A Case of Security Encryption Storage System Based on SAN Environments
SAN (storage area network) is a dedicated network that provides access to consolidated data storage and offers major advantages as simplified administration, high speed, and flexibility. This chapter proposes a security encryption storage system named ANGLE, which contains two major parts – the key management system (KMS) and the encryption engine (E-Engine). E-Engine is in charge to encrypt/decrypt storage disks under AES128 and SHA256 cryptographic algorithms, according to keys provided by KMS. These two parts communicate by IPsec protocols, and a well-defined UI (User Interface) for applications is provided. The proposed ANGLE system is implemented in both FC SAN and IP SAN, and performance tests show that the bottleneck of ANGLE’s reading and writing throughput relies on data transmission speed of the storage network.
KeywordsSAN Encryption storage Storage network
This work was supported by National Natural Science Foundation of China under Grant No. 60973137, Gansu Sci.&Tech. Program under Grant No. 1104GKCA049 and the project “Cloud Storage System Based on Mobile Smart Terminal (2012),” the Fundamental Research Funds for the Central Universities under Grants No. lzujbky-2010-89 and lzujbky-2012-44, Google Faculty Award, and the National Science Council (NSC), Taiwan, under grants NSC101-2221-E-240-004- and NSC101-2221-E-126-002-.
- 1.Somasundaram G, Ahrivastava A (2009) EMC education services: information storage and management. Wiley, HobokenGoogle Scholar
- 2.Osama S (2011) Storage area network implementation on an educational institute network computer networking and communication. World Comput Sci Inform Tech J 1(7):292–296Google Scholar
- 3.IEEE P1619, http://en.wikipedia.org/wiki/IEEE_P1619
- 4.Li CJ, Zhou QG, Liu YL, Yao Q (2011) Cost-efficient data cryptographic engine based on FPGA. In: 4th international conference on Ubi-media computing, IEEE Computer Society, Sao Paulo, 2011, pp 48–52Google Scholar
- 5.Baldwin A, Shiu S (2002) Encryption and key management in a SAN. In: 1st international IEEE security in storage workshop, IEEE Computer Society, Washington, DC, 2002, pp 35–44Google Scholar
- 6.Bonnie++, http://en.wikipedia.org/wiki/Bonnie