Presentation is loading. Please wait.

Presentation is loading. Please wait.

-Term Project Final Presentation- 20103453 Sang-Ho Lee 20103575 Dae-Jin Jung.

Published byBlake Owens Modified over 9 years ago

Similar presentations

Presentation on theme: "-Term Project Final Presentation- 20103453 Sang-Ho Lee 20103575 Dae-Jin Jung."— Presentation transcript:

1 -Term Project Final Presentation- 20103453 Sang-Ho Lee 20103575 Dae-Jin Jung

2 Motivation Secure File System in Windows is needed!!! Windows is very popular OS. However, relatively rare in File systems. Many Secure System exists in Network.

3 Problem Statement 1 User-level Security - very easy for attacker to modify the data. - “Not Familiar Interface” hard to encrypt/decrypt the data for user. many problem in real use.

4 Problem Statement 2 System-level Security - in Windows, EFS is depend on File System Itself (it’s supported only at NTFS 3.0) - not sufficient to communicate with other system

5 Related Works 1. Matt Blaze, “A Cryptographic file system for UNIX”, ACM 03-05,1993 2. Encrypting File System(EFS) on MS Windows.

6 Related Works by Matt Try to encrypt at the system level - It’s more robust than doing at the application level.

7 Related Works by EFS 1. Use symmetric key(FEK) to encrypt /decrypt file for efficiency. 2. Use asymmetric key to store FEK safely. 3. It provides limited security.

8 Approach I/O manager File System Driver Disk Driver IRP I/O Mechanism File System Filter Driver

9 Approach I/O manager File System Driver Disk Driver File System Filter Driver IRP IRP Hooking – By Filter Driver

10 Approach Open Source Filemon (v.4.34, Sysinternals) Logs on accessing files Functionality Protecting Hiding Auto Enc/Decryption User Transparency

11 Approach Encryption Policy Encrypted System Cache (Hard disk cache & cache App) Plaintext System Cache (Hard disk cache)

12 Approach CPUARIASEEDAES Pentium Ⅲ 37.342.423.3 Pentium Ⅳ 49.081.330.5 (cycle/byte) ARIA Professor’s recommendation Involution SPN structure 128 bit Block SIZE Variable Key Size (128/192/256 bit)

13 Evaluation - 1 Performance Test Environment E6700(@2.66G), 2G RAM, Vmware(7.0, 1 core, 512 RAM) File copy Normal Small 7915 files(618MB) - 106 sec Large file(617MB)- 33 sec Driver Small 7915 files(618MB) - 246 sec Large file(617MB)- 180 sec

14 Evaluation - 2 Driver Unload Basically it doesn’t work (or System crash) All files are encrypted (with same key) Information File is also encrypted

15 Evaluation - 3 System Cache Access There is nothing we can do!!! (Because of this system design) No product using encrypted cache data

16 Future Works Encrypted Cache Data There is nothing we can do!!! (Because of this system design) No product using encrypted cache data

17 Future Works Need for Various Authentication Password(what you know) is not enough Enhancing performance Fast Enc/Dec algorithm & implementation

18 Conclude Pros Protect folder using kernel process Information file is also protected & encrypted Transparency for users Cons Low performance Further work should be worked on.

19

Download ppt "-Term Project Final Presentation- 20103453 Sang-Ho Lee 20103575 Dae-Jin Jung."

Similar presentations

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Windows XP File System Management Group D. 3 Layers of Drivers Filter Drivers Filter Drivers –Virus protection, compression, encryption File System Drivers.

Windows XP File System Management Group D. 3 Layers of Drivers Filter Drivers Filter Drivers –Virus protection, compression, encryption File System Drivers.
Security at the Operating System Level (Microsoft) By Birinder Dhillon.

Security at the Operating System Level (Microsoft) By Birinder Dhillon.
Chapter 2: Operating-System Structures

Chapter 2: Operating-System Structures
File management in UNIX and windows 2000

File management in UNIX and windows 2000
Operating Systems. What is an Operating System? A layer of software between users/applications and the hardware. The first program loaded onto a computer.

Operating Systems. What is an Operating System? A layer of software between users/applications and the hardware. The first program loaded onto a computer.
Encrypted File System (EFS) Sankara Narayanan. CSE 785 Computer Security, Syracuse University, NY Spring 2003 – 2004.

Encrypted File System (EFS) Sankara Narayanan. CSE 785 Computer Security, Syracuse University, NY Spring 2003 – 2004.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 7: Advanced File System Management.
I/O Systems CS 3100 I/O Hardware1. I/O Hardware Incredible variety of I/O devices Common concepts ◦Port ◦Bus (daisy chain or shared direct access) ◦Controller.

I/O Systems CS 3100 I/O Hardware1. I/O Hardware Incredible variety of I/O devices Common concepts ◦Port ◦Bus (daisy chain or shared direct access) ◦Controller.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 7: Advanced File System Management.
File System Security Jason Eick and Evan Nelson. What does a file system do? A file system is a method for storing and organizing computer files and the.

File System Security Jason Eick and Evan Nelson. What does a file system do? A file system is a method for storing and organizing computer files and the.
Module 6: Managing Data Storage. Overview Managing File Compression Configuring File Encryption Implementing Disk Quotas.

Module 6: Managing Data Storage. Overview Managing File Compression Configuring File Encryption Implementing Disk Quotas.
Operating Systems.

Operating Systems.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.

Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.
EFS: Encrypted File system An Introduction & Final Project For CSE785: Computer Security Syracuse University Spring 2005.

EFS: Encrypted File system An Introduction & Final Project For CSE785: Computer Security Syracuse University Spring 2005.
1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.

1 Using Compressed Files and Folders Applications and operating systems read and write to compressed files. NTFS uncompresses the file before making it.
EFS: encrypted File system Project by: Andrew Grossman Gaurav Gupta CMSC 691X-Summer 2002 University of Maryland Baltimore County.

EFS: encrypted File system Project by: Andrew Grossman Gaurav Gupta CMSC 691X-Summer 2002 University of Maryland Baltimore County.
File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.

File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.

Similar presentations

Ads by Google