Creating Secure File Systems in Open-Source Operating Systems
NIZOMIDDIN OCHILOV
Department of Information and Communication Technologies,
State Testing Center under the Cabinet of Ministers of the Republic of Uzbekistan,
12 Bogishamol Str, Tashkent, 100084,
REPUBLIC OF UZBEKISTAN
Abstract: - The relevance of this study is determined by insecure data storage on personal computers, as it is the
main operating system that performs authentication and file access control. Bypassing these security rules is
possible in case of using another open-source operating system on the same personal computer.
The aim of this work is the research and development of file encryptors, disk encryptors and file system
encryptors. Each of them has its shortcomings which manifest themselves during development. Combining the
advantages of file encryptors and file system encryptors helped to overcome those shortcomings. The userspace
filesystem library was used for this purpose.
The study involved the methods aimed at designing and developing the Udev daemon file system for Linux
using the OpenSSL library. The file system design was mathematically modelled and formally verified through
a test parser. The file system also has its own authentication and authorization procedures to provide uniform
access across multiple operating systems.
The Udev daemon file system is the result of this work. Each file is encrypted with a separate key to protect
against cryptanalysis. This key is encrypted with the owner’s private key, thereby enabling him/her to change
the ownership. The passphrase is used to decrypt the user’s private key.
The developed file system has passed authentication and access control testing successfully. The file system
shows best performance with file sizes 1 KB to 256 MB. Encryption-caused performance degradation was also
measured and found to be within acceptable limits. This Udev daemon stackable file system is available for all
Unix clones with OpenSSL libraries.
The prospects for further work are the development of a file system using several combined methods from a list
of existing design and development methods for file systems.
Key-Words: - file systems, operating system security, data protection, information technology, security
assessment
Received: July 28, 2021. Revised: September 16, 2022. Accepted: October 11, 2022. Published: November 24, 2022.
1 Introduction
All computer systems applications depend on data
and data storage. Users of these applications may
store information such as bank statements, website
passwords, government-issued digital certificates,
and other sensitive information on their personal
computers. Those data stored on personal computers
are, however, not secured from eavesdropping by
default. The authentication and access control for
personal computers provided by open-source
operating systems can be bypassed easily. It’s easy
to mount a local drive and access information by
booting from the live boot disk provided by such
distributions as Ubuntu.
Many researchers deal with extending the file
system security features, comparing security
algorithms, and studying user space file systems. In
[1] the authors discuss the design and
implementation of a stackable file system —
WrapFS. New features can be added to the existing
file system by overlaying another file system. This
is how stackable file systems can be used across
multiple file systems. The SnoopFS file system was
presented as an example by the author of this article,
as it enables a virtual file system to provide security
enhancements to existing file systems. This article
uses this approach to enhancing the capabilities of
existing file systems. In [2] the researchers describe
a different approach to enhancing file system
capabilities: applying object orientation to open-
source file systems. Their article describes the
Frigate file system.
The aim of the research was to solve this
problem by developing file encryptors, disk
encryptors and file system encryptors, each having
its shortcomings.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
221
Volume 21, 2022
A wide range of solutions is available for solving
this problem, one of them is encryption software
that can encrypt individual files and maintain
privacy. Managing multiple passwords is not,
however, easy. The use of the same password to
encrypt multiple files poses a security risk. Besides,
the personal computer applications must be
rewritten to integrate with encryption software if
they use such features. AES Crypt and PGP file
encryption programs are examples of such
applications. These applications can be categorized
as file encryptors.
Another way to solve the problem of data
security in personal computers is to encrypt the
entire disk file system. Some kernel-level
applications provide for full disk encryption with a
single encryption key. This solution to data security
problems in disk file systems can be attributed to
volume encryption methods.
This form of security does not prevent other
personal computer users from being eavesdropped,
although the information is protected from external
eavesdropping. Moreover, only one user can access
the information if the key is not shared.
The developed file system is designed for the
following purposes:
− file naming;
− software interface for application file
processing;
− comparing the logical model of the file system
with the physical organization of the data storage;
− arranging file system stability to power
failures, hardware and software errors;
− contents of file parameters required for correct
interaction with other system objects (kernel,
applications, etc.).
Another objective was also set in the work:
protecting the files of one user from unauthorized
access by another user and ensuring that other users
have the same file temporarily available in read-
only mode, for example, when one user opens a file.
As an alternative, such operating systems as
Windows implement security features in their open-
source file systems, thereby enabling multiple users
to have secure information on the same file system.
This form of security can be classified as the file
system encryptor. The advantage of this solution is
that it is transparent to the end user.
These file systems, however, restrict access to
protected information because of their operating
system dependency.
So, there are several solutions to the data security
problem, but each solution adds new constraints to
the data security issue.
Therefore, there is a growing need to develop a
better personal computer-centric solution, which is
independent of the operating system and supports
multiple users. One of the possible approaches is
transferring user management and file access control
from the operating system to the file system and its
drivers. This enables file system developers to
combine the benefits of file system encryptors and
file encryptors. This solution can be implemented
through file systems in user-space libraries.
The Udev open-source user space filesystem is
the way of loading kernel modules for UNIX
operating systems and Unix clones that provides
programmers with an application programming
interface (API) to create their own file systems
without editing the kernel code. The use of this
library enables users to mount, manage, and
unmount filesystems without superuser privileges. It
can also be used to implement virtual file systems
that reside on disk file systems as files. The library
also enables the file system logic to control access
to files.
2 Literature Review
The use of inheritance as object-oriented
programming is enabled by combining file access
routines as part of the document class, [1], [2]. The
authors demonstrate this by applying compression
and encryption to a derived document class. This
way is completely different and provides easier and
more transparent scalability. This approach has not,
however, been widely adopted because of the
overhead of binding classes with data on disk. In [3]
the authors discuss the CryptFS file system, a
stackable file system that provides security
enhancements to existing file systems. They provide
insight into the ways of developing file system
wrappers to extend the security measures provided
in open-source filesystems.
These details were useful while designing the file
system in this article. In [4] the researchers evaluate
the performance of encrypted file systems using
various cryptographic algorithms and key sizes.
They concluded that it is appropriate to provide
encryption in the file system. In [5] the author
proposed requirements for a secure Distributed File
System. They clearly describe the security services
provided by a secure file system. They classify
different file systems based on security and compare
the security of some of the available file systems.
In [6] the researcher describes the security
mechanisms in existing local and network file
systems. These details help to understand the
existing security rules in the file system. In [7] the
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
222
Volume 21, 2022
author proposes a file system model that provides
for key management on a separate authentication
server and user authentication on a client proxy.
They discuss a file system that involves self-
authentication paths to ensure that users access the
correct file content.
In [8] the author proposes an escrow smart card-
based authentication and key distribution
mechanism which provides easy key management in
large distributed systems. A layered data access
model with security mechanisms is adopted,
although this concept cannot be directly applied to
the file system developed in this article. In [9] the
researcher compares the performance of
cryptographic algorithms based on various hardware
platforms, operating systems, and several libraries.
The comparison of the performance of Rijndael
AES ciphers in various open-source libraries is of
special importance. It is the basis for choosing the
OpenSSL library for the implementation of the file
system discussed in this article.
In [10] the author used the kernel file system
module to test the difference in performance of the
Udev library. It was found that the overhead caused
by context switching is more pronounced when the
requested files are very small. So, the Udev library
can be used on personal computers without
significant performance degradation. This finding
determined the choice of the Udev library for this
study.
The article proposes a solution to the problem of
file access and security on personal computers by
developing an OS-independent user management,
authentication and authorization logic, as well as
integrating it with the existing Udev daemon
pseudo-file system.
An operating system is a software designed to
automatically control the program execution and
provision of certain services to users, [11].
3 Methods and Materials
3.1 Research Methods Used
This study was preceded by an analysis of the
existing scientific achievements, their analysis and
structuring. Basic and variable structural elements,
their composition and characteristics were
monitored.
According to experts, the techniques for creating
secure systems are based on the following five
methods, [12].
Integration method. Security measures must be
included into the system architecture in such a way
that they can control all interaction mechanisms
without exception. Limiting the number of
interaction mechanisms to the maximum possible
extent and integrating protections directly into these
mechanisms is the easiest way to implement this
method when creating an operating system. This
method was applied in the study.
Immutability method. Security tools should not
depend on the specific implementation of utilities
and applications, the logic of their work. Moreover,
they should be universal for all types of interactions.
A strictly canonical programming function
paradigm that limits the interaction of operating
system security tools can provide their immutability.
Merging method. There must be a one-to-one
correspondence between the interaction of
controlled subjects and objects and the access
operations controlled by the security model. This
enables unifying the security tools and their use,
implementing different security models without
changes, and controlling access to objects of
different nature. The application of this method in
the creation of the operating system resulted in the
development of a single access interface that
combines all the ways of interaction between
subjects and objects. Its functions are uniquely
correlated with a set of operations that describe the
Security Model.
Sufficiency method. Providing a true anti-attack
ability requires excluding all factors that cause
vulnerabilities, as the attack implementing
mechanism is based on their use. According to [13],
[14] the main cause of vulnerabilities is inconsistent
access control. Existing systems have privileged
tools and services that transfer some privileges to
users passing over the control. The SUID/SGID
mechanism in UNIX is the most obvious example.
Any bugs in such tools can result in vulnerabilities.
Therefore, it is possible to eliminate the cause of the
most vulnerabilities by implementing access control
based on a common interface and a single
interaction mechanism in the system. The size of
trusted code that protects the tool itself should also
be minimized in order to reduce the possibility of
errors in it.
Correctness method. The security measures
should implement access control based on the
formal model. The security of the system can be
formally demonstrated and objective criteria for
assessing the correctness of its operation can be
obtained through a consistent security model.
Detailed tests can be created based on such a model
to verify the correct operation of protection tools in
all modes and in any situation.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
223
Volume 21, 2022
3.2 Necessary Tools
Prototyping requirements: A primitive software
prototype must demonstrate:
− User authentication
− User authorization
− Reading a file
− Writing a file
− Managing custom meta-information and
changing the file owner
− Discussion of results.
A software prototype that meets these
requirements was developed in the C programming
language on the Linux operating system with the
OpenSSL library, and subsequently tested.
This prototype claimed that the conceptual
design could be implemented as software.
The high-level design of this study was done
using data flow diagrams with control flow. Data
flow diagrams with control flow present software as
a set of data transforming modules. Any signals,
such as errors and control signals, are displayed as
control messages, because these messages do not
carry data being transformed.
3.3 Sample
Typically, a computer system consists of many
components. Some components may be specifically
designed to enforce security policies (for example,
process isolation or information flow control tools).
Others may contribute indirectly to security, for
example by providing first-rate functionality.
Finally, third parties may not be involved in
resolving security issues at all. The totality of all
components of the first two types is called the
protection complex. In other words, the protection
complex is a set of all software and hardware,
including software involved in the implementation
of security policies. The part of the computing
system (CS) included in the protection complex is
determined by the developer. Any CS component
that can cause a violation of the security policy
because of any impact should be considered part of
the protection complex, [15].
Those security devices consider CS resources as
objects and manage the interaction of these objects
in accordance with the implemented information
security policy. As objects, resources have two
characteristics: logical representation (content,
semantics, meaning) and physical (form, syntax).
Objects are characterized by their states, which in
turn are characterized by properties and behaviors
that determine the ways of changing the state.
Objects can be different for different CSs. For
example, database entries can be considered as
objects for database management systems (DBMS),
while they can be considered as processes, files,
clusters, disk sectors, memory segments, and so on
for operating systems. Anything that requires
protection in accordance with the security policy
should be defined as an object, [15].
Two methods are currently used to create a
secure operating system: developing a secure system
from scratch and building a so-called trusted version
by updating an existing system.
In the development of secure systems from
scratch, all their functional and architectural
solutions (which must be certified according to the
established requirement categories) are developed at
the design stage. A peculiarity of this approach is
the development of methods that ensure the
fulfilment of the set requirements. The classical
scheme for constructing a protected system is used
in this case, [16]:
− develop a security model;
− determine interactive objects;
− establish access control rules;
− select access control mechanisms;
− choose methods of identification and
authentication of interacting parties;
− determine the set of events to be verified;
− system implementation.
Although there are few examples of this
approach because of the complexity and high cost of
its implementation (Trusted Xenix, Trusted Mach,
Harris CX/SX systems), it should be noted that this
is the only way to create first-rate systems, [17].
When a “trusted” version is being built by
upgrading an existing system, encryption and digital
signature capabilities are typically added to the
latter, access controls are enforced by implementing
authorization controls, system administrator duties
are assigned to different accounts or “roles”, and
additional means of identification and
authentication, auditing and monitoring are
provided. This way of creating a secure system
prevails mainly because of its cost-effectiveness,
less effort required to create and implement a
system, and maintaining compatibility with existing
solutions. Besides, modern systems inherit the
image of prototype systems created by the
popularity of the developer company. This increases
their credibility and enables using their operation
and support experience. The Trusted Solaris OS and
the Trusted Oracle DBMS are typical examples that
implement this approach, [18].
It should be noted that these two approaches do
not contradict each other. They are the same
component methods used to create a secure
operating system.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
224
Volume 21, 2022
3.4 Research Design
An operating system can be represented as a way of
managing the resources of a computer system to use
them in the most efficient way. The main resources
of a modern computer system include processors,
RAM, disk drives, printers, timers, data sets,
networks, and other devices. Resources are shared
between processes. A process (or task) is a
fundamental concept in most modern operating
systems and is often briefly defined as the program
execution. If the program is a static object (in the
form of a file with code and data), a process is a
dynamic object that appears in the operating system
upon initiating the program execution by the user,
[19].
The main function of the operating system is to
manage computer resources and their distribution.
Resources are the logical and physical components
of a computer: RAM, disk space, peripherals,
processor time, and so on. Resource management
includes such tasks as determining the process to be
allotted, the time and size of resources to be
allocated, tracking the status and statistics of
resource usage, and providing operational
information about free or idle resources and about
the share of allocated resources. Resource
management is an integral part of any operating
system functionality and is implemented through the
resource management subsystem.
Computing process management is the next
function of the operating system. A computing
process (or task) is a sequence of actions set by a
program. In theoretical terms, process management
functions can be delegated to each application,
thereby making the application larger and more
complex. Therefore, the logical solution is to have a
main computer program that controls the processes
of other programs.
The operating system user interface is used to
perform the third function of the operating system,
which is to provide user interaction with the
hardware. The user interface also includes utilities
— a set of service programs. Utilities are small
programs that perform certain service functions.
Utilities free users from routine and sometimes very
complex operations, [20].
Modern operating systems provide users with a
wide range of services. The more complete the
operating system, the higher its usability.
4 Results
The security of confidential information
recorded/stored on any external device is ensured
through agreement with the system user. This means
that an additional security software device shall be
used, which is created in the operating system by the
system administrator (root) of any external device.
The serial number of the device, the user it belongs
to, and the registration of the external device must
be registered with such parameters as device
number and privacy level.
After that, when connecting an external device to
the OS, it is allowed to use it automatically. As
system users do not have the right to connect
external devices to the operating system, they can
only use external devices registered for them by the
system administrator. Besides, external devices are
bound to a directory with the appropriate security
level in the developed security software. For
example, only XFU level users can read from and
record to XFU level devices.
External devices are automatically connected to
the operating system through Udev daemon (a
program for managing external devices of the Linux
operating system). Besides, the daemon is used to
connect other internal devices to the operating
system kernel. The reason for using this daemon is
preventing system users from using mount to
connect external devices to the operating system.
One of the advantages of this daemon is that it can
be used by system administrators while performing
its functions for system users.
Each external device is connected to a directory
in the directory /media. Mandatory access control
policies shall be applied for each directory. So, all
same-level users can access the device with the
same permissions but cannot use (record to) the
device if their privacy level does not match the
user’s privacy level. In turn, these operations enable
classifying data and devices according to the
privacy level (Figure 1).
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
225
Volume 21, 2022
Fig. 1: External device levels
Registration of external devices, adding/deleting
data is automated through the script file
/var/udev/registr_usb. External devices are
connected to the operating system one at a time.
Otherwise, registration will be stopped, and an error
message will be displayed. Both a console and a
graphical interface for this scripting program will be
developed.
The following sequence of actions is required to
run a script program by a system administrator:
Registration:
− the user is offered a choice: disable or register
the device;
− cat/proc/scsi/usb-stroge/? invokes the
command, then enters the Vendor, Prod, and Serial
Number;
− displays the read data on the screen;
− /var/udev/registr_usb — checks whether the
external device is registered or not. If the device is
registered, the script will notify the administrator
and exit, otherwise it will prompt to confirm adding
the device;
− the system administrator must enter the device
username, registration number and privacy level;
− creates a registry string in
/var/udev/registr_usb based on the obtained data.
Delete:
− the user is offered a choice: disable or register
the device;
− enter the registration number of the device;
− checks data in /var/udev/registr_usb. If the
device is not registered, it returns to the previous
step;
− the registry string in /var/udev/registr_usb is
deleted if a registry number is found.
If the system administrator needs to find the USB
serial number and IDs, cat/proc/scsi/usb-stroge/?
command must be entered.
It should be noted that the implementation of this
mechanism requires the use of a particular file
system on external devices. As enforced security
policies are stored in file attributes, they must be
supported by the file system. All storage devices
must be formatted in ext3 format for this purpose.
Figure 2 illustrates the algorithm for the developed
file system — Udev daemon. The library provides a
function pointer structure that acts as an interface
between the filesystem logic and itself. The
functions to be implemented by the file system logic
should handle getting attribute, checking access,
reading directory, creating directory, creating node,
detaching, truncating, update time, opening, reading,
getting file system statistics, deallocating, flushing,
recording and rename calls. Of these messages, only
the “record” and “rename” messages carry the data
to be converted. Therefore, all other messages are
control messages. The user specifies a username,
password, mount directory, and mount point
location. The file system logic should verify the user
and request the Udev library to mount the source
directory in the target directory. The file storage
area is in the mounted source folder. This area
contains file system meta-information, file meta-
information, and encrypted files. Therefore, the file
system logic must access information about files,
read files, and record files to the data storage. All
error messages are passed to the user through the
Udev daemon interface.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
226
Volume 21, 2022
Fig. 2: Registering external devices algorithm
This design was further subject to numerous
improvements, which resulted in the creation of nine
different modules. These modules had the following
purposes:
− Interaction with the library;
− Implementation of the logic of
authentication/reading/recording of the file system;
− Implementation of hashing;
− Implementation of base64 encoding;
− Implementation of private key encryption;
− Implementation of public key encryption.
− Implementation of error reporting;
− Implementation of key generation and
initialization vector generation;
− Implementation of the actual interface with the
underlying file system.
This software involves the following system files
and temporary files:
/var/udev/current_usb is a string file with
information about the model and serial number of
the external device.
/tmp/test is a temporary file containing the
results of user input in the graphic interface.
/var/udev/registr_usb contains variables such as
the ID number of the registered external device, the
characteristics of the device (manufacturer, model,
serial number of the device), the name of the proper
user of the device, and the privacy level.
Disable or register a
device
Start
YES
NO
invoke cat/proc/scsi/usb-
stroge/? command
Enter Vendor, Prod and
Serial Number
End
Displaying the read data on
the screen
/var/udev/registr_usb
– whether external
device is considered
YES
Creates a registry entry in
/var/udev/registr_usb based on
the obtained information
NO
Device adding confirmation
request
Enter the system administrator’s
device username, registration
number, and privacy level.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
227
Volume 21, 2022
The program provides a graphical interface for
selecting the mode of registering, deleting or
formatting a USB device (Figure 3).
Fig. 3: Registration, deletion and formatting window
If the previous steps were completed without errors,
a window will appear indicating the device owner
name and the device ID registration number (Figure
4). Lowercase Latin letters only for the name and
numbers for the identifier shall be entered.
Fig. 4: Window for entering the device owner name
and ID
Successful entry of all the parameters will be
followed by a window for selecting the privacy level
(s0-NS, s1-Confidential, s2-S) of this device (Figure
5).
Fig. 5: Device privacy level selection window
The device is further installed in the appropriate
directory. This directory will open in the Thunar file
manager. It will be possible to encrypt/decrypt a
directory or files based on the findings of this article
upon connecting to an external device.
5 Discussion
Encryption/decryption is carried out based on an
additional script program for the Thunar file
manager, which fully complies with GOST 28147-
89. This means that the actions performed on
authorized external devices fully comply with the
security policy (Figure 6). The developed program
showed the following results of testing in various
working windows (Table 1).
Fig. 6: Device registration check schedule
050 100 150 200 250 300
Memory requirement after
startup is in Mb
File manager Thunar
memory when running is…
Mb of memory when file
manager Thunar starts…
In the XFCE interface in the KDE interface
In the Gnome interface
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
228
Volume 21, 2022
Table 1. Device table registration test indicator
Months of the
programme operation
Memory
requirements after
launch in MB
Thunar file manager
memory at launch in
Mb
MB of memory when starting the
Thunar file manager with about
10 additional windows open
In Gnome interface
22
193
256
In KDE interface
23
178
215
In XFCE interface
19
151
210
The developed secure file system had the ForErrors
system [21] with test cases developed in parallel
with the software design. These unit tests,
integration tests of the system ensured the
correctness of the developed software program.
These unit tests, integration tests of the system
ensured the correctness of the developed software
program. Stress and performance tests have been
introduced to ensure the stability and usability of the
secure file system.
Algorithmic design was implemented in
Cresulting in two applications:
Mount algorithm (userName string, password
string, source string, destination string)
1. start
2. save username and password
3. decrypt user Details in file system meta
information using password
4. if ((user Details. Authentication Hash) is not
equal to (hash(password))). Return authentication
error
5. user Private Key = user Details. private Key
6. mount source at destination
7. stop
Figure 7 shows the software implementation.
Fig. 7: File definitions
The chart below demonstrates the result of the work
(Figure 8).
Fig. 8: Results of comparing the developed file
system with For Errors
As the chart shows, the data processing time with
encryption is on average 1.2-1.3 times longer than
without encryption.
The following algorithm was developed to
compare the estimates of the speed of reading,
receiving, recording data:
Recording algorithm (userName string, password
string, source string, destination string)
1. Start
2. Generate random Key
3. perfile Key = random key
4. file Details. perfile Key = perfile Key
5. encrypt the file details in the destination file
meta information through user Private Key.
6. encrypt source file in file Content using perfile
Key
7. return encrypted content to destination
8. stop
Its implementation is presented in Figure 9.
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
229
Volume 21, 2022
Fig. 9: Code for reading and getting data
The proposed file system allows the user to select
one of two types of file system operations, which
are automatic and manual.
For automatic operation, only the user can tell
the file system what to do. The main two tasks of a
file system are: changing a particular file type to
another new type. Checking and adding a new type,
collection of applications, file types, and icons
available in the system Give icon and properties
Add a new file type. Connect to the application
while working. To complete. Start Completed by the
user, or to one of the other available file types that
already exist on the system or encrypt any file of the
specified type after providing the private key
provided by the user.
The process described above affects the entire
system; this means all sections, folders, and
subfolders. This may include the file type specified
by the user during the configuration phase because
the file system will be loaded during the system
startup phase and will start automatically.
Writing encrypted data to authorized external
devices is ensured by the operating system through
several restrictions. As a result, data leakage on
devices is prevented due to the obligatory way of
registering external input/output devices at the
operating system kernel level and performing an
encryption operation to ensure data security on
them.
There were also comparisons with other file
system operations such as FUSE, [22]. As the study
showed, the developed file system showed excellent
results.
For comparison, encryption can be performed at
the presentation layer or the application layer to
provide end-to-end encryption. Application-level
brute-force encryption requires that all applications
that need to work with encrypted files be rewritten
to include support for encryption. This is clearly
unacceptable for storage systems.
Files can be encrypted on a per-file basis using
such tools as PGP developed by Phil
Zimmerman, [13]. This is useful for short-term
encryption requirements of a single user, while
usually being of no use for long-term management
of shared information because it is based on the user
identity. Any encrypted file must be re-encrypted if
the user is not known or is changing (as is the case
in many organizations), [23].
The cryptographic file system was developed by
Matt Blaise at AT&T. CFS enables users to encrypt
files for each directory with a single key. The NFS
layer implemented encryption, decryption, and key
management locally on a trusted client: files were
encrypted in transit between a trusted client, an
untrusted network, and a server.
File sharing in the original implementation of
CFS required key sharing. The key distribution issue
makes this difficult. Blaise proposed a key
management scheme that helps solve these
problems, [5].
The Transparent Cryptographic File System
(TCFS) was developed at the University of Salerno,
Italy, [16]. It improves the CFS design by removing
the NFS client-level encryption layer, but still has a
limited key management scheme.
The Satan file system was developed at Carnegie
Mellon University. The implementation uses the C
library modifications that read the file into RAM,
decrypt the data, and then deliver them to the
application. The main idea is to link applications to
a set of libraries that provide encrypted versions of
invoking standard libraries.
This solves the application rewriting problem,
but the applications still need to be recompiled or at
least relinked. Each program also must have
unencrypted and encrypted versions to work with
encrypted files or unencrypted files.
The IBM Distributed File System (originally
known as AFS and later commercialized by
Transarc, a company acquired by IBM) suggests
that security is a network issue. Many systems
expect users and administrators to assume that their
implementation can be trusted and that network
security procedures can be effectively implemented
independently of other security procedures, [24],
[25]. It is also supposed that the security procedures
for backups, HSMs, file caches, and administrators
themselves are perfect.
The Networked Attached Secure Disks (NASD)
project at CMU created security for accessing files
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
230
Volume 21, 2022
on storage devices (NASDs) connected directly to
the network, [17]. Network keys are generated and
distributed among users. The entire system is based
on a trusted file system controller.
NASD also has one symmetrical master key
between each file system and drive.
The Microsoft Encrypted File System (EFS) is
available in Microsoft NT 5.0. It can encrypt and
decrypt every file and every directory. This system
indicates that there are backup “persons” who have
access to all data and administrative data protection.
Other related works include, [8]-[11], [26].
There are several possible further studies on how
this work can be extended to support the overall
performance of system files. Future work can be
listed as follows:
1. CFS can be improved for networking using
administration and server concepts; CFS can be
uploaded to the server, and the administrator will
specify the permissions. Increase the centralization
of the management of newly created file types and
their associated applications.
2. Due to emerging concepts of electronic media,
it is possible to use our files by other foreign groups
from other organizations at some conferences.
When the files in use are in the firmware, there is no
problem, and the system firmware should
automatically protect the files, but the problem
occurs when the required files are not in the
firmware. In this case, a specific organization will
protect its files. This scenario makes CFS a more
attractive option for working with this concept.
3. CFS can be improved to work like a virus, this
can be done by loading it into the startup of the
system we want to attack and then implicitly hiding
it in system files.
4. A recovery program can be developed that
makes CFS tolerable.
This means that a file previously converted using
CFS can be restored on another computer.
6 Conclusions
The relevance of the research carried out in the
article is the design and development of a secure
user-oriented file system. This file system provides
operating system-independent user authorization
and access control, and easily integrates with
operating system security restrictions.
This system was conceptually developed using
algorithmic design. This design was tested as a
mathematical model using an alloy analyzer. A
prototype was developed, confirming the usability.
The file system was designed using data flow
diagrams and algorithms. This secure file system
was designed on the basis of an existing file system
called Big Brother File System, and uses the
openSSL cryptographic library
The obtained secure file system was tested and
improved by choosing the best encryption buffer
size. The usability limits of the file system were
identified, and the maximum file size
recommendations were provided.
Further research may focus on implementing
other research design methods, or their various
combinations
References:
[1] O. Andersson, Threat, risk, and vulnerability
analyses during the development of IT systems
in the Swedish Armed Forces, Umeå
University, 2010.
[2] Y. Qasmaoui, Y. Maleh, H. Abdelkrim,
Secure Software Defined Networks Controller
Storage using Intel Software Guard
Extensions, International Journal of
Advanced Computer Science and
Applications, Vol. 11, No. 10, 2020.
[3] R. Aliyev, L. P. Herrero, Analyzing
Vulnerability Databases, 10th IEEE
International Conference on Application of
Information and Communication
Technologies, 2016.
https://www.researchgate.net/publication/316
971384_Analyzing_Vulnerability_Data bases
[4] F. D. Nembhard, M. M. Carvalho, T. C.
Eskridge, Towards the application of
recommender systems to secure coding,
EURASIP Journal on Information Security,
Vol. 9, 2019.
[5] Red Hat Blog, Life-cycle of a Security
Vulnerability, 2015.
https://access.redhat.com/blogs/766093/posts/
1976453
[6] Pikabu, Educational program on information
security, 2022.
https://pikabu.ru/story/likbez_po_informatsio
nnoy_bezopasnosti_512 2856
[7] Wkipedia, Vulnerability database, 2022.
https://goo.gl/yX6ttd
[8] Speedtest and Comparsion of Open-Source
Cryptography Libraries and Compiler Flags,
Detailed Compiler Flags Speed Analysis,
2008. https://panthema.net/2008/0714-
cryptography-speedtest-comparison/compiler-
speed.html
[9] M. Nouman, K. Ullah, M. Azam, Secure
Digital Transactions in The Education Sector
Using Blockchain, EAI Endorsed
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
231
Volume 21, 2022
Transactions on Scalable Information
Systems, Vol. 9, No. 22, 2022.
https://doi.org/10.4108/eai.3-11-2021.171758
[10] SecurityLab, Operating system, 2022.
sakibhttps://www.securitylab.ru/news/tags/%
EE%EF%E5%F0%E0%F6%E8%EE%ED%E
D%E0%FF+%F1%E8%F1%F2%E5%EC%E
0/
[11] K. T. Akhter Md Hasib, I. Chowdhury, S.
Sakib, M. Monirujjaman Khan, N. Alsufyani,
A. Alsufyani, S. Bourouis, Electronic Health
Record Monitoring System and Data Security
Using Blockchain Technology, Security and
Communication Network, Security and
Networking for Healthcare Information
Exchange and Storage in the Big Data
Ecosystem, Vol. 2022, Art. 2366632, 2022.
[12] R. Nivedhaa, J. Justus, A Secure Erasure
Cloud Storage System Using Advanced
Encryption Standard Algorithm and Proxy
Re-Encryption, Proceedings of the 2018 IEEE
International Conference on Communication
and Signal Processing, (ICCSP), 2018.
https://doi.org/10.1109/ICCSP.2018.8524257
[13] D. Girish Kumar, Rajashree V. Biradar, V. C.
Patil, Multiple Authority Based Data
Fragmentation Technique for Providing
Secure Storage in Cloud, International
Journal of Recent Technology and
Engineering, Vol. 8, No. 4, pp. 4822-4825,
2019.
[14] Q. Youssef, M. Yassine, A. Haqiq, Secure
Software Defined Networks Controller
Storage using Intel Software Guard
Extensions, International Journal of
Advanced Computer Science and
Applications, Vol. 11, No. 10, 2020.
[15] M. Khalilian, M. Fathi Ahmadsaraei, L.
Farajpour, Security threats and their
mitigation in big data recommender systems,
Big Data Recommender Systems: Algorithms,
Architectures, Big Data, Security and Trust,
2019.
[16] D. Godlove, Singularity: Simple, Secure
Containers for Compute-Driven Workloads,
Proceedings of the Practice and Experience in
Advanced Research Computing on Rise of the
Machines (Learning), Art. 24, pp. 1-4, 2019.
[17] A. Ayub, H. Yoo, I. Ahmed, Empirical Study
of PLC Authentication Protocols in Industrial
Control Systems, Proceedings - 2021 IEEE
Symposium on Security and Privacy
Workshops (SPW), 2021.
[18] O. Hammoud, I. Tarkhanov, A. Kosmarski,
An architecture for distributed electronic
documents storage in decentralized
blockchain B2B applications, Computers,
Vol. 10, No. 11, 2021.
https://doi.org/10.3390/computers10110142
[19] G. Kalaiarasi P. Geetha, M. Thamizharasi, R.
Reni Hena Helan, G. Abirami, Task Scheduler
of Sending Electronic Mails Automatically,
International Journal of Engineering and
Advanced Technology, Vol. 9, No. 4, pp.
1303-1306, 2020.
[20] A. L. Zolkin, A. N. Losev, D. V. Gridina, T.
G. Aygumov, Research of problems of
computer networks expert systems, IOP
Conference Series: Materials Science and
Engineering, Vol. 1047, No. 1, 012106, 2021.
[21] S. Hiremath, S. R. Kunte, Ensuring Cloud
Data Security using Public Auditing with
Privacy Preserving, Proceedings of the 3rd
International Conference on Communication
and Electronics Systems, (ICCES), pp. 1100-
1105, 2018.
[22] A. Brandão, J. S. Resende, R. Martins,
Employment of Secure Enclaves in Cheat
Detection Hardening, Lecture Notes in
Computer Science (including subseries
Lecture Notes in Artificial Intelligence and
Lecture Notes in Bioinformatics), 2020.
[23] N. A. Hassan, Data Hiding Techniques in
Windows OS - Data Hiding Techniques in
Windows OS, Syngress, 2017.
[24] W. Jianhong, Dynamic Programming in Data
Driven Model Predictive Control?, WSEAS
Transactions on Systems, Vol. 20, pp. 170-
177, 2021.
[25] R. Messier, Operating System Forensics,
Syngress, 2017.
[26] R. Fox, Linux with Operating System
Concepts, Chapman and Hall/CRC, 2021.
Creative Commons Attribution License 4.0
(Attribution 4.0 International, CC BY 4.0)
This article is published under the terms of the
Creative Commons Attribution License 4.0
https://creativecommons.org/licenses/by/4.0/deed.en
_US
WSEAS TRANSACTIONS on SYSTEMS
DOI: 10.37394/23202.2022.21.24
Nizomiddin Ochilov
E-ISSN: 2224-2678
232
Volume 21, 2022
