Provided by: IIT
In this paper, the authors proposes a new paradigm for the design of cryptographic filesystems. Traditionally, cryptographic file systems have mainly focused on encrypting entire files or directories. In this paper, the authors envisage encryption at a finer granularity, i.e. encrypting parts of files. Such an approach is useful for protecting parts of large files that typically feature in novel applications focused on handling a large amount of scientific data, GIS, and XML data. They extend prior work by implementing a user level file system on Linux, UsiFe, which supports fine grained encryption by extending the popular ext2 file system. They further explore two paradigms in which the user is agnostic to encryption in the underlying filesystem, and the user is aware that a file contains encrypted content.