Content deleted Content added
HFS Plus does not support encrypted files - only encrypted disk images (.dmg) |
Expansion |
||
Line 1:
'''Filesystem-level encryption''', is a form of [[disk encryption]] where individual files or directories are [[encryption|encrypted]] by the [[file system]], in contrast to [[full disk encryption]] where the entire partition or disk, where the file system resides, is encrypted.
The advantages of filesystem-level encryption include more flexible file-based [[key management]] and [[access control]] with [[public-key encryption]] and the fact that [[key (cryptography)|cryptographic keys]] are only kept in memory while a file using them is opened.
==Generic filesystems with file encryption== Unlike cryptographic filesystems and full disk encryption, generic filesystems with filesystem-level encryption Notable filesystems that support this kind of encryption include the [[Encrypting File System]] layer of [[NTFS]].
==Cryptographic filesystems==
Cryptographic filesystems are special purpose file systems that are specifically designed with encryption and security in mind. They usually encrypt all the data they contain – including metadata. Instead of implementing an on-disk format and their own [[block allocation]], these filesystems are often layered on top of existing filesystems, residing in a directory for example. Many such filesystems also offer advanced features, such as [[deniable encryption]], cryptographically secure read-only [[file system permissions]] and different views of the directory structure depending on the key used.
==See also==
| |||