Publication | Closed Access
A cryptographic file system for UNIX
415
Citations
2
References
1993
Year
Unknown Venue
EngineeringInformation SecurityData-centric SecurityCryptographic File SystemHardware SecurityAvailable File SystemData Encryption StandardFile SystemsData PrivacyComputer ScienceBlockchainData SecurityCryptographyEncryptionEncrypted StorageCryptographic ProtectionStorage SecurityFile SystemSystem Software
Cryptographic techniques are increasingly vital for system security, yet existing user‑level file encryption tools are cumbersome and vulnerable. The Cryptographic File System (CFS) embeds encryption services directly into the file system. CFS enables secure storage by allowing users to bind cryptographic keys to directories, transparently encrypting files and pathnames via the standard Unix file system interface, storing no cleartext, and operating over any underlying file system—including NFS—while preserving normal system management functions.
Although cryptographic techniques are playing an increasingly important role in modern computing system security, user-level tools for encrypting file data are cumbersome and suffer from a number of inherent vulnerabilities. The Cryptographic File System (CFS) pushes encryption services into the file system itself. CFS supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS can use any available file system for its underlying storage without modification, including remote file servers such as NFS. System management functions, such as file backup, work in a normal manner and without knowledge of the key.
| Year | Citations | |
|---|---|---|
Page 1
Page 1