Kms operations, Key lifecycle, Kms operations 10 – Sun Microsystems StorageTek HP LTO4 User Manual
Page 18
KMS Operations
10 KMS: LTO4 Technical Brief • June 2008
Revision: A • 316196601
KMS Operations
When the tape drive is powered-on, the Dione card communicates to the drive
over the serial port to take control of drive encryption and decryption.
HP LTO4 tape drives have the capability of storing one (1) key while encrypting or
decrypting data. Therefore; it is essential that these drives stay connected to the
KMS network for communications. Failover and load balancing will also occur
between the KMAs in the system (KMS).
The following is a brief description about how the drive implements encryption:
■
During write operations, when the backup application starts writing, the Write
command triggers the drive to request an encryption key from the Dione card.
The Dione creates a secure connection to the KMA and requests a key.
The KMA provides the key.
The Dione card unwraps the key and sends it to the drive, which continues with
the write operation.
■
During read operations, a similar set of operations occur.
The backup application sends a read request.
The drive recognizes that the data is encrypted and requests a decryption key
from the Dione card.
Note: The LTO4 tape format stores the metadata (key) along with encrypted
data. This gives the Dione card a method to retrieve the required key for
decryption.
The Dione card verifies the Key Associated Data in the data block to determine
the Key ID for that block and requests the corresponding key from the KMA.
Once the key has been received, it is sent to the drive and the read proceeds.
■
During media loads and unloads the Dione card monitors tape drive and
fetches the appropriate Data Unit (for loads) or clearing of the encryption status
(for unloads).
Key Lifecycle
Keys undergo a lifecycle based on the key policy. The lifecycle imposed by the
KMS is based on the NIST 800-57 guidelines and has two time periods:
■
Encryption period the time after a key is assigned that it can be used to encrypt.
■
Cryptoperiod the time period it can be used for decryption.
It is assumed the two periods start at the same time when the key is assigned.
shows an example of how these periods interacts.