设计文件加密服务器,基于组密钥服务器的加密文件系统的设计和实现.doc

文档介绍：

--------------------校验:_____________--------------------日期:_____________基于组密钥服务器的加密文件系统的设计和实现基于组密钥服务器的加密文件系统的设计和实现* SupportedbytheNationalNaturalScienceFoundationofChinaunderGrantNo.60473101(国家自然科学基金项目);theNationalGrandFundamentalResearch973ProgramofChinaunderGrantNo.2004CB318205(国家“九七三”重点基础研究发展规划基金项目);theProgramforNewCenturyExcellentTalentsinUniversityunderGrantNo.NCET-05-0067(新世纪优秀人才支持计划)肖达+,舒继武,薛巍,刘志才,郑纬民(清华大学计算机科学与技术系,北京100084)(清华信息科学与技术国家实验室(筹)北京100084)+联系人:电话:+86-10-6279-5215,E-mail:******@mails.thu.DesignandImplementationofaGroupKeyServer-BasedCryptographicFileSystemXiaoDa+,ShuJi-Wu,XueWei,LiuZhi-Cai,ZhengWei-Min(puterScienceandTechnology,TsinghuaUniversity,Beijing100084,China)(TsinghuaNationalLaboratoryforInformationScienceandTechnology(TNList),Beijing100084)+Correspondingauthor:Phn:+86-10-6279-5215,E-mail:******@mails.thu.,http://storage.cs.tsinghua.Abstract: Networkstoragetechniquesfacilitatedatasharingbutalsointroducenewvulnerabilities.Cryptographicfilesystemsprovidetheconfidentialityandintegrityoffiledatastoredonserversthatarenotunderusers’directcontrolbycryptographicmethods.Thekeymanagementschemesforcurrentsharedcryptographicfilesystemscannotsatisfythesecurity,flexibilityandefficiencyrequirementssimultaneously.ThispaperproposesacryptographicfilesystemcalledCKS-CFS.AtrustedGroupKeyServer(GKS)esscontrolpolicies.esscontrolblocksandlockboxessothatthefunctionofGKScanbeimplementedbyhardwaretoprovidestrongsecurity.Theoverheadofrevocationisreducedbyblockgranularityencryptionandkeyversioningtechnique.WehaveimplementedaprototypeofGKS-paredwithothersystems,monfileoperationsinGKS-CFSisreducedbyanorderofmagnitudebyavoidingtheusageofpublic-keycryptography;Bonnie++benchmarktestshowsthattheperformanceofsequentialread/writeandrandomfileoperationsarereducedonaverageby42.0%and8.4%respectively.Keywords: cryptographicfilesystem,confidentiality,integrity,keymanagement,tamper-resistanthardware摘要: 网络存储技术在方便数据共享的同时带来了新的安全隐患,加密文件系统通过密码学方法保证存储在不受用户直接控制的服务器上的文件数据的机密性和完整性。现有的针对

内容来自淘豆网www.taodocs.com转载请标明出处.