Fast Secure File System
Details
| Size: | 0K |
| Last Update: | 2008-06-04 22:23:39 |
| Version: | 0.0.2 |
| OS Support: | Linux |
| License/Program Type: | GPL (GNU General Public License) |
| Publisher: | Nicola Cocchiaro |
| Price: | $0.00 |
Description:
Fast Secure File System 0.0.2 is filesystems software developed by Nicola Cocchiaro.
Fast Secure File System exports existing directories securely over the network, letting users store and retrieve encrypted data in a scalable and transparent way. FSFS is written in C and works on GNU/Linux systems on x86 and PPC architectures, with help from FUSE and OpenSSL.
File systems are easily the most evident, from the point of view of users, component of an operating system. Through file systems it is possible to organize data in a wide variety of ways, and access resources through a common interface.
Users can nowadays not only store and retrieve documents, but also find information on running processes and system settings (through ProcFS), access and manipulate e-mail (for example with GmailFS), or perform several other operations.
In several circumstances and scenarios it is desirable to protect stored files and directories from manipulation by unknown or malicious users: financial or health-related data, confidential documents, or any kind of personal or sensitive data may need to be stored securely, in such a way that it can not be examined or modified freely by third parties.
Most file systems do not take action in this sense, and external cryptographic utilities are sometimes employed to secure data before storage. While this can be a perfectly secure solution, it is not transparent to users.
Distributed file systems propose efficient ways of accessing data remotely as if it resided on the local machine; when it comes to dealing with securely stored data as in the examples above, care must be taken to preserve confidentiality and integrity also during network transfer.
Not all distributed file systems accomplish this task, weakening the overall security of the system, or do so inefficiently, making it inconvenient for users.
FSFS is a secure, distributed file system in users space, written in C with much help from FUSE and OpenSSL. It lets users store and retrieve data securely and transparently, knowing that it is protected both on permanent storage devices and while in transit over the network.
It is also concerned with scalability, therefore separates data cryptography from the server, leaving it to the clients; this approach is similar to the one used in CFS, and opposite to those taken on by other secure file system solutions (like NFS on top of IPsec).
FSFS is written as a pair of user space daemons that act as client and server. Because of this, it needs no kernel support (unlike NFS over IPsec), save the FUSE loadable kernel module on clients, included in Linux since 2.6.14; servers don't use FUSE and depend only on user space OpenSSL libraries.
Servers export an existing file system (of virtually any kind) to clients over the network through two separate channels: a TLS connection set up with OpenSSL, and a clear channel. Requests from the clients to the servers are sent via the TLS socket, thus they are encrypted and authenticated, according to TLS v1 specifications, by the channel itself and decrypted on receipt, as they are usually very short and the relevant cryptography does not constitute a great overhead; simple server replies undergo the same process.
Cryptography in this case happens at both ends of the transmission.
In a distributed file system, large amounts of data may be transferred between clients and servers, thus encrypting and decrypting everything may become too cumbersome for both parties, and as more clients are added to the system the server may severely lose performance; moreover, file data should be stored encrypted anyway, so the cryptography could be moved to the clients, in such a way that each encrypts data before a write operation sends it over the network to the server, and decrypts it after a read retrieves it.
This way servers only deal with TLS details and can concentrate on serving client requests by doing the relevant I/O on the underlying, "physical" file system. As the data is already encrypted, it does not need to go through the TLS channel and the corresponding overhead, but can be sent via the clear channel, provided the messages are authenticated.
Fast Secure File System 0.0.2 supports different languages (including english). It works with Linux.
Downloading Fast Secure File System 0.0.2 will take if you use fast ADSL connection.
0 comments
Add to
Fast Secure File System Version History
Related Software
|
|
From category: Emulators |
| ep128emu 1.6.1 is emulators software developed by Istvan Varga. ep128emu is a free, portable emulator of the Enterprise 128 computer, written by Istvan Varga, using Z80 emulation code from Kevin Th... |
|
|
From category: Filesystems |
| compFUSEd 200623912 is filesystems software developed by Johan Parent. Since there are none right now for Linux [well there still is ext2comp, but ext2 is getting a bit old and the patches are NOT... |
|
|
From category: Networking |
| BindConfig 20010828 is networking software developed by Gordon Messmer. BindConfig is a tool to reduce the error prone work of maintaining BIND\'s zone files. More precisely, BindConfig is the nam... |
|
|
From category: Operating-Systems |
| Absolute Linux is a lightweight modification of Slackware.... |
|
|
From category: Hardware |
| ATI Radeon Linux Display Drivers 8.32.5 is hardware software developed by ATI Technologies Inc.. ATI Radeon Linux Display Drivers are proprietary Linux drivers for ATI Radeon cards. ATI Rade... |
|
|
From category: Monitoring |
| FunkLoad 1.5.0 is monitoring software developed by Benoit Delbosc. FunkLoad project is a functional and load web tester, written in Python, whose main use cases are: Functional testing of web p... |
|
|
From category: Networking |
| ArpSpyX 1.1 is networking software developed by Allen Porter. ArpSpyX is an ARP packet sniffer that displays a list of IP and MAC addresses found by analyzing ARP traffic on your network. Arp packe... |
|
|
From category: Operating-Systems-Linux-Distri |
| Edubuntu 6.06.1 (Dapper Drake) is operating systems linux distri software developed by Edubuntu Team. Edubuntu is a version of the Ubuntu operating system suitable for classroom use. As an educator... |
|
|
From category: Shells |
| Aardvark Shell Utils package is a collection of 3 utilities designed to aid the user when working with shell scripts.... |
|
|
From category: Operating-Systems-Linux-Distri |
| DesktopBSD 1.0 is operating systems linux distri software developed by Peter H.. DesktopBSD aims at being a stable and powerful operating system for desktop users. DesktopBSD combines the st... |
|
|
From category: Emulators |
| Basilisk II 1.0-Pre (20060501) is emulators software developed by Christian Bauer. Basilisk II is a free, portable, Open Source 68k Mac emulator. It requires a copy of a 512K or 1MB Mac ROM and a c... |
|
|
From category: System-Administration |
| eL DAPo 1.18 is system administration software developed by keysd. eL DAPo is a PHP-based application for managing and querying LDAP servers. It can rename, modify, and delete LDAP entries, as well... |
|
|
From category: Archiving |
| Archive sort 0.1 is archiving software developed by Jason Dunsmore. Archive sort is a bash script that sorts directories into manageable 4.4GB directories for the purpose of archiving onto DVDs. \... |
|
|
From category: Archiving |
| EPrints 2.3.13.1 is archiving software developed by Christopher Gutteridge. Documents are stored in any format as well as in more than one document format. The archive can handle related fields; th... |
|
|
From category: Networking |
| Daemon Shield 0.4.0 is networking software developed by Chuck Sharp. Find IPs of crackers and kiddies attempting to break in. Creates iptables rules to block attackers\' IPs for a specified period... |
Leave a comment