I/o authorization control in shared storage systems

1 . A method for limiting I/O access in a shared storage system, the method comprising: establishing, for a volume, a list of address spaces that are authorized to access the volume; receiving an I/O request to access the volume; determining whether the I/O request originates from one of the address spaces identified in the list; if the I/O request originates from one of the address spaces in the list, passing the I/O request to the volume; and if the I/O request does not originate from one of the address spaces in the list, blocking the I/O request. 2 . The method of claim 1 , further comprising passing the I/O request to the volume if the I/O request is a system-level I/O request, regardless of whether the I/O request originates from one of the address spaces identified in the list, wherein the system-level I/O request is an I/O request that is associated with operating system or system recovery operations. 3 . The method of claim 1 , wherein the volume is one of a logical volume and a physical volume. 4 . The method of claim 1 , further comprising setting an error code in the event the I/O request is blocked. 5 . The method of claim 1 , wherein the list of address spaces is implemented as a hash table. 6 . The method of claim 1 , wherein each address space is associated with a particular job name. 7 . The method of claim 1 , wherein the list is maintained at the host-system level. 8 . A computer program product for limiting I/O access in a shared storage system, the computer program product comprising a non-transitory computer-readable storage medium having computer-usable program code embodied therein, the computer-usable program code configured to perform the following when executed by at least one processor: establish, for a volume, a list of address spaces that are authorized to access the volume; receive an I/O request to access the volume; determine whether the I/O request originates from one of the address spaces identified in the list; if the I/O request originates from one of the address spaces in the list, pass the I/O request to the volume; and if the I/O request does not originate from one of the address spaces in the list, block the I/O request. 9 . The computer program product of claim 8 , wherein the computer-usable program code is further configured to pass the I/O request to the volume if the I/O request is a system-level I/O request, regardless of whether the I/O request originates from one of the address spaces identified in the list, wherein the system-level I/O request is an I/O request that is associated with operating system or system recovery operations. 10 . The computer program product of claim 8 , wherein the volume is one of a logical volume and a physical volume. 11 . The computer program product of claim 8 , wherein the computer-usable program code is further configured to set an error code in the event the I/O request is blocked. 12 . The computer program product of claim 8 , wherein the list of address spaces is implemented as a hash table. 13 . The computer program product of claim 8 , wherein each address space is associated with a particular job name. 14 . The computer program product of claim 8 , wherein the list is maintained at the host-system level. 15 . A system for limiting I/O access in a shared storage system, the system comprising: at least one processor; at least one memory device operably coupled to the at least one processor and storing instructions for execution on the at least one processor, the instructions causing the at least one processor to: establish, for a volume, a list of address spaces that are authorized to access the volume; receive an I/O request to access the volume; determine whether the I/O request originates from one of the address spaces identified in the list; if the I/O request originates from one of the address spaces in the list, pass the I/O request to the volume; and if the I/O request does not originate from one of the address spaces in the list, block the I/O request. 16 . The system of claim 15 , wherein the instructions further cause the at least one processor to pass the I/O request to the volume if the I/O request is a system-level I/O request, regardless of whether the I/O request originates from one of the address spaces identified in the list, wherein the system-level I/O request is an I/O request that is associated with operating system or system recovery operations. 17 . The system of claim 15 , wherein the volume is one of a logical volume and a physical volume. 18 . The system of claim 15 , wherein the instructions further cause the at least one processor to set an error code in the event the I/O request is blocked. 19 . The system of claim 15 , wherein the list of address spaces is implemented as a hash table. 20 . The system of claim 15 , wherein each address space is associated with a particular job name.