| In a network LAN, files are shared and spread across all computers. But some files are sensitive and need to be protected, how to make file-share easy and also keep them secured is a big challenge.In this paper a system was designed that has realized this purpose to prevent files from been stolen, copied, sent or lost from LAN.The system provides a secure mode for computer. When an encrypted volume is mounted, it enters this mode. When dismount this volume, the system enters the normal mode and can do what it can as usual.The secure model for the system is: Only trusted processes can access files in encryption volume. All processes can't make write operation to other disks except this encryption volume in secure mode. The base line of trusted processes is maintained at server side.In secure mode, all network activities are prohibited except network share and the system itself.The system uses on-the-fly encryption and virtual disk technology to save files in a secure manner; all files are encrypted with AES algorithm. After dismount the disk, the contents in it can be read. It also uses RSA public key encryption and P2P technology to transfer files in a secure method.The system uses Windows hook technology to monitor disk operations and network activities. The hook works in the Windows kernel mode.The system is based on Client/Server architecture. |
PDF Full Text Request