Design and Implementation of a Cryptographic File System for Linux Based on Trusted Computing Platform

Author

Jin, Guo ; Bo, Li

Author_Institution

Astronaut. & Aeronaut. Inst., Univ. of Electron. Sci. Technol. of China, Chengdu, China

Volume

1

fYear

2011

fDate

28-29 March 2011

Firstpage

102

Lastpage

105

Abstract

A prototype system STEFS (Security and Trusted Enhanced File System) of dependability based on trusted computing platform, which can enhanced the security of the file system in Linux, is presented in this paper. Integrating Linux kernel security mechanism and security storage function of TPM (Trusted Platform Module) efficiently, STEFS provides three dynamic loading modules which are not only file encryption and integrity checking measures, but also multilevel access control mechanism to strengthen the security protection of system sensitive data. The whole system is secured through hardware-based protection and underlying security support relying on TPM chip.

Keywords

Linux; authorisation; cryptography; file organisation; operating system kernels; Linux kernel security mechanism; STEFS; TPM chip; cryptographic file system; integrity checking measures; multilevel access control mechanism; security enhanced file system; security protection; trusted computing platform; trusted enhanced file system; Access control; Encryption; File systems; Kernel; Linux; Linux; cryptographic fil system; multi-level access control; trusted computing;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Computation Technology and Automation (ICICTA), 2011 International Conference on

Conference_Location

Shenzhen, Guangdong

Print_ISBN

978-1-61284-289-9

Type

conf

DOI

10.1109/ICICTA.2011.32

Filename

5750566