Browse Prior Art Database

Providing security to EFS files when they are accessed from the memory location

IP.com Disclosure Number: IPCOM000235063D
Publication Date: 2014-Feb-26
Document File: 9 page(s) / 128K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a system for protecting the encrypted file system data which has been loaded into memory by rootuser in Rootguard mode Specifically when root process acceess the dump of the process which has opened an encrypted File system and mmaped to it.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 38% of the total text.

Page 01 of 9

Providing security to EFS files when they are accessed from the memory location

The traditional approach of security in area of EFS has relied on the process of encryption and decryption of the key stores in order to access the file content. Definitions on EFS has provided below.

The Encrypted Files System enables individual users on the system to encrypt their data on J2 file system through their individual key stores. A key is associated to each user. These keys are stored in cryptographically protected key store and upon successful login, the user's keys are loaded into the kernel and associated with the

processes credentials. Later on, when the process needs to open an EFS-protected file, these credentials are tested and if a key matching the file protection is found, the process is able to decrypt the file key and therefore the file content

There are two modes for managing and using key stores, Root Admin and Root Guard

1>In root Admin mode,root can reset the user's key store password, and might gain access to the user's keys within this key store. This mode provides greater system administration flexibility.

2>In root Guard mode,root can reset the user's login password, cannot reset the user's key store

password. It is not possible for root to substitute user (with the su command) and inherit an open key store. While root can create and delete users and groups. along with their associated key stores, cannot gain access to the keys within these key stores. This mode provides a greater degree of protection against an attack from malicious root.

Problem statement:

In root guard mode, still not able to provide greater degree of protection against an attack from malicious root Which contradict our existing approach stating it provides a greater degree of

protection against an attack from malicious root."

So below scenarios has been identified which proves Problem statement mentioned below.

Assume like one process P1 is running and having the proper key store to access the EFS file ..hence has opened an EFS file through MMAP and this process has got pointer to perform read and write operation to that EFS file.

Process P2 which doesn't have the proper key store ,currently running on the system can still access the EFS file page which is currently loaded into memory by using KDB and by switching to that particular Process(P1)context ..

Fig.1: ----------

1


Page 02 of 9

Fig.2 ----------

2


Page 03 of 9

" Fig. 1" and "Fig. 2" referring to problem statement.. explanation of " Fig. 1" and "Fig. 2" are given below.

Assume process P1 is performing the following steps:

1>login as user with proper key store
1>open EFS file and get the file descriptor
2>MMAP the file using file descriptor and get the effective address. 3>Perform Read and write operation using that effective address. 4>Perform some operations as per the requirement.
5> Process P2 is performing the following steps:

1>Login as user/root user with out having proper key store.

2>perf...