File System Filter Driver Programming
Today, data leakage is the one of the main problems of data security for most enterprises. There are many technologies about the solutions of the information security. Intrusion detection, firewalls and private networks are traditional methods in information security. But these methods are difficult to prevent data leakage because they are suitable for dealing with network and malicious code attack.EaseFilter File System Encryption Filter Driver provides a reliable protection for data leakage by using transparent file encryption technologies. The processes of encryption and decryption are executed in file system filter driver and are completely transparent to users. By leveraging this transparent approach, your organization can implement encryption, without having to make changes to your applications, infrastructure, or business practices.
A file system filter driver intercepts requests targeted at a file system or another file system filter driver. By intercepting the request before it reaches its intended target, the filter driver can extend or replace functionality provided by the original target of the request. File system filtering services are available through the filter manager in Windows. The Filter Manager provides a framework for developing File Systems and File System Filter Drivers without having to manage all the complexities of file I/O. The Filter Manager simplifies the development of third-party filter drivers and solves many of the problems with the existing legacy filter driver model, such as the ability to control load order through an assigned altitude. A filter driver developed to the Filter Manager model is called a minifilter. Every minifilter driver has an assigned altitude, which is a unique identifier that determines where the minifilter is loaded relative to other minifilters in the I/O stack. Altitudes are allocated and managed by Microsoft.
Transparent File Level Encryption
Encryption is the process in which data (plaintext) is translated into something that appears to be random and meaningless (ciphertext). Decryption is the process in which the ciphertext is converted back to plaintext. A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process. A cryptographic algorithm works in combination with a key (a number, word, or phrase) to encrypt and decrypt data. To encrypt, the algorithm mathematically combines the information to be protected with a supplied key. The result of this combination is the encrypted data. To decrypt, the algorithm performs a calculation combining the encrypted data with a supplied key. The result of this combination is the decrypted data. EaseFilter Encryption Filter Driver is using Rijndael (256-bit key) algorithm which is a high security algorithm created by Joan Daemen and Vincent Rijmen (Belgium). Rijndael is the new Advanced Encryption Standard (AES) chosen by the National Institute of Standards and Technology (NIST). AES is a cryptographic algorithm approved by FIPS. At present, there is no way to break any of these algorithms, unless to try all possible keys. If one billion computers were each searching one billion keys per second, it would take over 10*10ˆ24 years to recover information encrypted with a 168-bit algorithm (the age of the universe is 10*10ˆ9 years).
Transparent file encryption (TFE) performs real-time I/O encryption and decryption of the files in any block data with 16 bytes. The encryption uses a 256 bits symmetric key to encrypt or decrypt the data with AES encryption algorithm. TFE protects data "at rest", meaning the data and files. It provides the ability to comply with policies which can be applied by users, processes and file type. This allows only authorized users and processes to access the encrypted files, unauthorized users and processes can’t access the encrypted files.
File Protector
Encryption on the read enables you to automatically encrypt the file on the fly when the black list processes to read the files, the file only will be encrypted in memory, the file on disk is not encrypted. This is the extra protection of your files, enable you to encrypt all your files before they were copied out from your computer. For example you want to automatically encrypt your files when the email outlook.exe application sends an email with your attached files, or web browser application uploads your files, or the Windows explorer tries to copy your files out of your computer.
An Isolation Mini Filter Driver is a Windows file system Minifilter driver that separates the view(s) of a file's data from the actual underlying data of that same file. EaseFilter Encryption Filter Driver is a typical Isolation Layer Filter Driver, it can create two views of the access data, one is encrypted from the local storage, so your data is always encrypted in the local disk, the other
More information:- https://www.easefilter.com/Forums_Files/Comprehensive-file-security-sdk.htm/