-
公开(公告)号:US20090271619A1
公开(公告)日:2009-10-29
申请号:US12007460
申请日:2008-01-10
申请人: Kenji Fujii , Daisuke Kito , Manabu Kitamura
发明人: Kenji Fujii , Daisuke Kito , Manabu Kitamura
CPC分类号: G06F21/78 , G06F21/88 , G06F2221/2143
摘要: Proposed is an apparatus and method of preventing the leakage of information from an external storage apparatus even when such external storage apparatus is stolen or accessed from an unauthorized host computer. This external storage apparatus accessible from a host computer or another external storage apparatus via a network encrypts or decrypts data written from a host computer to be stored in the storage area, sends a request for existence confirmation to the host computer or the other external storage apparatus every predetermined period of time, and zeroizes an encryption key to be used in the encryption calculation for encrypting or decrypting data to be performed by the encryption calculation unit based on the result of a response from the host computer or the other external storage apparatus in reply to the request.
摘要翻译: 提出了即使当这种外部存储装置从未授权的主计算机被盗或访问时,也可以防止信息从外部存储装置泄露的装置和方法。 可以通过网络从主机或其他外部存储装置访问的该外部存储装置对从主计算机写入的要存储在存储区域中的数据进行加密或解密,向主计算机或其他外部存储装置发送存在确认请求 并根据来自主机或其他外部存储装置的响应结果,对由加密计算单元进行加密或解密的数据进行加密运算时使用的加密密钥归零 要求。
-
2.发明授权Storage apparatus and data management method for changing keys of a logical volume and common resource 有权用于更改逻辑卷和公共资源的密钥的存储装置和数据管理方法公开(公告)号:US08090100B2
公开(公告)日:2012-01-03
申请号:US12016355
申请日:2008-01-18
申请人: Daisuke Kito , Kenji Fujii , Manabu Kitamura
发明人: Daisuke Kito , Kenji Fujii , Manabu Kitamura
IPC分类号: H04L9/00 , H04L29/06 , G06F11/30 , G06F12/14 , G06F9/00 , G06F9/24 , G06F1/24 , G11C7/00 , G06F7/04 , G06F17/30 , H04N7/16
CPC分类号: H04L9/0891 , G06F21/805
摘要: A storage apparatus, which controls the input and output of data to and from a computer, includes a logical volume for storing data from the computer, a common resource for storing data pre-stored in the logical volume as update data in order to store subsequent data from the computer in the logical volume, an encryption/decryption unit for encrypting or decrypting data stored in the logical volume or update data stored in the common resource, and a key change unit for changing a key for encrypting or decrypting data stored in the logical volume. The storage apparatus changes the key for encrypting or decrypting update data stored in the common resource based on information of the key used for data stored in the logical volume.
摘要翻译: 控制与计算机的数据的输入和输出的存储装置包括用于存储来自计算机的数据的逻辑卷,用于存储预先存储在逻辑卷中的数据作为更新数据的公共资源,以便存储后续 来自逻辑卷中的计算机的数据,用于加密或解密存储在逻辑卷中的数据或更新存储在公共资源中的数据的加密/解密单元,以及用于改变用于加密或解密存储在公共资源中的数据的密钥的密钥改变单元 逻辑卷。 存储装置基于用于存储在逻辑卷中的数据的密钥的信息来改变用于加密或解密存储在公共资源中的更新数据的密钥。
-
公开(公告)号:US08065523B2
公开(公告)日:2011-11-22
申请号:US12007460
申请日:2008-01-10
申请人: Kenji Fujii , Daisuke Kito , Manabu Kitamura
发明人: Kenji Fujii , Daisuke Kito , Manabu Kitamura
CPC分类号: G06F21/78 , G06F21/88 , G06F2221/2143
摘要: Proposed is an apparatus and method of preventing the leakage of information from an external storage apparatus even when such external storage apparatus is stolen or accessed from an unauthorized host computer. This external storage apparatus accessible from a host computer or another external storage apparatus via a network encrypts or decrypts data written from a host computer to be stored in the storage area, sends a request for existence confirmation to the host computer or the other external storage apparatus every predetermined period of time, and zeroizes an encryption key to be used in the encryption calculation for encrypting or decrypting data to be performed by the encryption calculation unit based on the result of a response from the host computer or the other external storage apparatus in reply to the request.
摘要翻译: 提出了即使当这种外部存储装置从未授权的主计算机被盗或访问时,也可以防止信息从外部存储装置泄露的装置和方法。 可以通过网络从主机或其他外部存储装置访问的该外部存储装置对从主计算机写入的要存储在存储区域中的数据进行加密或解密,向主计算机或其他外部存储装置发送存在确认请求 并根据来自主机或其他外部存储装置的响应结果,对由加密计算单元进行加密或解密的数据进行加密运算时使用的加密密钥归零 要求。
-
公开(公告)号:US20080240429A1
公开(公告)日:2008-10-02
申请号:US12016355
申请日:2008-01-18
申请人: Daisuke Kito , Kenji Fujii , Manabu Kitamura
发明人: Daisuke Kito , Kenji Fujii , Manabu Kitamura
IPC分类号: H04L9/00
CPC分类号: H04L9/0891 , G06F21/805
摘要: The storage apparatus of the present invention that controls the input and output of data to and from a computer includes a logical volume for storing data from the computer, a common resource for storing data pre-stored in the logical volume as update data in order to store subsequent data from the computer in the logical volume, an encryption/decryption unit for encrypting or decrypting data stored in the logical volume or update data stored in the common resource, and a key change unit for changing a key for encrypting or decrypting data stored in the logical volume, and changing a key for encrypting or decrypting update data stored in the common resource based on information of the key used for data stored in the logical volume.
摘要翻译: 控制与计算机的数据的输入和输出的本发明的存储装置包括用于存储来自计算机的数据的逻辑卷,用于存储预先存储在逻辑卷中的数据作为更新数据的公共资源,以便 存储来自逻辑卷中的计算机的后续数据,用于加密或解密存储在逻辑卷中的数据或更新存储在公共资源中的数据的加密/解密单元,以及用于改变用于加密或解密存储的数据的密钥的密钥改变单元 并且基于用于存储在逻辑卷中的数据的密钥的信息来改变用于加密或解密存储在公共资源中的更新数据的密钥。
-
公开(公告)号:US20070260806A1
公开(公告)日:2007-11-08
申请号:US11475971
申请日:2006-06-28
申请人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
发明人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
IPC分类号: G06F12/00
CPC分类号: G06F3/0644 , G06F3/0605 , G06F3/0607 , G06F3/0619 , G06F3/0637 , G06F3/0685
摘要: In a computer system including a plurality of data storage apparatuses and a management computer, a given data storage apparatus, upon receipt of a control request for a local data storage apparatus from a management computer, accesses the hierarchical relation information between the storage areas in the local data storage apparatus and the storage areas of the other data storage apparatuses, and in the case where a storage area in the local data storage apparatus is set to correspond to a level lower than the other data storage apparatuses, transmits an approval request to the other data storage apparatuses. The given data storage apparatus, upon receipt of the approval from the other data storage apparatuses, executes the control request of the management computer.
摘要翻译: 在包括多个数据存储装置和管理计算机的计算机系统中,给定数据存储装置在从管理计算机接收到对本地数据存储装置的控制请求时,访问所述存储区域中的分层关系信息 本地数据存储装置和其他数据存储装置的存储区域,并且在本地数据存储装置中的存储区域被设置为对应于低于其他数据存储装置的级别的情况下,将批准请求发送到 其他数据存储装置。 给定数据存储装置在接收到来自其他数据存储装置的批准之后,执行管理计算机的控制请求。
-
公开(公告)号:US08650374B2
公开(公告)日:2014-02-11
申请号:US12983374
申请日:2011-01-03
申请人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
发明人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
IPC分类号: G06F12/08
CPC分类号: G06F3/0644 , G06F3/0605 , G06F3/0607 , G06F3/0619 , G06F3/0637 , G06F3/0685
摘要: In a computer system including a plurality of data storage apparatuses and a management computer, a given data storage apparatus, upon receipt of a control request for a local data storage apparatus from a management computer, accesses the hierarchical relation information between the storage areas in the local data storage apparatus and the storage areas of the other data storage apparatuses, and in the case where a storage area in the local data storage apparatus is set to correspond to a level lower than the other data storage apparatuses, transmits an approval request to the other data storage apparatuses. The given data storage apparatus, upon receipt of the approval from the other data storage apparatuses, executes the control request of the management computer.
摘要翻译: 在包括多个数据存储装置和管理计算机的计算机系统中,给定数据存储装置在从管理计算机接收到对本地数据存储装置的控制请求时,访问所述存储区域中的分层关系信息 本地数据存储装置和其他数据存储装置的存储区域,并且在本地数据存储装置中的存储区域被设置为对应于低于其他数据存储装置的级别的情况下,将批准请求发送到 其他数据存储装置。 给定数据存储装置在接收到来自其他数据存储装置的批准之后,执行管理计算机的控制请求。
-
7.发明授权Computer system, storage system and management computer for backing up and restore encryption key for storage system incorporating therein a stored data encryption function 有权计算机系统,存储系统和管理计算机,用于备份和恢复在其中并入存储的数据加密功能的存储系统的加密密钥公开(公告)号:US08041959B2
公开(公告)日:2011-10-18
申请号:US12025189
申请日:2008-02-04
申请人: Daisuke Kito , Kenji Fujii , Nobuyuki Osaki
发明人: Daisuke Kito , Kenji Fujii , Nobuyuki Osaki
IPC分类号: G06F21/00
CPC分类号: G06F21/602 , G06F11/1435 , G06F11/1456 , G06F11/1469 , G06F21/78 , G06F2221/2117
摘要: To protect data from corruption due to restoration of an encryption key to a wrong storage system, there is provided a computer system including a first storage system and a second storage system, wherein: the first storage system, upon receiving a request to write first data to a first area in the first storage system, encrypts the first data by using a first key and writes the first data in the first area, and, upon receiving a request to write second data to a third area, encrypts the second data by using a second key and transmits a request to write the encrypted second data in a second area in the second storage system; and the computer system holds the first key, an identifier of the first storage system associated with the first key, the second key, and an identifier of the second storage system associated with the second key.
摘要翻译: 为了防止由于将加密密钥恢复到错误的存储系统而导致的数据不被破坏,提供了一种包括第一存储系统和第二存储系统的计算机系统,其中:第一存储系统在接收到写入第一数据的请求时 到第一存储系统中的第一区域,通过使用第一密钥对第一数据进行加密,并将第一数据写入第一区域,并且在接收到向第三区域写入第二数据的请求时,通过使用 第二密钥,并且在第二存储系统中的第二区域中发送写入加密的第二数据的请求; 并且计算机系统保存第一密钥,与第一密钥相关联的第一存储系统的标识符,第二密钥以及与第二密钥相关联的第二存储系统的标识符。
-
公开(公告)号:US07886121B2
公开(公告)日:2011-02-08
申请号:US11475971
申请日:2006-06-28
申请人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
发明人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
IPC分类号: G06F12/08
CPC分类号: G06F3/0644 , G06F3/0605 , G06F3/0607 , G06F3/0619 , G06F3/0637 , G06F3/0685
摘要: In a computer system including a plurality of data storage apparatuses and a management computer, a given data storage apparatus, upon receipt of a control request for a local data storage apparatus from a management computer, accesses the hierarchical relation information between the storage areas in the local data storage apparatus and the storage areas of the other data storage apparatuses, and in the case where a storage area in the local data storage apparatus is set to correspond to a level lower than the other data storage apparatuses, transmits an approval request to the other data storage apparatuses. The given data storage apparatus, upon receipt of the approval from the other data storage apparatuses, executes the control request of the management computer.
摘要翻译: 在包括多个数据存储装置和管理计算机的计算机系统中,给定数据存储装置在从管理计算机接收到对本地数据存储装置的控制请求时,访问所述存储区域中的分层关系信息 本地数据存储装置和其他数据存储装置的存储区域,并且在本地数据存储装置中的存储区域被设置为对应于低于其他数据存储装置的级别的情况下,将批准请求发送到 其他数据存储装置。 给定数据存储装置在接收到来自其他数据存储装置的批准之后,执行管理计算机的控制请求。
-
公开(公告)号:US20110099331A1
公开(公告)日:2011-04-28
申请号:US12983374
申请日:2011-01-03
申请人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
发明人: Daisuke Kito , Kenji Fujii , Yasunori Kaneda , Masato Arai
IPC分类号: G06F12/08
CPC分类号: G06F3/0644 , G06F3/0605 , G06F3/0607 , G06F3/0619 , G06F3/0637 , G06F3/0685
摘要: In a computer system including a plurality of data storage apparatuses and a management computer, a given data storage apparatus, upon receipt of a control request for a local data storage apparatus from a management computer, accesses the hierarchical relation information between the storage areas in the local data storage apparatus and the storage areas of the other data storage apparatuses, and in the case where a storage area in the local data storage apparatus is set to correspond to a level lower than the other data storage apparatuses, transmits an approval request to the other data storage apparatuses. The given data storage apparatus, upon receipt of the approval from the other data storage apparatuses, executes the control request of the management computer.
摘要翻译: 在包括多个数据存储装置和管理计算机的计算机系统中,给定数据存储装置在从管理计算机接收到对本地数据存储装置的控制请求时,访问所述存储区域中的分层关系信息 本地数据存储装置和其他数据存储装置的存储区域,并且在本地数据存储装置中的存储区域被设置为对应于低于其他数据存储装置的级别的情况下,将批准请求发送到 其他数据存储装置。 给定数据存储装置在接收到来自其他数据存储装置的批准之后,执行管理计算机的控制请求。
-
10.发明申请Computer System, Storage System and Management Computer for Backing Up and Restore Encryption Key for Storage System Incorporating Therein a Stored Data Encryption Function 有权计算机系统,存储系统和管理计算机,用于备份和恢复存储系统加密密钥,存储数据加密功能公开(公告)号:US20100031058A1
公开(公告)日:2010-02-04
申请号:US12025189
申请日:2008-02-04
申请人: Daisuke Kito , Kenji Fujii , Nobuyuki Osaki
发明人: Daisuke Kito , Kenji Fujii , Nobuyuki Osaki
CPC分类号: G06F21/602 , G06F11/1435 , G06F11/1456 , G06F11/1469 , G06F21/78 , G06F2221/2117
摘要: To protect data from corruption due to restoration of an encryption key to a wrong storage system, there is provided a computer system including a first storage system and a second storage system, wherein: the first storage system, upon receiving a request to write first data to a first area in the first storage system, encrypts the first data by using a first key and writes the first data in the first area, and, upon receiving a request to write second data to a third area, encrypts the second data by using a second key and transmits a request to write the encrypted second data in a second area in the second storage system; and the computer system holds the first key, an identifier of the first storage system associated with the first key, the second key, and an identifier of the second storage system associated with the second key.
摘要翻译: 为了防止由于将加密密钥恢复到错误的存储系统而导致的数据不被破坏,提供了一种包括第一存储系统和第二存储系统的计算机系统,其中:第一存储系统在接收到写入第一数据的请求时 到第一存储系统中的第一区域,通过使用第一密钥对第一数据进行加密,并将第一数据写入第一区域,并且在接收到向第三区域写入第二数据的请求时,通过使用 第二密钥,并且在第二存储系统中的第二区域中发送写入加密的第二数据的请求; 并且计算机系统保存第一密钥,与第一密钥相关联的第一存储系统的标识符,第二密钥以及与第二密钥相关联的第二存储系统的标识符。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.027 秒)
