The present invention relates to data storage systems, and more particularly, this invention relates to key rollover/re-encryption of data in RAID arrays comprising self encrypting disk components.
Many times, when a large amount of data is to be stored to some storage media, a redundant array of inexpensive disks (RAID) is used to provide data protection and/or fault tolerance in case of failures, particularly disk failures, in a cost-effective solution. RAID also distributes data over multiple disks and performs parallel operations on these disks, thereby allowing for an increase in I/O performance.
RAID is generally described in six levels, which are referred to as level 1 to level 6. RAID level 1 includes one or more data disks for storing data and an equal number of mirror disks for storing copies of the data on the one or more data disks. RAID levels 2-6 store the data on the data disks in segments for storage across several disks. Additional disks are then provided to store error check or parity information of the data stored in segments across the data disks. The particular RAID levels are marked by their relative performance capabilities as well as their overhead storage requirements.
In some system architectures, particularly when sensitive data is being stored in RAID, more than data protection through redundant storage is desired. In these cases, encryption of the data may be desired. To address these situations, data may be encrypted prior to storing the data in the RAID, and/or the RAID may incorporate self-encrypting disk drives, which are capable of encrypting and storing data, thereby preventing or minimizing the chance that the data may be accessed by an unauthorized party.
However, in prior art systems which employ RAID, media encryption key rollover in an array of self encrypting drives has been problematic, since re-encryption of the data may not be provided by the self encrypting components of the RAID. Therefore, a method and/or system which allows for self encrypting disk drive technology to be used in RAID would be very beneficial to protecting data in a cost effective manner.