Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2015, Vol. 16 Issue (1): 28-42    DOI: 10.1631/FITEE.1400133
    
ImgFS:一种利用用户空间文件系统的图片存储透明加密技术
Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan
Centre for Software Technology and Management, Faculty of Information Science and Technology, National University of Malaysia (UKM), Bangi 43600, Selangor, Malaysia
ImgFS: a transparent cryptography for stored images using a filesystem in userspace
Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan
Centre for Software Technology and Management, Faculty of Information Science and Technology, National University of Malaysia (UKM), Bangi 43600, Selangor, Malaysia
 全文: PDF 
摘要: 目的:透明加密技术克服了传统加密技术中面临的使用方便性、运行效率、安全等级等缺陷。然而已有的透明加密技术依赖于对核数据空间的深度理解。本文提出一种基于用户空间的全透明加密文件系统,有效克服已有的基于用户空间的加密文件系统运行中的不足之处。
创新:提出的ImgFS全透明加密文件系统平衡了图像存储文件的安全等级要求和使用方便性,并且能够克服现有的基于用户空间的加密文件系统的缺陷。
方法:设计ImgFS结构,并在不同规格图像文件下测试其读写性能。将读写时间与标准Ext4下的读写时间进行比较(图5-8);对读写进程中主程序执行时间做进一步分析(图9-11);并将ImgFS的性能与相关工作中的结论进行比较(图12)。
结论:实验结果表明当ImgFS提供更高等级安全性与透明度时,其性能可与已有的基于加密用户空间文件系统的高性能机制相比拟。
关键词: 图像存储安全性加密文件系统用户空间文件系统透明加密    
Abstract: Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user convenience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Nevertheless, current implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files’ read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.
Key words: Storage image security    Cryptographic file system    Filesystem in userspace (FUSE)    Transparent encryption
收稿日期: 2014-04-08 出版日期: 2014-12-23
CLC:  TP309.7  
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Osama A. Khashan
Abdullah M. Zin
Elankovan A. Sundararajan

引用本文:

Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan. ImgFS: a transparent cryptography for stored images using a filesystem in userspace. Front. Inform. Technol. Electron. Eng., 2015, 16(1): 28-42.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/FITEE.1400133        http://www.zjujournals.com/xueshu/fitee/CN/Y2015/V16/I1/28

[1] Gaurav Bansod, Narayan Pisharoty, Abhijit Patil. BORON:面向普适计算的超轻量低功耗加密设计[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(3): 332-345.
[2] Jia Xie, Yu-pu Hu, Jun-tao Gao, Wen Gao. NTRU格上基于身份签名的高效方案[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(2): 135-142.
[3] Pei-yih TING, Xiao-wei HUANG, Jun-hui WU, Chia-huei HSEU. A secure threshold Paillier proxy signature scheme[J]. Front. Inform. Technol. Electron. Eng., 2010, 11(3): 206-213.