ICFS: Integrated Crypto-FileSystem into Vnode Layer using Access Control

J.-D. Lim, J.-S. Yu, and J.-N. Kim (Korea)


data protection, encryption file system, access control, operating system.


Many studies have been done on secure kernels using various access control models. Access control models can protect user or system data from unauthorized and/or illegal accesses, but cannot protect user or system data from stealing backup media or disk itself. In addition to access control models, there are many studies on encryption filesystem that encrypt file data within system level. However few studies have been done on combining access control models and encryption filesystem. In this paper we designed and implemented ICFS(Integrated Crypto-FileSystem) that integrated encryption function into virtual file system layer and make use of access control models as a key management. ICFS can provide a solution to a limit of physical data security of access control models for stealing and data sharing problem between users that have been issued in traditional encryption filesystem. Also ICFS provides simple encryption key management architecture by applying access control models.

Important Links:

Go Back