×

Storage system for data encryption

  • US 7,627,756 B2
  • Filed: 09/23/2005
  • Issued: 12/01/2009
  • Est. Priority Date: 07/21/2005
  • Status: Expired due to Fees
First Claim
Patent Images

1. A storage system, comprising:

  • a host interface connected via a network to a host computer;

    a disk interface connected to a disk drive;

    a memory module that stores control information of the storage system and that functions as a cache memory;

    a processor that controls the storage system;

    a mature network that interconnects the host interface, the disk interface, the memory module, and the processor; and

    an encryption module that encrypts data read/written by the host computer,wherein the processor;

    reads data from a given area of the disk drive or of the memory module,decrypts the read data with an encryption key corresponding to this data,encrypts the decrypted data with an encryption key different from the one that has just been used to decrypt the data, andwrites the encrypted data in an area different from the given area;

    wherein, the processor;

    reads data from the first logical volume,decrypts the read data with an encryption key assigned to the first logical volume,encrypts the decrypted data with an encryption key assigned to the second logical volume, andcopies data in the first logical volume to the second logical volume by writing the encrypted data in the second logical volume;

    wherein the first logical volume and the second logical volume are paired with each other as a copy pair,wherein the processor;

    when the host computer makes a request for write data in the first logical volume, encrypts the data to be written to the disk drive with an encryption key assigned to the first logical volume, and writes the encrypted data in the first logical volume and in the second logical volume, andwhen there is a change in copy pair state, changes the encryption key assigned to the first logical volume to another encryption key, encrypts the write data with the replacement encryption key, and writes the encrypted data in the first logical volume.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×