Method and apparatus for encrypted remote copy for secure data backup and restoration

US 20060005048A1
Filed: 07/02/2004
Published: 01/05/2006
Est. Priority Date: 07/02/2004
Status: Active Grant

First Claim

Patent Images

1. A method, comprising the steps of:

encrypting original data stored at a source volume with an encryption algorithm;

storing the encrypted data in a target volume;

creating an encryption information record comprising identifiers for each of the source volume of the original data, the target volume, and the encryption algorithm used to encrypt the original data; and

storing the encryption information record at a location other than the source volume of the original data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data at a primary storage system is encrypted and remote copied to a secondary storage system. A Remote Copy Configuration Information (RCCI) is created that identifies the encryption mechanism, keys, data source volume, and target volume for the remote copy. The RCCI is backed up on a trusted computer system. In one embodiment, the secondary storage system is an off-site data storage system managed by a third party. Upon detection of a failure in the primary storage system, the encrypted data and RCCI are transferred to a tertiary server, which is optionally created upon detection of the failure, and operations of the failed primary server are resumed by the tertiary server. In one embodiment, the failure is detected by loss of a heart beat signal transmitted from the primary storage system to a management server that initiates the transfers to the tertiary server.

Citations

65 Claims

1. A method, comprising the steps of:
- encrypting original data stored at a source volume with an encryption algorithm;
  
  storing the encrypted data in a target volume;
  
  creating an encryption information record comprising identifiers for each of the source volume of the original data, the target volume, and the encryption algorithm used to encrypt the original data; and
  
  storing the encryption information record at a location other than the source volume of the original data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. The method according to claim 1, wherein:
    - the source location of the encrypted data comprises a source volume of a primary storage system;
      
      the target volume comprises a volume of a secondary storage system;
      
      the step of storing the encrypted data comprises a remote copy operation from an output of an encryption mechanism executing the encryption algorithm to the target volume of the secondary storage system; and
      
      the information record further comprises a Remote Copy Configuration Information (RCCI) comprising a volume ID of the source location of the original data, a volume ID of the target volume, and an ID and key(s) of an encryption algorithm used to encrypt the original data.
  - 3. The method according to claim 2, wherein the encryption algorithm ID comprises an indirect reference to the encryption algorithm.
  - 4. The method according to claim 1, wherein the step of storing the information record comprises storing the information record on a trusted storage system.
  - 5. The method according to claim 4, wherein the step of storing the information record further comprises transferring the information record from a primary storage system to the trusted storage system using a secure transfer.
  - 6. The method according to claim 1, wherein the step of storing the encrypted data comprises storing the encrypted data in the target volume on a remote storage system.
  - 7. The method according to claim 6, wherein the remote storage system is managed by a third party.
  - 8. The method according to claim 2, wherein the information record comprises a plurality of RCCIs.
  - 9. The method according to claim 8, wherein the step of storing the information record comprises storing the plurality of RCCIs on a trusted computer system.
  - 10. The method according to claim 1, further comprising the steps of:
    - detecting a failure in a primary storage system;
      
      transferring the encrypted data from the target volume to a tertiary storage system;
      
      decrypting the encrypted data; and
      
      restoring functionality of the primary storage system at the tertiary storage system using the decrypted data.
  - 11. The method according to claim 10, further comprising the step of backing up the information record upon detection of the failure.
  - 12. The method according to claim 10, further comprising the step of transferring the information record from a trusted computer system to the tertiary storage system.
  - 13. The method according to claim 10, wherein the tertiary storage system is the storage location of the information record.
  - 14. The method according to claim 1, further comprising the steps of:
    - detecting a failure on a primary storage system;
      
      restoring at least a portion of the encrypted data on a tertiary storage system; and
      
      meeting storage and retrieval needs of the primary storage system through the tertiary storage system.
  - 15. The method according to claim 14, wherein:
    - the step of restoring comprises, transferring at least a portion of the encrypted data from the target volume to the tertiary storage system, transferring the stored information record to the tertiary storage system, and decrypting at least a portion of the encrypted data onto a volume of the tertiary storage system.
  - 16. The method according to claim 14, further comprising the step of creating the tertiary storage system.
  - 17. The method according to claim 16, wherein the tertiary storage system is created after detecting the failure.
  - 18. The method according to claim 16, wherein the step of creating the tertiary storage system comprises pooling free storage space from at least one available storage system.
  - 19. The method according to claim 10, wherein the failure detection is performed using clustering technology.
  - 20. The method according to claim 10, further comprising the steps of:
    - determining if the failure includes loss of the information record at the primary storage system; and
      
      if the failure includes loss of the information record, then restoring the information record from the non source location.
  - 21. The method according to claim 10, wherein said step of detecting a failure comprises monitoring a heartbeat of the primary storage system.
  - 22. The method according to claim 21, wherein the heartbeat is wirelessly transmitted from the primary storage system to a management server configured to monitor a plurality of primary storage systems.
  - 23. The method according to claim 11, wherein the step of backing up the information record comprises storing a plurality of RCCIs on a smart card integrated into a disk controller.
  - 24. The method according to claim 12, wherein said step of transferring the information record comprises transferring the information record from a smart card to the tertiary storage system.
  - 25. The method according to claim 10, wherein:
    - said step of transferring the encrypted data comprises the steps of, creating a volume on the tertiary storage system;
      
      setting the target volume as a remote copy source volume using the target volume identifier; and
      
      performing a remote copy from the remote copy source volume to the volume created on the tertiary storage system.
  - 26. The method according to claim 25, further comprising the step of initiating the transfer upon receipt of an RCCI at a disk controller of the remote copy source volume.
  - 27. The method according to claim 25, further comprising the step of restricting access of the volume created on the tertiary server to a host identified in the information record.
  - 28. The method according to claim 25, wherein:
    - the information record includes a size of the original volume; and
      
      the step of creating a volume on the tertiary storage system comprises creating a volume at least equal to the size of the original volume as specified in the information record.
  - 29. The method according to claim 1, wherein:
    - said method is embodied in a set of computer instructions stored on a computer readable media;
      
      said computer instructions, when loaded into a computer, cause the computer to perform the steps of said method.
  - 30. The method according to claim 29, wherein said computer instruction are compiled computer instructions stored as an executable program on said computer readable media.
  - 31. The method according to claim 1, wherein said method is embodied in a set of computer readable instructions stored in an electronic signal.

32. A method, comprising the steps of:
- receiving an authentication request for storing an encryption information record from a primary storage system at a secure server, said encryption information record comprising identifiers for each of a source volume in the primary storage system storing original data, a target volume storing encrypted data of the original data, and an encryption algorithm used to encrypt the original data;
  
  verifying the authentication request at the secure server;
  
  if the authentication request is verified, storing the encryption information record on the secured server;
  
  transferring encrypted data from the target volume to a tertiary storage system;
  
  decrypting the encrypted data using the encryption information record at a tertiary server of the tertiary storage system; and
  
  resuming operations of the primary storage system at the tertiary server using the decrypted data.
- View Dependent Claims (33, 34, 35, 36, 37)
- - 33. The method according to claim 32, wherein the primary storage system, the tertiary storage system, and a system hosting the secure server are physically separate systems.
  - 34. The method according to claim 32, wherein the encryption information record is stored at the primary storage system and backed up at the secure server.
  - 35. The method according to claim 32, wherein the authentication request is initiated by a management server that monitors a heartbeat of the primary storage system.
  - 36. The method according to claim 32, wherein the authentication request comprises an authentication token.
  - 37. The method according to claim 32, wherein the encryption information record comprises at least one RCCI.

38. A data system, comprising:
- a primary storage system comprising at least one source volume of data storage stored with original data;
  
  a secondary storage system comprising at least one target volume of data storage stored with an encrypted backup copy of the original data; and
  
  a management server;
  
  wherein;
  
  the primary storage system further comprises cryptographic information and a decryption and restoration mechanism to decrypt and restore encrypted data from the secondary storage system to the primary storage system, said cryptographic information including identifiers for each of said source volume of the original data, said target volume, and an encryption algorithm used to encrypt the original data; and
  
  the management server maintains a back-up copy of the cryptographic information.
- View Dependent Claims (39, 40, 41, 42)
- - 39. The data system according to claim 38, wherein the management server is configurable as a tertiary storage system comprising at least one volume of data storage and a restoration mechanism to decrypt and restore encrypted data from the secondary storage system to the tertiary storage system.
  - 40. The data system according to claim 38, further comprising:
    - an encryption and save device configured to encrypt the data stored on the primary storage system and save the encrypted data to the secondary storage system.
  - 41. The data system according to claim 38, wherein the management server further comprises a monitoring device configured to monitor heartbeat signals transmitted from the primary storage system.
  - 42. The data system according to claim 38, wherein the management server is configured to restore the source volume at a tertiary storage system upon loss of a heartbeat signal from the primary storage system.

43. A data system, comprising:
- a primary storage system comprising at least one data volume and an encryption mechanism configured to encrypt and remote copy original data stored on the primary storage system;
  
  a secondary storage system comprising at least one data volume; and
  
  a secure system;
  
  wherein the primary storage system is configured to encrypt data stored on the primary storage system, remotely copy the encrypted data to the secondary storage system, prepare a remote copy configuration information (RCCI) record identifying information the encrypted data that is remotely copied to the secondary storage system, and transfer the RCCI to the secure system, and said RCCI record includes identifiers for each of an source volume in the primary storage system storing the original data, an target volume in the secondary storage system storing the encrypted data, and an encryption algorithm used to encrypt the original data.
- View Dependent Claims (44, 45, 46, 47, 48, 49)
- - 44. The data system according to claim 43, wherein the secure system is a secure module that is part of the secondary storage system.
  - 45. The data system according to claim 43, wherein the secure system comprises a trusted computer system.
  - 46. The data system according to claim 43, wherein the secure system is a secure module comprising a smart card device integrated into a disk controller of the secondary storage system.
  - 47. The data system according to claim 43, wherein the secure system is part of a tertiary storage system comprising at least one data volume and is configured to decrypt encrypted data transferred from the secondary storage system to the tertiary storage system.
  - 48. The data system according to claim 43, further comprising a management server configured to create a tertiary server upon detection of a failure in the primary storage system, and restore data of the primary storage system to the tertiary storage system by decrypting encrypted data from the secondary storage system using RCCIs corresponding to the encrypted data.
  - 49. The data system according to claim 48, wherein the management server comprises a monitoring device configured to monitor heart beat signals from the primary storage system.

50. A method, comprising the steps of:
- encrypting original data stored in a source volume of data of a primary storage system;
  
  storing the encrypted data to a target volume on a secondary storage system; and
  
  storing information identifying the encryption on at least one restoration capable storage system, said information identifying the encryption including identifiers for each of the source volume, the target volume, and an encryption algorithm used to encrypt the original data, wherein said at least one restoration capable storage system is configured to perform restoration of the encrypted data from the secondary storage system.
- View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58)
- - 51. The method according to claim 50, wherein the at least one restoration capable storage system comprises the primary storage system and a tertiary storage system.
  - 52. The method according to claim 51, wherein only the primary storage system and the tertiary storage system are configured to perform restoration of data from the secondary storage system.
  - 53. The method according to claim 50, wherein the information identifying the encryption comprises a Remote Copy Configuration Information (RCCI) record comprising a source volume ID, a target volume ID, an encryption algorithm ID, and at least one encryption key.
  - 54. The method according to claim 53, wherein the RCCI record includes at least one pointer.
  - 55. The method according to claim 53, wherein the encryption algorithm ID comprises a pointer to an encryption algorithm.
  - 56. The method according to claim 53, wherein the RCCI record further includes volume information, and access control information.
  - 57. The method according to claim 56, wherein the volume information comprises the volume IDs and volume sizes.
  - 58. The method according to claim 53, wherein the RCCI record further includes a volume size, a copy method, access control information, a target storage system ID, and a source storage system ID.

59. A method comprising the steps of:
- encrypting original data stored in a source volume;
  
  creating an information record identifying an encryption mechanism and a key used to encrypt the original data; and
  
  storing the information record in a target volume, wherein the information record includes identifiers for each of the source volume, the target volume, and an encryption algorithm used to encrypt the original data.
- View Dependent Claims (60, 61, 62, 63, 64, 65)
- - 60. The method according to claim 59, wherein the step of storing comprises storing the information record at both a source location of the original data and at a second location different from the source location.
  - 61. The method according to claim 60, wherein the second location comprises a trusted system.
  - 62. The method according to claim 59, further comprising the step of performing a remote copy of the encrypted data.
  - 63. The method according to claim 62, wherein the step of performing a remote copy transfers the encrypted data to a storage system without encryption or decryption facilities operative on the encrypted data.
  - 64. The method according to claim 62, wherein the step of performing a remote copy transfers the encrypted data to an unsecure storage system.
  - 65. The method according to claim 62, wherein the step of performing a remote copy transfers the encrypted data to a storage system accessible over a public network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Yagawa, Yuichi, Osaki, Nobuyuki

Granted Patent

US 7,383,462 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 11/1458   Management of the backup or...

G06F 11/1464   for networked environments

G06F 11/1469   Backup restoration techniques

G06F 21/6218   to a system of files or obj...

H04L 9/0894   Escrow, recovery or storing...

Method and apparatus for encrypted remote copy for secure data backup and restoration

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for encrypted remote copy for secure data backup and restoration

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links