1. Field of the Invention
The present invention relates to computer-readable recording media having recorded hash-value generation programs, computer-readable recording media having recorded storage management programs, and storage systems. In particular, the present invention relates to a computer-readable recording medium having recorded a hash-value generation program for generating a hash value of data stored on a target disk by using a predetermined one-way hash function; and a computer-readable recording medium having recorded a storage management program and a storage system, for storing data on a virtual logical disk in a storage and managing the data using such a hash value.
2. Description of the Related Art
Storage systems have been used not only to store a large amount of data generated in various environments, such as documents in compliance with the e-document law, email archives, video data, research and development experimental data, and clinical charts, but also to process and manage the large amount of data. With a recent expanding range of applications and increasing amount of information accompanied by a larger storage capacity, there is a growing need for stable service provision and ensured reliability and security.
FIG. 9 is an outline diagram depicting one example structure of a known storage system.
The example storage system shown in the figure includes a module 1 (920), a module 2 (930), and a module 3 (940), each of which stores data in a storage thereof through independent input and output processing. The modules 1 (920), 2 (930), and 3 (940) are interconnected via a network 910. In the storage system with this structure, in practice, data stored in a distribution manner in the module 1 (920), the module 2 (930), and the module 3 (930) is provided to a user in the form of a virtual logical disk 900. In the example in the figure, the logical disk 900, provided for the user, is divided into five segments S1, S2, S3, S4, and S5, which correspond to an area S1 (921) and an area S5 (922) of the module 1 (920), an area S2 (931) and an area S4 (932) of the module 2 (930), and an area S3 (941) of the module 3 (940).
For an environment where such processing apparatuses including processors and external storage devices are arranged hierarchically on a network, there is proposed a system that allows a database table to be divided and managed by a user-specified method to achieve uniform data distribution and data search according to a division system, for efficient input and output processing of data (see, for example, paragraph numbers [0029] to [0039] and FIGS. 5 to 9 of Japanese Unexamined Patent Application Publication No. 2000-347911).
In addition, there is also proposed a system in which a database table is divided into blocks using the index of a particular field to build a table in each block as a transposed file (see, for example, paragraph numbers [0027] to [0028] and FIG. 9 of Japanese Unexamined Patent Application Publication No. 2001-43237).
Some information stored in a storage system, such as documents in compliance with the e-document law which need to be stored for a certain period of time, is controlled so as to be readable but uneditable (hereinafter, this feature is called a read only feature). It is not necessary to prove non-tampering for media which physically prevent data from being written, such as Compact Disc Read Only Memories (CD-ROMs) and Digital Versatile Disc Read Only Memories (DVD-ROMs). However, storage systems are typically realized by hard disk units (Hard Disk Drives), which cannot physically prevent data from being written but can disable data from being written by the systems. For this reason, it is necessary to prove non-tampering.
To prove non-tampering, when data is to be stored, an arithmetic operation is carried out for all data (X) on the logical disk 900 using a hash function H to calculate a hash value H[X]. The calculated hash value H[X] is saved in a storage device. The hash value and the hash function may be publicized. Thereafter, for example, at an audit or when the data is used, an arithmetic operation is carried out for all data (X′) on the logical disk 900 at that time using a one-way hash function (H) to calculate a hash value H(X′). The hash value H(X′), obtained in this manner, is compared with the hash value H[X], calculated before storage. If H[X]=H(X′), then X=X′ (non-tampering) can be proved. This processing may be carried out by another apparatus, such as a server that uses the data, using the publicized hash value and hash function.
With a recent increasing size of data in storage systems, techniques for efficient input and output processing of data have been proposed, as described in Japanese Unexamined Patent Application Publication No. 2000-347911 (paragraph numbers [0029] to [0039] and FIGS. 5 to 9) and Japanese Unexamined Patent Application Publication No. 2001-43237 (paragraph numbers [0027] to [0028] and FIG. 9). In these techniques, hash values are calculated with respect to all data on the logical disk 900 at once. Therefore, the larger the size of the data, the longer the processing time for calculating a hash value, causing an operation problem.
This applies not only to the logical disk 900, containing data distributed in a plurality of storages, but also to a single storage containing all data therein. Depending on the data size, a long time required for hash value generation may cause an operation problem.