The present disclosure relates generally to information handling systems, and more particularly to an out-of-band encryption key management system for information handling systems.
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option is an information handling system (IHS). An IHS generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes. Because technology and information handling needs and requirements may vary between different applications, IHSs may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in IHSs allow for IHSs to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, IHSs may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Many IHSs include encrypted systems such as, for example, encrypted disk systems that operate to protect information on a disk drive by converting it into an unreadable code that cannot be deciphered easily by unauthorized persons. Such encrypted disk systems typically utilize disk encryption software or hardware to encrypt data that is sent to a disk or disk volume, and an encryption key is provided to authorized persons to allow them to decrypt data on the disk or disk volume such that that data may be read by the IHS. However, in conventional systems, such encryption keys are managed by a host processor on the IHS and, as such, may be exposed to theft by unauthorized persons who gain access to the host processor.
Accordingly, it would be desirable to provide an improved encryption key management system.