Transcryptfs: A Dynamically Loadable Kernelspace Filesystem Architecture

· Adarsh Jagannatha
eBook
47
페이지

eBook 정보

 TransCrypt is an encrypting filesystem, indigenously developed at IIT Kanpur. It has been under continuous development for the past 6 years, by various students of IIT Kanpur at Prabhu Goel Reasearch Centre for Computer and Internet Security. The codebase of Transcryptfs filesystem for Linux is spread across various sub systems of Linux kernel, viz. dm-layer, lsm, vfs, crypto, etc., making it difficult to keep Transcryptfs updated with changes in any of those subsystem in upstream kernel’s mainline code. One of the main features of Transcryptfs for Linux file server is the use of Linux security module (LSM) for providing access control mechanism; Due to changes in kernel architecture, since late 2007, LSM has to be statically linked with kernel during its compile time, thereby imposing a restriction that Transcryptfs supported kernel should be statically compiled with the Transcryptfs-lsm module.

This additionally imposed restriction has led to a complicated procedure for setting up of Transcryptfs filesystem and also has shifted the responsibility of patching kernel with new updates from the distribution managers to individual system administrators. These factors have resulted in non-adoption of Transcryptfs for real world usecase.

In this thesis, we re-engineer and come up with an architecture that aims to make Transcryptfs an easily deployable and dynamically loadable kernel module, in addition to decoupling codebase from the kernel source into a single manageable module, thereby easing maintenance and further development of Transcryptfs filesystem. The contribution of this thesis is in designing the kernelspace architecture and related implementation of Transcryptfs as an out-of-the-tree kernel module.

저자 정보

Adarsh is a technology enthusiast, he wrote this thesis as part of his masters' thesis. He is a web developer, system admin and an entrepreneur.  

읽기 정보

스마트폰 및 태블릿
AndroidiPad/iPhoneGoogle Play 북 앱을 설치하세요. 계정과 자동으로 동기화되어 어디서나 온라인 또는 오프라인으로 책을 읽을 수 있습니다.
노트북 및 컴퓨터
컴퓨터의 웹브라우저를 사용하여 Google Play에서 구매한 오디오북을 들을 수 있습니다.
eReader 및 기타 기기
Kobo eReader 등의 eBook 리더기에서 읽으려면 파일을 다운로드하여 기기로 전송해야 합니다. 지원되는 eBook 리더기로 파일을 전송하려면 고객센터에서 자세한 안내를 따르세요.