Abstract
A cryptographic file system is the representative way of assuring confidentiality of files in operating systems. For secure embedded operating systems, the cryptographic file system could be a practical technique. In general, cryptographic file systems are implemented using a stackable file system or a device driver. These two mechanisms can provide user transparent encryption/decryption of cryptographic file systems. But these mechanisms sometimes encrypt or decrypt data redundantly or unnecessarily. Embedded systems with a low speed CPU and flash storage are more affected by the problems than general systems. We addressed the above mentioned problems by applying an encryption algorithm on buffer caches and enabling one buffer cache to have both encrypted and decrypted data together. Experimental results show that the proposed mechanisms reduce the redundant or unnecessary operations and it can improve the performance of cryptographic file systems.
This research was supported in part by the Brain Korea 21 project and MIC & IITA through IT Leading R&D Support Project. The ICT at Seoul National University provides research facilities for this study.
Chapter PDF
Similar content being viewed by others
References
Hasan, R., Myagmar, S., Lee, A., Yurcik, W.: Toward a threat model for storage systems. In: Proceedings of International Workshop on Storage Security and Survivability(StorageSS) (2005)
Ravi, S., Raghunathan, A., Kocher, P., Hattangady, S.: Security in embedded systems: Design challenges. ACM Transactions on Embedded Computing Systems 3, 461–491 (2004)
GNU: The GNU/Linux CryptoAPI (2003)
Dowdeswell, R., Ioannidis, J.: The cryptographic disk driver. In: Proceedings of the Annual USENIX Technical Conference, FREENIX Track (2003)
Jetico Inc.: Bestcrypt corporate edition (2001)
Gutmann, P.C.: Secure file system(SFS) for DOS/Windows (1994)
Zadok, E., Badulescu, I., Shender, A.: Cryptfs: A stackable vnode level encryption file system. Technical Report CUCS-021-98, Computer Science Department, Columbia University (1998)
Wright, C., Martino, M., Zadok, E.: Ncryptfs: A secure and convenient cryptographic file system. In: Proceedings of the Annual USENIX Technical Conference, pp. 197–210 (2003)
Microsoft Corporation: Encrypting file system for Windows 2000 (1999)
Zadok, E., Badulescu, I.: A stackable file system interface for Linux. In: Proceedings of the 5th Annual Linux Expo, pp. 141–151 (1999)
Wright, C., Dave, J., Zadok, E.: Cryptographic file systems performance: What you don’t know can hurt you. In: Proceedings of the Second IEEE International Securit. In: Storage Workshop, pp. 47–62 (2003)
Kingston Technology company: DataTraveler Elite (2006)
ABIT Computer corporation: Secure IDE (2003)
GNU: GNU Privacy Guard (1999)
Blaze, M.: A cryptographic file system for UNIX. In: CCS 1993: Proceedings of the 1st ACM conference on Computer and communications security, pp. 9–16 (1993)
Cattaneo, G., Catuogno, L., Sorbo, A.D., Persiano, P.: The design and implementation of a transparent cryptographic file system for UNIX. In: Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, pp. 199–212 (2001)
Zadok, E., Nieh, J.: FiST: A language for stackable file systems. In: Proceedings of the Annual USENIX Technical Conference, pp. 55–70 (2000)
Bovet, D.P., Cesati, M.: Understanding the Linux Kernel. O’Reilly (2006)
Aleph One: YAFFS: the NAND-specific flash file system (2002)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, J., Heo, J., Park, J., Cho, Y., Hong, J., Park, M. (2007). Buffer Cache Level Encryption for Embedded Secure Operating System . In: Kuo, TW., Sha, E., Guo, M., Yang, L.T., Shao, Z. (eds) Embedded and Ubiquitous Computing. EUC 2007. Lecture Notes in Computer Science, vol 4808. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77092-3_30
Download citation
DOI: https://doi.org/10.1007/978-3-540-77092-3_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77091-6
Online ISBN: 978-3-540-77092-3
eBook Packages: Computer ScienceComputer Science (R0)