1 dka encryption overview, Dka encryption benefits, Dka encryption support specifications – HP StorageWorks XP Data Integrity Check XP Software User Manual
Page 6: Primary and secondary data encryption license keys
1 DKA Encryption Overview
To guarantee the security of the data, use the DKA Encryption (EDKA) feature to store encrypted
data in an LDEV and encrypt them. The EDKA feature provides redundant backup and restore
capabilities to ensure data availability.
DKA Encryption benefits
Encrypting data can prevent information loss or leaks if a disk drive is physically removed from
the system. Failure, loss, or theft are the most common reasons for information loss.
The following lists the benefits of using the EDKA feature:
•
Hardware-based AES 256 encryption in XTS mode for open and mainframe systems.
•
You can apply encryption to some or all of the internal drives without throughput or latency
impacts for data I/O and little to no disruption to existing applications and infrastructure.
•
Simplified and integrated key management that does note require specialized key management
infrastructure.
•
Data-center friendliness. The EDKA feature:
Uses little additional power (equivalent of one 25 watt light bulb).
◦
◦
Produces negligible amounts of additional heat.
◦
Does not require additional rack space.
DKA Encryption support specifications
The following table lists the DKA feature’s support specifications.
Specification
Item
Advanced Encryption Standard (AES) 256 bit.
Encryption algorithm
Hardware
specifications
XTS mode.
Encryption mode
Open, mainframe, multiplatform
Volume type
LDEVs that you can
encrypt
All emulation types including OPEN-V and
3390-x.
Emulation type
Internal LDEVs only.
Internal/external LDEVs
Supported. Requires data migration.
LDEV with existing data
Use Remote Web Console (RWC) to create the
data encryption license key.
Creating data encryption license keys
Managing data
encryption license keys
Use RWC to delete data encryption license keys.
Deleting data encryption license keys
32 data encryption license keys per storage
system.
Scope of data encryption license keys
Parity group.
Unit of encryption/decryption
Redundant (P-VOL and S-VOL) backup/restore
copies.
Backup/Restore functionality
Primary and secondary data encryption license keys
The P9500 storage system uses the EDKA feature to set up the data encryption license keys to
encrypt and decrypt data.
6
DKA Encryption Overview