environment that can be used for archiving, business continuity, content depots, disaster recovery, e-discovery, and other services. With its support for multitenancy, HCP securely segregates data among various constituents in a shared infrastructure. Clients can use a variety of industry-standard protocols and HCP-specific interfaces to access and manipulate objects in an HCP repository.
hitachi data discovery suite (HDDS)
Hitachi Data Discovery Suite (HDDS)
A Hitachi product that enables federated searches across multiple HCP systems and other supported systems.
hold
hold
A condition that prevents an object from being deleted by any means and from having its metadata modified, regardless of its retention setting, until it is explicitly released.
HS3 API
Hitachi API for Amazon S3
One of the namespace access protocols supported by HCP. Hitachi API for Amazon S3 is a RESTful, HTTP-based API that is compatible with Amazon S3. Using this S3 compatible API, users and applications can create and manage buckets and bucket contents.
HSwift API
HSwift API
One of the namespace access protocols supported by HCP. HSwift is a RESTful, HTTP-based API that is compatible with OpenStack. Using HSwift, users and applications can create and manage containers and container contents.
HTTP
HTTP
HyperText Transfer Protocol. One of the namespace access protocols supported by HCP. In the context of namespace access, the HTTP protocol is also called the REST API.
HCP also uses HTTP for:
oClient communication with the System Management
oClient communication with the Tenant Management
oClient communication with the Search Consoles
oClient access through the HCP management API
oHCP-DM access to namespace content
oHCP Search Console communication with Console clients
oAccess to namespace content through the metadata query API.
index
index
An index of the objects in namespaces that is used to support object-based queries and search operations.
For object-based queries, HCP builds this index from object metadata, including custom metadata and ACLs.
For search operations, each of the two search facilities, the metadata query engine and the HDDS search facility, creates and maintains its own separate index. The metadata query engine builds this index from object metadata, including custom metadata and ACLs. The HDDS search facility index is built and maintained by HDDS.
index setting
index setting
The property of an object that determines whether the metadata query engine indexes the custom metadata associated with the object.
Integrated Windows authentication
Integrated Windows authentication
A Microsoft authentication mechanism that enables clients to authenticate to a web server by using the Windows user information currently cached on the client computer, thereby removing the need to explicitly log in.
JSON
JSON
JavaScript Object Notation. A language-independent format for encoding data in the form of name/value pairs.
Local Authentication
Local Authentication
Authentication wherein HCP internally checks the validity of the specified username and password.
metadata
metadata
System-generated and user-supplied information about an object. Metadata is stored as an integral part of the object it describes, thereby making the object self-describing.
metadata query API
metadata query API
A RESTful HTTP interface that lets you search HCP for objects that meet specified metadata-based or operation-based criteria. With this API, you can search not only for objects currently in the repository but also for information about objects that are no longer in the repository.
metadata query engine
metadata query engine
One of the search facilities available for use with HCP. The metadata query engine works internally to perform searches and return results either through the metadata query API or to the HCP Metadata Query Engine Console (also known as the HCP Search Console).
Metadata Query Engine Console
Metadata Query Engine Console
The web application that provides interactive access to the HCP search functionality provided by the metadata query engine.
multipart upload
multipart upload
The process of writing the data for an object to HCP in multiple parts. Multipart upload is supported only by the Hitachi API for Amazon S3.
namespace
namespace
A logical partition of the objects stored in an HCP system. A namespace consists of a grouping of objects such that the objects in one namespace are not visible in any other namespace. Namespaces are configured independently of each other and, therefore, can have different properties.
Trademarks and Legal Disclaimer
© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.
namespace access protocol
namespace access protocol
A protocol that can be used to transfer data to and from namespaces in an HCP system. HCP supports the REST, WebDAV, CIFS, NFS, and SMTP protocols for access to HCP namespaces and the default namespace. For access to HCP namespaces, HCP also supports the S3 compatible and HSwift APIs. For access to the default namespace, HCP also supports the NDMP protocol.
namespace quota
namespace quota
The number of namespaces HCP reserves for an HCP tenant out of the total number of namespaces the system can have.
object
object
An exact digital representation of data as it existed before it was ingested into HCP, together with the system and custom metadata that describes that data. Objects can also include ACLs that give users and groups permission to perform certain operations on the object.
An object is handled as a single unit by all transactions, services, and internal processes, including shredding, indexing, versioning, and replication.
object-based query
object-based query
In the metadata query API, a query that searches for objects based on object metadata. This includes both system metadata and the content of custom metadata and ACLs. The query criteria can also include the object location (That is, the namespace and/or directory that contains the object).
Object-based queries searches only for objects that currently exist in the repository. For objects with multiple versions, object-based queries return only the current version.
operation-based query
operation-based query
In the metadata query API, a query that searches not only for objects currently in the repository but also for information about objects that have been deleted by a user or application or delete through disposition, purged, or pruned. For namespaces that support versioning, operation-based queries can return both current and old versions of objects.
Criteria for operation-based queries can include object status (for examples, created or deleted), change time, and location (that is, the namespace and/or directory that contains the object).
permission
permission
One of these:
oIn POSIX permissions, the ability granted to the owner, the members of a group, or other users to access an object, directory, or symbolic link. A POSIX permission can be read, write, or execute.
oIn a data access permission mask, the condition of allowing a specific type of operation to be performed in a namespace.
oIn a tenant-level user account, the granted ability to perform a specific type of operation in a given namespace.
oIn an ACL associated with a bucket or an object, the granted ability to perform a specific type of operation on the bucket or object.
oThe granted ability to access the HCP System Management Console, Tenant Management, or HCP Search Console and to perform a specific activity or set of activities in that Console. Permissions of this type are granted by roles associated with the user account.
policy
policy
One or more settings that influence how transactions, services, and internal processes work on objects. Such a setting can be a property of an object, such as retention, or a property of a namespace, such as versioning.
POSIX
POSIX
Portable Operating System Interface for UNIX. A set of standards that define an application programming interface (API) for software designed to run under heterogeneous operating systems. HCP-FS is a POSIX-compliant file system, with minor variations.
privileged delete
privileged delete
A delete operation that works on an object regardless of whether the object is under retention, except if the object is on hold. This operation is available only to users and applications with explicit permission to perform it.
Privileged purge operations work only in namespace in enterprise mode.
privileged purge
privileged purge
A purge operation that works on an object regardless of whether the object is under retention, except if the object is on hold. This operation is available only to users and applications with explicit permission to perform it.
Privileged purge operations work only in namespace in enterprise mode.
query
query
A request submitted to HCP to return metadata for objects or operation records that satisfy a specified set of criteria. Also, to submit such a request.
RADIUS
RADIUS
Remote Authentication Dial-In User Service. A protocol for authenticating credentials that authorize access to an IP network.
recognized Active Directory user account
recognized Active Directory user account
An Active Directory user account for a user that belongs to one or more Active Directory groups for which corresponding group accounts are defined in HCP.
remote authentication
remote authentication
Authentication wherein HCP uses a remote service to check the validity of the specified username and password.
replica
replica
For an active/passive link, the HCP system to which the replication service copies objects and other information from the primary system during normal replication.
replication
replication
A process by which selected tenants and namespaces are maintained on two or more HCP systems and the objects in those namespaces are managed across those systems. Typically, the systems involved are in separate geographic locations and are connected by a high-speed wide area network. This arrangement provides geographically distributed data protection (called geo-protection).
REST
REST
Representational State Transfer. A software architectural style that defines a set of rules (called constraints) for client/server communication. In a REST architecture:
–Resources (where a resource can be any coherent and meaningful concept) must be uniquely addressable.
–Representations of resources (for example, in XML format) are transferred between clients and servers. Each representation communicates the current or intended state of a resource.
–Clients communicate with servers through a uniform interface (that is, a set of methods that resources respond to) such as HTTP.
REST API
REST API
One of the namespace access protocols supported by HCP. The REST API is also called the HTTP protocol.
retention class
retention class
A named retention setting. The value of a retention class can be a duration, Deletion Allowed, Deletion Prohibited, or Initial Unspecified.
retention mode
retention mode
A namespace property that affects which operations are allowed on objects under retention. A namespace can be in either of two retention modes: compliance or enterprise.
retention period
retention period
The period of time during which an object cannot be deleted (except by means of a privileged delete).
retention setting
retention setting
The property that determines the retention period for an object.
role
role
A named collection of permissions that can be associated with an HCP user account, where each permission allows the user to perform some specific interaction or set of interactions with the HCP System Management Console, the Tenant Management Console, the HCP management API, the metadata query API, or, for default namespaces only, the HCP Search Console. Roles generally correspond to job functions.
search console
search console
The web application that provides interactive access to HCP search functionality. When the Search console uses the hcp metadata query engine for search functionality, it is called the Metadata Query Engine Console.
search facility
search facility
An interface between the HCP Search console and the search functionality provided by the metadata query engine or HDDS. Only one search facility can be selected for use with the Search Console at any given time.
service
service
A background process that performs a specific function that contributes to the continuous tuning of the HCP system. In particular, services are responsible for optimizing the use of system resources and maintaining the integrity and availability of the data stored in the HCP repository.
service plan
service plan
A named specification of an HCP service behavior that determines how HCP manages objects in a namespace. Service plans enable you to tailor service activity to specific namespace usage patterns or properties.
shred setting
shred setting
The property that determines whether an object will be shredded or simply removed when it’s deleted from HCP.
shredding
shredding
The process of deleting an object and overwriting the locations where all its copies were stored in such a way that none of its data or metadata can be reconstructed. Also called secure deletion.
single sign-on
single sign-on
In a Windows environment, the use of an already authenticated Active Directory user account to access the System Management Console, Tenant Management Console, HCP Search Console, or Namespace Browser without the need to explicitly log in.
SMTP
SMTP
Simple Mail Transfer Protocol. The namespace access protocol HCP uses to receive and store email data directly from email servers.
soft quota
soft quota
The percentage point at which HCP notifies a tenant that allocated storage space is being used up. For a tenant, the soft quota measures the space used in all the namespaces the tenant owns relative to the hard quota for that tenant. For a namespace, the soft quota measures the space used in only that namespace relative to the hard quota for that namespace.
syslog
syslog
A protocol used for forwarding log messages in an IP network. HCP uses syslog to facilitate system monitoring through an external interface.
system management console
system management console
The system-specific web application that lets you monitor and manage HCP.
system metadata
system metadata
System-managed properties that describe the content of an object. System metadata includes policies, such as retention and data protection level, that influence how transactions, services, and internal processes affect the object.
systemwide permission mask
systemwide permission mask
The data access permission mask defined at the HCP system level. The systemwide permission mask applies across all tenants and namespaces.
tag
tag
An arbitrary text string associated with an HCP tenant or namespace. Tags can be used to group tenants or namespaces and to filter tenants or namespace lists.
tenant
tenant
An administrative entity created for the purpose of owning and managing namespaces. Tenants typically correspond to customers or business units.
tenant management console
tenant management console
The tenant-specific web application that lets you monitor and manage tenants and namespaces.
user account
user account
A set of credentials that gives a user access to one or more of the System Management Console, Tenant Management Console, HCP management API, HCP Search Console, or namespace content through the namespace access protocols, metadata query API, HCP Data Migrator, and a given tenant and its namespaces.
user authentication
user authentication
The process of checking that the combination of a specified username and password is valid when a user tries to log into the System Management Console, Tenant Management Console, HCP Search Console, tries to access the HCP system through the management API, or tries to access a namespace.
versioning
versioning
An optional namespace feature that enables the creation and management of multiple versions of an object.
version pruning
version pruning
The automatic deletion of previous versions of objects that are older than a specified amount of time.
WebDAV
WebDAV
Web-based Distributed Authoring and Versioning. One of the namespace access protocols supported by HCP. WebDAV is an extension of HTTP.
Windows workgroup
Windows workgroup
A named collection of computers on a LAN that share resources such as printers and file servers.
WORM
WORM
Write once, read many. A data storage property that protects the stored data from being modified or overwritten.
XML
XML
Extensible Markup Language. A standard for describing data content using structural tags called elements.
XPath
XPath
A language used to formulate expressions that navigate through and select elements and attributes in XML documents.