| 基于文件系统过滤驱动的安全增强型加密系统技术研究 |
| |
| 引用本文: | 郑磊,马兆丰,顾明.基于文件系统过滤驱动的安全增强型加密系统技术研究[J].小型微型计算机系统,2007,28(7):1181-1184. |
| |
| 作者姓名: | 郑磊 马兆丰 顾明 |
| |
| 作者单位: | 清华大学,软件学院,软件理论与系统研究所,北京,100084 |
| |
| 摘 要: | 应用层加密系统在实际的应用中一般要求用户在访问文件前手动进行加解密操作,有些系统中文件正常使用时必须以明文形式存储在磁盘上.基于文件系统驱动的加密文件系统减少了用户的参与操作,同时保证了磁盘上文件处于加密状态,但是其在设计与实现上较为复杂.针对上述方法存在的问题,本文采用Windows NT内核操作系统的驱动框架,基于文件系统过滤驱动技术实现对数据进行透明加解密.通过这种方法不仅解决了应用层加密系统存在的不足,与加密文件系统相比开发实现较简单灵活.另外使用智能卡作为加解密密钥的存储容器,进一步增强整个系统的安全性.
|
| 关 键 词: | 文件系统过滤驱动 加密 解密 智能卡 |
| 文章编号: | 1000-1220(2007)07-1181-04 |
| 修稿时间: | 2006-04-26 |
Techniques of File System Filter Driver-based and Security-enhanced Encryption System |
| |
| ZHENG Lei,MA Zhao-feng,GU Ming.Techniques of File System Filter Driver-based and Security-enhanced Encryption System[J].Mini-micro Systems,2007,28(7):1181-1184. |
| |
| Authors: | ZHENG Lei MA Zhao-feng GU Ming |
| |
| Affiliation: | School of Software, Tsinghua University, Beijing 100084, China |
| |
| Abstract: | User-mode encryption systems require users manually do encryption or decryption when they want to access a file, in some of those systems the file may reside in cleartext on disk while the user is actively working on it. Encryption file systems decrease the user interaction and guarantee the files in disk is in cipher-text ,but those systems are complex in design and real- ization. In this paper the encryption system is based on Windows NT driver model and file system filter driver to deal with data on the fly. It overcomes the disadvantages of both user-mode encryption systems and encryption file systems. Additionally, through storing the encryption key in the smart card the system security is enhanced. |
| |
| Keywords: | file system filter driver encryption decryption smart card |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
