a) CFS provides a simple mechanism to protect data written to disks and sent to networked file servers.
b) The performance of CFS on modern workstations appears to be within a range that allows its routine use.
Shortcomings of this technique are as follows:
Cryptographic file systems is tailored toward single-user workstations and rely on user-supplied passwords for data encryption [45]. This technique is not favorable for Cloud systems as Cloud systems involve distributed nature of network of servers where data is to be stored and these servers will be used by multiple users. Moreover, use of only passwords for data security is strongly prohibited; because, most common attack on such systems is brute force attack especially due to users’ tendency of keeping passwords simple and memorable [48,49,50]. Hence this method is not recommended.
2.2.5 Secure Network Attached Disks (SNAD)
In [42], description about SNAD is reported. SNAD is the system for protecting data on network-attached disks. The basic mechanism behind SNAD is to encrypt all data at the client and give the server sufficient information to authenticate the writer and the reader sufficient information to verify the end-to-end integrity of the data. …show more content…
In other words, identical data access permissions are given to groups of users, and any user who can prove group membership is authorized to access data based on the group permissions. Group sharing reduces the total number of keys to be stored and distributed in the system. These group keys are typically used to secure the symmetric keys used for data encryption. Cryptographically secure hashing and digital signatures have been used to provide data integrity. The SAN entities can actively enforce data security policies by encrypting and decrypting on-the-fly blocks of data that are written to, or read from, the storage