基于组密钥服务器的加密文件系统的设计和实现  被引量：8

作　　者：肖达[1,2] 舒继武[1,2] 薛巍[1,2] 刘志才[1,2] 郑纬民[1,2] 

机构地区：[1]清华大学计算机科学与技术系,北京100084 [2]清华大学信息科学与技术重点实验室,北京100084

出　　处：《计算机学报》2008年第4期600-610,共11页Chinese Journal of Computers

基　　金：国家自然科学基金(60473101);国家“九七三”重点基础研究发展规划项目基金(2004CB318205);新世纪优秀人才支持计划项目基金(NCET-05-0067)资助~~

摘　　要：网络存储技术在方便数据共享的同时带来了新的安全隐患,加密文件系统通过密码学方法保证存储在不受用户直接控制的服务器上的文件数据的机密性和完整性.现有的针对共享加密文件系统的密钥管理方法不能同时满足安全性、灵活性和高效性的需求.该文提出了加密文件系统GKS-CFS.引入可信的组密钥服务器(GKS)集中管理文件加密密钥,GKS上可以实施灵活的访问控制策略.通过使用访问控制块和锁盒子,降低了对GKS的计算和存储需求,使之可以用硬件实现来增强安全性;通过文件数据的分块加密和密钥版本技术,降低了权限撤销的开销.作者在Lustre上实现了GKS-CFS的原型系统并进行了测试.测试结果表明,由于避免使用了公钥密码算法,和其他系统相比,GKS-CFS的普通文件操作中的密码学操作开销减少了一个数量级,顺序读写和随机文件操作的性能分别平均降低了42.0%和8.4%.Network storage techniques facilitate data sharing but also introduce new vulnerabilities. Cryptographic file systems provide the confidentiality and integrity of file data stored on servers that are not under users＇ direct control by cryptographic methods. The key management schemes for current shared cryptographic file systems cannot satisfy the security, flexibility and efficiency requirements simultaneously. This paper proposes a cryptographic file system called CKS CFS. A trusted Group Key Server （GKS） is introduced to manage file encryption keys in a centralized manner and to enable the employment of flexible access control policies. The computation and storage requirement for （;KS is reduced through the use of access control blocks and lockboxes so that the function of GKS can be implemented by hardware to provide strong security. The overhead of revocation is reduced by block granularity encryption and key versioning technique. The authors have implemented a prototype of GKS-CFS based on Luster and evalua ted its performance. Compared with other systems, the cryptographic cost in common file operations in GKS-CFS is reduced by an order of magnitude by avoiding the usage of public-key cryptography; Bonnie＋＋ benchmark test shows that the performance of sequential read/write and random file operations are reduced on average by 42.0% and 8. 40/40 respectively.

关 键 词：加密文件系统 机密性 完整性 密钥管弹 防损硬件 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]