Distribution of storage area network encryption keys across data centers

Assignee

• Cisco Technology, Inc. · US

Inventors

• Praveen Patnala · Santa Clara, US
• Anand Parthasarathy · Fremont, US
• Makarand Deshmukh · Cupertino, US
• Chandra Sekhar Kondamuri · Palo Alto, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/0894
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Efficient mechanisms are provided for transferring key objects associated with disk logical unit numbers and tape cartridges from one data center to another data center. A request is received to transfer a source data center key object from a source data center to a destination data center. The source data center key object corresponds to a data block, such as a disk logical unit number (LUN) or a tape cartridge, maintained in a storage area network (SAN) and includes a unique identifier, an encrypted key, and a wrapper unique identifier. The encrypted key is decrypted using a source data center key hierarchy. Key information is transmitted from the source data center to the destination data center. A destination data center key object is generated using a destination data center key hierarchy.