摘要
为构建安全可信的移动存储介质端到端数据传输过程,提出了一个移动存储介质上文件级别的细粒度加密传输系统,保证加密文件只能被指定用户或用户组解密。系统以公钥基础设施(PKI)为框架,采用数字证书和数字信封技术对存入介质的文件进行加密处理,使用文件过滤驱动提供内核级系统保护,防止系统被旁路。开发了软件原型系统,结合硬件USB-KEY,验证了该设计可以全面保证细粒度的文件传输过程的机密性、安全性。
To establish a secure and trusted end-to-end transmission process of removable storage device, a fine-grained encrypt transmission system is proposed, which ensure that encrypted files could only be decrypted by certain user or user group. The system based on Public Key Infrastructure (PKI), can encrypt the files which are stored in removable storage device by adopting the techniques of digital certificate and digital envelope. The system provides the protection from the kernel layer by using file filter driver and can avoid a bypass successfully. A software prototype system is developed, along with the hardware of USB-KEY, to validate that the design can ensure the confidentiality and security of fine-grained files transmission process roundly.
出处
《计算机工程与设计》
CSCD
北大核心
2013年第1期1-7,共7页
Computer Engineering and Design
基金
国家973重点基础研究发展计划基金项目(2007CB311100)
国家863高技术研究发展计划基金项目(2009AA01Z437)
国家核高基基金项目(2010ZX01037-001-001)
网络安全与密码技术福建省高校重点实验室开放课题基金项目(2011009)
