A Case of Security Encryption Storage System Based on SAN Environments

  • Changyan Di
  • Kuan-Ching Li
  • Jason C. Hung
  • Qi Yu
  • Rui Zhou
  • Chao-Hung Hung
  • Qingguo Zhou
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 234)

Abstract

SAN (storage area network) is a dedicated network that provides access to consolidated data storage and offers major advantages as simplified administration, high speed, and flexibility. This chapter proposes a security encryption storage system named ANGLE, which contains two major parts – the key management system (KMS) and the encryption engine (E-Engine). E-Engine is in charge to encrypt/decrypt storage disks under AES128 and SHA256 cryptographic algorithms, according to keys provided by KMS. These two parts communicate by IPsec protocols, and a well-defined UI (User Interface) for applications is provided. The proposed ANGLE system is implemented in both FC SAN and IP SAN, and performance tests show that the bottleneck of ANGLE’s reading and writing throughput relies on data transmission speed of the storage network.

Keywords

SAN Encryption storage Storage network 

Notes

Acknowledgments

This work was supported by National Natural Science Foundation of China under Grant No. 60973137, Gansu Sci.&Tech. Program under Grant No. 1104GKCA049 and the project “Cloud Storage System Based on Mobile Smart Terminal (2012),” the Fundamental Research Funds for the Central Universities under Grants No. lzujbky-2010-89 and lzujbky-2012-44, Google Faculty Award, and the National Science Council (NSC), Taiwan, under grants NSC101-2221-E-240-004- and NSC101-2221-E-126-002-.

References

  1. 1.
    Somasundaram G, Ahrivastava A (2009) EMC education services: information storage and management. Wiley, HobokenGoogle Scholar
  2. 2.
    Osama S (2011) Storage area network implementation on an educational institute network computer networking and communication. World Comput Sci Inform Tech J 1(7):292–296Google Scholar
  3. 3.
  4. 4.
    Li CJ, Zhou QG, Liu YL, Yao Q (2011) Cost-efficient data cryptographic engine based on FPGA. In: 4th international conference on Ubi-media computing, IEEE Computer Society, Sao Paulo, 2011, pp 48–52Google Scholar
  5. 5.
    Baldwin A, Shiu S (2002) Encryption and key management in a SAN. In: 1st international IEEE security in storage workshop, IEEE Computer Society, Washington, DC, 2002, pp 35–44Google Scholar
  6. 6.

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Changyan Di
    • 1
  • Kuan-Ching Li
    • 2
  • Jason C. Hung
    • 3
  • Qi Yu
    • 1
  • Rui Zhou
    • 1
  • Chao-Hung Hung
    • 2
  • Qingguo Zhou
    • 1
  1. 1.School of Information Science and EngineeringLanzhou UniversityLanzhouChina
  2. 2.Department of Computer Science and Information Engineering (CSIE)Providence UniversityProvidenceTaiwan
  3. 3.Department of Information ManagementOverseas Chinese UniversityTaichungTaiwan

Personalised recommendations