Securing data using per tenant encryption keys
First Claim
1. In a data storage system, a method of securing data on a set of storage drives, the method comprising:
- encrypting data from a first tenant using a first tenant key to form first tenant encrypted data and storing the first tenant encrypted data on the set of storage drives;
encrypting data from a second tenant using a second tenant key to form second tenant encrypted data and storing the second tenant encrypted data on the set of storage drives, each of the first tenant and the second tenant being one of a department within an enterprise, a host computer, and a virtual machine, the first tenant being different from the second tenant, and the first tenant key and the second tenant key being per tenant keys that are different from each other; and
destroying the first tenant key to prevent the first tenant encrypted data stored on the set of storage drives from being decrypted while maintaining the second tenant key to enable decryption of the second tenant encrypted data stored on the set of storage drives,wherein the storing of the first tenant encrypted data on the set of storage drives includes;
encrypting the first tenant encrypted data using per drive encryption keys that are different from the per tenant keys to form first tenant doubly-encrypted data; and
storing the first tenant doubly-encrypted data on the set of storage drives, the data storage system including (i) processing circuitry configured to perform host input/output (I/O) operations on behalf of the first and second tenants, and (ii) I/O expansion circuitry, coupled to the processing circuitry, providing at least one additional input and output for the data storage system, andwherein the encrypting of the first tenant encrypted data using the per drive encryption keys includes;
provisioning the I/O expansion circuitry with the per drive encryption keys;
providing access to the first tenant encrypted data for the I/O expansion circuitry; and
performing the encrypting of the first tenant encrypted data within the I/O expansion circuitry to form the first tenant doubly-encrypted data using the per drive encryption keys.
9 Assignments
0 Petitions
Accused Products
Abstract
One embodiment is directed to a technique which secures data on a set of storage drives of a data storage system. The technique involves encrypting data from a first tenant using a first tenant key to form first tenant encrypted data and storing the first tenant encrypted data on the set of storage drives. The technique further involves encrypting data from a second tenant using a second tenant key to form second tenant encrypted data and storing the second tenant encrypted data on the set of storage drives, the first tenant being different from the second tenant, and the first tenant key and the second tenant key being per tenant keys which are different from each other. The technique further involves destroying the first tenant key to prevent the first tenant encrypted data stored on the set of storage drives from being decrypted while maintaining the second tenant key to enable decryption of the second tenant encrypted data stored on the set of storage drives.
90 Citations
16 Claims
-
1. In a data storage system, a method of securing data on a set of storage drives, the method comprising:
-
encrypting data from a first tenant using a first tenant key to form first tenant encrypted data and storing the first tenant encrypted data on the set of storage drives; encrypting data from a second tenant using a second tenant key to form second tenant encrypted data and storing the second tenant encrypted data on the set of storage drives, each of the first tenant and the second tenant being one of a department within an enterprise, a host computer, and a virtual machine, the first tenant being different from the second tenant, and the first tenant key and the second tenant key being per tenant keys that are different from each other; and destroying the first tenant key to prevent the first tenant encrypted data stored on the set of storage drives from being decrypted while maintaining the second tenant key to enable decryption of the second tenant encrypted data stored on the set of storage drives, wherein the storing of the first tenant encrypted data on the set of storage drives includes; encrypting the first tenant encrypted data using per drive encryption keys that are different from the per tenant keys to form first tenant doubly-encrypted data; and storing the first tenant doubly-encrypted data on the set of storage drives, the data storage system including (i) processing circuitry configured to perform host input/output (I/O) operations on behalf of the first and second tenants, and (ii) I/O expansion circuitry, coupled to the processing circuitry, providing at least one additional input and output for the data storage system, and wherein the encrypting of the first tenant encrypted data using the per drive encryption keys includes; provisioning the I/O expansion circuitry with the per drive encryption keys; providing access to the first tenant encrypted data for the I/O expansion circuitry; and performing the encrypting of the first tenant encrypted data within the I/O expansion circuitry to form the first tenant doubly-encrypted data using the per drive encryption keys. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. Electronic data storage circuitry, comprising:
-
a set of storage drives; memory; I/O expansion circuitry providing at least one additional input and output for the electronic data storage circuitry; and processing circuitry coupled to the set of storage drives, the memory, and the I/O expansion circuitry, the memory storing instructions that, when carried out by the processing circuitry, cause the processing circuitry to; encrypt data from a first tenant using a first tenant key to form first tenant encrypted data and store the first tenant encrypted data on the set of storage drives; encrypt data from a second tenant using a second tenant key to form second tenant encrypted data and store the second tenant encrypted data on the set of storage drives, each of the first tenant and the second tenant being one of a department within an enterprise, a host computer, and a virtual machine, the first tenant being different from the second tenant, and the first tenant key and the second tenant key being per tenant keys that are different from each other; destroy the first tenant key to prevent the first tenant encrypted data stored on the set of storage drives from being decrypted while maintaining the second tenant key to enable decryption of the second tenant encrypted data stored on the set of storage drives; encrypt the first tenant encrypted data using per drive encryption keys that are different from the per tenant keys to form first tenant doubly-encrypted data; store the first tenant doubly-encrypted data on the set of storage drives; provision the I/O expansion circuitry with the per drive encryption keys; output the first tenant encrypted data from the processing circuitry into the I/O expansion circuitry; and performing the encrypting of the first tenant encrypted data within the I/O expansion circuitry using the per drive encryption keys. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product having a non-transitory computer readable medium that stores a set of instructions to manage data on a set of storage drives of a data storage system, the set of instructions, when carried out by computerized circuitry, causing the computerized circuitry to perform a method of:
-
encrypting data from a first tenant using a first tenant key to form first tenant encrypted data and storing the first tenant encrypted data on the set of storage drives; encrypting data from a second tenant using a second tenant key to form second tenant encrypted data and storing the second tenant encrypted data on the set of storage drives, each of the first tenant and the second tenant being one of a department within an enterprise, a host computer, and a virtual machine, the first tenant being different from the second tenant, and the first tenant key and the second tenant key being per tenant keys that are different from each other; and destroying the first tenant key to prevent the first tenant encrypted data stored on the set of storage drives from being decrypted while maintaining the second tenant key to enable decryption of the second tenant encrypted data stored on the set of storage drives, wherein the storing of the first tenant encrypted data on the set of storage drives includes; encrypting the first tenant encrypted data using per drive encryption keys that are different from the per tenant keys to form first tenant doubly-encrypted data; and storing the first tenant doubly-encrypted data on the set of storage drives, the data storage system including (i) processing circuitry configured to perform host input/output (I/O) operations on behalf of the first and second tenants, and (ii) I/O expansion circuitry, coupled to the processing circuitry, providing at least one additional input and output for the data storage system, and wherein the encrypting of the first tenant encrypted data using the per drive encryption keys includes; provisioning the I/O expansion circuitry with the per drive encryption keys; outputting the first tenant encrypted data from the processing circuitry into the I/O expansion circuitry; and performing the encrypting of the first tenant encrypted data within the I/O expansion circuitry using the per drive encryption keys.
-
Specification