Lines Matching +full:inter +full:- +full:data

1 # eStoraged Design - Encrypted Secondary Storage Management Daemon
7 - John Broadbent <jebr@google.com>
8 - Benjamin Fair <benjaminfair@google.com>
9 - Nancy Yuenn <yuenn@google.com>
16 encapsulating the security functionality and providing a D-Bus interface to
17 manage the encrypted filesystem on the device. Using the D-Bus interface, other
30 uses the [dm-crypt](https://en.wikipedia.org/wiki/Dm-crypt) kernel subsystem.
31 Dm-crypt provides the encryption and device mapping capability, and Cryptsetup
34 change the password without re-encrypting the entire device.
41 [JEDEC standard JESD84-B51A](https://www.jedec.org/document_search?search_api_views_fulltext=jesd84…
43 …/Unlock Feature in Linux](https://media-www.micron.com/-/media/client/global/documents/products/te…
47 - Volume key: The main encryption key used to encrypt the data on the block
49 - Encryption Password: The password needed to load the volume key into RAM and
51 - Device Password: The password to lock or unlock the device hardware.
57 - Create a new LUKS encrypted filesystem on the device
58 - Securely wipe the device and verify that the data was wiped
59 - Lock the device
60 - Unlock the device
61 - Change the password
65 - Generate a volume key using a random number generator with enough entropy,
67 - Utilize any security features provided by the hardware (as a defense-in-depth
69 - Use interfaces that are generic enough, so that they can be extended to
85 eStoraged will represent each eMMC device as an object on D-Bus that implements
88 - (method) Format
89 - (method) Erase
90 - (method) Lock
91 - (method) Unlock
92 - (method) Change Password
93 - (property) Locked
94 - (property) Status
96 Upon startup, eStoraged will create a D-Bus object for each eMMC device in the
117 [mmc utils](https://git.kernel.org/pub/scm/utils/mmc/mmc-utils.git/) does.
120 but at the very least, encryption-only locking will be available, even if
133 Since some of the D-Bus methods may take a while (e.g. installing a new
134 encrypted filesystem), the D-Bus interface will be asynchronous, with the
136 error, or in-progress.
142 [systemd-cryptsetup@.service](https://www.freedesktop.org/software/systemd/man/systemd-cryptsetup@.…
145 using D-Bus as the primary form of inter-process communication. In addition,
146 using a daemon with a well-defined D-Bus interface keeps the security
149 Another related piece of software is UDisks2, which also exports a D-Bus object
152 …http://storaged.org/doc/udisks2-api/latest/gdbus-org.freedesktop.UDisks2.Block.html#gdbus-method-o…
154 and ChangePassphrase. See the D-Bus interface
155 [org.freedesktop.UDisks2.Encrypted](http://storaged.org/doc/udisks2-api/2.7.5/gdbus-org.freedesktop…
163 that manages the password and invokes the D-Bus API for eStoraged. Since the
169 - Unit tests to validate the various code paths in eStoraged.
170 - Regression tests will exercise the various D-Bus methods: encrypt, erase,