newbie question about file system filter driver

OSR_Community_User · August 20, 2002, 11:09am

Hi,

my Platform: NT 4 SP6a

Currently I need to encrypt some critical data files(not all files, but
certain types of files), so that if those files are copied to other
computers outside the enterprise network, they are useless because they
just contain encrypted data. But on the computers inside enterprise
network, these file should be opened/read/written just as if they are not
encrypted yet. That is, the encryption/decryption is transparent to ring 3
applications.
The main purpose is to prevent sensitive data from leaking out.

I decide to write a FS filter driver to do such work. This driver checks
the header of each file requested by the ring 3 applications, then do
encryption on writing and decryption on reading.

Is there any sample to refer to? Or any other ideas? How to deal with
block alignment if I use a block cipher? Thx for your suggestions!

David_J_Craig · August 20, 2002, 6:47pm

I have done this. Good luck as it is a long hard development process. No
free samples I know about.

----- Original Message -----
From: “zhangbo”
To: “File Systems Developers”
Sent: Tuesday, August 20, 2002 11:10 AM
Subject: [ntfsd] newbie question about file system filter driver

> Hi,
>
> my Platform: NT 4 SP6a
>
> Currently I need to encrypt some critical data files(not all files, but
> certain types of files), so that if those files are copied to other
> computers outside the enterprise network, they are useless because they
> just contain encrypted data. But on the computers inside enterprise
> network, these file should be opened/read/written just as if they are not
> encrypted yet. That is, the encryption/decryption is transparent to ring 3
> applications.
> The main purpose is to prevent sensitive data from leaking out.
>
> I decide to write a FS filter driver to do such work. This driver checks
> the header of each file requested by the ring 3 applications, then do
> encryption on writing and decryption on reading.
>
> Is there any sample to refer to? Or any other ideas? How to deal with
> block alignment if I use a block cipher? Thx for your suggestions!
>
> —
> You are currently subscribed to ntfsd as: xxxxx@yoshimuni.com
> To unsubscribe send a blank email to %%email.unsub%%

Peter_Viscarola_OSR · August 21, 2002, 1:09pm

“zhangbo” wrote in message news:xxxxx@ntfsd…
>
>
> I decide to write a FS filter driver to do such work. This driver checks
> the header of each file requested by the ring 3 applications, then do
> encryption on writing and decryption on reading.
>

Buy one of the several commercial products that already implement this
functionality, and forget about writing this software yourself – unless you
have (a) a burning desire to learn the intricicies of file systems, AND (b)
several engineering years to dedicate to the effort, AND (c) a staff that
wants to make on-going modifications to keep it working with every new
version of Windows.

I’ve worked on SEVERAL of these. Some of them even successfully. It’s a
big, complex, ugly, job to do it right and make it work seamlessly with all
the file systems and in all the annoying little edge conditions.

Even if your company had to spend $200K to license software to do this
(which I doubt), they’ll be WAY ahead of the cost of writing this code
yourself…

Peter
OSR