| 主权项 |
1. A method for migrating a virtual machine containing encrypted data from a source computer system to a target computer system, the method comprising the following actions each performed by at least one of the source computer system and the target computer system:
maintaining, in said source computer system and said target computer system, a respective historical record of encryption keys used on said source computer system and said target computer system respectively, each historical record containing a respective temporally sequenced plurality of encryption keys and, for each encryption key of said temporally sequenced plurality of encryption keys, a respective usage count representing a respective number of virtual machines using the corresponding key; using the respective usage count of each key in the historical record to determine when to delete the corresponding key from the historical record in which it is contained; migrating data representing a first virtual machine of multiple virtual machines executing on said source computer system from said source computer system to said target computer system, said data including at least some data encrypted with a key of the plurality of keys in the historical record of encryption keys in said source computer system; adding a new encryption key to at least one of the historical record of encryption keys in said source computer system and the historical record of encryption keys in said target computer system, wherein said adding a new encryption key to at least one of the historical record of encryption keys is performed concurrently with said migrating data representing a first virtual machine; and determining, in said target computer system, a key from among the plurality of keys in said historical record of encryption keys in said target computer system to be used in decrypting the data representing said first virtual machine which is encrypted, and decrypting the data representing the first virtual machine which is encrypted using the key so determined. |
