×

Distribution of storage area network encryption keys across data centers

  • US 8,989,388 B2
  • Filed: 04/02/2008
  • Issued: 03/24/2015
  • Est. Priority Date: 04/02/2008
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • receiving, at a device including a processor and a non-transitory memory, a request to transfer key information from a source data center to a destination data center, the key information corresponding to a data block maintained in a storage area network (SAN);

    identifying at the device, a source data center key object corresponding to the data block wherein the source data center key object includes a unique identifier, an encrypted key, and a wrapper unique identifier;

    decrypting, at the device, the encrypted key using a source data center key hierarchy Such that a key is obtained, wherein decrypting the encrypted key comprises using keying material accessed using the wrapper unique identifier, the wrapper unique identifier referencing another key object at a key management center in the source data center;

    transmitting, at the device, the key information including the key from the source data center to the destination data center; and

    generating, at the device, a destination data center key object from the key information using a destination data center key hierarchy.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×