1. Technical Field
The present invention relates to a technique for sharing a computer resource provided on a network among plural users, and more particularly to data protection when a storage device is shared.
2. Description of Related Art
Nowadays, a variety of services have been made available, including a hosting service for lending computer resources (server, storage device, circuit, application and so on) provided on a network, using the network such as the Internet that is widely spread and a utility computing service in which computer resources can be purchased by a necessary amount, as needed. These services reduce a load on the economy and human resources for maintaining the computer resources from the viewpoint of the user, and are meaningful for the company, because the company is relieved of the load or waste by outsourcing them.
As one of the hosting/utility computing services, there is a service for providing a data storage area of the storage device to the user. In this service, it is important to assure the reliability (fault or failure counter plan) and safety (measure to prevent leakage of information to other companies) of information recorded in the storage device. As a failure counter plan, there is a technique for recording the record information with redundancy, including the RAID (Redundant Arrays of Independent Disks).
On the other hand, the existent schemes for preventing leakage of data include the encryption of recorded data and the access control (authentication). Moreover, to be safer, there is a method for physically separating the recording medium for writing information for each user. For example, information of each user is recorded on different magnetic disk assigned to each user, when the storage device is a magnetic disk device.
FIG. 10 is a diagram showing a hosting server in which physically different magnetic disks are assigned to plural companies.
As shown in FIG. 10, the hosting server has a disk pool composed of plural magnetic disk devices. Data from different companies are stored in different magnetic disks, such that information Aa of client A is stored in magnetic disks for client A, information Ba of client B in magnetic disks for client B, and so on. In FIG. 10, for example, information Aa of client A is divided into four blocks of data Aa1, Aa2, Aa3 and Aa4, with the parity data added, and are stored in five magnetic disks.
In the conventional hosting service, various methods for assuring the safety of recorded data are taken. However, in the case where the recording medium is shared among plural users to permit only the maintenance under access control, all the information for the users sharing the recording medium may be accessed, if the access control is broken.
Also, when the recording media for recording data for each user are physically separated, it is not possible for plural users to share individual recording medium. That is, the recording medium assigned to a certain user is only usable to record the information of the user, even if a large empty area remains. Therefore, the recording medium has a lower utilization efficiency.
Thus, it is an object of the invention to assure the safety of recorded data while sharing the recording medium among plural users, and improve the utilization efficiency of the recording medium.