Content deleted Content added
GiantSnowman (talk | contribs) m →Cryptographic file systems: clean up using AWB |
Added "Types of filesystem-level encryption" overview. Added a {{fact]} request. |
||
Line 1:
{{Unreferenced|date=July 2009}}
'''Filesystem-level encryption''', often called [[file/folder encryption]], is a form of [[disk encryption]] where individual files or directories are [[encryption|encrypted]] by the [[file system]] itself. This is in contrast to [[full disk encryption]] where the entire partition or disk, in which the file system resides, is encrypted.
Types of filesystem-level encryption include:
* the use of a 'stackable' '''cryptographic filesystem''' layered on top of the main file system
* a single ''general-purpose'' file system with encryption
The advantages of filesystem-level encryption include:
* flexible file-based [[key management]], so that each file can be and usually is encrypted with a separate encryption key{{fact}}
* individual management of encrypted files e.g. incremental backups of the individual changed files even in encrypted form, rather than backup of the entire encrypted volume{{clarify|how it differs from a _non-crypto_ incremental-backup, please... and the purpose (e.g. importance of backing up to another encrypted physical-disk so data remains secure but a lost token, lost disk, etc doesn't make the data irretrievable?)|date=January 2011}}
* [[access control]] can be enforced through the use of [[public-key cryptography]], and
| |||