Method for encrypting extended file system based on Linux

A file system and encryption method technology, applied in the field of information security, can solve the problems of expansion, unable to use the national secret algorithm, no hardware encryption, etc., to achieve the effect of small space overhead, fewer components, and strong portability

Inactive Publication Date: 2016-03-02
中电科网络安全科技股份有限公司
View PDF8 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this technology currently only supports general algorithms such as AES, and cannot...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for encrypting extended file system based on Linux
  • Method for encrypting extended file system based on Linux

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention comprises two parts:

[0023] 1. Encryption setting tool: It runs in user mode and provides policy setting and key management tools.

[0024] The policy setting tool creates an encrypted path or file based on user input, and binds it with the specified key.

[0025] Key management tool for importing, updating, querying and destroying keys.

[0026] When the tool is running, it will establish a temporary session with the kernel's key module ( / proc / keys).

[0027] 2. The e4crypt kernel module.

[0028] According to the algorithm strategy, the encryption and decryption operations are performed at the bottom layer of the file system, and the temporary page and read callback technology are used to encrypt and decrypt the ciphertext in the physical page respectively.

[0029] Below is the detailed introduction of the inventive method:

[0030] A Linux-based extended file system encryption method, such as figure 1 and figure 2 As shown, it specific...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for encrypting an extended file system based on Linux. An encryption setting tool runs in a user mode and provides a strategy setting tool and a key setting tool; a core module executes encryption and decryption operations at a system bottom layer of the file system according to an algorithm strategy; when the encryption setting tool runs, the encryption setting tool and a key module of the core module establish a temporary session. In comparison with the prior art, the method has the following positive effects that through direct butt joint with the extended file system, the encryption and decryption operations are completed in a Linux core layer, an encryption process is completely transparent to the user mode, a user does not care an encryption and decryption process, and the operation process is completely consistent to a common file; GMB algorithm (SM1/SM2/SM3/SM4) interface configuration is adopted; a file name and a file content are both subjected to encryption operation; a key is stored in a core key ring, and a non-held user (including a root user) is invisible; the components are less, the space cost is small, the transportability is strong, and the method is suitable for a general or embedded system.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a Linux-based extended file system encryption method, which adopts a specific algorithm to encrypt a path or a single file at the file system level to protect important user information. Background technique [0002] File encryption refers to changing the original information data with a special algorithm, so that unauthorized users cannot obtain file information and protect important data of users. The file encryption technology should consider the stability, security and convenience of the encryption software. Commonly used encryption implementations are: [0003] Database encryption, which encrypts and protects the data stored in the background of the database. The technology includes view triggers, pre-decryption processing, and ciphertext indexing technology. [0004] Tool encryption, using application software to encrypt and decrypt specified path...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/62
CPCG06F21/6281G06F2221/2107
Inventor 李曦灏
Owner 中电科网络安全科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap