The present invention is generally related to storage systems and in particular to secured data mirroring capability in storage systems.
Generally speaking, it is very common to provide data minoring functionality for a storage system that is implemented using microcode program in the storage system. FIG. 3 shows a conceptual view of the data flow for a full data mirroring method, which is very typical in current storage products.
In the storage system shown in FIG. 3, suppose there are two volumes 81a and 82a. The volume 81a is called a Primary Volume or P-Vol, where original or production data is stored. The volume 82a is called a Secondary Volume, S-Vol or mirrored volume, where mirrored data from the P-Vol 81a is stored. These two volumes are collectively referred to as a pair, and are in an operational state commonly referred to as the PAIR state. In this state, data that is written to the P-Vol will be mirrored to the S-Vol.
Hosts 1, 2 and 3 are shown connected to the storage system. Host 1 writes data to the storage system. Of course, it is understood that Host 1 also reads data from the storage system, although that is not shown in the figure. A data block is the typical unit of data for a read or a write operation. Any host, including Hosts 1, 2, and 3 can access the S-Vol 82a. The host can read data from the S-Vol. Data write operations can be performed when the pair is in an operational state commonly referred to as SPLIT. In the SPLIT state, the data mirroring operation is not performed (i.e., suspended).
In FIG. 3, a data block 101a is the object of a Write operation to the P-Vol 81a. In the P-Vol 81a, the block is stored in a location 103a. In the PAIR state, a copy 104a of the data block is stored on the S-Vol 82a. The copy is stored at the same address 113a in the S-Vol 82a as the address 103a in the P-Vol 81a. Host 2 or 3 can then access the data block 101a respectively as blocks 111a, 112a by accessing location 113a in the S-Vol 82a. 
As explained, the mirrored volumes are read/write compatible by other hosts and can be used for any purpose. Typical examples in which data mirroring can be used include application testing and development, data mining/data warehousing, rapid data restores, and non-disruptive backup or maintenance procedures.
Another mirroring method called Snap Shot or Copy on Write stores only the changed data blocks in a storage pool. These methods result in a volume savings as compared to the full mirroring method explained in FIG. 3 since only differences are maintained.
The proliferation of electronic information has created demands for data security and data privacy. Users want secure data management in their storage systems. A motivating factor is the trend toward a shared storage model. It is increasingly common for users to share the storage system among different organizations because the shared storage model is very efficient in terms of storage purchasing costs and storage management costs. Storage service providers especially benefit by using the shared storage model, and thus the shared storage model is a common implementation.
However, the shared storage model also increases the risk of data exposure to other organizations, and more importantly to potentially unauthorized users. The risk includes intentionally stealing data as well as accidental data exposure. Users understandably want to protect their data from such risks.
Generally speaking, the risk of data exposure is greater for the mirrored data that is stored in the secondary volume than for original data stored in the primary volume. First, other hosts can access the secondary volume after it is created, as explained the above. Access to the primary volume is not a easily achieved because, for example, the host is already attached to the primary volume. For example, if the Host 1 and the Host 3 belong to different organizations, then the Host 3 should not be able to access the mirrored volume 82a. However, enforcing such restrictions is not always convenient to do.
Second, there is a tendency that users care more about the original data that is stored in the primary volume than for mirrored data that is stored in the secondary volume. As a result, people tend to give less attention to the mirrored data. This tendency increases the risk of data exposure more in case of the mirrored data than for the original data.
There is a need to provide secure data mirroring capability in a storage system in order to protect the mirrored data from the risk of data exposure.