ECFS-Reference-Cited by-同舟云学术

ECFS

Published:2012-04 Issue:2 Volume:6 Page:53-63
ISSN:1930-1650
Container-title:International Journal of Information Security and Privacy
language:en
Short-container-title:

Author:

Rawat U. S.¹,Kumar Shishir¹

Affiliation:

1. Jaypee University of Engineering & Technology, India

Abstract

Proposed is a secure and efficient approach for designing and implementing an enterprise-class cryptographic file system for Linux (ECFS) in kernel-space. It uses stackable file system interface to introduce a layer for encrypting files using symmetric keys, and public-key cryptography for user authentication and file sharing, like other existing enterprise-class cryptographic file systems. It differs itself from existing systems by including all public-key cryptographic operations and public-key infrastructure (PKI) support in kernel-space that protects it from attacks that may take place with a user-space PKI support. It has a narrower domain of trust than existing systems. It uses XTS mode of AES algorithm for file encryption for providing better protection and performance. It also uses kernel-keyring service for improving performance. It stores the cryptographic metadata in file’s access control list (ACL) as extended attributes to ease the task of file sharing. A secure protocol has also been designed and implemented to guard against various possible attacks, when its files are accessed remotely over an untrusted network.

Publisher

IGI Global

Subject

Information Systems

Reference19 articles.

1. Alomari, M. A., Samsudin, K., & Ramli, A. R. (2009). A parallel XTS encryption mode of operation. In Proceedings of the IEEE Student Conference on Research and Development (pp. 172-175). Washington, DC: IEEE Computer Society.

2. The XTS-AES Disk Encryption Algorithm and the Security of Ciphertext Stealing

3. Blaze, M. (1993). A cryptographic file system for UNIX. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 9-16). New York, NY: ACM.

4. Large Key Sizes and the Security of Password-Based Cryptography

5. Cattaneo, G., Catuogno, L., Sorbo, A. D., & Persiano, P. (2001, June). The design and implementation of a transparent cryptographic filesystem for UNIX. In Proceedings of the USENIX Annual Technical Conference (pp. 245-252). Berkeley, CA: USENIX.

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Enhanced Security Mechanism for Cryptographic File Systems Using Trusted Computing;Communications in Computer and Information Science;2022

2. Privacy Preserving Anti-forensic Techniques;Multimedia Security;2021

3. An Efficient Technique to Access Cryptographic File System over Network File System;Advances in Intelligent Systems and Computing;2020-09-22