Data security has become an increasingly important factor in routine work with the development of applications, and users trend to obtain high security with maximum comfort. In this article a cryptographic filesystem...
详细信息
ISBN:
(纸本)0769520596
Data security has become an increasingly important factor in routine work with the development of applications, and users trend to obtain high security with maximum comfort. In this article a cryptographic filesystem called NAS_CFS used for NAS is designed. NAS_CFS has some characteristics as below: adding encryption function to file-system layer allows users to encrypt data transparently, obtaining high security by key management based on session ID and user ID, attachment and timeouts mechanisms, and NAS_CFS is an in-kernel filesystem of high performance using stackable mechanism.
With the rapid development of information technology, information security has become an important topic in the present society. Data Encryption Standard(DES) algorithm has been widely used in various fields since it ...
详细信息
With the rapid development of information technology, information security has become an important topic in the present society. Data Encryption Standard(DES) algorithm has been widely used in various fields since it has been proposed;however, there are many shortages in the traditional DES algorithm. This paper, taking advantages of Triple DES algorithm and independent sub-key algorithm, proposes a new strategy for encrypting files. Through the means of Key expansion and independent sub-key, the Key security and the encryption strength have been improved. Based on the strategy, this paper designs an encrypted file system and tests various formats of files on it. The test results show that the system is feasible and effective.
Usage controls allow the distributor of some information to limit how recipients of that information may use it. The Trusted Computing Group has standardized Trusted Platform Modules (TPMs) that are built into an incr...
详细信息
ISBN:
(纸本)9781595938886
Usage controls allow the distributor of some information to limit how recipients of that information may use it. The Trusted Computing Group has standardized Trusted Platform Modules (TPMs) that are built into an increasing number of computers and could greatly harden usage controls against circumvention. However, existing operating systems support TPM's only partially. We describe UCLinux, a, novel Linux Security Module that, unlike previous work, supports TPM-based attestation, sealing, and usage controls on existing processors and with minimal modifications in the operating system kernel and applications. Experiments show that UCLinux has modest impact on the system's boot latency and run-time performance.
Data stored in third party storage systems like the cloud might not be secure since confidentiality and integrity of data are not guaranteed. Though cloud computing provides cost-effective storage services, it is a th...
详细信息
Data stored in third party storage systems like the cloud might not be secure since confidentiality and integrity of data are not guaranteed. Though cloud computing provides cost-effective storage services, it is a third party service and so, a client cannot trust the cloud service provider to store its data securely within the cloud. Hence, many organizations and users may not be willing to use the cloud services to store their data in the cloud until certain security guarantees are made. In this thesis, a solution to the problem of securely storing the client's data by maintaining the confidentiality and integrity of the data within the cloud is developed. Five protocols are developed which ensure that the client's data is stored only on trusted storage servers, replicated only on trusted storage servers, and guarantee that the data owners and other privileged users of that data access the data securely. The system is based on trusted computing platform technology [11]. It uses a Trusted Platform Module, specified by the Trusted Computing Group [11]. An encrypted file system is used to encrypt the user's data. The system provides data security against a system administrator in the cloud.
Heterogeneous computing leverages more than one kind of processors to boost the performance of user-space applications with the heterogeneous programming languages, e.g., OpenCL. While some works have been done to acc...
详细信息
Heterogeneous computing leverages more than one kind of processors to boost the performance of user-space applications with the heterogeneous programming languages, e.g., OpenCL. While some works have been done to accelerate the computations required by Linux kernel software, they are either application-specific solutions or tightly coupled with the certain computing platforms and are not able to support the general-purpose in-kernel accelerations using different types of processors. In this article, the general-purpose software framework called Kernel acceleration with OpenCL (KOCL), is proposed to tackle the problem. KOCL exposes a set of the high-level programming interfaces for the Linux kernel module developers to offload compute-intensive tasks on different hardware accelerators without managing and coordinating the platformspecific computing and memory resources. The simplified programming efforts are achieved by the developed platform management and memory models, which provide a systematic means of managing the heterogeneous hardware resources. In addition, the one- and zero-copy data-buffering schemes are offered by KOCL, so that the offloaded tasks deliver high performance on the platforms with different memory architectures. We have developed the prototype system to accelerate the Network-Attached Storage server applications. Significant performance improvements are achieved with the three different types of accelerators, i.e., the multicore processor, the integrated GPU, and the discrete GPU, respectively. We believe that KOCL is useful for the design of embedded appliances to evaluate the performance of design alternatives.
暂无评论