• Title/Summary/Keyword: Encryption File System

Search Result 69, Processing Time 0.024 seconds

Design and Implementation of a System Call Interface for Supporting File Partial Encryption (파일 부분 암호화 지원을 위한 시스템 호출의 설계 및 구현에 관한 연구)

  • Seo, Hye-In;Kim, Eun-Gi
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.3
    • /
    • pp.557-567
    • /
    • 2018
  • There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.

Development and Evaluation of Key Recovery System for Secure Recovery of Cryptographic Files in PC (PC상의 암호파일의 안전한 복구를 위한 키복구 시스템의 개발 및 평가)

  • 장수진;고정호;이강수
    • The Journal of Society for e-Business Studies
    • /
    • v.7 no.1
    • /
    • pp.167-186
    • /
    • 2002
  • The encryption of a file on a PC before saving can maintain security of the file. However, if the key for the encrypted file is lost or damaged, the encrypted file can not be decrypted, resulting in serious economical loss to the user or the user group. In order to minimize the economical loss a secure and reliable key recovery technology is required. Presented in this paper is the development and evaluation of PKRS (PC based Key Recovery System) which supports encryption and decryption of file and recovery of the encrypted file in emergency. The encapsulating method, which attaches key recovery information to encrypted file, is applied to the PKRS. In addition, the PKRS is developed and evaluated according to the requirements of Requirements for Key Recovery Products proposed by NIST and requirements of Common Criteria 2.0 to prove the safety and reliability of the information security system. This system is applicable to a PC and can be further extended to internet or intranet environment information system where in encryption and recovery of file is possible.

  • PDF

Key Management Server Design in Multiuser Environment for Critical File Protection

  • Sung-Hwa Han
    • Journal of information and communication convergence engineering
    • /
    • v.22 no.2
    • /
    • pp.121-126
    • /
    • 2024
  • In enterprise environments, file owners are often required to share critical files with other users, with encryption-based file delivery systems used to maintain confidentiality. However, important information might be leaked if the cryptokey used for encryption is exposed. To recover confidentiality, the file owner must then re-encrypt and redistribute the file along with its new encryption key, which requires considerable resources. To address this, we propose a key management server that minimizes the distribution of encryption keys when critical files are compromised, with unique encryption keys assigned for each registered user to access critical files. While providing the targeted functions, the server employs a level of system resources comparable to that of legacy digital rights management. Thus, when implemented in an enterprise environment, the proposed server minimizes cryptokey redistribution while maintaining accessibility to critical files in the event of an information breach.

An Efficient Encryption/Decryption Approach to Improve the Performance of Cryptographic File System in Embedded System (내장형 시스템에서 암호화 파일 시스템을 위한 효율적인 암복호화 기법)

  • Heo, Jun-Young;Park, Jae-Min;Cho, Yoo-Kun
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.35 no.2
    • /
    • pp.66-74
    • /
    • 2008
  • Since modem embedded systems need to access, manipulate or store sensitive information, it requires being equipped with cryptographic file systems. However, cryptographic file systems result in poor performance so that they have not been widely adapted to embedded systems. Most cryptographic file systems degrade the performance unnecessarily because of system architecture. This paper proposes ISEA (Indexed and Separated Encryption Approach) that supports for encryption/decryption in system architecture and removes redundant performance loss. ISEA carries out encryption and decryption at different layers according to page cache layer. Encryption is carried out at lower layer than page cache layer while decryption at upper layer. ISEA stores the decrypted data in page cache so that it can be reused in followed I/O request without decryption. ISEA provides page-indexing which divides page cache into cipher blocks and manages it by a block. It decrypts pages partially so that it can eliminate unnecessary decryption. In synthesized experiment of read/write with various cache hit rates, it gives results suggesting that ISEA has improved the performance of encryption file system efficiently.

A study of a System Call Interface for Supporting File Partial Encryption (파일 부분 암호화 지원을 위한 시스템 호출에 관한 연구)

  • Seo, Hye-in;Seong, Jeong-gi;Kim, Eun-gi
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.549-551
    • /
    • 2017
  • There are currently various file encryption systems and applications for encryption and storage of file on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this study, we propose a system call supporting partial encryption function of the file. The user sets the partial encryption of the file by using system call interface, and writes the contents. And then the data is encrypted and stored on the disk. Also if the user sets the decryption and reads the data, the necessary part of data is decrypted by applying the user setting. According to the user setting, only the necessary part is encrypted and stored on a storage medium. As a result, the information in a secret level can be saved efficiently and securely.

  • PDF

A Study of Communications Security by Using Key Generation and File Encryption (파일 암호화와 키 생성을 이용한 통신보안 연구)

  • Lee, Jae-Hyun;Park, Dea-Woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.05a
    • /
    • pp.316-319
    • /
    • 2010
  • File security is typically protected by encryption methods. The development of a network environment, such as the Internet according to the sharing of information between systems become commonplace, while providing convenience to users, individuals or organizations that facilitate access to sensitive information caused by hacking the system to attack the rapidly growing is a trend. This paper is the latest generation file system caused by the hacking attacks on the Sniffing for users using file encryption and key generation, Packet Sniffing Tool IP and data through the analysis are discussed. Through this study, the importance of protecting personal information by imprinting Proactive in the hacking incident, and what users will contribute to increase the level of security awareness.

  • PDF

Design of the File Security Function Using Encryption Algorithm in the Windows Operating System (윈도우 운영체제에서 암호화 알고리즘을 이용한 파일 보안 기능 설계)

  • Jang, Seung-Ju
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.17 no.3
    • /
    • pp.612-618
    • /
    • 2013
  • The file security function, which this paper suggests, restricts the access of an unauthorized users by using password algorithm and saving file. Saved files that are encrypted are read by decrypting them with decryption algorithm. These features are user interface to design the program for user friendly. The security function implements both file encryption and decryption programs and tests whether the experiment works or not. In addition, when a decryption is progressed and the settings of between decryption and encryption are different each other, the security function also checks the possibility of decryption. We can enhance the security on important files stored in Windows servers or personal computers by developing this program.

A Study Medium-based safe File Management Security System on the cloud Environment (클라우드 환경에서 매체기반의 안전한 파일관리 보안 시스템에 대한 연구)

  • Kim, Hee-Chul
    • Journal of Convergence for Information Technology
    • /
    • v.9 no.1
    • /
    • pp.142-150
    • /
    • 2019
  • This study is a file management security system that encrypts and decrypts computer and cloud data by using Bluetooth based cryptographic module. It is a necessary solution in terms of abuse of personal information and protection of social and national information. We developed H/W and S/W for SFMS(: Safe File Management Security) related Bluetooth module in cloud environment and implemented firmware development, encryption key generation and issuance, client program for system mobile and key management system. In the terminal internal encryption and decryption, SFMS was developed to ensure high security that the hacking itself is not possible because key values exist separately for each file.

Cryptft+ : Python/Pyqt based File Encryption & Decryption System Using AES and HASH Algorithm (Crypft+ : Python/PyQt 기반 AES와 HASH 알고리즘을 이용한 파일 암복호화 시스템)

  • Shin, Dongho;Bae, Woori;Shin, Hyeonggyu;Nam, Seungjin;Lee, Hyung-Woo
    • Journal of Internet of Things and Convergence
    • /
    • v.2 no.3
    • /
    • pp.43-51
    • /
    • 2016
  • In this paper, we have developed Crypft+ as an enhanced file encryption/decryption system to improve the security of IoT system or individual document file management process. The Crypft+ system was developed as a core security module using Python, and designed and implemented a user interface using PyQt. We also implemented encryption and decryption function of important files stored in the computer system using AES based symmetric key encryption algorithm and SHA-512 based hash algorithm. In addition, Cx-Freezes module is used to convert the program as an exe-based executable code. Additionally, the manual for understanding the Cryptft+ SW is included in the internal program so that it can be downloaded directly.

DNA Sequences Compression using Repeat technique and Selective Encryption using modified Huffman's Technique

  • Syed Mahamud Hossein; Debashis De; Pradeep Kumar Das Mohapatra
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.8
    • /
    • pp.85-104
    • /
    • 2024
  • The DNA (Deoxyribonucleic Acid) database size increases tremendously transmuting from millions to billions in a year. Ergo for storing, probing the DNA database requires efficient lossless compression and encryption algorithm for secure communication. The DNA short pattern repetitions are of paramount characteristics in biological sequences. This algorithm is predicated on probing exact reiterate, substring substitute by corresponding ASCII code and engender a Library file, as a result get cumulating of the data stream. In this technique the data is secured utilizing ASCII value and engendering Library file which acts as a signature. The security of information is the most challenging question with veneration to the communication perspective. The selective encryption method is used for security purpose, this technique is applied on compressed data or in the library file or in both files. The fractional part of a message is encrypted in the selective encryption method keeping the remaining part unchanged, this is very paramount with reference to selective encryption system. The Huffman's algorithm is applied in the output of the first phase reiterate technique, including transmuting the Huffman's tree level position and node position for encryption. The mass demand is the minimum storage requirement and computation cost. Time and space complexity of Repeat algorithm are O(N2) and O(N). Time and space complexity of Huffman algorithm are O(n log n) and O(n log n). The artificial data of equipollent length is additionally tested by this algorithm. This modified Huffman technique reduces the compression rate & ratio. The experimental result shows that only 58% to 100% encryption on actual file is done when above 99% modification is in actual file can be observed and compression rate is 1.97bits/base.