Cryptographic File Systems in Windows NT

Paper Summary:

This proposal discusses the pervasive adoption of virtual private networks (VPNs) as requiring more organizations to integrate systems, data warehouses and compute-intensive processes together to ensure remote employees, managers, suppliers, and customers have access to the information they need. In many IT architectures the need to integrate with the Windows NTFS Version 3.0, also called the Encrypting File System (EFS) and VPN architectures is becoming commonplace. The intent of this research proposal evaluates the performance of Windows NT-based servers running the NTFS 3.0 with full EFS functionality enabled in a series of benchmarks that replicate actual employee, supplier, and customer work processes. The NetIO and NAS performance benchmarks are used as the basis of comparison.

Outline:
Synopsis
The Role of NTFS 3.0 in the Windows NT Architecture
Technical Comparative Analysis of IPSEC vs. SSL-based VPN
Summary

From the Paper:

"Comparing the protocols relative to the topologies supported security models used for both session authentication and confidentiality are critical to the security of both IPSEC and SSL-based VPNs. In addition, the major differences in how Quality of Service (QoS) and Service Level Agreements (SLAs) are managed are also highly dependent on the configuration of EFS with both IPSEC and SSL protocols in a VPN environment. The scalability aspects of each protocol are also compared in Table 1 below, in addition to both site-to-site and remote access support from a management perspective is included.
"Provisioning and service deployment as part of VPN management is also included in Table 1. Differences in VPN Client support and transparency are also profiled. Table 1, Technical Analysis of Differences between IPSec and SSL highlight the differences on each of these technical dimensions. The key differences center on scalability and transparency to the user. Scalability of SSL is entirely dependent on the underlying Internet traffic, while in IPSec, through optimized routing of point-to-point connections including the use of algorithms are used to maximize speed."

Sample of Sources Used:

• M. Corporation. Encrypting File System for Windows 2000. White Paper, July 1999.
• M. Corporation. Encrypting file system in Windows XP and Windows Server 2003, August 2002.
• E. Goh, H. Shacham, N. Modadugu, and D. Boneh: SiRiUS: Securing Remote Untrusted Storage. In Proceedings of the Tenth Network and Distributed Systems Security (NDSS) Symposium, pages 131-145, February 2003.

More papers on Cryptographic File Systems in Windows NT:

• Essay # 67703 : "Windows File Systems"
• Research Paper # 73192 : "Distributed File Systems"
• Essay # 90314 : "UNIX vs Windows NT"

APA Citation:

MLA Citation: