File Systems

From ForensicsWiki
Revision as of 11:35, 7 October 2010 by Dykstra (Talk | contribs)

Jump to: navigation, search

Conventional File Systems

Ext2, Ext3
Ext2 was introduced with Linux. Ext3 is a journaled version of Ext2 which allows for speedy disk recovery after a crash.
Originally used by MS-DOS. Includes FAT12 (for floppy disks), FAT16 and FAT32.
The Fast File System used by some BSD versions of UNIX and from which UFS was derived supporting faster disk access and symbolic links like ffs.
Used by Apple systems, it has been succeed by HFS+.
IBM's Journaled File System introduced with their flavor of UNIX (AIX)
The New Technology File System, introduced by Microsoft with Windows NT 4.0. Now used on Windows XP.
A journaling filesystem for Linux.
The Unix File System, introduced with UNIX.
SGI’s high performance journaling filesystem that originated on their IRIX (flavor of UNIX) platform. XFS supports variable blocking sizes, is extent based, and makes extensive use of Btrees to facilitate both performance and scalability. Additionally, support is also provided for real-time environments.

Cryptographic File Systems

Cryptographic file systems, also known as encrypted file systems, encrypt information before it is stored on the media. Some of these file systems store encrypted files directly. Others are better thought of as device drivers, which are then used to store some of the file systems discussed above.

File Vault
A clever user interface to Apple's encrypted disk images. Uses the ".sparseimage" extension on disk files.
Matt Blaze's Cryptographic File System for Unix.
Key Management in an Encrypting File System, Matt Blaze, USENIX Summer 1994 Technical Conference, Boston, MA, June 1994.
A Cryptographic File System for Unix, Matt Blaze, Proceedings of the First ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993.
EFS is the Encrypted File System built into versions of Microsoft Windows.
NCryptfs: A Secure and Convenient Cryptographic File System, Charles P. Wright, Michael C. Martino, and Erez Zadok, Stony Brook University, USENIX 2003 Annual Technical Conference.
Transparent Cryptographic File System.
Secure File System.

See also Full Disk Encryption, which are disk- or applicance-based cryptographic file systems.

Distributed File Systems

Distributed file systems, also known as network file systems, allow any number of remote clients to access one or more servers which store the files. The client nodes do not have direct access to the underlying block storage on the server(s), which are transparent to the clients and may include facilities for replication or fault tolerance.

The GoogleFS clone, built from a cluster of data nodes.
Originally from Sun, it is the standard in UNIX-based networks.

External Links