Improved File System Security through Restrictive Access

Abstract

Security is a prime concern in today's era of technology when dealing with digital data. Information is managed by the file system which is the core layer of security in an Operating System. Due to lack of security at this layer, private information can be accessed by an intruder or in case of theft data can be read via mounting it on to a mount point and accessing the information. Other layer which is of similar importance is the Shell. It is a command language interpreter that takes input from the standard input device and acts as an interface to execute commands. Restricting shell access to minimal commands gives an extra level of security to the Operating System. If a shell is not restricted, intruder can gain access to the system and is able to execute all the commands. Shell is so powerful that intruder may control the whole system to execute the malicious code. Another concern area of security is user authen- tication. When a user login into the system, it proves its authentication by providing username and password to a server. Then server will validate user-authentication by matching its credentials. If server gets hacked then all the credentials will be stolen by hacker that can be used by hacker to gain access of a system. In this research, we propose a modular framework to enhance the security of file system where one of the module create secure and restrictive shell with minimum privileges given to any user to execute small set of commands, other module includes authentication of user by login into server using ssh login key-pair and another module provides restrictive file system access by encrypting the file system.