Basic Ideas
As long as the operating system is running on a system, access to the files will have to go through OS-controlled user authentication and access control lists. If an attacker gains physical access to the computer, however, this barrier can be easily circumvented. One way would be to remove the disk and put it in another computer with an OS installed that can read the filesystem, or simply reboot the computer from a boot CD containing an OS that is suitable to access the local filesystem.
The most widely accepted solution is to store the files encrypted on the physical media (disks, USB pen drives, tapes, CDs and so on).
In the Microsoft Windows family of operating systems EFS enables this measure, although on NTFS drives only, and does so using a combination of public key cryptography and symmetric key cryptography to make decrypting the files extremely difficult without the correct key.
However, the cryptography keys for EFS are in practice protected by the user account password, and are therefore susceptible to most password attacks. In other words, encryption of files is only as strong as the password to unlock the decryption key.
Read more about this topic: Encrypting File System
Famous quotes related to basic ideas:
“It is a strange fact that freedom and equality, the two basic ideas of democracy, are to some extent contradictory. Logically considered, freedom and equality are mutually exclusive, just as society and the individual are mutually exclusive.”
—Thomas Mann (1875–1955)