The present invention relates generally to the field of data security, and more particularly to cryptographic protection of data in a file system.
Security/data protection is typically an element of enterprise storage systems. Customers typically want data in the storage media to be encrypted for data protection. Some commercially-available enterprise storage systems that store files in a hierarchically organized set of directories, subdirectories, subsubdirectories, etc.: (i) randomly generate an encryption key per file and per directory; (ii) encrypt the file data using the encryption key corresponding to the file and encryptions keys corresponding to any directories in a hierarchical path between the file and a root node of the hierarchical file system; (iii) save the key in the extended attributes of the file or directories (as applicable); (iv) encrypt the file key by a master key, which is maintained outside of the storage system; (v) perform encryption in a manner that is transparent to upper applications that access the file via the file system, such as text editors, office suite applications, and NFS/CIFS servers that receive data from clients across a network; and/or (vi) perform encryption/decryption of the key and the file data in the file system layer.
Customers can change an encryption key in an enterprise storage system (e.g., periodically and/or for security reasons). The encryption key change operation typically requires access of: (i) a master encryption key; (ii) the file or directory encryption key that the customer wishes to change; and (iii) encryption keys for any directory in a hierarchical path between the file or directory whose corresponding encryption key the customer wishes to change and the root node of the file system.