Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Current Result Document : 10 / 10
ÇѱÛÁ¦¸ñ(Korean Title) |
ÆÄÀÏ ºÎºÐ ¾ÏÈ£È Áö¿øÀ» À§ÇÑ ½Ã½ºÅÛ È£ÃâÀÇ ¼³°è ¹× ±¸Çö¿¡ °üÇÑ ¿¬±¸ |
¿µ¹®Á¦¸ñ(English Title) |
Design and Implementation of a System Call Interface for Supporting File Partial Encryption |
ÀúÀÚ(Author) |
¼ÇýÀÎ
±èÀº±â
Hye-In Seo
Eun-Gi Kim
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 22 NO. 03 PP. 0557 ~ 0567 (2018. 03) |
Çѱ۳»¿ë (Korean Abstract) |
ÇöÀç µð½ºÅ©¿¡ ÆÄÀÏÀ» ¾ÏÈ£ÈÇÏ¿© ÀúÀåÇϱâ À§ÇÑ ´Ù¾çÇÑ ÆÄÀÏ ¾ÏÈ£È ¼Ö·ç¼ÇÀÌ Á¸ÀçÇÑ´Ù. ÇÏÁö¸¸ ±âÁ¸ÀÇ ÆÄÀÏ ¾ÏÈ£È ¼Ö·ç¼ÇÀº ¾ÏÈ£È ¹× º¹È£È¸¦ ÆÄÀÏ È¤Àº µð·ºÅ͸® ´ÜÀ§·Î ÀÏ°ýµÇ°Ô ó¸®ÇÑ´Ù. º» ³í¹®¿¡¼´Â ÆÄÀÏÀÇ ºÎºÐ ¾Ïȣȸ¦ Áö¿øÇÏ´Â ½Ã½ºÅÛ È£ÃâÀ» Á¦¾ÈÇÑ´Ù. ÆÄÀÏ µ¥ÀÌÅÍÀÇ ¾Ïȣȸ¦ ¿øÇÏ´Â ºÎºÐ¿¡¼ »ç¿ëÀÚ´Â ½Ã½ºÅÛ È£Ãâ ÀÎÅÍÆäÀ̽º·Î ¾ÏÈ£È Á¤º¸¸¦ ¼³Á¤ÇÑ´Ù. ±×´ÙÀ½ ÆÄÀÏ µ¥ÀÌÅ͸¦ ¾²¸é ¼³Á¤µÈ ³»¿ëÀ¸·Î µ¥ÀÌÅÍ°¡ ¾ÏȣȵǾî ÀúÀåµÈ´Ù. ¶ÇÇÑ º¹È£È Á¤º¸¸¦ ¼³Á¤ÇÑ µÚ ÆÄÀÏ µ¥ÀÌÅ͸¦ Àоî¿À¸é, ¼³Á¤µÈ Á¤º¸°¡ Àû¿ëµÇ¾î ÇÊ¿äÇÑ ºÎºÐ¸¸À» º¹È£È ÇÑ´Ù. Á¦¾ÈµÈ ½Ã½ºÅÛ È£ÃâÀ» À§ÇØ °Ë»ç, °ü¸®, ¾ÏÈ£È, º¹È£È, HMAC ¸ðµâÀÌ ÇÊ¿äÇÑ ½Ã½ºÅÛ È£Ãâ¿¡ µû¶ó ±¸¼ºµÇ¸ç, ÀÌ´Â ¸®´ª½º ȯ°æ¿¡¼ ±¸ÇöµÇ¾ú´Ù. ¶ÇÇÑ ±¸ÇöµÈ ½Ã½ºÅÛ È£ÃâÀÇ µ¿ÀÛÀ» °³¹ß º¸µå¿¡¼ °ËÁõÇÏ¿´À¸¸ç, ±× ¼öÇà ¼Óµµ¸¦ ÃøÁ¤ÇÏ¿© ¼º´ÉÀ» ºÐ¼®ÇÏ¿´´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
There are currently various file encryption solutions for encrypting and storing files on disk. However, the existing file encryption solutions handle encryption and decryption all at once by file or directory. In this paper, we propose a system call supporting partial encryption function of the file. The user sets the encryption information with the system call interface at a portion where encryption of the file data is desired. And then the user writes file data, the data is encrypted and stored. Also if the user sets decryption information and reads the file data, the necessary part is decrypted by applying the set information. For the proposed system call, It consists of inspection module, management module, encryption module, decryption module, and HMAC module as per required system call. And it was implemented on the Linux environment. Also the operation of implemented system call was verified on the development board, and the performance was analyzed by measuring performance speed.
|
Å°¿öµå(Keyword) |
½Ã½ºÅÛ È£Ãâ
ÆÄÀÏ ¾ÏÈ£È ¼Ö·ç¼Ç
ÆÄÀÏ ½Ã½ºÅÛ
¸®´ª½º Ä¿³Î
System call
File encryption solution
File system
Linux kernel
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|