How to lock a folder on a USB drive?
I have a requirement to implement a feature (in C#) to lock a folder on a USB drive. After locking, in any PC without my software, this folder is inaccessible (or better invisible). I have tried using ACL (Access Control List) but it does not work on USB.
My original requirement is that "Do not allow people to see the content of a folder on a USB drive without my software. When the user logs into my software, this folder is accessible and when the user logs out, my software has to do something to make sure this folder becomes inaccessible on other PCs". This leads me to think about locking the USB folder.
I already tried a work around to zip the folder (not compress) with a password but开发者_JAVA百科 zipping takes time (about 2 minutes for 1 Gb). So if I have a large amount of data (100 GB) it takes too long to process (The software has to process this when doing logging out).
For the data to be inaccessible, you would need to create an encrypted container which your program would represent as a virtual folder on existing disk or a virtual disk (drive letter). The first is possible with Pismo File Mount, the second - with our product (Solid File System OS edition). Both approaches require installation of the kernel-mode driver to the system. This is not an application requirement but OS architecture requirement.
From technical point of view our approach is more robust because Pismo File Mount uses a filter driver, while SolFS uses a file system driver and filter drivers are more complicated and more prone to compatibility issues (we have filter-based product as well, so I have experience with both approaches).
(Note: TrueCrypt has nothing to do with C#. So that isn't applicable here.)
Have you had a look at TrueCrypt?
In general you shouldn't try to reinvent the wheel, especially with security requirements. This is a heavy topic and messing around with the file system on your own should be the last option to consider.
TrueCrypt uses two different modes of operation:
- File-hosted (container)
- Partition/device-hosted
Note: In addition to creating the above types of virtual volumes, TrueCrypt can encrypt a physical partition/drive where Windows is installed (for more information, see the chapter System Encryption).
A TrueCrypt file-hosted volume is a normal file, which can reside on any type of storage device. It contains (hosts) a completely independent encrypted virtual disk device.
A TrueCrypt partition is a hard disk partition encrypted using TrueCrypt. You can also encrypt entire hard disks, USB hard disks, USB memory sticks, and other types of storage devices.
I have used this software before, which is open source, so you might get something out of it. http://www.truecrypt.org/
However, I think it works at the partition level rather than the drive level (I think it formats the partition using its own file system).
精彩评论