|
This article is cited in 1 scientific paper (total in 1 paper)
Mathematical Backgrounds of Computer Security
Data storage security and full disk encryption
E. K. Alekseev, L. R. Akhmetzyanova, A. A. Babueva, S. V. Smyshlyaev CryptoPro, Moscow, Russia
Abstract:
In the paper, a systematic description of the process of providing the security of data storage in modern operating systems is presented. The advantages of Full Disk Encryption (FDE) modules as compared with the other ways to security of this data storage are considered and explained. For most of modern FDE modules, there are four stages of work, namely: setup — initial data encryption, mounting — unfolding the key system in OS memory, session — reading and writing data using the FDE module (interaction of the file system with the hard disk driver), and unmounting — carrying out operations for ensuring purposeful properties of security and finishing work with the FDE module. These stages are introduced for the operating FDE module, including possible disrepairs, which are also systematized and considered in details. Performance characteristics that are important for synthesis and analysis are listed. Also, their target protective properties are studied in detail, the relationship between the problems of ensuring the confidentiality and integrity of data storage is shown and substantiated. New variants of these security properies are introduced so that they can become a guideline in the creation of FDE modules and a possible trade-off between performance and security. Some typical scenarios of using such systems are described.
Keywords:
models and methods in information security, data storage security.
Citation:
E. K. Alekseev, L. R. Akhmetzyanova, A. A. Babueva, S. V. Smyshlyaev, “Data storage security and full disk encryption”, Prikl. Diskr. Mat., 2020, no. 49, 78–97
Linking options:
https://www.mathnet.ru/eng/pdm715 https://www.mathnet.ru/eng/pdm/y2020/i3/p78
|
Statistics & downloads: |
Abstract page: | 332 | Full-text PDF : | 190 | References: | 41 |
|