Re: [LI] Information on security desired...

[samir agrawal <samira@xxxxxxxxxx>]

hi,
your problem set me thinking and thought this should not be that
difficult. I am not sure something like this exists butI am sure a file
system withthe following capabilties can be implemented rather easily.
assuming you are familiar with public key cryptography - simply stated
there are two keys, one public known to everybody and a private one only
known to you. the nice thing is that they are symmetric in the sense that
messages encrypted with your public key can only be decrypted using your
private key only and vice versa.

so here is my idea.

1. Give every user a public and private key.

2. All data on the disk belonging to a user is encrypted using his public
key.

3. when a user wants to access a file he will need his private key to
access it.

now there are issues related to key management, like how are sessions and
session key managed so that the root or some other user get hold of the
key while you are using it.

I do not know of an implementation, but I think all this is very much
possible technically.

comments !

samir

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.