Register Account

Free Academic Seminars And Projects Reports Project Ideas And Disscussion Engineering Project Ideas Computer Science Project Ideas File System Independent Metadata Organization for TransCrypt

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options  
File System Independent Metadata Organization for TransCrypt
sreehari Offline
Member
***
Posts: 50
Threads: 22
Joined: Sep 2009
Reputation: 0
#1
08-17-2017, 12:43 AM

[attachment=15189]
Introduction
1.1 Motivation
Today, data security has come to be of utmost importance. Computer-based data
storage is ubiquitous, even for confidential data. Large corporations and institutions
usually have centralized storage devices and with an ever-increasing number of users
with portable computers. A result of these two developments is that data theft has
become alarmingly common [1, 2].
While several solutions that have been devised to address this problem [3, 4,
5, 6, 7, 8], these have been found wanting in certain aspects, such as strong trust
models, and flexibility with regards to file sharing. A need was felt for a file system
that addresses these issues. It is in this light that the TransCrypt encrypting file
system [9, 10] was created.
TransCrypt is a transparent, enterprise-class, encrypting file system. Being
1
transparent, no changes need to be made to existing programs and tools in order to
use TransCrypt. The trust model employed is stronger than most existing solutions
even the super user (root) is not trusted in the TransCrypt trust model. However,
flexibility is not compromised the standard UNIX semantics for sharing files
between users are supported to a reasonable extent.
The TransCrypt implementation was initially carried out as a set of modifications
to the ext3 file system [11] in the Linux kernel. This included changes to
the Linux kernel as well as the userspace e2fsprogs package [12] which contains libraries
and tools to work with ext3 volumes. As the code base grew more complex,
maintaining TransCrypt code against the ext3 code grew harder. Moreover, it was
not possible to exploit more advanced file systems such as XFS [13], JFS [14], and
ReiserFS [15].
Thus, there was a need to redesign certain parts of the TransCrypt implementation
so as to make it independent of the underlying file system. This would greatly
reduce the amount of external code that needed to be modified, significantly improving
code maintainability. Moreover, the ability to use more advanced file systems
with TransCrypt would allow users to benefit from these file systems performance,
reliability and other improvements without requiring substantial work on the Trans-
Crypt code itself. This thesis describes the approach that was used to accomplish
this goal.
Find
Reply

dhananjay2122 Offline
Member
***
Posts: 60
Threads: 28
Joined: Sep 2009
Reputation: 0
#2
08-17-2017, 12:43 AM
File System Independent Metadata Organization for TransCrypt

With the wide-spread adoption of digital information storage, the problem of data theft has come to be of utmost importance to both individuals and organizations. While several encrypting file systems have been developed to address this problem, only a few are scalable enough to be deemed ready for enterprise use, and even these suffer from a variety of issues, ranging from poor performance to inadequate trust models. The TransCrypt encrypting file system was developed to address these problems, and provide a secure, scalable and efficient enterprise-class solution to the data security problem. It uses a flexible, yet secure, key management scheme that simplifies sharing of files without compromising on security. One of TransCrypt's distinguishing features is that the super user is not considered a trusted entity in its threat model.

A prototype of TransCrypt, based on the ext3 file system, had been implemented on the Linux 2.6 kernel. In this prototype, the code was tightly coupled with the ext3 file system and modified its on-disk structures to store some additional meta-data. This implied that Transcrypt could not be used with other, more advanced, file systems without modifying their code as well. Moreover, modifications were made to existing code, both in the Linux kernel as well as in user-space utilities, introducing the additional overhead of code maintenance. In this work, we have addressed this limitation of the TransCrypt design. Transcrypt has now been re-designed to employ a layered architecture, with its layers being file-system independent. This was made possible by the use of the extended attribute mechanism for meta-data storage, which is provided by several modern file systems. As a result of this work. Transcrypt can now be used as a cryptographic layer over any of these file systems.
Find
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

Powered By MyBB, © 2002-2024 iAndrew & Melroy van den Berg.