United States Patent [191
`Dunphy et al.
`
`US00563 8509A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,638,509
`Jun. 10, 1997
`
`[54] DATA STORAGE AND PROTECTION
`SYSTEM
`
`[75] Inventors: William E. Dunphy, Westminster;
`Steven M. Halladay, Louisville;
`Michael E. Moy, Lafayette; Frederick
`G. Munro, Broom?eld, all of C010.
`
`[73] Assignee: Exabyte Corporation, Boulder, C010.
`
`[21] Appl. No.: 663,377
`[22] Filed:
`Jun. 13, 1996
`
`Related U.S. Application Data
`
`[63] Continuation of Sen No. 537,036, Sep. 29, 1995, abandoned,
`which is a continuation of Ser. No. 258,391, Jun. 10, 1994.
`
`[51] Int. Cl.6 .................................................... .. G06F 11/08
`[52] U.S. c1. ....................................................... .. 395/182.18
`[58] Field of Search ....................... .. 395/182.18, 183.01,
`395/182.13; 364/268. 268.1, 268.3, 268.5,
`245.5, 245.6, 285, 285.1; 369/272; 365/201;
`360/39; 324/527
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`.. 395/575
`2/1992 Horton etal.
`5,089,958
`395/575
`7/1992 Che?'etz etal
`5,133,065
`5,163,148 11/1992 Walls .................................... .. 395/600
`
`395/575
`5,210,866 5/1993 Milligan et al.
`395/575
`5,241,668
`8/1993 Eastridge et al.
`395/575
`5,241,669
`8/1993 Cohn et a1. ....... ..
`.. 395/575
`5,241,670
`8/1993 Easttidge et a].
`395/575
`..
`5,263,154 11/1993 EastIidge et al.
`395/575
`.
`5,276,860
`1/1994 Fortier et al. ..... ..
`395/600
`5,276,867
`1/1994 Kenley et a1. ..
`.. 395/600
`5,347,653
`9/1994 Flynn et a1.
`395/575
`5,454,099
`9/1995 Myers et al.
`395/182.13
`5,515,502
`5/1996 Wood ........ ..
`5,544,359
`8/1996 Tada et a1. ............................ .. 395/600
`
`Primary Examiner-Robert W. Beausoliel, Jr.
`Assistant Examiner—Stephen C. Elmore
`Attomey, Agent, or Firm——Nixon & Vanderhye, RC.
`
`[57]
`
`ABSTRACT
`
`The data storage and protection apparatus maintains an
`index of all data ?le activity on a computer system and stores
`copies of data ?les in a manner to enable a user to recreate
`the state of the computer system at any selected point in
`time. A data ?le monitor intercepts all communication
`between application programs and the ?le system to obtain
`data ?le status and activity information. This information is
`used to identify data ?les which are transmitted to a data ?le
`backup media for storage along with directory information
`that identi?es the stored ?les to enable the system to later
`locate and retrieve data ?les that were stored on the backup
`media.
`
`39 Claims, 6 Drawing Sheets
`
`20
`I
`‘
`BACKUP DRIVE
`
`aidm <
`
`42
`<
`
`3
`8
`
`10
`2
`F‘
`I
`I
`|
`
`l
`]
`1
`
`GRAPHICAL USER
`INTERFACE
`
`N15
`
`;
`DRIVER 4 = PARALLEL =
`PORT \ l
`5
`[ 7
`
`K
`
`v
`
`1 6
`
`14
`\
`
`I
`, COMMUNICATION 1
`PORT \ |
`5
`}
`
`N1
`
`_
`
`g
`
`I
`
`~ SPINE
`
`' — * T _ _ _—T
`
`A NETWORK
`INTERFACE
`
`OPERATING
`SYSTEM
`
`'
`
`N9
`
`_ DATABASE I ,
`
`EXTFEEJED
`
`SYSTEM
`
`] I
`
`17!
`
`i8
`I _________ ___1
`
`DATA
`FILE
`
`:
`
`8A” wono PROCESSOR
`
`85m DATABASE
`
`80 /\ ACCOUNTING
`
`Apple Inc. Exhibit 1010 Page 1
`
`

`

`US. Patent
`
`Jun. 10, 1997
`
`Sheet 1 of 6
`
`5,638,509
`
`ww_E8$552
`dig:52mg5%3.54%mP
`
`zofi<2222§oo
`
`.Eom
`
` mamaE295
`
`mommmoomm9.5;
`
`NEE
`
`Smhm>m
`
`Ska
`
`HE
`
`motzoE
`
`VEESEZ
`
`mufimmhé
`
`wz_._.<mmmo
`
`smbm>w
`
`omQthxmFNmm<m<h<o
`
`mm<m<§5mm
`
`ozfizzoogOw
`
`:25
`
`23
`
`E22m:
`
`90"] lNEl/Ei
`
`a:
`
`FGE
`
`.1lllllllJ555
`
`Apple Inc.
`
`Exhibit 1010
`
`Page 2
`
`Apple Inc. Exhibit 1010 Page 2
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`Jun. 10, 1997
`
`Sheet 2 of 6
`
`5,638,509
`
`3mm
`
`£502<
`
`X_ZOm<._.<Q§53095
`SOEmQEoU
`
`mOm—MEL
`
`X_ZOm<._.<D
`
`mow—mn—..
`
`E#3
`
`9NSass
`
`«mmwau~;m=>aoo
`
`823mmmEmE=<
`
`5mm
`
`Apple Inc.
`
`Exhibit 1010
`
`Page 3
`
`Apple Inc. Exhibit 1010 Page 3
`
`

`

`US. Patent
`
`Jun. 10, 1997
`
`Sheet 3 0f 6
`
`5,638,509
`
`FIG. 3
`
`INTERCEPT COMMUNICATION
`BETWEEN APPLICATION PROCESS N 31
`AND FILE SYSTEM
`
`THIS A FILE
`THAT IS SELECTED
`TO BE
`MONITORED
`
`NO
`
`32
`
`NO
`
`IS THE
`INTERCEPTED
`COMMUNICATION A
`DATA FILE CHANGE
`OPERATION
`9
`
`33
`
`YES
`
`RECORD DATA FILE
`CHANGE DATA IN EVENT LOG
`
`r-\' 34
`
`IS DATA
`FILE CHANGE
`A MODIFY DATA OR
`DELETE
`OPERATION
`
`NO
`
`IS THIS
`A FILE THAT
`
`WRITE CHANGED DATA FILE
`IN STASH CAN MEMORY
`
`/\ 37
`
`4
`
`V
`
`TRANSMIT RECEIVED COMMUNICATION N 38
`TO ORIGINAL DESTINATION
`
`Apple Inc. Exhibit 1010 Page 4
`
`

`

`US. Patent
`
`Jun. 10, 1997
`
`Sheet 4 of 6
`
`5,638,509
`
`
`
`
`
`mud“.komgmm._<:Z<s_
`
`”mmOkmmm
`330%..g2595Emma26%mm
`
`$6.5e$8.62.
`ad:3305
`
`w>EB<
`
`”359:2.
`
`Eam53$53
`
`3:62”mum
`
`EéEvaDEm
`
`v.GE
`
`Apple Inc.
`
`Exhibit 1010
`
`Page 5
`
`Apple Inc. Exhibit 1010 Page 5
`
`

`

`US. Patent
`
`Jun. 10, 1997
`
`Sheet 5 of 6
`
`5,638,509
`
`L.
`y
`
`I
`USER NAVIGATES \ 51
`ID FILE SYSTEM
`
`FIG. 5
`
`’\- 52
`
`USER SELECTS
`FlLE STATES TO RESTORE
`
`i
`
`YES
`
`USER
`WANTS TO
`RESTORE MORE
`FILES
`'?
`
`53
`
`PRESENT FILE
`STATES TO USER
`
`,—\_ 54
`
`USER
`WANTS TO
`EXCLUDE FILE
`sTATEs
`?
`
`YES
`
`55
`
`56
`\
`
`v
`USER EXCLUDES
`FILE STATES
`
`cALcuLATE SET OF TAPES
`THAT CONTAiN DESIRED /\ 57
`FILE STATES
`
`l
`(D
`
`Apple Inc. Exhibit 1010 Page 6
`
`

`

`U.S. Patent
`
`Jun. 10, 1997
`
`Sheet 6 0f 6
`
`5,638,509
`
`FIG. 6
`
`NO
`
`ARE
`THERE MORE
`TAPES IN THE
`SET
`'7
`
`YES
`
`REMOVE A TAPE
`FROM THE SET
`
`“63
`
`V
`
`ORDER FILE STATES
`FOR THE TAPE FROM
`BOT TO EOT
`
`V
`
`MOUNT TAPE
`
`ARE
`THERE FILE
`STATES ON THE
`TAPE TO
`READ
`9
`
`NO
`
`DISMOUNT TAPE
`
`62
`
`5
`
`V
`PRESENT
`COMPLETION STATUS
`TO USER
`
`V
`DONE
`
`L
`
`(
`
`70
`
`MOVE TO
`FILE STATE
`
`V
`
`READ FILE STATE
`
`69
`
`Apple Inc. Exhibit 1010 Page 7
`
`

`

`1
`DATA STORAGE AND PROTECTION
`SYSTEM
`
`This is a continuation of application Ser. No. 08/537,036.
`?led Sep. 29. 1995. now abandoned. Which is a ?le wrapper
`continuation of application Ser. No. 08/258391, ?led Jun.
`10. 1994.
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`10
`
`This application is related to an application Ser. No.
`08/258800. titled “Data Backup System for Personal
`Computers”, ?led on Jun. 13, 1994; an application Ser. No.
`08/258582. titled “Data Storage and Protection System”,
`?led on the same date as the present application Ser. No.
`08/258510; and an application titled “Cold Boot Data
`Baclmp System”. ?led on the same date as the present
`application.
`
`FIELD OF THE INVENTION
`
`This invention relates to data storage protection systems
`and. in particular. to a data backup system that automatically
`produces a temporal record of all data ?le activity in a
`computer system and provides apparatus to record all activ
`ity for user identi?ed data ?les.
`
`PROBLEM
`
`It is a problem in computer systems to safeguard the
`integrity of data ?les stored thereon. Data ?les can be lost or
`corrupted by user error or by equipment failure. A method of
`recovering from such incidents is to maintain a backup copy
`of the data ?les so that the original data ?le can be recreated
`from the backup copy. A dif?culty with this philosophy is
`that users ?nd the process of backing up data ?les burden
`some and typically do not implement such procedures even
`when the computer system is equipped with data ?le backup
`apparatus. In addition. existing data backup systems are
`di?icult to use when attempting to retrieve lost data ?les and
`typically provide only limited data ?le retrievability since
`these systems are only infrequently activated. All data ?le
`activity that transpired since the last data backup session is
`lost. and may represent the most pertinent data ?les to the
`user.
`There presently does not exist any data backup system
`that is both simple to use and which provides a signi?cantly
`thorough data ?le protection capability to warrant wide
`spread use.
`
`20
`
`25
`
`30
`
`45
`
`SOLUTION
`
`The above-described problems are solved and a technical
`advance achieved in the ?eld by the data storage and
`protection apparatus of the present invention which main
`tains an index of all data ?le activity on a computer system
`and stores copies of data ?les in a manner to enable a user
`to recreate the state of the computer system at any selected
`point in time. The data storage and protection apparatus
`interposes data ?le monitor software between the ?le system
`and application programs resident on the computer system to
`intercept all communication therebetween. The monitor
`software extracts data ?le status and activity information
`from the intercepted communications and uses this data to
`maintain an event log that indicates a history of all data ?le
`activity on the computer system. The communications are
`then forwarded unmodi?ed by the monitor software to their
`originally intended destination.
`
`50
`
`55
`
`65
`
`5,638,509
`
`2
`A database located in the data storage and protection
`apparatus periodically retrieves the event log and uses the
`information contained therein to identify data ?les that are
`then transmitted to a data ?le backup media for storage. The
`monitor software also maintains a “stash can” section of
`memory that is used as a virtual data ?le backup system to
`temporarily store data ?les that the user deletes or modi?es,
`to enable the database to store these ?les on the backup
`media when the backup process is enabled. The database
`writes the selected data ?les as well as directory information
`on to the backup media to enable the system to later locate
`and retrieve data ?les that were stored on the backup media
`to recreate a single lost data ?le or to recreate the state of a
`selected data ?le or the computer system at a selected point
`in time. Thus, the database maintains a three-dimensional
`?le system on the backup media with the computer system
`?le system structure representing a two-dimensional presen
`tation of the ?le system memory and the temporal sequence
`of changes to all the data ?les in the ?le system representing
`a third dimension. Every data ?le that is selected by the user
`to be monitored and preserved by this apparatus is stored on
`the backup media in a time sequenced manner so that every
`version of the data ?le is resident on the backup media and
`the directory data on the backup media provides a history of
`all activity for this data ?le.
`When the user requests that a selected data ?le be restored
`to a selected point in time, or the user restores the entirety
`of the computer system memory in response to a ?le system
`failure, the data storage and protection system reviews the
`directory information stored on the backup media and uses
`this data to identify the version of each data ?le that was
`resident on the computer system at the selected point in time.
`The directory information also indicates the physical loca
`tion of each of these data ?le versions on the backup media
`or the stash can memory. The data storage and protection
`system then locates and retrieves each identi?ed data ?le.
`The retrieved data ?les are then written to the computer
`system memory to recreate the state of the computer system
`memory at the selected point in time.
`The data storage and protection system automatically
`monitors all data ?le activity on the computer system and
`maintains a list of all data ?les that are to be backed up to
`backup media. The data storage and protection apparatus, on
`a user initiated, timed or automatic basis, then transmits the
`selected data ?les to the backup device for storage on the
`backup media. If a failure occurs, the data storage and
`protection apparatus performs the data ?le location, retrieval
`and restore operations, independent of the user. This system
`is therefore simple to use, and provides a much ?ner
`granularity of data ?le restore capability than prior art data
`backup systems.
`
`BRIEF DESCRIPTION OF THE DRAWING
`FIG. 1 illustrates in block diagram form the overall
`architecture of the data storage and protection system of the
`present invention as resident on a computer system;
`FIG. 2 illustrates a typical main menu screen that is
`presented to the user by the data storage and protection
`system;
`FIG. 3 illustrates in flow diagram form the operational
`steps taken by the data ?le monitor in its operation;
`FIG. 4 illustrates a conceptual view of the data stored in
`the extended ?le system; and
`FIGS. 5 and 6 illustrate in ?ow diagram form the opera
`tional steps taken by the data storage and protection system
`of the present invention to restore data ?les.
`
`Apple Inc. Exhibit 1010 Page 8
`
`

`

`3
`DETAILED DESCRIPTION
`
`FIG. 1 illustrates in block diagram form the overall
`architecture of the data storage and protection apparatus 10
`of the present invention which maintains an index of all data
`?le activity on a computer system 1 and stores copies of data
`?les in a manner to enable a user to recreate the state of the
`computer system 1 at any selected point in time. The
`computer system 1 can be any processor. whether multi-user
`or single user, and whether mainframe, personal computer,
`laptop computer. etc. It is envisioned that the computer
`system 1 can be part of a network 3 wherein users external
`to the computer system 1 may have access to data ?les
`resident in the memory of the computer system 1. FIG. 1
`therefore simply illustrates computer system 1, which is
`connected via network interface 2 and communication
`media 3 to a remote computer system 4. The presence of
`remote computer system 4 is not necessary for the operation
`of data storage and protection apparatus 10. but is included
`to illustrate some of the capabilities of data storage and
`protection apparatus 10.
`The data storage and protection apparatus 10 is installed
`on computer system 1 and serves to store selected data ?les
`on a backup media 21 that is located in backup drive 20. The
`backup media 21 is a writeable media, and can be mountable
`magnetic tape. ?xed disk drive media, mountable disk drive
`media. disk drive array. or any other media that can be
`written to at least once and read from many times. The
`backup drive 20 is typically a separate device that is con
`nected to computer system 1 via an interface, such as the
`parallel port 5 of the computer system 1 or a data commu~
`nication port 6. The backup device 20 can be collocated with
`computer system 1 or can be located remote from computer
`system 1 and connected thereto via a data communication
`link 7 or network 3.
`The computer system 1 includes an operating system 19,
`a plurality of application programs 8 and a ?le system 9 in
`conventional con?guration. The data storage and protection
`system 10 interposes data ?le monitor 11 between the ?le
`system 9 and the application programs 8 resident on the
`computer system 1 to intercept all communication therebe
`tween. The terms “interposed” and “intercept”, as used
`herein. are broadly construed. wherein it is envisioned that
`the communications generated by both application programs
`8 and ?le system 9 are routed to data ?le monitor 11. The
`operation of the data ?le monitor 11 is disclosed in ?ow
`diagram form in FIG. 3. At step 31, the data ?le monitor 11
`intercepts or receives a communication between one of the
`application programs 8 and the ?le system 9. The data ?le
`monitor 11 reviews this communication at step 32 to deter
`mine whether this communication relates to a data ?le that
`the user has selected to be monitored. If not. processing
`advances to step 38 as described below. If the data ?le is to
`be monitored. processing advances to step 33 where it is
`determined whether this communication results in a data ?le
`change. Data ?le changes can include data ?le create, write.
`delete. modify data. modify attributes. copy. move, directory
`create. delete. If the received communication does not result
`in one of these events, then processing advances to step 38
`where the communications are forwarded unmodi?ed by the
`data ?le monitor 11 to their originally intended destination.
`Processing then returns to step 31 to await the next com
`munication between the application programs 8 and the ?le
`system 9. If a data ?le change is detected. at step 34. the data
`?le monitor 11 extracts data ?le status and activity infor
`mation from the received communications and uses this data
`to maintain an event log 12 that indicates a history of all
`
`10
`
`25
`
`30
`
`35
`
`40
`
`50
`
`55
`
`65
`
`5,638,509
`
`4
`presently occurring data ?le activity on the computer system
`1. The data ?le monitor 11 also determines, at step 35,
`Whether the operation is one that changes the contents of the
`data ?le, such as a data ?le delete or data modify operation.
`Any data change action that would cause the loss of the
`original data in the data ?le causes the data ?le to be saved.
`If the user has changed a data ?le, then at step 36 a
`determination is made whether this data ?le is one that
`should be saved and recorded in the stash can memory 13.
`If not. processing advances to step 38. otherwise the data ?le
`monitor 11 writes this data ?le into a stash can memory 13
`at step 37. Processing then proceeds to step 38, as it does
`when no data ?le change operation is being executed At step
`38, the communications are then forwarded unmodi?ed by
`the data ?le monitor 11 to their originally intended destina
`tion. Thus, the communications can be directly routed to
`data ?le monitor 11 and stored therein for a period of time
`or can be passed through data ?le monitor 11 without
`substantial delay and the required data extracted there?om
`while the communications are passed through data ?le
`monitor 11.
`
`Event Log
`
`The event log 12 consists of a data ?le typically main
`tained by data ?le monitor 11 in the memory of computer
`system 1. The event log 12 includes a list of all data ?les
`resident in computer system 1 that have been subject to
`change since the last data ?le backup activity on computer
`system 1. The monitored changes typically include data ?le
`create, write, delete, modify data, modify attributes, copy,
`move, directory create, delete. For each of these data ?le
`changes, the data ?le monitor 11 creates an entry in event log
`12 that identi?es the data directory/data ?le. the nature of the
`change. extent of the data ?le. the time that this change
`occurred and any other pertinent administrative information,
`such as user identi?cation, that may be pertinent to the
`operation of the data ?le storage and protection system 10.
`
`Initiation of Data Protection Process
`
`A database 14 located in the data storage and protection
`apparatus 10 retrieves the event log 12 and uses the infor
`mation contained therein to identify data ?les that are to be
`transmitted to a data ?le backup media 21 for storage. The
`database also contains a complete history of all data ?le
`changes since it stores the event log entries in its history ?le.
`The data ?le backup process is a function of the procedure
`de?ned by the user. There is a signi?cant amount of cus
`tomization that can take place within data storage and
`protection system 10 to satisfy the needs of individual users.
`In particular, graphical user interface 15 is provided to
`enable the user to activate and control the operation of data
`storage and protection system 10. There are typically a
`plurality of user interface screens that can be displayed to the
`user by data storage and protection system 10 and only a
`small number of these are disclosed herein for the purpose
`of simplicity of description. Thus. FIG. 2 illustrates the
`typical main menu screen presented to the user which
`enables the user to select the data storage and protection
`parameters, and which also enables the user to select a one
`of the many features that are available on the data storage
`and protection system 10.
`The data storage and protection system 10 is philosophi
`cally a data ?le repository system that can be used for a
`number of different and complementary purposes. A primary
`function of the data storage and protection system 10 is to
`backup data ?les that are created and modi?ed by the user
`
`Apple Inc. Exhibit 1010 Page 9
`
`

`

`5
`on to a baclmp media 21 for safekeeping. To accomplish this
`goal. it is expected that a user ?rst backs up the entirety of
`the data stored in the memory of computer system 1. In a
`personal computer, this backup is a dump of the contents of
`the hard drive. The user then programs the data storage and
`protection system 10 to “track” selected data ?les,
`directories. subdirectories. or even the entire data ?le
`memory of computer system 1. The data storage and pro
`tection system 10, as noted above. monitors data ?le activity
`on computer system 1 and stores all versions of the identi?ed
`data ?les on the backup media 21. This process records the
`incremental changes to the memory of computer system 1
`over time and provides a total record of the selected data
`?les. In addition. the data storage and protection system 10
`provides a mass memory capability that can be used to store
`vast quantities of data for retrieved by the user on an as
`needed basis. Thus. the backup media 21 can be populated
`with many data ?les by writing the data ?les on the memory
`of computer system 1, backing up these data ?les on to the
`baclmp media 21. then expunging the data ?les from the
`memory. or retaining only a “placeholder” version of the
`data ?le in memory to enable the user to “page through” the
`catalog of data ?les stored on the backup media 21. The
`baclmp media 21 then functions not only as a baclorp
`element but also as a “virtual automated data library”
`wherein the user can retrieve a data ?le via the restore
`capability of the data storage and protection system 10. Mass
`quantities of data can then be transported with a portable
`computer Without completely ?lling the hard drive, since the
`media drive 20 is lightweight, portable and battery powered.
`The user accesses the data storage and protection system
`10 via the standard application program activation process
`native to computer system 1. The data storage and protection
`system 10. when activated, presents the user with the display
`illustrated in FIG. 2. The user can then select the con?gu
`ration selection option which activates the capability for the
`user to de?ne the mode of data backup and to identify the
`elements that are to be protected. This process is similar to
`existing data backup systems and is not described in great
`detail herein in the interest of brevity and clarity of descrip
`tion. The user can elect to have the data storage and
`protection system 10 reside on computer system 1 in a
`quiesced mode which requires the user to activate the data
`storage and protection system 10 to backup data.
`Alternatively, the user can elect to have the data storage and
`protection system 10 periodically activated so that the data
`?le backup occurs on a regularly scheduled basis, indepen
`dent of the user. In addition, other modes can be selected,
`such as initiating a user prompt or an automated operation as
`a function of the number of data ?les and/or their cumulative
`extent listed in the event log 12.
`The data ?le monitor 11 also maintains a “stash can” 13
`section of memory that is used to temporarily store data ?les
`that the user modi?es or deletes, to enable the database to
`store these ?les on the backup media when the backup
`process is enabled. The stash can memory 13 can also be an
`activating factor, so that when that dedicated portion of
`memory is ?lled to a predetermined level, the user is
`prompted to initiate a backup or the data storage and
`protection system 10 automatically backs up the data ?les
`that are stored in the stash can memory 13.
`Data File Backup Process
`Regardless of the initiation mode, the graphical user
`interface 15 transmits data to database 14 to de?ne the data
`?le backup procedure extant in computer system 1 for the
`identi?ed user. The user screen of FIG. 4 illustrates concep
`
`6
`tually a typical data ?le restore procedure. The database 14,
`when activated, reads the contents of event log 12 to
`determine what data ?les have been changed since the last
`backup process was activated The database 14 includes an
`extended ?le system 17 which is a de?nition of the ?le
`system active in computer system 1. Included in extended
`?le system 17 is a temporally oriented listing of all data ?les
`identi?ed by the user as requiring protection. The temporal
`listing thereby provides a three-dimensional version of ?le
`system 9, with the tree-like structure of ?le system 9, native
`to the operating system 7, being a two-dimensional repre
`sentation of the directories, subdirectories, and data ?les that
`comprise ?le system 9. Thus, the set of temporally ordered
`versions of each data ?le provides the third dimension to this
`extended ?le system 17. For example, as shown in FIG. 4,
`a ?rst instance 41 of a data ?le represents the initial creation
`of the, data ?le. As users access this data ?le. changes are
`made to the data ?le and recorded on the backup media 21
`as new instances of the data ?le 41. Each successively
`modi?ed version 42, 43 of the data ?le 41 represents a
`time-wise progression of the data ?le 41. The various
`versions 4* of data ?le 41 are noted in extended ?le system
`17 so that a user can identify a particular version of the data
`?le 41 that is desired when the data ?le 41 is to be restored
`or a prior version of the data ?le viewed. The entries in
`extended ?le system 17 include markers 44 to illustrate that
`the data ?le 4* was restored as version 43 to the memory of
`computer system 1 at a particular point in time. Furthermore,
`the deletion of this data ?le 4* is noted as entry 45 and a
`copy of the data ?le 4* as it existed at the time of deletion
`is temporarily stored in stash can memory 13 and later
`written to the backup media 21. The extended ?le system 17
`preserves the data from which ?le system 9 can be recreated,
`at any selected point in time, since the data storage and
`protection system 10 was activated in computer system 1.
`The baseline of extended ?le system 17 is the contents of ?le
`system 9 at the time the data storage and protection system
`10 was activated.
`
`Spine System
`The spine system 16 writes the selected data ?les as well
`as directory information on to the backup media 21 to enable
`the data storage and protection system 10 to later locate and
`retrieve data ?les that were stored on the backup media 21
`to recreate a single lost data ?le or to recreate the state of the
`computer system 1 at a selected point in time. The database
`14 provides the data ?le in need of backup information to
`graphical user interface system 15 which uses this informa
`tion to direct the creation of a spine system 16 plan, which
`is a listing of all data ?les stored in the ?le system 9 or stash
`can memory 13 that require backup the next time that the
`backup process is activated. The spine system 16 places the
`identi?ed data ?les in logical format and, when the backup
`process is activated, transmits each data ?le seriatim to the
`driver 18 which comprises a state machine that converts the
`data ?le to the physical format required to transmit the data
`?le via parallel port 5 (for example) to the backup device 20
`for storage on backup media 21.
`'
`The extended ?le system 17 can obviously grow in extent
`to occupy a signi?cant amount of memory of computer
`system 1. To limit the size of extended ?le system 17. the
`oldest section of extended ?le system 17 can be pruned from
`extended ?le system 17 and written to backup media 21 as
`with any other data ?le. The extended ?le system 17 then
`notes the existence of the pruned section of extended ?le
`system 17 located on backup media 21. If the user requests
`access to a data ?le that was stored on backup media 21 and
`
`5,638,509
`
`15
`
`20
`
`25
`
`35
`
`45
`
`55
`
`65
`
`Apple Inc. Exhibit 1010 Page 10
`
`

`

`5,638,509
`
`7
`whose extended ?le system information is also written to
`backup media 21. then spine system 16 must ?rst retrieve the
`pruned section of extended ?le system 17 from the backup
`media 21 to obtain the information relating to the location of
`the requested data ?le.
`
`Backup Device
`The backup device 20 is connected to the computer
`system via a communication interface, such as parallel port
`5 as described in copending patent application titled “Data
`Backup System for Personal Computers”. The backup
`device comprises a device that uses a rewriteable media to
`store large quantities of data for data storage and protection
`system 10. One example of such a backup device 20 is a tape
`drive that uses tape cassettes to store data. The data stored
`on this backup media 21 can require the use of multiple
`media elements, and data storage and protection system 10
`maintains a record of how many backup media elements are
`used and also writes data ?le directory information on to the
`media elements. Thus. the data ?le backup process results in
`a plurality of data ?les being written on backup media 21,
`which can be magnetic tape cassette media. The spine
`system 16 of data storage and protection system 10 writes a
`directory listing of all the data ?les that have been written on
`to the backup media 21 in this operation on the backup
`media 21. at the end of the backup media 21 so it can be
`simply and quickly located Thus. the backup media 21 is
`self de?ning, in that the directory data written thereon
`denotes which data ?les are written on the backup media 21
`and their temporal de?nition.
`Thus. the database 14 maintains a three-dimensional ?le
`system on the backup media 21. with the ?le system
`structure representing a two-dimensional presentation of the
`computer system memory and the temporal sequence of
`changes to all the data ?les in the ?le system representing a
`third dimension. Every data ?le that is selected by the user
`to be monitored and preserved by data storage and protec
`tion system 10 is stored on the backup media 21 in a time
`sequenced manner so that every version of the data ?le is
`resident on the backup media 21 and the directory data on
`the backup media 21 provides a history of all activity for this
`data ?le.
`
`Data File Retrieval/Reconstruction
`
`When the user requests that a selected data ?le be restored
`to a selected point in time, or the user restores the entirety
`of the computer system memory in response to a crash, the
`data storage and protection system 10 reviews the directory
`information stored in database 14 and/or on the backup
`media 21 and uses this data to identify the version of each
`data ?le that was resident on the computer system 1 at the
`selected point in time. The directory information also indi
`cates the physical location of each of these data ?le versions
`on the backup media 21. The data storage and protection
`system 10 then locates and retrieves each identi?ed data ?le
`from the backup media 21. The retrieved data ?les are then
`written to the computer system memory to recreate the state
`of the computer system memory at the selected point in time.
`FIGS. 5 and 6 illustrate in ?ow diagram form the opera
`tional steps taken by the data storage and protection system
`10 to restore the contents of the memory of computer system
`1 after a ?le system failure has occurred or to restore one or
`more data ?les identi?ed by the user to a selected point in
`time. An example of a ?le system failure in a personal
`computer is where a portion of the hard drive that contains
`the operating system. all application programs and user data
`
`5
`
`10
`
`15
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`?les has failed and all the data stored thereon is lost. The
`user could replace the hard drive with a new hard drive
`device or restore the lost data ?les to the remaining working
`section of the hard drive. This task is time consuming and.
`with present data backup systems, incomplete at best. The
`user typically desires to restore the computer system to the
`state that existed at the instant the computer system memory
`failed. Existing data backup systems can at best restore the
`computer system to the date of the last backup operation,
`and then only with extensive user intervention, since the
`application programs are typically not backed up and old
`little used data ?les must be recovered manually by the user
`or may even be lost on old overwritten backup tapes.
`The data storage and protection system 10 operates in the
`event described above to automatically recreate, the state of
`the memory of computer system 1. This is accomplished by
`the use of the virtual backup memory provided by stash can
`memory 13 and the backup tape 21.
`FIGS. 5 and 6 illustrate in ?ow diagram form the opera
`tional steps taken by the data storage and protection system
`10 to restore a data ?le that has been lost or to recall a
`version of the data ?le that previously existed on computer