磁盘加密
磁盘加密(英语:Disk encryption)是一种通过将信息转换为无法识别的编码来保护信息的技术,这些编码无法被未经授权的人轻易破译,最终防止未经授权访问数据存储。磁盘加密使用磁盘加密软件或硬件来加密磁盘或磁盘卷上的每一位数据。
术语全磁盘加密(英语:full disk encryption,FDE)表示磁盘上的所有内容都已加密,但主引导记录(MBR)或类似区域是未加密的。一些基于硬件的全磁盘加密可以真正加密整个启动盘,包括MBR。不过基于硬件的磁盘加密也出现过密钥可提取等安全问题。[1]
参见条目
参考文献
- ^ Microsoft's Bitlocker compromised by bad SSD encryption. Engadget. 2018-11-06 [2018=9-02-19]. (原始内容存档于2019-02-19).
延伸阅读
- Casey, Eoghan; Stellatos, Gerasimos J. The impact of full disk encryption on digital forensics. Operating Systems Review. 2008, 42 (3): 93–98. doi:10.1145/1368506.1368519.
外部链接
- Presidential Mandate requiring data encryption on US government agency laptops (页面存档备份,存于互联网档案馆)
- On-The-Fly Encryption: A Comparison – Reviews and lists the different features of disk encryption systems (archived version from January 2013)
- All about on-disk/full-disk encryption on one page – covers the use of dm-crypt/LUKS on Linux, starting with theory and ending with many practical examples about its usage (archived version from September 2015).
- Buyer's Guide to Full Disk Encryption (页面存档备份,存于互联网档案馆) – Overview of full-disk encryption, how it works, and how it differs from file-level encryption, plus an overview of leading full-disk encryption software.