CN105335663A - Encrypted file system based on double-image file - Google Patents

Encrypted file system based on double-image file Download PDF

Info

Publication number
CN105335663A
CN105335663A CN201510690514.9A CN201510690514A CN105335663A CN 105335663 A CN105335663 A CN 105335663A CN 201510690514 A CN201510690514 A CN 201510690514A CN 105335663 A CN105335663 A CN 105335663A
Authority
CN
China
Prior art keywords
file
image file
real image
data
virtual image
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510690514.9A
Other languages
Chinese (zh)
Other versions
CN105335663B (en
Inventor
龙毅宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan University of Technology WUT
Original Assignee
Wuhan University of Technology WUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan University of Technology WUT filed Critical Wuhan University of Technology WUT
Priority to CN201510690514.9A priority Critical patent/CN105335663B/en
Publication of CN105335663A publication Critical patent/CN105335663A/en
Application granted granted Critical
Publication of CN105335663B publication Critical patent/CN105335663B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an encrypted file system based on a double-image file. In the encrypted file system, each encrypted file is correspondingly equipped with a virtual image file, and the encrypted file corresponding to the virtual image file is called a real image file; when file I/O (Input/Output) operation is carried out on the virtual image files by a program progress, the I/O operation aiming at the virtual image files can be converted into operation aiming at the corresponding real image files in the encrypted file system; through file redirection, a trusted progress and an untrusted progress which aim at one file type are respectively allowed to directly carry out the file I/O operation on one kind of files and only one kind of files of the real image files and the virtual image files; when data reading or storing and writing operation is carried out on one real image file or one virtual image file by one trusted process, data can be automatically unencrypted or encrypted; the trusted process and the untrusted process are respectively used for operating different files, so that different file control blocks and data caches are obtained, and the problem of violently clearing the cache is avoided.

Description

A kind of encrypted file system based on double image file
Technical field
The invention belongs to field of information security technology, particularly a kind of encrypted file system based on double image file.
Background technology
Driving the transparent file encryption system of (FileFilterDriver) automatically can realize the encryption and decryption of file when not affecting user's use habit based on file filter device, is the important technical guaranteed data security.But the current following problem of transparent file encryption technology ubiquity driven based on file filter device.
Current file system (as Windows file system) is all the file system of band buffer memory, namely, when application program reads the data of a file, file system first sees in internal memory the content whether being cached with application program and will reading, if have, then direct the data of buffer memory in internal memory to be returned, otherwise, file system reads some file datas (normally data of several pages from storage medium, page read operation as by file), then on the one hand the file data of reading is buffered in internal memory, on the other hand application program desired data is returned to application program, when multiple process opens same file simultaneously, their shared files are data cached (in Windows file system, a file only has a file control block FCB, and when therefore multiple process opens same file simultaneously, they share a FCB and file cache).
In the file encryption system driven based on file filter device, usually program process is divided into trusted process and untrusted process, trusted process sets for specific file type; A trusted process is allowed to the clear data of the encrypt file obtaining respective file type, a untrusted process is not then allowed to, the such as program process of Word program is the trusted process of Word document encrypt file, can obtain the clear data in Word document encrypt file, browser process is not then allowed to obtain the clear data in Word document encrypt file as the untrusted process of Word document.Like this, when a trusted process reads an encrypt file, in internal memory, buffer memory should be clear data, and when a untrusted process reads an encrypt file, in internal memory, buffer memory should be encrypt data.When a trusted process and a untrusted process replace a reading encrypt file, file encryption system needs the data constantly emptying buffer memory in internal memory, to guarantee to be cached with correct data (plaintext or ciphertext) in internal memory, this is called violence brush buffer memory or the clear cache problem of violence, and violence brush buffer memory or the clear buffer memory of violence reduce the efficiency of file operation; Further, when a trusted process and a untrusted process read an encrypt file simultaneously, file encryption system is just difficult to process, at this moment in internal memory, the data of buffer memory likely exist expressly and encrypt data simultaneously, this both may cause sensitive data to leak, and made again trusted process normally to work.
For the data buffer storage problem in transparent file encryption, people propose some solutions, and as Double buffer scheme etc., it is different data cached that Double buffer scheme manages to make trusted process and untrusted process to read for same file, and scheme is complicated.
In fact, solving violence brush or clear buffer memory in transparent file encryption according to traditional file filter device Driving technique is very difficult, that technical difficulty is very high thing.To this, someone starts with from file system and solves relevant issues, namely directly exploitation one meets the transparent encrypted file system file system of file encryption, deciphering (automatically realize) of demand for security, and is namely such a encrypted file system (the SEFS transparent encryption platform technology white paper see based on LayerFSD technology) based on the SEFS transparent encrypted file system of the many FCB of LayerFSD+.SEFS transparent encrypted file system based on the many FCB of LayerFSD+ allows each process have oneself FCB and buffer memory, and the buffer memory of such trusted process is expressly, and the buffer memory of untrusted process is ciphertext.The encrypted file system Problems existing of such FCB more than is: when 1) multiple process accesses a file simultaneously, memory usage and file access efficiency low; 2) change the mode of operating system management file data and file operation, such as, operating system thinks that same file should only have a FCB and buffer memory, and may run into unpredictable problem to the change of this file data management mode; 3) there is the problem that data in multiple FCB and buffer memory are inconsistent.
Summary of the invention
The object of the invention is to propose a kind of encrypted file system based on double image file, to overcome the deficiencies in the prior art.
In order to realize object of the present invention, technical scheme proposed by the invention is:
Based on an encrypted file system for double image file, be specially:
Each (necessary being) file in described encrypted file system has a corresponding virtual image file; Described virtual image file is a kind of file of virtual, untrue existence, and the file of the necessary being corresponding with virtual image file is called real image file; Real image file is encrypt file (encrypted file); Encrypt file has identical file type (extension name) with the original file before encryption; Each virtual image file has a file path, is called virtual file paths (file path that non-genuine exists); Include the file path of corresponding real image file in the virtual file paths of virtual image file, or the file path of corresponding real image file can be obtained by the virtual file paths of virtual image file; Real image file and virtual image file antithesis file each other, namely virtual image file is the antithesis file of corresponding real image file, and real image file is the antithesis file of corresponding virtual image file; When being allowed to carry out file I/O operation to the program process that virtual image file directly carries out file I/O operation to virtual image file for one, the file I/O operation file I/O be converted into for corresponding real image file for virtual image file operates in inside by encrypted file system.
In described encrypted file system, the program process carrying out file I/O operation to real image file and virtual image file comprises the system process (as WindowsSystem process) of trusted process, untrusted process and operating system secondary file I/O operation; Described trusted process is the program process being allowed to the clear data obtaining encrypt file, comprises the clear data being allowed to directly access real image file acquisition encrypt file or the program process indirectly being obtained the clear data of encrypt file by access virtual image file; Described untrusted process is the program process not being allowed to the clear data obtaining encrypt file, comprises the clear data not being allowed to directly access real image file acquisition encrypt file or the program process indirectly being obtained the clear data of encrypt file by access virtual image file; Trusted process and untrusted process set for file type (the operation process as Word program is the trusted process of Word document, and the operation process of InternetExplorer is not then); The system process that operating system secondary file I/O operates does not belong to trusted process and the untrusted process of any one file type; When the auxiliary trusted process of the system process that operating system secondary file I/O operates carries out file I/O operation, the system process that operating system secondary file I/O operates is allowed to the clear data obtaining encrypt file; When the auxiliary untrusted process of the system process that operating system secondary file I/O operates carries out file I/O operation, the system process that operating system secondary file I/O operates is not allowed to the clear data obtaining encrypt file;
For each the class process in the trusted process set by a kind of file type and untrusted process two class process, to be allowed to the class file in the real image file of the file type of correspondence and virtual image file two class file and only a class file directly carries out file I/O operation (as the trusted process of Word document, as Word program process, only be allowed to directly carry out file I/O operation to Word document real image file, or be only allowed to directly carry out file I/O operation to Word document virtual image file; If the trusted process of Word document is only allowed to directly carry out file I/O operation to Word document real image file, the then untrusted process of Word document, as the process of InternetExplorer, be only allowed to directly carry out file I/O operation to Word document virtual image file); The system process that operating system secondary file I/O operates is allowed to directly carry out file I/O operation (it both directly can carry out file I/O operation to real image file, directly can carry out file I/O operation again to virtual image file) to the real image file of any one file type and virtual image file;
The program process being allowed to directly carry out a kind of real image file of file type or the virtual image file file I/O operation is called as the real image file of respective file type or the program process of being permitted of virtual image file; For the program process of being permitted that the trusted process set by a kind of file type or untrusted process can only be class files in the real image file of respective file type and virtual image file two class file; The system process that operating system secondary file I/O operates is the program process program process of being permitted of virtual image file (it to be real image file be also) of being permitted of the real image file of any one file type and virtual image file; If the program process of being permitted is trusted process, be then called the trusted process of being permitted; If the program process of being permitted is untrusted process, be then called the untrusted process of being permitted; agreement trusted process and untrusted process are allowed to be called that the license that trusted process and untrusted process directly carry out file I/O operation to real image file and the virtual image file specify to the regulation which kind of file in a kind of real image file of file type and virtual image file two class file directly carries out file I/O operation respectively and (specify the license that real image file and virtual image file directly carry out file I/O operation according to trusted process and untrusted process, a trusted process or untrusted process can only be the program process of being permitted of a class file in a kind of real image file of file type and virtual image file two class file, such as, if directly carry out the license regulation of file I/O operation according to trusted process and untrusted process to real image file and virtual image file, the trusted process of Word document directly can only carry out I/O operation to Word document real image file, the untrusted process of Word document directly can only carry out I/O operation to Word document virtual image file, so, Word program process is the trusted process of being permitted of Word document real image file, and InternetExplorer program process is the untrusted process of being permitted of Word document virtual image file) (trusted process and untrusted process and the program process of being permitted and non-program process of being permitted are two different concepts, the former refers to that can a program process directly or indirectly obtain a kind of clear data of encrypt file of file type, the latter refers to that can a program process directly directly carry out file I/O operation to the class in a kind of real image file of file type or virtual image file two class file, a program process or can not obtain the clear data of an encrypt file, but a program process total energy directly or indirectly accessing encrypt file, because it otherwise be the program process of being permitted of real image file (encrypt file), or be the program process of being permitted of virtual image file),
When a real image file is opened or is created in a program process request, the program process that described encrypted file system first judges to open or create real image file is trusted process or untrusted process, then according to trusted process and untrusted process, the license regulation of file I/O operation is directly carried out to real image file and virtual image file, determine whether program process is allowed to directly carry out file I/O operation (namely whether program process is the program process of being permitted of the real image file that will open or create) to real image file, if be not allowed to, the operation (outside) that then real image file was opened or created to program process by encrypted file system is redirected to the corresponding virtual image file of the real image file that program process will be opened or create (if program process is not the program process of being permitted of real image file, must be then the program process of being permitted of the corresponding virtual image file of real image file), be redirected after File Open or creation operation in, the file path of the real image file that program process will be opened or create is converted into the virtual file paths of corresponding virtual image file, if program process is allowed to directly carry out file I/O operation to real image file, then program process is directly opened or is created real image file,
When a virtual image file is opened or created to a program process of being permitted, encrypted file system obtains the file path of corresponding real image file by the virtual file paths of virtual image file that will open or create, and encrypted file system inner by for virtual image file open or creation operation is converted into opening or creation operation for real image file;
When a real image file or virtual image file are opened or created to a program process of being permitted, if encrypted file system finds the real image file opened or create, or the corresponding real image file of the virtual image file opened or create, be a unencrypted file, then unencrypted real image file encryption is become encrypt file by encrypted file system;
When the real image file that a program process of being permitted is opened to or created by trusted process or virtual image file carry out data read operation (file I/O read operation), encrypted file system returns after the decrypt encrypted data of reading; (program process of now, being permitted is the system process that trusted process and/or operating system secondary file I/O operate)
When the real image file that a program process of being permitted is opened to or created by trusted process or virtual image file carry out (file I/O write operation) when data deposit write operation, encrypted file system will carry out data again after will depositing the clear data encryption write and deposits write operation; (program process of now, being permitted is the system process that trusted process and/or operating system secondary file I/O operate)
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out data read operation (file I/O read operation), the enciphered data of reading directly returns by encrypted file system; (program process of now, being permitted is the system process that untrusted process and/or operating system secondary file I/O operate)
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out (file I/O write operation) when data deposit write operation, encrypted file system first checks determines that will deposit the data write is clear data or encrypt data, clear datas to deposit the data write, then encrypted file system will carry out data again and deposits write operation after first will depositing the clear data encryption write, are encrypt datas to deposit the data write, then directly carry out data and deposit write operation; (program process of now, being permitted is the system process that untrusted process and/or operating system secondary file I/O operate)
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, encrypted file system is the file control block (FileControlBlock in internal memory to real image file and virtual image file, FCB) and data buffer storage (Cache) carry out fileinfo and synchronously process, described fileinfo comprises file size (FileSize), file allocation length (FileAllocationSize), and affects the alternative document information of file I/O operation;
To carry out before or after data deposit write operation to a real image file or virtual image file at a program process of being permitted, to real image file and virtual image file, data cached (Cacheddata) in internal memory synchronously processes encrypted file system.
It should be noted that, open or create a file at a program process, carry out in the process of file I/O operation, the system process that operating system secondary file I/O operates, as WindowsSystem process, file I/O operation can be participated in, Page as carried out data reads, Page write operation etc., now, the file I/O operation that the system process that operating system secondary file I/O operates carries out is regarded as opening or creating file, a part for the file I/O operation that the program process carrying out file I/O operation carries out, such as, if open or create file, what carry out file I/O operation is a trusted process, the system process that then operating system secondary file I/O operates is considered to be a part for trusted process file I/O operation for the file I/O operation that the file that trusted process is opened or created carries out, if opening or create file, carrying out the program process of file I/O operation is a untrusted process, then the system process that operating system secondary file I/O operates is considered to be a part for untrusted process file I/O operation for the file I/O operation that the file that untrusted process is opened or created carries out.
Trusted process and untrusted process have multiple to the license regulation scheme that real image file and virtual image file directly carry out file I/O operation, are below that two kinds of possible trusted processes and untrusted process directly carry out the license regulation scheme of file I/O operation to real image file and virtual image file.
Trusted process and untrusted process directly carry out file I/O operation license regulation scheme one to real image file and virtual image file:
For in a kind of trusted process of file type and untrusted process two class process, untrusted process is only had to be allowed to directly carry out file I/O operation to the real image file of respective file type, untrusted process is not allowed to directly carry out file I/O operation to the virtual image file of respective file type, only have trusted process to be allowed to directly carry out file I/O operation to the virtual image file of respective file type, trusted process is not allowed to directly carry out file I/O operation to the real image file of respective file type.
Trusted process and untrusted process directly carry out file I/O operation license regulation scheme two to real image file and virtual image file:
For in a kind of trusted process of file type and untrusted process two class process, trusted process is only had to be allowed to directly carry out file I/O operation to the real image file of respective file type, trusted process is not allowed to directly carry out file I/O operation to the virtual image file of respective file type, only have untrusted process to be allowed to directly carry out file I/O operation to the virtual image file of respective file type, untrusted process is not allowed to directly carry out file I/O operation to the real image file of respective file type.
When a real image file or virtual image file are opened or created to a program process of being permitted, encrypted file system judges the real image file opened or create according to characteristic, or the corresponding real image file of the virtual image file opened or create is encrypt file or non-encrypted file;
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out (file I/O write operation) when data deposit write operation, according to characteristic, encrypted file system judges that will deposit the file data write is clear data or encrypt data.
Encrypted file system has multiple to the scheme that real image file and virtual image file carry out fileinfo and data cached synchronous process, is below several possible schemes.
The scheme one of fileinfo and data cached synchronous process:
In encrypted file system, introduce a file synchronization filtrator drive and a file synchronization process; Described file synchronization process is a program process operating in user's space; Described file synchronization process is the program process of being permitted of real image file and virtual image file;
After a real image file or virtual image file are opened or created to a program process of being permitted beyond file synchronization process (the PostCreate process that the minifilter as Windows operates for file CreateI/O), self-defining user's context (CustomUserContext) whether has been created in the file control block of the file that file synchronization filtrator drives inspection to open or create in internal memory, if no, then file synchronization filtrator drives and create a self-defining user's context in file control block;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, file synchronization filtrator drives and sends fileinfo synchronization notice to file synchronization process;
After receiving fileinfo synchronization notice, file synchronization process open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, the fileinfo of antithesis file is set, after completing fileinfo setting operation to make file synchronization process and the program process of being permitted, fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent (unanimously not necessarily the same, because consider the factor of possible additional header, for data buffer storage, the file size of data buffer storage can be made by fileinfo setting operation consistent),
File synchronization filtrator drives to be intercepted after file synchronization process arranges the request of the fileinfo of file, check in the file control block of file in internal memory whether have self-defining user's context, if have, then allow I/O operate sensitive information and request is set by (going down, arrange), otherwise, directly return setting operation success (without the need to carrying out renewal rewards theory);
To carry out before or after file data deposits write operation to a real image file or virtual image file at a program process of being permitted, file synchronization filtrator drives and sends file cache data syn-chronization notice to file synchronization process;
After receiving file cache data syn-chronization notice, file synchronization process open or create the program process of being permitted carry out file data deposit write operation for the antithesis file of file, deposit and write part random data (this random data deposits write operation as data cached synchronous signal, synchronous to distinguish fileinfo), then close antithesis file;
File synchronization filtrator drives to be intercepted after file synchronization process deposits the request of file data, check in the file control block of file in internal memory whether have self-defining user's context, if have, then empty data cached in internal memory of file, then directly return data deposits write operation success (not going down, really carry out data deposit write operation), otherwise do not carry out null clear operation, direct return data deposits write operation success;
File synchronization process, to the fileinfo of a real image file or virtual image file or data cached synchronous operation, does not trigger new synchronous process operation (avoiding circulation synchronous to upgrade);
Drive if described encrypted file system comprises a file encryption filter, then the synchronized update function that file synchronization filtrator drives is driven by file encryption filter to be implemented.
The scheme two of fileinfo and data cached synchronous process:
A file synchronization process is introduced in encrypted file system; Described file synchronization process is a program process operating in user's space; Described file synchronization process is the program process of being permitted of real image file and virtual image file;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, encrypted file system sends fileinfo synchronization notice to file synchronization process;
After receiving fileinfo synchronization notice, file synchronization process open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, the fileinfo of antithesis file is set, after completing fileinfo setting operation to make file synchronization process and the program process of being permitted, the fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent;
Encrypted file system receives after file synchronization process arranges the request of the fileinfo of file, completes fileinfo setting operation;
To carry out before or after file data deposits write operation to a real image file or virtual image file at a program process of being permitted, encrypted file system sends file cache data syn-chronization notice to file synchronization process;
After receiving file cache data syn-chronization notice, file synchronization process open or create the program process of being permitted carry out file data deposit write operation institute for the antithesis file of file, deposit and write part random data, then closedown antithesis file;
Encrypted file system receives after file synchronization process deposits the request of file data, and empty data cached in internal memory of file, then directly return data deposits write operation success (really do not carry out data and deposit write operation);
File synchronization process does not trigger new synchronous process operation (avoiding circulation synchronous to upgrade) to the fileinfo of a real image file or virtual image file or data cached synchronous operation;
Drive if described encrypted file system comprises a file encryption filter, then the fileinfo of file synchronization filtrator driving and data cached synchronous processing capacity are driven by file encryption filter and implement.
The scheme three of fileinfo and data cached synchronous process:
In encrypted file system, introduce a file synchronization filtrator drive;
After a real image file or virtual image file are opened or created to a program process of being permitted, self-defining user's context (CustomUserContext) whether has been created in the file control block of the file that file synchronization filtrator drives inspection to open or create in internal memory, if no, then file synchronization filtrator drives and create a self-defining user's context in file control block;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, file synchronization filtrator drive inner nuclear layer open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, check in the file control block of antithesis file in internal memory whether have self-defining user's context, if have, then file synchronization filtrator is driven through the fileinfo of file I/O operation setting antithesis file, or the fileinfo directly arranged in the file control block of antithesis file, and when arrange fileinfo be file size or file allocation length time, the data buffer storage size of file is reset by calling cache management function, after completing fileinfo setting operation to make file synchronization filtrator and the program process of being permitted, fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent, if there is no self-defining user's context, then fileinfo is not carried out to antithesis file and synchronously process,
A real image file or virtual image file carried out before or after file data deposits write operation at a program process of being permitted, file synchronization filtrator drive inner nuclear layer open or create the program process of being permitted carry out file data deposit write operation for the antithesis file of file, check in the file control block of antithesis file in internal memory whether have self-defining user's context, if have, then file synchronization filtrator drives and empties data cached in internal memory of antithesis file, otherwise, then data cached null clear operation is not carried out to antithesis file;
Drive if described encrypted file system comprises a file encryption filter, then the fileinfo of file synchronization filtrator driving and data cached synchronous processing capacity are driven by file encryption filter and implement.
If increase a file encryption filter to drive in described encrypted file system, the then file encryption processing capacity of described encrypted file system, comprise that trusted process and untrusted process differentiate, File Open or create be redirected, file data encryption and decryption, encrypt file and non-encrypted file differentiate, non-encrypted file be encrypted to encrypt file, deposit that to write data be ciphertext or differentiation expressly, fileinfo and data cached synchronous process, in part or all of driving by file encryption filter implement.
The license regulation scheme that foregoing two kinds of trusted processes and untrusted process directly carry out file I/O operation to real image file and virtual image file is static, namely a trusted process or untrusted process are allowed to directly carry out file I/O operation for a real image file or virtual image file regularly, in fact, license regulation scheme can be dynamic, namely a trusted process or untrusted process are dynamically determined to be no being allowed to and directly carry out file I/O operation for a real image file or virtual image file, are below a kind of dynamically license regulation schemes:
When a real image file is opened or created to a trusted process, described encrypted file system checks whether the real image file that existing untrusted process was opened or created current trusted process and will open or create, if have, then the operation that real image file was opened or created to current trusted process is redirected to the corresponding virtual image file of the real image file that current trusted process will be opened or create, otherwise, check whether that the corresponding virtual image file of the real image file that current trusted process will be opened or create is opened or created to other trusted processes existing further, if have, then the operation that real image file was opened or created to current trusted process is redirected to the corresponding virtual image file of the real image file that current trusted process will be opened or create, otherwise, current trusted process is allowed to open or create its real image file that will open or create,
When a real image file is opened or created to a untrusted process, described encrypted file system checks whether the real image file that existing trusted process was opened or created current untrusted process and will open or create, if have, then the operation that real image file was opened or created to current untrusted process is redirected to the corresponding virtual image file of the real image file that current untrusted process will be opened or create, otherwise, check whether that the corresponding virtual image file of the real image file that current untrusted process will be opened or create is opened or created to other untrusted processes existing further, if have, then the operation that real image file was opened or created to current untrusted process is redirected to the corresponding virtual image file of the real image file that current untrusted process will be opened or create, otherwise, current untrusted process is allowed to open or create its real image file that will open or create.
Encrypted file system, by marking in file control block, records a real image file or virtual image file is current is opened by trusted process or untrusted process or create.
Under dynamic license regulation scheme, the process that encrypted file system operates alternative document I/O is with to permit under regulation scheme in static state the same.
Can see from the above description, based on technical scheme of the present invention, 1) multiple process when accessing a file simultaneously, and there are two file caches at most, memory usage and file access efficiency are all improved; 2) do not change the mode of operating system management file data and file operation, because from the angle of operating system, the file of untrusted process access and the file of trusted process access are two different files; 3) data in two FCB and buffer memory are synchronized update; 4) frequent clear buffer memory is avoided, when trusted process and untrusted process open a file simultaneously, without the need to clear buffer memory, only occurring that trusted process and untrusted process open file simultaneously, and one of them process is when having carried out the retouching operation of fileinfo and/or data to file, just can upgrade and buffer memory clear operation for the FCB of a file and the data cached fileinfo that carries out.
Accompanying drawing explanation
Fig. 1 is system principle schematic diagram of the present invention.
Fig. 2 adopts the driving of file redirection filtrator and user's space file system to implement system architecture of the present invention under Windows.
Fig. 3 adopts file encryption filter driving, file redirection filtrator driving enforcement system architecture of the present invention for network file system(NFS).
Embodiment
Below in conjunction with accompanying drawing and case study on implementation, specific embodiment of the invention is described.
Embodiment one,
The driving of file filter device and user's space file system (FileSysteminUserSpace, FUSE) is adopted to implement the present invention under Windows.
Trusted process and untrusted process adopt the license regulation that real image file and virtual image file directly carry out file I/O operation: allow untrusted process directly to carry out file I/O operation to real image file, allow trusted process directly to carry out file I/O operation to virtual image file.
Fig. 2 adopts the driving of file filter device and user's space file system to implement system architecture of the present invention under Windows, wherein, it is that a file filter device drives that file redirection and synchronous filtering device drive, FUSE file driving is the file system driver of user's space file system, and FUSE user space program is the user space program of user's space file system; File redirection and synchronous filtering device drive the differentiation being responsible for implementing trusted process or untrusted process, redirected and the fileinfo of File Open or creation operation and data cached synchronous process is carried out according to the license regulation of file I/O operation, and FUSE user space program is responsible for implementing file data encryption and decryption, encrypt file and non-encrypted file and is differentiated, non-encrypted file is encrypted to encrypt file, deposits that to write data be ciphertext or differentiation expressly, the correspondence of virtual image file and real image file, and finally the file I/O of real image file is operated; Real image file can be positioned at any position, as local in subscriber's main station, the webserver.
The exploitation that file redirection and synchronous filtering device drive can adopt Windows file filter device to drive (filterdriver) or micro-filter to drive (mini-filterdriver) technological development.Utilize Windows file filter device to drive or micro-filter drives and carries out trusted process and untrusted process and judge it has been proven technique, seldom describe at this; For file redirection, the driving of Windows filtrator or micro-filter can be utilized to drive and to realize reparsepoint function (the simrep.c code see WDK).
The exploitation of user's space file system can utilize the user's space file system technology under Windows to develop, such as, the file driving of Windows or file filter device is utilized to drive exploitation FUSE file driving, by windows desktop development technique exploitation FUSE user space program, and communicated with the communication mechanism between client layer by the inner nuclear layer of Windows between FUSE file driving with FUSE user space program; Or, use existing WindowsFUSE framework to develop double image file system.How development of user space file system under a windows environment, comprises on internet in disclosed data and has introduction, seldom describe at this.
The adoptable a kind of technical scheme of virtual file paths of the virtual image file that real image file is corresponding is: virtual file directory real image file path, here, virtual file directory is a non-existent file directory in user's space file system, and the fullpath that real image file path is the real image file that process will be opened or create comprises file place file reel (here, file reel instruction in the fullpath of original can adopt the expression of inner nuclear layer, also can adopt the expression of client layer; According to the expression of client layer, then the colon after drive is removed, as D: convert D to).
Stream encryption or block encryption can be adopted to the encryption of file data.In order to distinguish encrypt file and non-encrypted file and deposit encrypting and decrypting for information about, special, to comprise a characteristic information head (encryption overhead) can be added to encrypt file.
If encrypt file comprises an additional encryption overhead, then:
When a real image file is opened or created to a untrusted program process, or when a virtual image file is opened or created to a trusted program process, encrypted file system judges the real image file opened or create according to the characteristic of encryption overhead, or the corresponding real image file of the virtual image file opened or create is encrypt file or non-encrypted file;
When the system process that a untrusted process and operating system secondary file I/O operate to the real image file of in encrypted file system carry out data deposit write operation time, according to the characteristic of encryption overhead, the user space program of encrypted file system judges that will deposit the file data write is clear data or encrypt data;
When the system process that trusted process and operating system secondary file I/O operate file data reading is carried out to the virtual image file of in encrypted file system, deposit write operation time, FUSE file driving or FUSE user space program will first to reading, deposit the reference position writing data and carry out head bias process, and then be converted into for corresponding real image file digital independent, deposit write operation;
When the system process that trusted process and operating system secondary file I/O operate carries out file size, file allocation length setting operation to the virtual image file of in encrypted file system, FUSE file driving or FUSE user space program also will first carry out corresponding head bias process, and then are converted into file size, the file allocation length setting operation for corresponding real image file.
Fileinfo and data cached synchronous process in file control block and data buffer storage or driven by file redirection and synchronous filtering device completes separately, or is driven with synchronous filtering device by file redirection, completes together with FUSE user space program; If driven with synchronous filtering device by file redirection, complete together with FUSE user space program, then the operation process of FUSE user space program implements the fileinfo of file synchronization process and data cached synchronizing function.
If fileinfo and data cached synchronous process are driven by file redirection and synchronous filtering device and complete separately, then fileinfo and data cached synchronous process should fileinfo arrange and data deposit write before carry out, namely the stage of process pre-operation (Pre-operation) is driven to carry out at file filter device, this is because Windows file filter device drives rear operational processes stage (Post-operation) due to IRQL restriction, a lot of operation can not directly be carried out.
If fileinfo is driven with synchronous filtering device by file redirection with data cached synchronous process, complete together with FUSE user space program, then file redirection and synchronous filtering device to drive with FUSE user space program between data interaction implemented by the communication mechanism of Windows inner nuclear layer and client layer.Fileinfo and data cached synchronous process can fileinfo arrange or data deposit write before or after carry out, if carrying out afterwards, then due to the IRQL restriction of the rear operational phase of Windows file filter device driving, file redirection and synchronous filtering device drive and possibly cannot send synchronization notice directly to FUSE user space program, and at this moment file redirection and synchronous filtering device drive the WorkItem by creating inner nuclear layer to send synchronization notice.
Other operating systems implement the present invention, some small difference on concrete enforcement, but general thought is the same.
Embodiment two,
In user's main system, the solution of the present invention is implemented by the network file system(NFS) inventing this domain for existing.
System architecture as shown in Figure 3.
Trusted process and untrusted process adopt the license regulation that real image file and virtual image file directly carry out file I/O operation: allow untrusted process directly to carry out file I/O operation to real image file, allow trusted process directly to carry out file I/O operation to virtual image file.
Each file in network file system(NFS) is real image file, and a corresponding virtual image file, method and the case study on implementation one of the structure of the file path of virtual image file are similar: be included in by real image file path in the path of virtual image file.
In user's main system, an enforcement file encryption and synchronous filtering device drive, its function comprises: trusted process and untrusted process differentiate, File Open or establishment are redirected, file data encryption and decryption, encrypt file and non-encrypted file differentiate, non-encrypted file is encrypted to encrypt file, depositing and writing data is ciphertext or differentiation expressly, file control block and data cached synchronous process, namely except the concrete operations process to file data, and the file I/O operation for virtual image file is converted into for almost other the every other functions outside the file I/O operation of real image file.
The main frame that file server runs is implemented a file redirection filtrator drive, its function is file redirection, operation File Serving System program being opened or created the virtual image is redirected to corresponding real image file, and the file I/O operation file I/O be converted into for real image file be about to for virtual image file operates.
Fileinfo and data cached synchronous process can be driven by file encryption and synchronous filtering device and complete separately, or introduce a file synchronization program, driven, complete together with file synchronization program process by file encryption with synchronous filtering device.Some main points that fileinfo and data cached synchronous process are implemented are with case study on implementation one.
File encryption filter drives and adopts file system driver technological development (the micro-filter Driving technique as Windows).
Other unaccounted concrete technology are implemented, and are well-known, self-explantory for those skilled in the relevant art.

Claims (10)

1., based on an encrypted file system for double image file, it is characterized in that:
Each file in described encrypted file system has a corresponding virtual image file; Described virtual image file is a kind of file of virtual, untrue existence, and the file of the necessary being corresponding with virtual image file is called real image file; Described real image file is encrypt file; Encrypt file has identical file type with the original file before encryption; Each virtual image file has a file path, is called virtual file paths; Include the file path of corresponding real image file in the virtual file paths of virtual image file, or the file path of corresponding real image file can be obtained by the virtual file paths of virtual image file; Real image file and virtual image file antithesis file each other, namely virtual image file is the antithesis file of corresponding real image file, and real image file is the antithesis file of corresponding virtual image file; When being allowed to carry out file I/O operation to the program process that virtual image file directly carries out file I/O operation to virtual image file for one, the file I/O operation file I/O be converted into for corresponding real image file for virtual image file operates in inside by encrypted file system.
2. the encrypted file system based on double image file according to claim 1, is characterized in that:
The program process carrying out file I/O operation to real image file and virtual image file comprises the system process of trusted process, untrusted process and operating system secondary file I/O operation; Described trusted process is the program process being allowed to the clear data obtaining encrypt file, comprises the clear data being allowed to directly access real image file acquisition encrypt file or the program process indirectly being obtained the clear data of encrypt file by access virtual image file; Described untrusted process is the program process not being allowed to the clear data obtaining encrypt file, comprises the clear data not being allowed to directly access real image file acquisition encrypt file or the program process indirectly being obtained the clear data of encrypt file by access virtual image file; Trusted process and untrusted process set for file type; The system process that operating system secondary file I/O operates does not belong to trusted process and the untrusted process of any one file type; When the auxiliary trusted process of the system process that operating system secondary file I/O operates carries out file I/O operation, the system process that operating system secondary file I/O operates is allowed to the clear data obtaining encrypt file; When the auxiliary untrusted process of the system process that operating system secondary file I/O operates carries out file I/O operation, the system process that operating system secondary file I/O operates is not allowed to the clear data obtaining encrypt file;
For each the class process in the trusted process set by a kind of file type and untrusted process two class process, to be allowed to the class file in the real image file of the file type of correspondence and virtual image file two class file and only a class file directly carries out file I/O operation; The system process that operating system secondary file I/O operates is allowed to directly carry out file I/O operation to the real image file of any one file type and virtual image file;
The program process being allowed to directly carry out a kind of real image file of file type or the virtual image file file I/O operation is called as the real image file of respective file type or the program process of being permitted of virtual image file; For the program process of being permitted that the trusted process set by a kind of file type or untrusted process can only be class files in the real image file of respective file type and virtual image file two class file; The system process that operating system secondary file I/O operates is the real image file of any one file type and the program process of being permitted of virtual image file; If the program process of being permitted is trusted process, be then called the trusted process of being permitted; If the program process of being permitted is untrusted process, be then called the untrusted process of being permitted; The regulation that agreement trusted process and untrusted process are allowed to which kind of file in a kind of real image file of file type and virtual image file two class file directly carry out file I/O operation is respectively called that trusted process and untrusted process directly carry out the license regulation of file I/O operation to real image file and virtual image file;
When a real image file is opened or is created in a program process request, the program process that described encrypted file system first judges to open or create real image file is trusted process or untrusted process, then according to trusted process and untrusted process, the license regulation of file I/O operation is directly carried out to real image file and virtual image file, determine whether program process is allowed to directly carry out file I/O operation to real image file, if be not allowed to, the operation that then real image file was opened or created to program process by encrypted file system is redirected to the corresponding virtual image file of the real image file that program process will be opened or create, be redirected after File Open or creation operation in, the file path of the real image file that program process will be opened or create is converted into the virtual file paths of corresponding virtual image file, if program process is allowed to directly carry out file I/O operation to real image file, then program process is directly opened or is created real image file,
When a virtual image file is opened or created to a program process of being permitted, encrypted file system obtains the file path of corresponding real image file by the virtual file paths of virtual image file that will open or create, and encrypted file system inner by for virtual image file open or creation operation is converted into opening or creation operation for real image file;
When a real image file or virtual image file are opened or created to a program process of being permitted, if encrypted file system finds the real image file opened or create, or the corresponding real image file of the virtual image file opened or create, be a unencrypted file, then unencrypted real image file encryption is become encrypt file by encrypted file system;
When the real image file that a program process of being permitted is opened to or created by trusted process or virtual image file carry out data read operation, encrypted file system returns after the decrypt encrypted data of reading;
When the real image file that a program process of being permitted is opened to or created by trusted process or virtual image file carry out data deposit write operation time, encrypted file system will carry out data again after will depositing the clear data encryption write and deposits write operation;
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out data read operation, the enciphered data of reading directly returns by encrypted file system;
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out data deposit write operation time, encrypted file system first checks determines that will deposit the data write is clear data or encrypt data, clear datas to deposit the data write, then encrypted file system will carry out data again and deposits write operation after first will depositing the clear data encryption write, are encrypt datas to deposit the data write, then directly carry out data and deposit write operation;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, encrypted file system carries out fileinfo to file control block in internal memory of real image file and virtual image file and data buffer storage and synchronously processes, described fileinfo comprises file size, file allocation length, and affects the alternative document information of file I/O operation;
To carry out before or after data deposit write operation to a real image file or virtual image file at a program process of being permitted, encrypted file system synchronously processes data cached in internal memory of real image file and virtual image file.
3. the encrypted file system based on double image file according to claim 2, is characterized in that:
Trusted process and untrusted process to the one license regulation that real image file and virtual image file directly carry out file I/O operation are:
For in a kind of trusted process of file type and untrusted process two class process, untrusted process is only had to be allowed to directly carry out file I/O operation to the real image file of respective file type, untrusted process is not allowed to directly carry out file I/O operation to the virtual image file of respective file type, only have trusted process to be allowed to directly carry out file I/O operation to the virtual image file of respective file type, trusted process is not allowed to directly carry out file I/O operation to the real image file of respective file type.
4. the encrypted file system based on double image file according to claim 2, is characterized in that:
Trusted process and untrusted process are directly carried out a kind of license of file I/O operation regulation to real image file and virtual image file and are:
For in a kind of trusted process of file type and untrusted process two class process, trusted process is only had to be allowed to directly carry out file I/O operation to the real image file of respective file type, trusted process is not allowed to directly carry out file I/O operation to the virtual image file of respective file type, only have untrusted process to be allowed to directly carry out file I/O operation to the virtual image file of respective file type, untrusted process is not allowed to directly carry out file I/O operation to the real image file of respective file type.
5. the encrypted file system based on double image file according to claim 2, is characterized in that:
When a real image file or virtual image file are opened or created to a program process of being permitted, encrypted file system judges the real image file opened or create according to characteristic, or the corresponding real image file of the virtual image file opened or create is encrypt file or non-encrypted file;
When the real image file that a program process of being permitted is opened to or created by untrusted process or virtual image file carry out data deposit write operation time, according to characteristic, encrypted file system judges that will deposit the file data write is clear data or encrypt data.
6. the encrypted file system based on double image file according to claim 2, is characterized in that:
A kind of scheme that encrypted file system carries out fileinfo and data cached synchronous process to real image file and virtual image file is as follows:
In encrypted file system, introduce a file synchronization filtrator drive and a file synchronization process; Described file synchronization process is a program process operating in user's space; Described file synchronization process is the program process of being permitted of real image file and virtual image file;
After a real image file or virtual image file are opened or created to a program process of being permitted beyond file synchronization process, whether self-defining user's context has been created in the file control block of the file that file synchronization filtrator drives inspection to open or create in internal memory, if no, then file synchronization filtrator drives and create a self-defining user's context in file control block;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, file synchronization filtrator drives and sends fileinfo synchronization notice to file synchronization process;
After receiving fileinfo synchronization notice, file synchronization process open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, the fileinfo of antithesis file is set, after completing fileinfo setting operation to make file synchronization process and the program process of being permitted, the fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent;
File synchronization filtrator drives to be intercepted after file synchronization process arranges the request of the fileinfo of file, check in the file control block of file in internal memory whether have self-defining user's context, if have, then allow I/O operation sensitive information arrange request pass through, otherwise, directly return setting operation success;
To carry out before or after file data deposits write operation to a real image file or virtual image file at a program process of being permitted, file synchronization filtrator drives and sends file cache data syn-chronization notice to file synchronization process;
After receiving file cache data syn-chronization notice, file synchronization process open or create the program process of being permitted carry out file data deposit write operation institute for the antithesis file of file, deposit and write part random data, then closedown antithesis file;
File synchronization filtrator drives to be intercepted after file synchronization process deposits the request of file data, check in the file control block of file in internal memory whether have self-defining user's context, if have, then empty data cached in internal memory of file, then directly return data deposits write operation success, otherwise do not carry out null clear operation, direct return data deposits write operation success;
File synchronization process, to the fileinfo of a real image file or virtual image file or data cached synchronous operation, does not trigger new synchronous process operation;
Drive if described encrypted file system comprises a file encryption filter, then the synchronized update function that file synchronization filtrator drives is driven by file encryption filter to be implemented.
7. the encrypted file system based on double image file according to claim 2, is characterized in that:
A kind of scheme that encrypted file system carries out fileinfo and data cached synchronous process to real image file and virtual image file is as follows:
A file synchronization process is introduced in encrypted file system; Described file synchronization process is a program process operating in user's space; Described file synchronization process is the program process of being permitted of real image file and virtual image file;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, encrypted file system sends fileinfo synchronization notice to file synchronization process;
After receiving fileinfo synchronization notice, file synchronization process open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, the fileinfo of antithesis file is set, after completing fileinfo setting operation to make file synchronization process and the program process of being permitted, the fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent;
Encrypted file system receives after file synchronization process arranges the request of the fileinfo of file, completes fileinfo setting operation;
To carry out before or after file data deposits write operation to a real image file or virtual image file at a program process of being permitted, encrypted file system sends file cache data syn-chronization notice to file synchronization process;
After receiving file cache data syn-chronization notice, file synchronization process open or create the program process of being permitted carry out file data deposit write operation institute for the antithesis file of file, deposit and write part random data, then closedown antithesis file;
Encrypted file system receives after file synchronization process deposits the request of file data, and empty data cached in internal memory of file, then directly return data deposits write operation success;
File synchronization process does not trigger new synchronous process operation to the fileinfo of a real image file or virtual image file or data cached synchronous operation;
Drive if described encrypted file system comprises a file encryption filter, then the fileinfo of file synchronization filtrator driving and data cached synchronous processing capacity are driven by file encryption filter and implement.
8. the encrypted file system based on double image file according to claim 2, is characterized in that:
A kind of scheme that encrypted file system carries out fileinfo and data cached synchronous process to real image file and virtual image file is as follows:
In encrypted file system, introduce a file synchronization filtrator drive;
After a real image file or virtual image file are opened or created to a program process of being permitted, whether self-defining user's context has been created in the file control block of the file that file synchronization filtrator drives inspection to open or create in internal memory, if no, then file synchronization filtrator drives and create a self-defining user's context in file control block;
Before or after a program process of being permitted carries out fileinfo setting operation to a real image file or virtual image file, file synchronization filtrator drive inner nuclear layer open or create the program process of being permitted carry out fileinfo setting operation for the antithesis file of file, check in the file control block of antithesis file in internal memory whether have self-defining user's context, if have, then file synchronization filtrator is driven through the fileinfo of file I/O operation setting antithesis file, or the fileinfo directly arranged in the file control block of antithesis file, and when arrange fileinfo be file size or file allocation length time, the data buffer storage size of file is reset by calling cache management function, after completing fileinfo setting operation to make file synchronization filtrator and the program process of being permitted, fileinfo in the file control block of antithesis file and data buffer storage and the program process of being permitted carry out fileinfo setting operation for the file control block of file and data buffer storage in fileinfo consistent, if there is no self-defining user's context, then fileinfo is not carried out to antithesis file and synchronously process,
A real image file or virtual image file carried out before or after file data deposits write operation at a program process of being permitted, file synchronization filtrator drive inner nuclear layer open or create the program process of being permitted carry out file data deposit write operation for the antithesis file of file, check in the file control block of antithesis file in internal memory whether have self-defining user's context, if have, then file synchronization filtrator drives and empties data cached in internal memory of antithesis file, otherwise, then data cached null clear operation is not carried out to antithesis file;
Drive if described encrypted file system comprises a file encryption filter, then the fileinfo of file synchronization filtrator driving and data cached synchronous processing capacity are driven by file encryption filter and implement.
9. the encrypted file system based on double image file according to claim 2, is characterized in that:
If increase a file encryption filter to drive in described encrypted file system, the then file encryption processing capacity of described encrypted file system, comprise that trusted process and untrusted process differentiate, File Open or create be redirected, file data encryption and decryption, encrypt file and non-encrypted file differentiate, non-encrypted file be encrypted to encrypt file, deposit that to write data be ciphertext or differentiation expressly, fileinfo and data cached synchronous process, in part or all of driving by file encryption filter implement.
10. the encrypted file system based on double image file according to claim 1, is characterized in that:
A kind of file I/O operation scheme based on dynamically license for described encrypted file system is as follows:
When a real image file is opened or created to a trusted process, described encrypted file system checks whether the real image file that existing untrusted process was opened or created current trusted process and will open or create, if have, then the operation that real image file was opened or created to current trusted process is redirected to the corresponding virtual image file of the real image file that current trusted process will be opened or create, otherwise, check whether that the corresponding virtual image file of the real image file that current trusted process will be opened or create is opened or created to other trusted processes existing further, if have, then the operation that real image file was opened or created to current trusted process is redirected to the corresponding virtual image file of the real image file that current trusted process will be opened or create, otherwise, current trusted process is allowed to open or create its real image file that will open or create,
When a real image file is opened or created to a untrusted process, described encrypted file system checks whether the real image file that existing trusted process was opened or created current untrusted process and will open or create, if have, then the operation that real image file was opened or created to current untrusted process is redirected to the corresponding virtual image file of the real image file that current untrusted process will be opened or create, otherwise, check whether that the corresponding virtual image file of the real image file that current untrusted process will be opened or create is opened or created to other untrusted processes existing further, if have, then the operation that real image file was opened or created to current untrusted process is redirected to the corresponding virtual image file of the real image file that current untrusted process will be opened or create, otherwise, current untrusted process is allowed to open or create its real image file that will open or create,
When a virtual image file is opened or created to a program process, encrypted file system obtains the file path of corresponding real image file by the virtual file paths of virtual image file that will open or create, and encrypted file system inner by for virtual image file open or creation operation is converted into opening or creation operation for real image file;
When a real image file or virtual image file are opened or created to a program process, if encrypted file system finds the real image file opened or create, or the corresponding real image file of the virtual image file opened or create, be a unencrypted file, then unencrypted real image file encryption is become encrypt file by encrypted file system;
When the real image file that the system process that a trusted process or operating system secondary file I/O operate is opened to or created by trusted process or virtual image file carry out data read operation, encrypted file system returns after the decrypt encrypted data of reading;
When the real image file that the system process that a trusted process or operating system secondary file I/O operate is opened to or created by trusted process or virtual image file carry out data deposit write operation time, encrypted file system will carry out data again after will depositing the clear data encryption write and deposits write operation;
When the real image file that the system process that a untrusted process or operating system secondary file I/O operate is opened to or created by untrusted process or virtual image file carry out data read operation, the enciphered data of reading directly returns by encrypted file system;
When the real image file that the system process that a untrusted process or operating system secondary file I/O operate is opened to or created by untrusted process or virtual image file carry out data deposit write operation time, encrypted file system first checks determines that will deposit the data write is clear data or encrypt data, clear datas to deposit the data write, then encrypted file system will carry out data again and deposits write operation after first will depositing the clear data encryption write, are encrypt datas to deposit the data write, then directly carry out data and deposit write operation;
Before or after a program process carries out fileinfo setting operation to a real image file or virtual image file, encrypted file system carries out fileinfo to file control block in internal memory of real image file and virtual image file and data buffer storage and synchronously processes, described fileinfo comprises file size, file allocation length, and affects the alternative document information of file I/O operation;
To carry out before or after data deposit write operation to a real image file or virtual image file at a program process, encrypted file system synchronously processes data cached in internal memory of real image file and virtual image file.
CN201510690514.9A 2015-10-22 2015-10-22 A kind of encrypted file system based on double image file Expired - Fee Related CN105335663B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510690514.9A CN105335663B (en) 2015-10-22 2015-10-22 A kind of encrypted file system based on double image file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510690514.9A CN105335663B (en) 2015-10-22 2015-10-22 A kind of encrypted file system based on double image file

Publications (2)

Publication Number Publication Date
CN105335663A true CN105335663A (en) 2016-02-17
CN105335663B CN105335663B (en) 2018-08-03

Family

ID=55286182

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510690514.9A Expired - Fee Related CN105335663B (en) 2015-10-22 2015-10-22 A kind of encrypted file system based on double image file

Country Status (1)

Country Link
CN (1) CN105335663B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105760779A (en) * 2016-02-18 2016-07-13 武汉理工大学 Bidirectional file encryption system based on FUSE
CN106557684A (en) * 2016-10-14 2017-04-05 北京金山安全软件有限公司 File scanning method and device and terminal equipment
CN113824694A (en) * 2021-08-24 2021-12-21 武汉联影医疗科技有限公司 File decryption method, computer device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101710345A (en) * 2009-12-22 2010-05-19 成都市华为赛门铁克科技有限公司 Method and device for storing and reading documents and access system
CN101853363A (en) * 2010-05-07 2010-10-06 北京飞天诚信科技有限公司 File protection method and system
CN103268455A (en) * 2013-05-09 2013-08-28 华为技术有限公司 Method and device for accessing data
CN103778384A (en) * 2014-02-24 2014-05-07 北京明朝万达科技有限公司 Identity authentication based virtual terminal safety environment protection method and system
CN104021354A (en) * 2014-06-23 2014-09-03 成都卫士通信息产业股份有限公司 Data anti-leaking method in computer virtualization environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101710345A (en) * 2009-12-22 2010-05-19 成都市华为赛门铁克科技有限公司 Method and device for storing and reading documents and access system
CN101853363A (en) * 2010-05-07 2010-10-06 北京飞天诚信科技有限公司 File protection method and system
CN103268455A (en) * 2013-05-09 2013-08-28 华为技术有限公司 Method and device for accessing data
CN103778384A (en) * 2014-02-24 2014-05-07 北京明朝万达科技有限公司 Identity authentication based virtual terminal safety environment protection method and system
CN104021354A (en) * 2014-06-23 2014-09-03 成都卫士通信息产业股份有限公司 Data anti-leaking method in computer virtualization environment

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105760779A (en) * 2016-02-18 2016-07-13 武汉理工大学 Bidirectional file encryption system based on FUSE
CN105760779B (en) * 2016-02-18 2018-06-22 武汉理工大学 A kind of Two-way File encryption system based on FUSE
CN106557684A (en) * 2016-10-14 2017-04-05 北京金山安全软件有限公司 File scanning method and device and terminal equipment
CN106557684B (en) * 2016-10-14 2019-09-27 北京金山安全软件有限公司 File scanning method and device and terminal equipment
CN113824694A (en) * 2021-08-24 2021-12-21 武汉联影医疗科技有限公司 File decryption method, computer device and storage medium
CN113824694B (en) * 2021-08-24 2023-08-22 武汉联影医疗科技有限公司 File decryption method, computer device and storage medium

Also Published As

Publication number Publication date
CN105335663B (en) 2018-08-03

Similar Documents

Publication Publication Date Title
US9548866B2 (en) Deletion of content in digital storage systems
US8516271B2 (en) Securing non-volatile memory regions
CN103825953B (en) A kind of user model encrypted file system
CN101917403B (en) Distributed key management method for ciphertext storage
CN105426766A (en) File encryption system based on shadow file
CN103763313B (en) File protection method and system
US8880879B2 (en) Accelerated cryptography with an encryption attribute
US11030119B2 (en) Storage data encryption and decryption apparatus and method
CN111183420A (en) Log structure storage system
CN105760779B (en) A kind of Two-way File encryption system based on FUSE
CN103745162B (en) A kind of secure network file storage system
CN101729550A (en) Digital content safeguard system based on transparent encryption and decryption method thereof
Peters et al. DEFY: A Deniable, Encrypted File System for Log-Structured Storage.
CN105812391A (en) Safe cloud storage system
CN102609667A (en) Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program
CN104009987A (en) Fine-grained cloud platform security access control method based on user identity capacity
CN105224882A (en) A kind of file encryption system based on bridge file system
CN103218575A (en) Host file security monitoring method
CN107070649A (en) A kind of big file selective cryptographic method for reducing write-in
CN105335663A (en) Encrypted file system based on double-image file
WO2023046207A1 (en) Data transmission method and apparatus, and non-volatile computer-readable storage medium
CN101630292B (en) File encryption-decryption method of USB removable storage device
CN114611123B (en) Transparent encryption and decryption method and system for file
CN106612247A (en) A data processing method and a storage gateway
CN104123371A (en) Transparent Windows kernel file filtering method based on hierarchical file system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180803

CF01 Termination of patent right due to non-payment of annual fee