An apparatus, system, and method for avoiding unexpected exposure of
important data in a storage system include a table that contains
permission and conversion information regarding data transfer. When a
storage system transfers a certain set of data from one logical device or
volume to another area, e.g., a host, a tape storage or another logical
device or volume inside or outside of the storage system, the storage
system refers to the table to determine if transfer is permitted and
whether conversion of the data is required before transfer. A storage
controller converts the data if necessary, and transfers the data to the
target destination if permitted. Keys are maintained within the storage
system so that the management of securing data is centralized.