The present invention generally relates to an external storage apparatus for storing data of a computer system, and in particular is suitable for application in technology of preventing the leakage of information from an external storage apparatus when such external storage apparatus is stolen or reading of data is attempted from an unauthorized host computer.
Pursuant to the increase in the amount of digital data retained by corporations, computer systems that connect a host computer and an external storage apparatus or the like via a network (primarily a fibre channel) dedicated to a storage apparatus are becoming common.
Conventionally, with a computer system installed in a data center or the like, it was standard for an external storage apparatus to have a large chassis, and be installed in a physically remote server room in which the entrance and exit into and from the server room is managed. Thus, it was unlikely that the external storage apparatus would be stolen. In recent years, however, pursuant to the enlarged capacity of HDDs, the miniaturization and portability of external storage apparatuses have been advanced, and the risk of an external storage apparatus being stolen is increasing due to the growing incidence of crimes committed by administrators.
Thus, technology has been proposed for preventing the leakage of information from an external storage apparatus even when such external storage apparatus is stolen. For example, National Institute of Standards and Technology (NIST), FIPS PUB 140-2, “Security Requirements for Cryptographic Modules,” issued May 25, 2001, describes zerozing the encryption key or the like of a plain text when the maintenance interface of an encryption module is accessed as a physical security requirement in the encryption module to prevent the recovery of encrypted data.