parsed file system drivers


I’m doing a preliminary review of ways to implement a parsed file system in Vista. Basically, a parsed file system breaks files into encrypted shares a distributes them across different physical drives (including USB drives) or network shares. In a common scenario, each file becomes five shares, and at least three (plus a key) are necessary to decrypt the file.

It seems like most of the encryption discussion involves filter dirvers for container-boundary solutions. Where do I start to encrypt a whole volume?

Also, does anyone have insight into encrypting the VHD files of a Hyper-V child? Can we implement this as a filter driver in the parent?

Any help appreciated.

Thomas M


This can be done at file level (via a file system filter driver, for
example) or it can be done at disk level. This group would be
appropriate for discussing it at file system filter driver level, NTDEV
would be appropriate for a disk level discussion.

I’ve actually looked at this exact problem in the past and, having
mulled it over view it as an interesting cross between content
addressing and compression (ergo, replace the data in the file with
something different that provides location information. The data in
those various locations can be combined to get the original information
back.) Since we do “data modification” drivers in daily practice, this
has been an interesting case for me to mull over in the back of my head
for quite some time. I know how I would approach it (ergo my
description above) but have never been called up on to actually do so.
The last time I spoke to someone about this they disappeared fairly
quickly thereafter, unfortunately.

Good luck on your project!