1. Field of the Invention
The present invention relates to a storage system which is represented by a RAID system, for example, and particularly relates to a technology for control of access from a host to logical devices (logical units in a storage unit) in the storage system and security functions for the logical devices.
2. Description of the Related Art
As an art related to control of access from a host to logical devices in a RAID system and security functions for the logical devices, there is a disk control method disclosed in Japanese Patent Laid-Open No. 2000-112822, for example. This method sets any one of three types of access attribute modes of ‘readable and writable’, ‘unreadable’, and ‘unreadable and unwritable’ for respective logical devices in the RAID system, and changes processes and responses to commands from hosts for the respective logical devices, according to the setting.
Due to the development and complication of operations of storage systems represented by RAID systems, three types of access attribute modes disclosed in Japanese Patent Laid-Open No. 2000-112822 is not sufficient, and a new security control method for logical devices is required. For example, when operation that forms a copy pair between two logical devices for duplication of a logical device is performed in a storage system, a function which can prevent data losing due to an error in the operation is required.
Also, in a case that the range of applying this type of storage system is broadened from proprietary systems (computer systems configured only by products of specific vendors) to open systems (computer systems configured by a combination of software and hardware of various vendors), it is required that access control which is performed on hosts of specific vendors can also be performed on hosts of various types or specifications of different vendors, operation systems, or versions. For example, operations of a case that the storage system returns errors to hosts differ depending on the differences between the types of hosts or specifications (such as vendors, operation systems, or versions). Therefore, selection of a method of returning errors suitable for the types of hosts is important. In addition, there is a case that requires changing of operations or responses of a storage system to hosts, according to the types of the hosts.
Further, for reduction in cost, there is also a requirement that management tasks such as setting, canceling, and the like, of access attribute modes of respective logical devices of a storage system can be automatically performed from applications on various hosts of an open system.