Storage system and disk array users are highly sensitive to data security concerns. For example, confidential data on replacement disk drives may be carried from secured premises by outside service personnel. In one incident, an old disk drive from an Automated Teller Machine (ATM) was purchased on a resale market and found to contain thousands of account numbers.
Although concerns regarding security of disk drive data have been known for many years, better data security techniques are sought. Recent legislation imposes financial penalties on companies that allow private customer data to leave the company's control without authorization. For example, California law SB 1386 requires an agency, person, or business that conducts business in California and owns or licenses computerized “personal information” to disclose any breach of security to any resident whose unencrypted data is believed to have been disclosed.
For most business entities, strong encryption such as 256-bit Advanced Encryption Standard (AES) may solve the problem of disk drives that leave the control of the business as well as enabling security of remotely-replicated data. However, encryption has not solved all difficulties.
Two data security approaches are conventionally used. In a first approach, a dedicated encryption appliance is placed between an application host and a disk array. In a second approach, a host system includes a host operating system driver stack with an encryption capability. The approaches have limitations and supply data security for only one host or at most a few hosts in an enterprise class disk array that may possibly include hundreds or more hosts.
A method for securing data stored in a disk array storage system comprises communicating data between at least one host system and a disk array and selectively encrypting and decrypting the communicated data within the disk array on a per-logical unit/per-disk basis.
Embodiments of the invention relating to both structure and method of operation, may best be understood by referring to the following description and accompanying drawings:
An illustrative storage system and operating method solves data security concerns by including an encryption architectural element within a disk array. The encryption element may be interposed between a channel host adapter and a duplexed write cache. The encryption element can optionally and selectively perform encryption and/or decryption either directly, using resources internal to the array, or via an optional external encryption/decryption hardware assistance blade or module.
Inclusion of the encryption element within a disk array enables centralized, transparent, and flexible data security in a manner that protects not only data from exposure via removal from the secured premises during repair and replacement of disk drives, but also data exposed to interception on communication to a remote replication or storage site. All hosts connected to a disk array with internal security benefit from the security services, not merely a few hosts attached to a security device exterior to a disk array. Inclusion of the encryption element within a disk array also facilitates efficient data security capabilities for a system administrator or user by avoiding or eliminating difficulties associated with connecting an external encryption device into a system. The disk array with internal encryption element isolates the system administrator or user from the intricacies and responsibility associated with encryption, decryption, key management, and secure key transfer. System administrators and users often have little expertise in data encryption aspects including technical knowledge of encryption and decryption, key management, key archiving, and secure key transfer, as well as a lack of familiarity with trusted manufacturers and equipment and service providers. Accordingly, system administrators and users may be reluctant to deal with selection, installation, and maintenance and service of external devices and components that can be connected into a network. A disk array with internal data security capability supplies secure data handling in a transparent and centralized manner.
Referring to
The illustrative embodiment shows a disk array 102 with a plurality of channel host adapters 106 which are adapted to communicate data among multiple host systems 108. A disk array 102 commonly has many channel host adapters 106. An example implementation may have 1 to 32 channel host adapters 106, each supplying multiple, for example 1-32, external ports for connection to devices such as application hosts. Other examples may have more channel host adapters and/or more external ports. The disk array 102 further includes one or more disk controllers 110 and an array of storage disks 112 with connections distributed among the disk controllers 110. A disk array 102 also commonly has many disk controllers 110. An example implementation may have 1-16 disk controllers 110, each of which controls multiple disks, for example up to 64 disks such as Fibre Channel disks. Other disk array embodiments may have more than sixteen disk controllers, possibly controlling a larger number of disks.
A duplexed cache 114 is coupled between the plurality of channel host adapters 106 and the disk controllers 110. The encryption/decryption processor 104 is coupled between the channel host adapters 106 and the duplexed cache 114.
The depicted disk array 102 further includes an interface 116 that is adapted to optionally interconnect the encryption/decryption processor 104 to an encryption/decryption assistance module 118 which may be either inside or outside the disk array 102.
In some embodiments, the disk array 102 may include logic 120 to generate a unique per-array encryption key for usage in encryption operations.
The encryption/decryption processor 104 operates as an accessory architectural element that can be added to a disk array 102, even a conventional disk array arrangement, to selectively enable data encryption and decryption services on a per-logical unit and/or per-disk basis. Accordingly, a system administrator or user can optionally enable or disable encryption, on the per-logical unit/per-disk basis. Any protected disk drive maintains security, even in cases that a drive is removed from the secured environment for repair.
If the target disk of the designated logical unit is included on a list of encrypted target disks so that data encryption is selected for particular write data, the encryption/decryption processor 104 encrypts the data and writes (C) the encrypted data to the duplexed cache 114. A channel host adapter 106, either the same adapter that received the write request or a different adapter of the plurality of channel host adapters 106 as shown in the example, transfers (D) the synchronous replication of encrypted data from the local cache 114 to a cache in a remote disk array. In combination with the transfer (D), the channel host adapter 106 which received the write data in action (A) sends a signal to the host 108 indicating completion of the write operation.
Logic in the disk array 102 maps (E) the requested logical unit to the disk controller 110 designated by data write command and communicates target data location and destination to the disk controller 110. Logic also maintains a list of the logical units and disks which store encrypted data. The disk controller 110 writes (F) the data to the designated storage disk or disks 112.
For data that is encrypted, the data is stored locally, in the original disk array 102 that receives the write data from the host 108, and the encrypted data is replicated in the encrypted form, regardless of which of the potentially hundreds or more hosts originated the data. Accordingly, encrypted data involved in remote replication or storage maintains protection. For example, the illustrative storage apparatus 100 may be used with HP StorageWorks™ Continuous Access XP Extension technology to supply secure high-availability and disaster recovery with host-independent real-time remote data mirroring between XP disk arrays. The illustrative storage apparatus 100 may further be used with HP StorageWorks™ External Storage XP technology to enable storage of disk array datasets on external storage subsystems. HP StorageWorks™, Continuous Access, External Storage, and associated XP extension technology are made available by Hewlett-Packard Company of Houston, Tex.
When data enters a disk array 102 as remotely replicated and in previously encrypted form, metadata associated with the data signals to the encryption/decryption processor that the data is previously encrypted, enabling the data to pass through the encryption/decryption processor, bypassing the encryption operation. The metadata may also include a secured version of the data decryption key for the particular data, which is saved in a shared memory table on the receiving storage array.
Referring to
The logic 220 may be configured to map a requested logical unit to one or more of the storage disks 212. The logic 220 may designate the data location and destination, and maintain a list of logical units and disks that store encrypted data in the memory table 224.
An internal crossbar switch enables fast, efficient switching with direct point-to-point connections. The shared memory 222 stores command and control data, enabling the entire data cache 214 to be allocated for quick access to user data. The shared memory 222 is independent of the cache 214 and is used to store tables, side files, and other overhead information, thus freeing the cache 214 for user data. The shared memory 222 may also be used to store system configuration mapping of system components, logical unit (LUN) maps, cache pointers, hit rates, and RAID levels, as well as encryption information such as encryption enabling and key storage. Client Host Interface Processors (CHIP) 206 may be used as channel host adapters and arranged in pairs supporting connections from host servers to the disk array 202. In an illustrative embodiment, the Client Host Interface Processor (CHIP) pairs may be configured as 4-port and 8-port Fibre Channel (FC) adapter pairs, or as 4-port and 8-port Extended serial interface (ExSA), ESCON (Enterprise System CONnection)-compatible adapter pairs.
Array Control Processors (ACP) 210 function as disk controllers for the array of disks 212. The Array Control Processors 210 in the illustrative embodiment may also be configured in pairs for redundancy. ACP functions include managing read and write operations to the disks 212, read miss staging, and write destaging from the cache 214. The Array Control Processors 210 may also perform media protection, for example by techniques such as dynamic spares, mirrored storage in RAID 0/1 (Redundant Array of Independent Disks), dynamic data rebuild, and hardware RAID 5 parity generation.
The illustrative data cache 214 is a dynamic duplex cache functioning as an area of cache set aside for “write” data. All data written to the cache 214 is written to the dynamic duplex cache 214 and is duplicated across power boundaries for a system that includes a fully redundant battery. The write cache percentage may be modified manually or dynamically.
A fast write occurs when the cache 214 is not full and does not need to be destaged to the disk 212 before the write can occur. The CHIP 206 may initiate a search on the cache directory in shared memory 222 to determine whether an old copy of the data to be written remains in the cache 214 and whether cache space remains available. Data is transferred from the host to the cache 214 and duplexed to first and second sub-caches within the cache 214 on different sides of a power boundary. A cache directory in shared memory 222 is modified to reflect the most recently used data. The host is notified of I/O (input/output) completion. Data in the cache 214 is destaged to a disk 212 in a background operation. Data is written to both cache areas in the duplex cache 214 to enable data restoration if a cache error occurs before the data is written to physical disk 212 when only a single copy of the data is in the cache. After successful destaging of the data to the disk, the cache data is switched into the read area and only one copy is maintained in the cache 214.
A deferred write occurs if the duplex write cache is at a write limit and cannot accept new data before destaging a cache block to a disk 212. The CHIP 206 initiates a search on the cache directory in shared memory 222 and identifies that the cache 214 is full. The least recently used data is identified and destaged to disk 212. After the least recently used data is destaged, the data is transferred from the host to the cache 214 and duplexed to both cache subdivisions. The cache directory is updated to reflect the most recently used data, and the host is notified of I/O completion. Data in the cache 214 is destaged to the disk 212 in the background.
The disk array 202 maintains the shared memory table 224 to track logical units and/or disks which are designated to hold encrypted data and accordingly to manage encryption and decryption operations. An entry in the shared memory table 224 is made at the time of disk formatting and applies to all logical units using the disk. If local array resources are sufficient, or if local response times are not critical, the encryption/decryption processor 204 performs data encryption and/or decryption operations without assistance. Otherwise, the encryption/decryption processor 204 may operate in combination with an optional encryption/decryption hardware assistance blade such as the module 118 shown in
Referring to
In the exemplified storage system 300, the encryption/decryption processor 302 has a first buffer 304 configured to couple to a plurality of channel host adapters 306. The first buffer 304 holds data passing to and from multiple host systems. The encryption/decryption processor 302 has a second buffer 308 configured to couple to a duplexed cache 310. The second buffer 308 holds data passing to and from the duplexed cache 310. An encryption/decryption engine 312 is coupled between the first buffer 304 and the second buffer 308 and may be operated to encrypt and decrypt selected data.
The encryption/decryption processor 302 may have a pass-through link 314 coupled between the first buffer 304 and the second buffer 308 that passes data between the buffers 304, 308, bypassing the encryption/decryption engine 312 for usage with logical units and disks that store unencrypted data and in conditions when data encryption and decryption is inappropriate or unwarranted. Control logic 316 controls operations of the encryption/decryption engine 312 and the pass-through link 314. For data that is to be encrypted or decrypted, the control logic 316 activates the encryption/decryption engine 312. For logical units or disks storing non-encrypted data or for conditions in which encryption or decryption is inappropriate, the control logic 316 disables the encryption/decryption engine 312 and activates the pass-through link 314.
The control logic 316 is shown which communicates with a memory table 322 configured to hold information shared among an array of storage disks and logical units associated with the storage disk array. The memory table 322 tracks storage disks and logical units that store encrypted data according to a predetermined designation. In some embodiments, the control logic 316 may be adapted to generate a unique per-array encryption key for usage in encryption.
The illustrative encryption/decryption processor 302 has an interface 318 coupled to the control logic 316 that is adapted to optionally and selectively interconnect the encryption/decryption processor 302 with an encryption/decryption assistance module 320.
During write operations, the encryption/decryption engine 312 optionally performs a suitable data encryption function on the data received from the first buffer 304 and transfers the result in the second buffer 308 for transfer to the duplexed cache 310. Examples of suitable encryption functions include Data Encryption Standard (DES), triple-DES, 256-bit Advanced Encryption Standard (AES), and the like.
During read operations, the encryption/decryption engine 312 receives data from the cache 310 via the second buffer 308 and decrypts the data, passing the decrypted data to the first buffer 304 for access by the channel host adapters 306. If the optional encryption/decryption assistance module 320 is installed and activated, the encryption/decryption engine 312 may use the encryption/decryption assistance module 320 to conserve disk array resources. The pass-through link 314 is used if encryption and/or decryption services are not warranted, for example when encryption and/or decryption services are not enabled for a particular logical unit and/or disk. Encryption and/or decryption services are also not used when previously encrypted data originating from a remote replication link is destaged or stored.
The disks to be associated with encryption are designated during formatting. All logical units on a particular disk drive within a disk array have encryption either enabled or disabled. For example, the default condition may designate encryption status as disabled with encryption enabled only at the time of disk formatting. The encryption status for the disk is noted and stored in the shared memory table 322. When the encryption/decryption engine 312 is activated, the shared memory table 322 is checked by control logic 316. If the table entry for the associated disk drive is set to ‘disabled’ or ‘off’, or if the data is arriving in a pre-encrypted condition over a remote replication link, then the encryption/decryption engine 312 and the pass-through link 314 are controlled to pass the data through without alteration. Otherwise, the encryption/decryption engine 312 performs the encryption operation, for example encrypting for writes and decrypting for reads from the perspective of the application host.
The control logic 316 also ensures that a logical unit is consistent in usage of encryption. For example, if a logical unit spans multiple disks, encryption is enabled or disabled consistently across all the logical unit-associated disks.
In a host write operation, the disk array receives a host write from a host at the disk array that designates logical unit, track, sector, and length information. Within the disk array, the data may be selectively encrypted, based on predetermined per-logical unit and/or per-disk selection, for the host write operation. The selectively encrypted or non-encrypted write data is cached and may be transferred to a remote array cache. The disk array returns a write-complete message to the host, maps the requested logical unit to one or more designated disk controllers, and informs the target designated disk controllers of write data location and destination. Data is written to the designated disks.
In a host read operation, the disk array receives a read request from a host that designates logical unit, track, sector, and length information and checks for a cache hit indicative that the read request data is cached. If cache hit status is not affirmative, the disk array reads data from disks designated by the read request. Read data that is previously encrypted on a per-logical unit and/or per-disk basis is decrypted within the disk array. Previously non-encrypted data is passed through without decrypting. The requested read data is transferred to the host in combination with a read-complete indication.
In some embodiments, a storage system may implement functionality of key management between disk arrays. Key management eliminates or alleviates user responsibility for key creation. The disk array may generate a unique per-array key by defining a seed value for usage in a random number generator. In one example, the disk array may use the current date and time designating the moment at which the license key is enabled as the seed value of a suitable bit size. A common bit size is 256 bits although any other suitable bit size may be implemented. In another example, the disk array may receive a value over a network, such as the Internet, by making a request for a key or a secure key generator value.
In some examples, the disk array engaging in remote replication use identical encryption/decryption keys. In other, possibly more flexible examples, the disk array engaging in remote replication may use a shared memory table entry for a logical unit that is remotely written from another disk array and also contains the appropriate and correct key for the logical unit's data. Remote replication metadata can transfer the key to the remote array via standard secure key transfer techniques such as, for example, a 1024-bit RSA (Rivest, Shamir, and Adelman) algorithm for secure encryption key exchange.
A disk array may also perform de-staging of remotely-replicated encrypted or non-encrypted data. The disk array receives remotely-replicated data, parses the remotely-replicated data to ensure completeness and ordering, and checks the remotely-replicated metadata according to a shared memory table that is used to track encrypted data stored in identified storage disks and logical units. The disk array passes the remotely-replicated data without encryption, either on the basis that the data was previously encrypted or that the associated logical unit and/or disk stores non-encrypted data. The disk array maps a logical unit and writes the remotely-replicated data to storage.
Referring to
A disk array may also perform remotely-replicated read operations of encrypted or non-encrypted data. During suspension of a replicated pair, the disk array receives a read request from a local host. The read request designates target information such as logical unit, track, sector, and length information. For a read request that is a cache hit, requested non-encrypted data is transferred directly from the cache to the local host by way of second buffer 308, pass-through link 314, and first buffer 304 shown in
The various functions, processes, methods, and operations performed or executed by the system can be implemented as programs that are executable on various types of processors, controllers, central processing units, microprocessors, digital signal processors, state machines, programmable logic arrays, and the like. The programs can be stored on any computer-readable medium for use by or in connection with any computer-related system or method. A computer-readable medium is an electronic, magnetic, optical, or other physical device or means that can contain or store a computer program for use by or in connection with a computer-related system, method, process, or procedure. Programs can be embodied in a computer-readable medium for use by or in connection with an instruction execution system, device, component, element, or apparatus, such as a system based on a computer or processor, or other system that can fetch instructions from an instruction memory or storage of any appropriate type. A computer-readable medium can be any structure, device, component, product, or other means that can store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
The illustrative block diagrams and flow charts depict process steps or blocks that may represent modules, segments, or portions of code that include one or more executable instructions for implementing specific logical functions or steps in the process. Although the particular examples illustrate specific process steps or acts, many alternative implementations are possible and commonly made by simple design choice. Acts and steps may be executed in different order from the specific description herein, based on considerations of function, purpose, conformance to standard, legacy structure, and the like.
While the present disclosure describes various embodiments, these embodiments are to be understood as illustrative and do not limit the claim scope. Many variations, modifications, additions and improvements of the described embodiments are possible. For example, those having ordinary skill in the art will readily implement the steps necessary to provide the structures and methods disclosed herein, and will understand that the process parameters, materials, and dimensions are given by way of example only. The parameters, materials, and dimensions can be varied to achieve the desired structure as well as modifications, which are within the scope of the claims. Variations and modifications of the embodiments disclosed herein may also be made while remaining within the scope of the following claims. For example, the disclosed disk arrays, encryption/decryption processors, and encryption/decryption engines may have any suitable configuration and may include any suitable number of components and devices. Additional data buffers may be included in the disk array or particular buffers may be eliminated in other embodiments. Any type of encryption and decryption techniques and algorithms may be used. The flow charts illustrate data handling examples and may be further extended to other read and write functions, or may be modified in performance of similar actions, functions, or operations.