D
D
DVoropaev2017-09-29 18:14:17
linux
DVoropaev, 2017-09-29 18:14:17

How to make a password system for accessing files?

The task on the subject "Information Security" sounds like this:
Develop a password system for accessing files.
This is how the teacher answered my question, what exactly is required in this task:
Develop a system that allows access to files only to those who own any secret information (password, key, etc.)
The task is not tied to any either the system, but the way I have linux, I will do it under linux.
I have several options on how to implement this:
1) Create a folder, configure access rights to it. - too easy for a 4th year student.
2) Encrypting files is also not suitable (there is a separate task dedicated to this).
3) Encrypt files and sign with EDS - yes, only those who know the password can read it, you can also check that only the owner edited it. But it is still possible to spoil an attacker.
more or less adquate (interesting) idea:
Create a folder, forbid all access to it, even for reading. Write a demon that guards it (encrypt / decrypt / change rights). To gain access, you need to insert a USB flash drive on which the key is written.
The daemon checks this key, opens access and decrypts the folder (by the way, how to do it quickly so that the user does not have to wait until 10 gigs are decrypted).
How could you do such a task?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
A
athacker, 2017-09-29
@athacker

The description includes a classic crypto container. If you know the password, you can mount it and access the files. You don't know - you walk by.

X
Xapu3ma, 2017-09-29
@Xapu3ma-NN

1)Create a folder, configure access rights to it. - too easy for a 4th year student.

Does it affect the rating? If not, make it as easy as possible. =)

L
Ltonid, 2017-09-30
@AtaZ

Protection against damage was and will be only one. In modern version control systems, a new copy of the file (full or differential is not the essence) is simply created and work is carried out in it, until some event of deleting old copies.
access to all this can be at least a password, at least a physical key, in any case, you can see who touched the file and why.
Encryption is sometimes a useful thing, but most often it does not play a big role in storing files. to steal information, you can always take a picture of the monitor screen (your own, neighbor, director).
If you really want to show off or pull yourself up, keep up with the times: a fingerprint scanner, an iris scanner, or a trite smartphone application that reads a QR code, after which the document opens.

J
just_hank_moody, 2017-10-01
@just_hank_moody

The cryptsetup utility basically allows you not to write your own daemon.
There, it is enough to select a disk partition that will be encrypted. You can then create multiple keys to open the same file.
Or do it according to the principle - 1 user has his own section plus 1 access key + 1 master administrator key.
https://losst.ru/encryption-diskov-v-linux

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question