摘要
针对虚拟化平台下数据防泄漏系统的要求,本文结合可信平台模块(trusted platform module,TPM)的密钥管理优势,提出了一种基于eCrytpfs文件系统的透明加密系统设计与实现方法.该文件保护系统MeCryptfs(modified-eCryptfs)使用自定制TPM密钥管理模块,改善了eCryptfs用户空间的密钥管理部分,通过取消多用户模式进一步增强了整个系统的安全性.测试结果表明,该透明加密系统具有较高的性能,能够满足加解密透明性要求.
For the requirements of the virtualization platform of data leakage prevention system,considering the trusted platform module's advantages of key management,a transparent cryptographic filesystem based on the eCrytpfs is proposed and the corresponding implementation is introduced in this paper.The MeCryptfs,modified-eCryptfs,improves the key management in eCryptfs's userspace by customizing a TPM key management module and eliminates multi-user mode to enhance the security of the whole system.Finally,test results show that the new transparent cryptographic system has a high performance to meet the transparency requirements of encryption and decryption.
出处
《武汉大学学报(理学版)》
CAS
CSCD
北大核心
2010年第2期223-226,共4页
Journal of Wuhan University:Natural Science Edition
基金
国家高技术研究发展计划(863)项目(2009AA01Z442
2008AA01Z404)
国家自然科学基金资助项目(90718006
60970114)