CAJ | 학술논문

为解决文件系统过滤驱动加密系统中的认证问题,增强保护的粒度控制,提高文件加密系统的安全性,在原有文件系统过滤驱动的加密系统基础上,提出了包含认证,eKey模块、分级保护与密钥管理等机制的增强型文件加密系统设计方案,建立了实体与身份两级认证机制,实现了多级文件密钥和密钥访问控制.采用Windows NT内核驱动框架,基于文件系统过滤驱动技术,结合eKey功能模块加以实现.测试结果表明,该设计方案有效且可行,为文件保护提供了一种更加安全可靠的解决思路.
위해결문건계통과려구동가밀계통중적인증문제,증강보호적립도공제,제고문건가밀계통적안전성,재원유문건계통과려구동적가밀계통기출상,제출료포함인증,eKey모괴、분급보호여밀약관리등궤제적증강형문건가밀계통설계방안,건립료실체여신빈량급인증궤제,실현료다급문건밀약화밀약방문공제.채용Windows NT내핵구동광가,기우문건계통과려구동기술,결합eKey공능모괴가이실현.측시결과표명,해설계방안유효차가행,위문건보호제공료일충경가안전가고적해결사로.
To solve authentication in encryption systems based on file system filter driver,enhance protection control in detail and improve the system security,a enhanced file encryption system design proposal including authentication,eKey module,multi-level protection and key management is proposed based on existing file system filter driver encryption system.Two level authentication included entries and identities are designed.Multi-level file key and key access control are achieved.Solution is implemented based on Windows NT driver model and file system filter driver and eKey module is integrated.A practical application is implemented to prove the feasibility and validity ofthe proposal.Consequently,the study offers a enhanced security and reliable solution for file protection.