1. Field of the Invention
The present invention relates in general to the field of information handling systems and, more particularly, to ensuring the security and integrity of data on a removable storage system.
2. Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
The diversity and amount of data managed by information handling systems continues to grow for consumer, corporate and government markets alike. This growth is driving the need for cost effective, scalable storage systems that can be quickly and easily configured for a wide variety of uses and applications. One approach to address these needs is the use of self-contained, transportable mass storage units that easily attach to a variety of systems. Another popular approach consists of mass storage devices that are mounted in standardized, interchangeable modules that can be transferred between systems. These interchangeable mass storage units are commonly used in the implementation of redundant array of independent disks (RAID) subsystems, which are already popular in corporate and government environments and are now gaining consumer acceptance as well.
RAID subsystems can share or replicate data across multiple disk drives, any of which can typically be removed and replaced (“hot swapped”) while the system is running. While a RAID controller can check a disk's information to confirm its assignment to a particular array or group, it can neither verify the authenticity of the disk, the validity of the data it contains, or whether the data is authorized to be used by the system. Furthermore, no solution currently exists for embedding a multi-factor, programmable security device within a removable mass storage device to first authenticate it to a system when it is attached and then securely control the bi-directional transfer of the data. As a result, the ability to easily remove, transport and attach disk storage devices to other systems without the means to control the transfer of the data they contain creates security vulnerabilities. For example, even if the information on a disk drive is encrypted, access to the device itself is not secured. The lack of access control devices such as a trusted information module allows the disk to be removed and its contents copied or mirrored to another system, which can then be used in an attempt to decrypt the data. Accordingly, removable and portable storage systems also need to securely and reliably sustain information integrity and availability, regardless of the system they are attached to.