KVEFS: Encrypted File System Based on Distributed Key-Value Stores and FUSE

File System is an important component of a secure operating system. The need to build data protection systems is extremely important in open source operating systems, high mobility hardware systems, and miniaturization of storage devices that make systems available. It is clear that the value of the data is much larger than the value of the storage device. Computers access protection mechanism does not work if the thief retrieves the hard drive from the computer and reads data from it on another computer. Encrypted File System (EFS) is a secure level of operating system kernel. EFS uses cryptography to encrypt or decrypt files and folders when they are being saved or retrieved from a hard disk. EFS is often integrated transparently in operating system There are many encrypted filesystems commonly used in Linux operating systems. However, they have some limitations, which are the inability to hide the structure of the file system. This is a shortcoming targeted by the attacker, who will try to decrypt a file to find the key and then decrypt the entire file system. In this paper, we propose a new architecture of EFS called KVEFS which is based on cryptographic algorithms, FUSE library and key-value store. Our method makes EFS portable and flexible; Kernel size will not increase in Operating System.

[1]  Minh Hieu Nguyen,et al.  Zing Database: high-performance key-value store for large-scale storage service , 2014, Vietnam Journal of Computer Science.

[2]  Lei Wang,et al.  Optimization of LevelDB by Separating Key and Value , 2017, 2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT).

[3]  Michael Austin Halcrow eCryptfs: An Enterprise-class Encrypted Filesystem for Linux , 2010 .

[4]  Fei Yang,et al.  Optimizing NoSQL DB on Flash: A Case Study of RocksDB , 2015, 2015 IEEE 12th Intl Conf on Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom).

[5]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[6]  Zhi Hao Wu A Log-Structured File System Based on LevelDB , 2014 .

[7]  Erez Zadok,et al.  To FUSE or Not to FUSE: Performance of User-Space File Systems , 2017, FAST.

[8]  Simon Josefsson,et al.  The scrypt Password-Based Key Derivation Function , 2016, RFC.

[9]  Minh Hieu Nguyen,et al.  Forest of Distributed B+Tree Based on Key-Value Store for Big-Set Problem , 2016, DASFAA Workshops.