Abstract | ||
---|---|---|
Proposed is a secure and efficient approach for designing and implementing an enterprise-class cryptographic file system for Linux ECFS in kernel-space. It uses stackable file system interface to introduce a layer for encrypting files using symmetric keys, and public-key cryptography for user authentication and file sharing, like other existing enterprise-class cryptographic file systems. It differs itself from existing systems by including all public-key cryptographic operations and public-key infrastructure PKI support in kernel-space that protects it from attacks that may take place with a user-space PKI support. It has a narrower domain of trust than existing systems. It uses XTS mode of AES algorithm for file encryption for providing better protection and performance. It also uses kernel-keyring service for improving performance. It stores the cryptographic metadata in file's access control list ACL as extended attributes to ease the task of file sharing. A secure protocol has also been designed and implemented to guard against various possible attacks, when its files are accessed remotely over an untrusted network. |
Year | DOI | Venue |
---|---|---|
2012 | 10.4018/jisp.2012040104 | IJISP |
Keywords | Field | DocType |
public-key cryptography,file sharing,public-key cryptographic operation,enterprise-class cryptographic file system,secure protocol,cryptographic metadata,existing enterprise-class,system interface,public-key infrastructure pki support,file encryption | SSH File Transfer Protocol,File Control Block,File system,Self-certifying File System,Computer science,Computer security,Computer network,Torrent file,Versioning file system,Unix file types,Operating system,Computer file | Journal |
Volume | Issue | ISSN |
6 | 2 | 1930-1650 |
Citations | PageRank | References |
0 | 0.34 | 9 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Shishir Kumar | 1 | 78 | 17.06 |
U. S. Rawat | 2 | 0 | 0.68 |