Content deleted Content added
correct misunderstood statement about access control/public-key crypto; full disk encryption can do incremental backups as well |
ParanoidMike (talk | contribs) Updated understanding of individual file management - difference between FDE and F-LE is the encrypted files can individually be addressed |
||
Line 3:
The advantages of filesystem-level encryption include:
* flexible file-based [[key management]], so that each file can and usually is encrypted with a separate encryption key
* individual management of encrypted files e.g. incremental backups of the individual changed files even in encrypted form, rather than backup of the entire encrypted volume
* [[access control]] can be enforced through the use of [[public-key cryptography]], and
* the fact that [[key (cryptography)|cryptographic keys]] are only held in memory while the file that is decrypted by them is held open.
| |||