Methods of using NVM to improve performance of cryptographic file system

A technology for encrypting file systems and ciphertexts, applied in the field of information security, to improve overall performance, reduce context overhead, and improve encryption performance

Inactive Publication Date: 2018-09-07
CHONGQING UNIV
View PDF9 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] In view of this, the present invention provides a method for improving file system encryption / decryption performance by using NVM, which solves a large amount of context switching overhead caused by multiple calls to hardware accelerators and problems caused by waiting for data to be written back to the disk during the eCryptfs encryption process. delay problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Methods of using NVM to improve performance of cryptographic file system
  • Methods of using NVM to improve performance of cryptographic file system
  • Methods of using NVM to improve performance of cryptographic file system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0041] The invention provides a method for improving the reading and writing performance of an encrypted file system by using NVM. The method is universal, can be built on different file systems, and also supports current mainstream software encryption libraries.

[0042]Taking the use of AES encryption algorithm and QAT hardware accelerator to encrypt file data on the EXT4 file system as an example, the method of using NVM to improve the encryption / decryption performance of the file system in the present invention will be further described in detail.

[0043] In the following, taking the write operation and read operation of the EXT4 encrypted file system as an example, analyze how NVM improves the read and write performance of the EXT4 encrypted file system.

[0044] First, dynamically plan the write requests issued by the upper-layer application. Such as figure 2 As shown, the upper layer application preprocesses the write requests sent by the VFS layer, identifies the a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses methods of using NVM to improve performance of a cryptographic file system. Dynamic planning is carried out according to data block features of a file writing request, a suitable soft or hard calculation method is selected to execute an encryption operation, then ciphertext is written into an NVM cache, and finally, ciphertext data in the NVM are collectively written back to a disk layer by a background thread in a manner of asynchronous IO. NVM memory space is allocated and managed by an NVM memory management strategy. A storage location of requested data is quickly queried according to the NVM memory management strategy, a decryption operation is carried out on read ciphertext by selecting a suitable soft or hard calculation method by a dynamic planning method, and finally, plaintext is returned to an upper-layer application. Compared with manners in which the need for calling hardware engines for multiple times and waiting for data writing-back to disks causes delay in traditional eCryptfs data encryption / decryption, the method can effectively reduce mode context switching overheads of hardware and delay due to IO speed mismatching, improves application of a hardware encryption engine, and also improves overall performance of the cryptographic file system.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method for improving the performance of an encrypted file system by using NVM. Background technique [0002] In recent years, how to protect sensitive data from being leaked has become a hot issue that people pay attention to. In addition to directly stealing physical storage devices, intruders can also steal file data through network attacks; moreover, due to sharing requirements, sensitive data will be accessed by multiple people, which also increases the possibility of leakage. Encrypting data or files has become a recognized and successful method of protecting data, ensuring that the content is encrypted and stored in physical devices, and improving the storage security of file data. [0003] As an enterprise-level encrypted file system, eCryptfs is a stackable encrypted file system (Stackable Cryptographic File System). This encrypted file system can be regar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30
Inventor 肖春华潘妍樾成林峰李鹏达
Owner CHONGQING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap