10-04-2012, 12:48 PM
Efficient methodology for implementation of Encrypted File System in User Space
mp.pdf (Size: 149.18 KB / Downloads: 47)
INTRODUCTION
Encrypted File System is an interface that ensures the user
that the data stored on the hard disk is secure and cannot be
hacked by any other user without the permission of the
owner. It ensures that the original data doesn’t reside on the
hard disk in the normal or the plaintext form, but it should
always been stored in encrypted form which cannot be
understood by the intruder.
RELATED WORK
There are many architectures and procedures available in
these areas that have already been implemented. Very few of
them are implemented in user space and most of them are in
kernel space. Each one of them is having certain advantages
and limitations. The crucial issues of both, systems level and
user level cryptography are as mentioned below.
ISSUES WITH USER LEVEL CRYPTOGRAPHY
The simplest approach for file encryption is available
through a tool, such as the UNIX crypt program, that
enciphers (or deciphers) a file or data stream with a specified
key. Depending on the particular software, the program may
or may not be automatically delete the clear text while
encrypting and such programs can usually be used as
cryptographic "filters" in a command pipeline.
CRYPTOGRAPHIC SERVICES IN THE FILE SYSTEM
The main focus of EFS is to identify the location in a system,
where file encryption will be performed. If it is at too low
level, then trusts in components are removed from the user’s
control. If it is too close to the user, frequent human
interaction may lead to error.
DESIGN GOALS
EFS occupy something of a middle ground between low
level and user level cryptography. It aims to protect exactly
those aspects of file storage that are vulnerable to attack in a
way that is convenient enough to use routinely. In particular,
we will be guided by the following specific goals:
RESULTS & PERFORMANCE EVALUATION
After implementing encrypted file system, it has been tried
to find out the change in the space of file i.e. the variation of
space of the encrypted file form the original file. For that
some file of specific size has been taken and encrypted it
using the encrypted file system. The Table-1 shows the
variation of size of the original file when encrypted by EFS.
The variation in size of encrypted file is approximately 2.5
times the size of the original file.
CONCLUSIONS & FUTURE WORK
The proposed model of EFS provides a simple mechanism
to protect data written to disks and sent to networked file
servers. Although experience with proposed model of EFS
is still limited to the research environment, rather
performance on modern workstations appears to be within a
range that allows its routine use. Obviously, it has
shortcomings of a user-level NFS server based
implementation.