1. Technical Field
The present disclosure generally relates to an information handling system and in particular to local key management setup and recovery in an information handling system.
2. Description of the Related Art
As the value and use of information continue to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes, thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Information handling systems may utilize local key management setup for securing storage devices. However, current local key management setups have inherent problems. These problems include use of easily detectable clear text user input passwords, an absence of password recovery mechanisms, an absence of device unlocking capabilities if the password management entity is unresponsive or dead, as well as an inability to provide password expiration management. Some of these issues have been mitigated through the use of a distributed key management (DKM) solution. DKM provides a solution for securely sharing data amongst multiple machines and multiple users (i.e., service accounts). DKM is a client-side library that allows users to encrypt data under a shared group secret key that enables only members of the group to access and decrypt the data. However, a DKM solution is expensive and requires additional management and equipment to be installed. Another security and recovery system, Bitlocker, has open, text-based keys generated by a local agent, which does not provide complete, reliable security.