We can define that Encrypting File System (EFS) provides the core file encryption technology used to store encrypted files on NTFS volumes. This enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer. This enables transparent encryption and decryption of files by using advanced, standard cryptographic algorithms. So it keeps files safe from intruders who might gain unauthorized physical access to sensitive, stored data. When we go back to the histroy we can identify that the Encrypting File System (EFS) on Microsoft Windows is a file system filter that provides filesystem-level encryption and was introduced in version 3.0 of NTFS.Later this was enabled in all versions of Windows meant for professional use from Windows 2000 onwards.
such as,
- Transparent for user and any applications and strong key security.
- Once file or folder is marked as encrypted, it will be encrypted in background without interaction with user. So user does not need to remember password to decrypt files.
- All encrypting/decrypting processes are performed in kernel mode
- Provides data recovery mechanism which is valuable in business environment, giving an organization an opportunity to restore data even if the employee who encrypted it left the company.
Why Encrypting File System (EFS) is important?
When we go through the Encrypting File System (EFS),
we can identify that it
has several advantages over traditional encryption techniques.This technology integrates into the file system, so users can't access the hard disk without going through the file system.
we can identify that it
has several advantages over traditional encryption techniques.This technology integrates into the file system, so users can't access the hard disk without going through the file system.
Not only that we can identify when we go through the encrypting file system (EFS) that W2K's EFS drivers run in kernel mode to provide better security. This technology allows easy manage and completely transparent to it user. According to this technology the user can use a private key that the operating system (OS) generates to encrypt only those files or folders that need protection.
Users can then access their data transparently.But here the users who don't have the private key can't access the data.However in this technology there is no need to decrypt a file before the operating system automatically handles this in a secure manner.In the event of a user's private key being lost the EFS recovery agent can decrypt the files.
No comments:
Post a Comment
We need your comments