Implementation Of Secure File Kernel Based On The New Filter Driver Architecture

The security of file, which is the logic components of information storage, has become one of the most important subjects in current information science field. The method to solve this security problem is file encryption which is based on the modem cryptology. The means of file encryption has been divided into tow ways that is static encryption and dynamic encryption. Static encryption means the file is unusable during its encryption and later if we want to use this encrypted file, we must decrypt it first. As with dynamic encryption, the file is automatically encrypted or decrypted while being used and user will not be bothered. Apparently, in this way, accessing encrypted file is just the same with accessing ordinary file. For the legal user, the file is transparent as if it has not been encrypted, but for others who are not authorized to access the file will get an encrypted copy which is certainly not usable.Filter driver is the most efficient way to implement dynamic encryption. As for now, the filter driver is always based on the old filter developing framework that means poor stability, high complexity which leads to bad using experience. This project is aimed to build a more efficient, more stable filter driver under the new filter driver framework, which has been newly released by Microsoft, called minifilter, with the protection of USBKEY to reinforce the security of cipher key.The thesis begins with the introduction of Windows system architecture focusing mainly on the kernel module and mechanism, and then closely analyzes the control flow for file accessing under the file system kernel. Next, it moves on to describe the key concept of driver development and analyzes the traditional method to implement filter driver and its flaw. This brings the introduction of minifilter, and then it goes on to analyze its function flow, performance merit and implementing steps. Finally, the paper introduces the developing methodology of filter driver under minifilter framework and the key technique which leads to the realization of file filter driver under minifilter.