Browse Prior Art Database

Methods of handling disk failures with System Encryption

IP.com Disclosure Number: IPCOM000181588D
Original Publication Date: 2009-Apr-06
Included in the Prior Art Database: 2009-Apr-06
Document File: 2 page(s) / 22K

Publishing Venue

IBM

Abstract

One of the challenges for storage system design is to maintain the I/O performance while handling component failure. The introduction of encryption-capable disk drives presents additional challenges in this area. The following design presents solutions to sustaining I/O response time when disk drive failures occur in RAID arrays implemented with system encryption.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Methods of handling disk failures with System Encryption

Introduction:

Storage system design must optimize the I/O performance for both normal operations as well as failure scenarios. Disk drives normally have higher failure rates than any other components in the storage system. For improving the system availability and reliability, Redundant Arrays of Independent Disks (RAID) implementation provides the redundancy, the fault tolerance and special features that allow for the recovery from hardware faults without the disruption. Protecting the security of the system is another value-added feature called encryption. However, the implementation of the RAID arrays along with encryption features introduce some of the challenges as described below:

1).When the system encryption is enabled and the encrypted disks are enrolled to an array, the system may introduce timing overhead where the data encryption is performed outboard in the external drive versus encryption performed by a subsystem level software or hardware based encryption.

2).During a drive failure, a new drive which has the same characteristics (capacity, revolutions per minute (RPM), encryption banding, etc) is exchanged and enrolled to an existing RAID array while the well formed parity consistency must be maintained to minimize I/O interruption.

3).The acceptance of a new drive requires extensive security protocol exchange which may impact the RAID I/O response time so the security exchange duration should be minimized.

The design is to address the listed challenges and therefore sustain the I/O response time during drive failures in a RAID array implemented with the system encryption feature.

Design:

The proposed design for each of the challenges identified above is summarized as follows:


1.


2.


3.

prepare encrypted drives with multiple bands,

exchange drives to an existing array using the multi-banding solution,

efficiently exchange the security protocol to prevent any impact of drive failures in the

system.

Details of each solution are as follows:

Prepare encrypted drives with multiple bands:

1.

Apply multi-banding per each array component: i.e. have bands for unencrypted

a.

m...