Los ntawm Deb Shinder nrog kev tso cai los ntawm WindowSecurity.com
Lub peev xwm los encrypt cov ntaub ntawv - ob qho tag nrho cov ntaub ntawv hauv transit (siv IPSec ) thiab cov ntaub ntawv khaws tseg rau hauv disk (siv Encrypting Cov Ntaub Ntawv System ) tsis muaj kev xav tau rau tus neeg sab nrauv software yog ib qhov zoo tshaj plaws ntawm qhov rais 2000 thiab XP / 2003 dhau Microsoft operating systems. Txawm li cas los xij, ntau tus neeg siv lub tshuab tsis siv cov kev pabcuam tshiab lossis, yog tias lawv siv lawv, tsis txhob nkag siab lawv ua li cas, lawv ua haujlwm li cas, thiab cov kev coj ua haujlwm zoo tshaj plaws los ua rau lawv feem ntau. Hauv tsab ntawv no, kuv mam li tham txog EFS: nws siv, nws cov vulnerabilities, thiab nws yuav haum li cas rau hauv koj lub phiaj xwm kev ruaj ntseg network tag nrho.
Lub peev xwm los encrypt cov ntaub ntawv - ob qho tag nrho cov ntaub ntawv hauv transit (siv IPSec) thiab cov ntaub ntawv khaws tseg rau hauv disk (siv Encrypting Cov Ntaub Ntawv System) tsis muaj kev xav tau rau tus neeg sab nrauv software yog ib qhov zoo tshaj plaws ntawm qhov rais 2000 thiab XP / 2003 dhau Microsoft operating systems. Txawm li cas los xij, ntau tus neeg siv lub tshuab tsis siv cov kev pabcuam tshiab lossis, yog tias lawv siv lawv, tsis txhob nkag siab lawv ua li cas, lawv ua haujlwm li cas, thiab cov kev coj ua haujlwm zoo tshaj plaws los ua rau lawv feem ntau.
Kuv tham txog kev siv IPSec hauv ib qho xwm txheej dhau los; hauv tsab xov xwm no, kuv xav tham txog EFS: nws siv, nws cov vulnerabilities, thiab nws yuav haum li cas rau hauv koj lub phiaj xwm kev ruaj ntseg network tag nrho.
Lub hom phiaj ntawm EFS
Microsoft tsim EFS los muab ib qho tseem ceeb raws li kev siv tshuab uas yuav ua tau raws li "kev tiv thaiv kab dhau los" los tiv thaiv koj cov ntaub ntawv khaws tseg los ntawm cov tub sab. Yog tias muaj kev sib tw hacker dhau los ua lwm yam kev ruaj ntseg - ua rau nws dhau los ntawm koj qhov kev lag luam (lossis kev siv lub tshuab computer), ua kom kev nkag tau mus rau kev tswj cai - EFS tseem tuaj yeem tiv thaiv nws los ntawm kev nyeem cov ntaub ntawv hauv encrypted daim ntawv. Qhov no yeej muaj tseeb tshwj tsis yog tus neeg nkag mus nkag tau rau ntawm tus neeg siv cov ntaub ntawv (encrypted) (los yog, nyob hauv Windows XP / 2000, lwm tus neeg siv nrog tus neeg siv uas tau sib koom siv).
Muaj lwm txoj hau kev ntawm encrypting cov ntaub ntawv ntawm lub disk. Muaj ntau tus neeg siv khoom software ua cov ntaub ntawv encryption cov khoom siv uas tau siv nrog ntau lub hauv paus ntawm qhov rais. Cov no muaj xws li ScramDisk, SafeDisk thiab PGPDisk. Qee cov ntawm no siv kev faib theem-qib encryption los ua ib lub tshuab drive encrypted, uas tag nrho cov ntaub ntawv khaws cia rau hauv qhov muab faib los yog hauv qhov kev tsav tsheb yuav tau encrypted. Lwm tus siv cov ntaub ntawv qib encryption, uas koj yuav encrypt koj cov ntaub ntawv rau ntawm ib daim ntawv-raws-ntaub ntawv tsis hais qhov twg lawv nyob. Qee hom kev siv no siv ib lo lus zais los tiv thaiv cov ntaub ntawv; qhov password nkag yog thaum koj encrypt cov ntaub ntawv thiab yuav tsum tau sau dua rau decrypt nws. EFS siv cov ntawv pov thawj uas txuam nrog ib tus neeg siv nyiaj los txiav txim siab thaum twg cov ntaub ntawv tuaj yeem kho tau.
Microsoft tsim EFS los ua neeg siv-phooj ywg, thiab nws yog qhov tseeb pob tshab rau tus neeg siv. Encrypting ib cov ntaub ntawv - los sis tag nrho cov nplaub tshev - yog ib qho yooj yim uas kos lub checkbox hauv cov ntaub ntawv los sis cov nplaub tshev Advanced Tej Chaw.
Nco ntsoov tias EFS encryption tsuas muaj rau cov ntaub ntawv thiab cov folders uas yog nyob rau ntawm NTFS-formatted drives . Yog tias tus tsav teeb tsa hauv FAT lossis FAT32, yuav tsis muaj "Advanced Button" nyob rau hauv daim ntawv Cov Khoom. Tseem nco ntsoov tias txawm tias cov kev xaiv kom hlob los yog encrypt ib cov ntaub ntawv / nplaub tshev muaj nyob hauv lub interface li checkboxes, lawv yeej ua haujlwm zoo li kev xaiv nyees khawm; qhov ntawd yog, yog tias koj kos ib qho, qhov tod tsis tau kuaj xyuas. Ib daim ntawv lossis nplaub tshev tsis tuaj yeem raug encrypted thiab compressed tib lub sijhawm.
Thaum cov ntaub ntawv lossis daim nplaub tshev yog encrypted, tsuas pom qhov sib txawv yog tias encrypted ntaub ntawv / folders yuav qhia rau Explorer txawv xim, yog lub checkbox los Show encrypted los compressed NTFS ntaub ntawv nyob rau hauv cov xim xaiv hauv nplaub tshev Options (configured ntawm cov cuab yeej | Sis xaiv saib | Saib tab hauv Windows Explorer).
Tus neeg siv uas encrypted daim ntawv yeej tsis tau txhawj txog decrypting nws mus saib nws. Thaum nws qhib nws, nws tau txais thiab daim ntawv thov decrypted - kom ntev li thaum tus neeg siv tso tawm nrog tib tus neeg siv nyiaj thaum nws tau encrypted. Yog tias lwm tus neeg tau sim mus saib nws, txawm li cas los xij, daim ntawv yuav tsis qhib thiab cov lus yuav qhia rau tus neeg siv tias kev nkag yog tsis pom zoo.
Dab tsi yog mus rau hauv Hood?
Txawm hais tias EFS zoo nkaus li yooj yim rau cov neeg siv, nws muaj ntau heev nyob rau hauv lub hood ua qhov no tag nrho cov tshwm sim. Ob yam zoo li (qhov tseem ceeb zais) thiab asymmetric (pej xeem yuam) encryption siv nrog ua kom zoo dua ntawm cov kev pab thiab cov tsis zoo ntawm txhua.
Thaum tus neeg pib siv EFS los encrypt ib cov ntaub ntawv, tus account tus account yog ib qho khoos phis (pej xeem yuam thiab tus kheej qhov tseem ceeb), yog tsim los ntawm cov kev pab cuam daim ntawv pov thawj - yog muaj CA tau muab tso rau hauv lub network - lossis nws tus kheej kos npe los ntawm EFS. Cov pej xeem yuam yog siv rau kev muab encryption thiab tus kheej qhov tseem ceeb yog siv rau decryption ...
Yog xav nyeem tag nrho cov duab thiab pom cov duab zoo meej rau cov Nuj Zus nias ntawm no: Qhov EFS Haum rau hauv koj Txoj Kev Npaj Kho Mob (Security Plan).