CPC H04L 9/14 (2013.01) [G06F 3/0604 (2013.01); G06F 3/0659 (2013.01); G06F 3/0673 (2013.01); G06F 21/602 (2013.01); H04L 9/0816 (2013.01)] | 16 Claims |
1. A method comprising:
receiving, by a storage system from a host device through a first path of a plurality of paths, a first write request for first data to be stored in a dataset, wherein the storage system is connected to a plurality of host devices over the plurality of paths;
based on receiving the first write request through the first path of the plurality of paths, decrypting, by the storage system, the first data utilizing a first path-specific encryption key that is specified for requests received by the storage system through only the first path of the plurality of paths from the plurality of host devices;
storing the first data in the dataset, wherein the first data is encrypted using a storage system encryption key;
receiving, by the storage system from the host device through a second path, a second write request for second data to be stored in the dataset;
based on receiving the second write request through the second path, decrypting, by the storage system, the second data utilizing a second path-specific encryption key that is different from the first path-specific encryption key and is specified for requests received by the storage system through only the second path of the plurality of paths from the plurality of host devices; and
storing the second data in the dataset, wherein the second data is encrypted using the storage system encryption key.
|