General-purpose File Systems With Encryption
Unlike cryptographic file systems or full disk encryption, general-purpose file systems that include filesystem-level encryption do not typically encrypt file system metadata, such as the directory structure, file names, sizes or modification timestamps. This can be problematic if the metadata itself needs to be kept confidential. In other words, if files are stored with identifying file names, anyone who has access to the physical disk can know which documents are stored on the disk, although not the contents of the documents.
One exception to this is the encryption support being added to the ZFS filesystem. Filesystem metadata such as filenames, ownership, ACLs, extended attributes are all stored encrypted on disk. The ZFS metadata about the storage pool is still stored in the clear so it is possible to determine how many filesystems (datasets) are available in the pool and even which ones are encrypted but not what the content of the stored files or directories are.
Read more about this topic: Filesystem-level Encryption
Famous quotes containing the words file and/or systems:
“I have been a soreheaded occupant of a file drawer labeled “Science Fiction” ... and I would like out, particularly since so many serious critics regularly mistake the drawer for a urinal.”
—Kurt Vonnegut, Jr. (b. 1922)
“No civilization ... would ever have been possible without a framework of stability, to provide the wherein for the flux of change. Foremost among the stabilizing factors, more enduring than customs, manners and traditions, are the legal systems that regulate our life in the world and our daily affairs with each other.”
—Hannah Arendt (1906–1975)