Hi, All
I will Flush cached data if it is encrypt.
How to know that?
I want to clear cached data if it is encrypt and reading data from disk.
Give me some information.
Thanks in advance.
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
Data in the cache should NEVER be encrypted. This approach is just not
going to work for ay general-purpose encryption product.
This is because APPLICATIONS can access data that is in the cache, without
any visibility on the part of the filter driver or file system. The memory
that makes up the cache belongs to the Memory Manager and it allows direct
access to those contents.
The simplest way to do this is to encrypt all non-cached writes and decrypt
all non-cached reads. That catches reads and writes from (or to) the cache
as well as user-level non-cached I/O.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: lbo [mailto:xxxxx@esecurity.co.kr]
Sent: Thursday, November 29, 2001 12:56 AM
To: File Systems Developers
Subject: [ntfsd] How to know that data in cache is encrypt?
Hi, All
I will Flush cached data if it is encrypt.
How to know that?
I want to clear cached data if it is encrypt and reading data from disk.
Give me some information.
Thanks in advance.
You are currently subscribed to ntfsd as: xxxxx@osr.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> The simplest way to do this is to encrypt all non-cached writes and decrypt
all non-cached reads. That catches reads and writes from (or to) the cache
as well as user-level non-cached I/O.
File size issues are the main complexity in encrypting FSFs.
Max
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
Thanks for reply.
I know that below issus.
And I successful encrypt/decrypt file with txt file format.
Buf the word file is not successful.
I had tested about 230K word file, it is OK. But over 1M word file, not OK.
I don’t know what different two file. 1M word file is 80-90% successful.
I read tunneling issus in MS site. But I don’t understand and how to solve the problem…
Give me more information.
Thanks.
----- Original Message -----
From: “Tony Mason”
To: “File Systems Developers”
Sent: Friday, November 30, 2001 12:20 AM
Subject: [ntfsd] RE: How to know that data in cache is encrypt?
> Data in the cache should NEVER be encrypted. This approach is just not
> going to work for ay general-purpose encryption product.
>
> This is because APPLICATIONS can access data that is in the cache, without
> any visibility on the part of the filter driver or file system. The memory
> that makes up the cache belongs to the Memory Manager and it allows direct
> access to those contents.
>
> The simplest way to do this is to encrypt all non-cached writes and decrypt
> all non-cached reads. That catches reads and writes from (or to) the cache
> as well as user-level non-cached I/O.
>
> Regards,
>
> Tony
>
> Tony Mason
> Consulting Partner
> OSR Open Systems Resources, Inc.
> http://www.osr.com
>
>
> -----Original Message-----
> From: lbo [mailto:xxxxx@esecurity.co.kr]
> Sent: Thursday, November 29, 2001 12:56 AM
> To: File Systems Developers
> Subject: [ntfsd] How to know that data in cache is encrypt?
>
> Hi, All
>
> I will Flush cached data if it is encrypt.
> How to know that?
>
> I want to clear cached data if it is encrypt and reading data from disk.
>
> Give me some information.
>
> Thanks in advance.
>
> —
> You are currently subscribed to ntfsd as: xxxxx@osr.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> You are currently subscribed to ntfsd as: xxxxx@esecurity.co.kr
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
???y˫???+.n?+???~?Z?˛??^r*D???kN???r??zǧu??jy???^j??? 0?j?b??(??(
Data in cache must not be encrypted. Otherwise, you will have huge problems supporting memory-mapped files in your filter.
You must apply crypto on the path from the cache to the media and use the usual ACL-based means of protecting the cache. Remember
that crypto is for media protection only, not for access control.
Max
----- Original Message -----
From: “lbo(Lee Byong-Oh)”
To: “File Systems Developers”
Sent: Friday, December 28, 2001 10:11 AM
Subject: [ntfsd] RE: How to know that data in cache is encrypt?
> Thanks for reply.
>
> I know that below issus.
> And I successful encrypt/decrypt file with txt file format.
> Buf the word file is not successful.
> I had tested about 230K word file, it is OK. But over 1M word file, not OK.
> I don’t know what different two file. 1M word file is 80-90% successful.
>
> I read tunneling issus in MS site. But I don’t understand and how to solve the problem…
>
> Give me more information.
>
> Thanks.
>
> ----- Original Message -----
> From: “Tony Mason”
> To: “File Systems Developers”
> Sent: Friday, November 30, 2001 12:20 AM
> Subject: [ntfsd] RE: How to know that data in cache is encrypt?
>
>
> > Data in the cache should NEVER be encrypted. This approach is just not
> > going to work for ay general-purpose encryption product.
> >
> > This is because APPLICATIONS can access data that is in the cache, without
> > any visibility on the part of the filter driver or file system. The memory
> > that makes up the cache belongs to the Memory Manager and it allows direct
> > access to those contents.
> >
> > The simplest way to do this is to encrypt all non-cached writes and decrypt
> > all non-cached reads. That catches reads and writes from (or to) the cache
> > as well as user-level non-cached I/O.
> >
> > Regards,
> >
> > Tony
> >
> > Tony Mason
> > Consulting Partner
> > OSR Open Systems Resources, Inc.
> > http://www.osr.com
> >
> >
> > -----Original Message-----
> > From: lbo [mailto:xxxxx@esecurity.co.kr]
> > Sent: Thursday, November 29, 2001 12:56 AM
> > To: File Systems Developers
> > Subject: [ntfsd] How to know that data in cache is encrypt?
> >
> > Hi, All
> >
> > I will Flush cached data if it is encrypt.
> > How to know that?
> >
> > I want to clear cached data if it is encrypt and reading data from disk.
> >
> > Give me some information.
> >
> > Thanks in advance.
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@osr.com
> > To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@esecurity.co.kr
> > To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
> >
> b‹ç®·¶\¹»?vÚµ?ÉÆ)¶Šçiû¢d?n?·zwnV‘é?•æz{±Ý?ŠË¢Ê
—
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
Thanks. Max
How to know that which is ACL or data?
According to analasis form Filemon, if i save the word file in crypto folder, first read form disk before write data.
Which mean read operation befor write operation?
Thanks.
----- Original Message -----
From: “Maxim S. Shatskih”
To: “File Systems Developers”
Sent: Friday, December 28, 2001 4:48 PM
Subject: [ntfsd] RE: How to know that data in cache is encrypt?
> Data in cache must not be encrypted. Otherwise, you will have huge problems supporting memory-mapped files in your filter.
> You must apply crypto on the path from the cache to the media and use the usual ACL-based means of protecting the cache. Remember
> that crypto is for media protection only, not for access control.
>
> Max
>
> ----- Original Message -----
> From: “lbo(Lee Byong-Oh)”
> To: “File Systems Developers”
> Sent: Friday, December 28, 2001 10:11 AM
> Subject: [ntfsd] RE: How to know that data in cache is encrypt?
>
>
> > Thanks for reply.
> >
> > I know that below issus.
> > And I successful encrypt/decrypt file with txt file format.
> > Buf the word file is not successful.
> > I had tested about 230K word file, it is OK. But over 1M word file, not OK.
> > I don’t know what different two file. 1M word file is 80-90% successful.
> >
> > I read tunneling issus in MS site. But I don’t understand and how to solve the problem…
> >
> > Give me more information.
> >
> > Thanks.
> >
> > ----- Original Message -----
> > From: “Tony Mason”
> > To: “File Systems Developers”
> > Sent: Friday, November 30, 2001 12:20 AM
> > Subject: [ntfsd] RE: How to know that data in cache is encrypt?
> >
> >
> > > Data in the cache should NEVER be encrypted. This approach is just not
> > > going to work for ay general-purpose encryption product.
> > >
> > > This is because APPLICATIONS can access data that is in the cache, without
> > > any visibility on the part of the filter driver or file system. The memory
> > > that makes up the cache belongs to the Memory Manager and it allows direct
> > > access to those contents.
> > >
> > > The simplest way to do this is to encrypt all non-cached writes and decrypt
> > > all non-cached reads. That catches reads and writes from (or to) the cache
> > > as well as user-level non-cached I/O.
> > >
> > > Regards,
> > >
> > > Tony
> > >
> > > Tony Mason
> > > Consulting Partner
> > > OSR Open Systems Resources, Inc.
> > > http://www.osr.com
> > >
> > >
> > > -----Original Message-----
> > > From: lbo [mailto:xxxxx@esecurity.co.kr]
> > > Sent: Thursday, November 29, 2001 12:56 AM
> > > To: File Systems Developers
> > > Subject: [ntfsd] How to know that data in cache is encrypt?
> > >
> > > Hi, All
> > >
> > > I will Flush cached data if it is encrypt.
> > > How to know that?
> > >
> > > I want to clear cached data if it is encrypt and reading data from disk.
> > >
> > > Give me some information.
> > >
> > > Thanks in advance.
> > >
> > > —
> > > You are currently subscribed to ntfsd as: xxxxx@osr.com
> > > To unsubscribe send a blank email to xxxxx@lists.osr.com
> > >
> > > —
> > > You are currently subscribed to ntfsd as: xxxxx@esecurity.co.kr
> > > To unsubscribe send a blank email to xxxxx@lists.osr.com
> > >
> > b??箷????vڵ???)???i??d?n??zwnV???z{???ˢ?
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@esecurity.co.kr
> To unsubscribe send a blank email to xxxxx@lists.osr.com
(???r??z{e?˛???m?m?{_?֬???&j)@u?Ӣ?칻?&ޱ??i?Z?G?j)m?W???~?l??-E?"?Ǧm??(Z?X???,??&