Keypad: An Auditing File System for Theft-Prone Devices

摘要

This paper presents Keypad, an auditing file system for theft-prone devices, such as laptops and USB sticks. Keypad provides two important properties. First, Keypad supports finegrained file auditing: a user can obtain explicit evidence that no files have been accessed after a device's loss. Second, a user can disable future tile access after a device's loss, even in the absence of device network connectivity. Keypad achieves these properties by weaving together encryption and remote key storage. By encrypting files locally but storing encryption keys remotely, Keypad requires the involvement of an audit server with every protected file access. By alerting the audit server to refuse to return a particular file's key, the user can prevent new accesses after theft. We describe the Keypad architecture, a prototype implementation on Linux, and our evaluation of Keypad's performance and auditing fidelity. Our results show that Keypad overcomes the challenges posed by slow networks or disconnection, providing clients with usable forensics and control for their (increasingly) missing mobile devices.