Pure Storage, Inc.
Periodically re-encrypting user data stored on a storage device

Abstract:

Periodically re-encrypting user data stored on a storage device, including: reading user data stored on the storage device, wherein the user data is associated with a user-visible identifier; determining, from metadata associated with the user data, whether the user data is encrypted utilizing an expiring data encryption key; responsive to determining that the user data is encrypted utilizing the expiring data encryption key, re-encrypting the user data utilizing a current data encryption key; and writing the user data that is encrypted with the current data encryption key to the storage device, wherein the user data remains associated with the user-visible identifier.