Encrypting read / write method in use for NAS storage system

A technology of storage system and reading and writing method, which is applied in the field of network storage, can solve the problems of reducing the performance of the file system, and achieve the effects of improving security, overcoming inconvenient use, and overcoming low efficiency

Inactive Publication Date: 2009-09-02
HUAZHONG UNIV OF SCI & TECH
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Although the Cryptographic File System (CFS) designed by Matt Blaze realizes the encryption of the file system layer, see Matt Blaze's paper "A Cryptographic File System for UNIX", http: / / www.crypto.com / papers / cfs. pdf, but CFS is implemented in user mode, excessive context switching and data copying reduce the performance of this type of file system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encrypting read / write method in use for NAS storage system
  • Encrypting read / write method in use for NAS storage system
  • Encrypting read / write method in use for NAS storage system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] When accessing the NAS, the data will reach the server through the network, passing through the network file system layer. Read and write data for encryption and decryption. The encryption algorithm adopts Blowfish proposed by Bruce Schneier, which can ensure that the data size before and after encryption is the same. For reference, see http: / / www.schneier.com / blowfish.html. This transparent encryption method not only maintains the user's usage habits, but also overcomes the shortcomings of low performance and efficiency of user-mode encrypted file systems (such as CFS).

[0041] In data encryption, data before encryption is called plaintext data, and data after encryption is called ciphertext data, and this term is used in the application of the present invention.

[0042] Such as figure 1 As shown, the file system often resides in the kernel and communicates directly with the device driver. The virtual file system abstracts the file system operation from the impleme...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an encrypted reading and writing method at the kernel state file system layer. The method is located between the virtual file system and the physical file system. During the reading operation, the read ciphertext data is first decrypted and then transmitted to the upper layer virtual file system; when writing, first determine the type of write operation, if it is a write operation, first encrypt the plaintext data to be written, and then pass the intercepted ciphertext data to the underlying physical file system, if it is a modification operation , the ciphertext data read into the memory will be partially decrypted, overwritten, globally encrypted, and partially intercepted. This method not only has the inherent high efficiency of kernel state operations, but also uses partial decryption and partial interception to improve the efficiency of data operations. From the test process and test data, it can be known that using the encrypted reading and writing method of the present invention can simultaneously overcome the inconvenience of the application layer encryption program and the low efficiency of the user state encrypted file system.

Description

technical field [0001] The invention belongs to the technical field of network storage, and in particular relates to an encrypted reading and writing method for a NAS storage system. Background technique [0002] The storage capacity of most enterprises doubles every 6 to 8 months. When the storage capacity continues to increase, the threatened data also increases. Theft, tampering and destruction of data are sometimes fatal to enterprises. At present, there is a very important application - Network Attached Storage (NAS). NAS mainly uses network protocols (such as Network File System, NFS) to back up and share data resources on Ethernet. Therefore, NAS has many security risks, such as Sniffing attacks, illegal copying, etc., the use of applications to protect data has the disadvantages of high overhead and inconvenient use. For example, users are usually not used to using applications to encrypt data. One idea is to implement encryption operations in the file system. [00...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08G06F12/14
Inventor 谢长生黄建忠蔡斌李怀阳吴伟
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap