The present invention generally relates to a storage system and its encryption key management method and encryption key management program. In particular, the present invention can be suitably applied to a storage system that manages an encryption key for restoring data stored on a tape, and to its encryption key management method and encryption key management program.
Technology is known for controlling the reading and writing of electronic information using an encryption key upon storing such electronic information in a storage medium (for instance, refer to Japanese Patent Laid-Open Publication No. 2004-341768 and Japanese Patent Laid-Open Publication No. 2003-244131). With a tape apparatus, measures are taken to prevent the loss or leakage of tape, or to prevent the decryption of encrypted data in the tape pursuant to users' needs by periodically changing the apparatus-side encryption key.
When restoring data from a tape, assuming that a key corresponding to the storage apparatus with a tape function has been changed, data cannot be restored from the tape since the data encryption key will not match. Thus, it is necessary to return the key to the state before change, and there is “key information backup/restoration” as a method for achieving the above. This method is used for the user to back up key information in the system disk of the storage apparatus, or to restore the key to the state before change from the backed up key information.