The present invention relates to a storage system and a managing method therefor, and, in particular, to a managing method for use in sharing a storage system among multiple users.
With the increase in capacity of a storage system, multiple users have to share one storage system more frequently than before. For example, a storage area in a storage system may be divided into multiple sub-storage areas, which may be assigned to multiple sections in a company. Thus, the sections can use the sub-storage areas independently. Alternatively, sub-storage areas in a storage system may be assigned and lent to multiple companies by a Storage Service Provider (SSP).
In this case, a user must access only a sub-storage area (which will be called a logical unit (LU) or logical volume hereinafter) that is assigned to the user and avoid interference with other users. Furthermore, in order to prevent damage due to illegal access by a malicious user to an entire storage system, a certain level of security is required.
JP-A-2003-330622 discloses an example of a method used for dividing a storage system into multiple storage areas and assigning the resulting storage areas to users or host computers. According to JP-A-2003-330622, an access right to a logical volume is defined for each user by an access management server. Based on the access right, the authorization of accesses to the logical volume from users can be judged. Thus, access control for each user can be performed over every logical volume.