Key management

In the design of TCFS we have decided to keep key management issues separated from the actual cryptographic filesystem. In the two implementations of TCFS for Linux and BSD-like kernels, TCFS provides a simple interface to pass key to the kernel (by ad-hoc ioctl calls, or by upgrading the filesystem mounting). On top of this basic key-management primitive more sophisticated key management schemes can be built. As part of the TCFS project we have implemented three key management schemes that we termed the Raw, the Basic and the Kerberized Key Management Scheme that we briefly review in the rest of the section. TCFS can perform key management at different levels: at the process level in the sense that each process has its own key to access the TCFS filesystem; at the user level in the sense that each user has its own key and all processes with the same uid use the same key. Moreover, TCFS provides a simple threshold mechanism for sharing files in a group of users.