1. Field of the Invention
The present invention relates to a method, system, and article of manufacture for configuring a storage drive to communicate with encryption managers and key managers.
2. Description of the Related Art
Data stored in removable media cartridges may be encrypted by an encryption engine to protect the data. Data encryption is especially useful for businesses that store personal data on their customers. Recent government regulations place requirements and legal obligations about companies storing personal data to report any loss of storage media containing personal information which was not encrypted.
The encryption engine handling the encryption and decryption of the data in removable media cartridges can be implemented in an application program in the host system or in a system program, such as the file system, operating system, device driver, etc. Incorporating the encryption engine in the application program or system program can place substantial computational burdens on the host system.
A “bump in the wire” solution comprises an encryption device between the host system and the storage drive coupled to the removable media cartridge that encrypts and decrypts data being transferred between the host system and the storage drive. With many different data paths between host systems and storage drives in a library or data center, this can be a costly and complex solution.
The encryption engine may be implemented in the storage drive to encrypt some or all of the data. Encrypting at the storage drive creates new challenges of when to encrypt data and where and how to obtain any required encryption keys. In many cases, different keys may be required for different removable media cartridges.
There is a need in the art for techniques in the art to manage encryption keys and encryption operations for encrypting a removable storage media, such as a removable media cartridge.