Research And Application Of Key Technology Of File Transparent Encryption

According to the statistics, the behavior of internal users leaking secrets has already become one of the ten security threats to the enterprises and institutions. The solution based on file transparent encryption and access control is safe and convenient, which had become a research hot spot. However, about the solution, previous studies had several aspects of deficiencies:1、At present, to prevent leaking information, people use process with suffixes to achieve legal procedures access plaintext (read write encryption, decryption) and illegal procedure access cipher (for example, read no decryption, and write no encryption). But it did not well support Windows "pre-read" and "lazy-write" mechanism, that is to say, when is " pre-reading" or "lazy-writing", the system process can be for legal system process reading and writing disk file, or also may be for illegal procedure. So this could cause file damage.2、On the one hand, such as office program generates a temporary file, and cover the temporary file to the original file, on the other hand the block encryption algorithm requires to use a specific encryption mode to increase the cost of code analysis, block accosiation contradicts with the requires of the random accessing file, the algorithms of previous article does not completely solve the problem, most of them decreased the security, such as:all documents used the same key, or chosen the ECB encryption mode.In this paper, we put forward an improved model based on the document transparent encryption. It can effectively solve the above problems.In the improved model:1、use the characteristics of "stream context across a file open session" and "stream handles context is the same as the file open session", it can record information across an open session into stream context to reduce the key accessing frequency and improve performance, at the same time it records the session information into stream handle context, combined with stream context to distinguish the original trigger process of "pre-read" and "lazy-write", prevent damage of the file.2、the process captures and analyzes the process of temporary file covering original documents, and this process is intervened and the file is rewritten, so we can implement one key for one file, and use the CTR-AES encryption mode to improve security, and ensure the randomly reading and writing of a file at the same time.3、Because of the use of mechanism of one key for one file, and combine application layer hook with the minifilter driver to make sure the key of the source file and the target file after file copying is consistency.This article designed and implemented Digital Document Control System, and applied the improved transparent encryption model to the system. The system includes the client, the server and a web, strictly control the whole life cycle of electronic document. The improved model of file transparent encryption based on Windows filter drivers in the system can implement the file encryption storage, and combined with other modules in the system to complete the client document access control and the file audit operation. Finally, we installed the Digital Document Control System in the actual operation system, and tested the function of the improved module of file transparent encryption. Evaluation results show that the improved model solved some defects of the traditional model,and enhanced the safety, complied with the design expectations.