摘要
随着计算机的广泛应用,大量涉密数据被存储在各种存储介质上,我们对数据的安全性有了更高的要求,Windows内核层文件加解密是其中最合适的技术,一直是数据保密的重要手段。首先,Minifilter微过滤驱动模型是Microsoft极力推荐的一种新型过滤器模型,相比Sfilter传统驱动模型,它具有更好的兼容性、稳定性,而且具有更加简洁的开发接口。采用微过滤驱动模型,在Windows内核层实现文件的透明加解密;其次,设计使用Usbkey身份认证和密钥存储的技术,使得密钥分离存储更加安全,系统更加可靠;最后,合理利用进程访问控制策略有选择地对文件进行操作;比较全面、合理地实现了文件加解密系统。
With the wide application of computer, a large number of classified data is stored on various storage media, the security of the data we have higher requirements, Windows kernel level file encryption and decryption is one of the most appropriate technology, data confidentiality has been an important tool. First, Minifilter driver model is a Microsoft strongly recommend new filter model, compared Sfilter conventional drive model, which has better compatibility, stability, and has a more compact development interface. Micro filter driver model, the windows kernel layer implementation file transparent encryption and decryption; Secondly, the design Usbkey authentication and key storage technologies, making key isolated storage more secure, more reliable systems; Finally, the rational use of the access control process strategies selectively manipulate files; more comprehensive and reasonable to achieve a file encryption and decryption system.
出处
《计算机安全》
2014年第3期28-32,共5页
Network & Computer Security
关键词
微过滤驱动
USBKEY
进程控制
透明加解密
minifilter driver
usbkey
process-control
transparent encryption and decryption
