Enterprise Network Security has been paid more and more attention. Not only has the Internet gradually strengthened its defense technology against enterprise networks, but also has been developing Intranet security in China for four years. Users and the market constantly improve and expand their understanding of user security, and the Intranet security technology is also being re-recognized. The Intranet security data encryption technology is a key project of enterprise data security, this article will show you more and more in-depth analysis.
1. Development History of Intranet Security Technology
In the early days, Intranet security technology was limited to terminal monitoring and auditing technologies, and simple control and monitoring of terminal peripherals, applications, and network resources are provided. At present, Intranet security technology is a permanent solution. In the second phase of Intranet security, data confidentiality is the main objective, and encryption technology is gradually recognized as the fundamental solution to Intranet security, this product is an Intranet security data encryption technology product with encryption technology as the core. This type of Intranet security product is different from the monitoring and auditing product, and tries to fundamentally solve the problem of Intranet security data confidentiality.
Summary of the Data Encryption technology in the Intranet security market, which is divided into two types: file encryption technology and disk encryption technology. In this article, chinasec Intranet security experts analyze and compare the advantages and disadvantages of these two technologies.
2. document encryption technology
Document encryption technology is currently the most widely used Intranet security data encryption technology product. It is widely used mainly because of its simple technology, short development cycle, and high user acceptance for the first time. The principle of document encryption technology is to encrypt the data of specific files by establishing the Association between application processes and corresponding files. A relatively complete document encryption product mainly uses the following technologies:
1) establish the association between application processes and their corresponding files. Process names or process feature summary comparisons are usually used to identify processes, and suffix names or other feature identification methods are used for files;
2) use the File redirection technology to temporarily cache files for files to be encrypted, so as to gain control over the saving and encryption of files;
3) controls shortcut keys such as clipboard, printing, and Screen Copy to control file content-level replication.
Check the previous technology and we can see that the core of file document encryption technology is to implement encryption Control Based on application processes. Its advantages are as follows:
1) The deployment is simple and does not need to change the user's operation habits or the user's application environment;
2) the technology is simple and only involves process File Association technology, temporary file redirection technology, and upper-layer Hook Technology;
3) The concept is clear and easy to understand and accept.
However, due to the technical path used by the file documentation) encryption technology, the seemingly beautiful shortcomings are hidden from many security and stability risks, including the following:
1) Whether files are encrypted is mainly based on the association between application processes and files. security systems are closely related to applications. For complex application environments, such as production design and software design industries, security system deployment is very poor. Due to the complexity of user applications, application upgrades, or the increase of applications, such Intranet security products need to be re-developed, this poses great restrictions and instability risks to the user environment.
2) The use of the temporary cache file Technology for file redirection results in security vulnerabilities and reduced efficiency. On the one hand, because temporary cached files exist in plaintext on the hard disk, it is easy to use public file monitoring tools to find and copy the temporary files, resulting in invalid encryption mechanism; on the other hand, when a temporary cached file is used, it is equivalent to repeating two read/write operations on the hard disk, resulting in a 50% reduction in efficiency, which is especially unacceptable for large files.
3) because many Hook technologies are used in the application process, clipboard, printing control, and other shortcut keys, conflicts with anti-virus software may easily occur, resulting in system instability, affects normal use of users, while Hook technology may also lead to a reduction in the efficiency of the use of the system.
3. disk encryption technology
Compared with document encryption, disk encryption is an encryption technology that is used at the disk sector level. Generally, this technology has nothing to do with upper-layer applications. It only encrypts or decrypts data in special disk areas, the main technologies used are as follows:
1) encrypt or decrypt the data written to the disk in the Data Confidentiality area;
2) allow or prohibit read/write operations on the original disk data in non-confidential areas as required.
3) assists other system control technologies to encrypt and protect classified data.
It can be seen from the core content of the disk encryption technology that, because it only encrypts the disk in a specific area, it has the characteristics unrelated to the application, the Intranet Security System Based on this disk encryption technology has the following advantages: 1) It is independent of applications and is compatible with various complex application environments. It supports application upgrades and changes, product-level secondary development is not required for specific applications, so stability and availability are ensured. 2) because the temporary file technology is not used, the number of file reads and writes will not increase, this ensures that the system usage efficiency is not significantly reduced.
However, because the disk encryption technology only protects specific file storage areas and lacks the ability to determine the confidentiality of files, the Intranet security product developed based on this technology is, it also has the following features: 1) because the disk encryption technology requires restrictions on the storage areas of files, it will inevitably have a certain impact on the use of the environment, when deployment is required, adjust the use environment; 2) a single disk encryption technology cannot prevent file leaks through the network or other channels, a mature Intranet security product based on this technology, it is necessary to integrate network control and other technologies, making it difficult to develop Intranet security products and taking a long time.
4. Summary
To sum up, file documentation) encryption technology and disk encryption technology, as the current Intranet security data encryption technology, have their own strengths. The disadvantage of document encryption technology is that it cannot adapt to complex application environments, there are irreparable security vulnerabilities, and the decline in system efficiency is obvious. The disadvantage of disk encryption technology is that it needs to adjust the user's application environment.