Kudelski Security, wani kamfani ne da ya ƙware kan binciken tsaro, ya buga tsarin fayil ɗin Oramfs tare da aiwatar da fasahar ORAM (Mashin Samun Gaggawa), wanda ke rufe tsarin samun bayanai. Aikin yana ba da shawarar tsarin FUSE don Linux tare da aiwatar da tsarin tsarin fayil wanda baya ba da izinin bin tsarin ayyukan rubutu da karantawa. An rubuta lambar Oramfs a cikin Rust kuma tana da lasisi ƙarƙashin GPLv3.
Fasahar ORAM ta ƙunshi ƙirƙirar wani Layer ban da ɓoyewa, wanda baya barin mutum ya tantance yanayin ayyukan da ake yi a yanzu lokacin aiki tare da bayanai. Misali, idan an yi amfani da boye-boye yayin adana bayanai a cikin sabis na ɓangare na uku, masu wannan sabis ɗin ba za su iya gano bayanan da kansu ba, amma suna iya tantance waɗanne tubalan da aka isa da kuma ayyukan da ake yi. ORAM yana ɓoye bayanai game da waɗanne sassa na FS ake shiga da kuma irin aikin da ake yi (karantawa ko rubutu).
Oramfs yana ba da tsarin tsarin fayil na duniya wanda ke ba ku damar sauƙaƙe tsarin ma'ajiyar bayanai akan kowane ma'ajiyar waje. Ana adana bayanan sirri tare da ingantaccen zaɓi. ChaCha8, AES-CTR da AES-GCM algorithms za a iya amfani da su don ɓoyewa. Ana ɓoye alamomin rubutu da damar karantawa ta amfani da tsarin ORAM na Hanyar. A nan gaba, ana shirin aiwatar da wasu tsare-tsare, amma a halin yanzu, ci gaban har yanzu yana kan matakin samfur, wanda ba a ba da shawarar yin amfani da shi a cikin tsarin samarwa ba.
Ana iya amfani da Oramfs tare da kowane tsarin fayil kuma baya dogara da nau'in ma'ajin waje na waje - yana yiwuwa a daidaita fayiloli zuwa kowane sabis ɗin da za'a iya sakawa a cikin hanyar jagorar gida (SSH, FTP, Google Drive, Amazon S3). , Dropbox, Google Cloud Storage, Mail.ru Cloud, Yandex.Disk da sauran ayyuka da aka goyan bayan rclone ko wanda akwai FUSE modules don hawa). Ba a gyara girman ma'ajiyar kuma idan ana buƙatar ƙarin sarari, ana iya ƙara girman ORAM a hankali.
Kafa Oramfs ya sauko don ayyana kundayen adireshi biyu - na jama'a da masu zaman kansu, waɗanda ke aiki azaman sabar da abokin ciniki. Jagorar jama'a na iya zama kowane kundin adireshi a cikin tsarin fayil na gida wanda aka haɗa zuwa ma'ajiyar waje ta hanyar hawa su ta hanyar SSHFS, FTPFS, Rclone da kowane nau'ikan FUSE. Oramfs FUSE module ne ya samar da kundin adireshi mai zaman kansa kuma an tsara shi don yin aiki kai tsaye tare da fayilolin da aka adana a cikin ORAM. Fayil ɗin hoton ORAM yana cikin kundin adireshi na jama'a. Duk wani aiki tare da kundin adireshi mai zaman kansa yana rinjayar yanayin wannan fayil ɗin hoton, amma wannan fayil yana kallon mai kallo na waje kamar akwatin baƙar fata, canje-canje waɗanda ba za a iya haɗa su da aiki a cikin kundin adireshin masu zaman kansu ba, gami da ko an yi aikin rubutu ko karantawa. .
Ana iya amfani da Oramfs a wuraren da ake buƙatar mafi girman matakin sirri kuma ana iya yin sadaukarwa. Aiki yana raguwa saboda kowane aikin ajiya, gami da ayyukan karatun bayanai, yana haifar da sake gina tubalan a cikin hoton tsarin fayil. Misali, karanta fayil 10MB yana ɗaukar kusan daƙiƙa 1, kuma 25MB yana ɗaukar daƙiƙa 3. Rubuta 10MB yana ɗaukar daƙiƙa 15, kuma 25MB yana ɗaukar daƙiƙa 50. A lokaci guda, Oramfs yana kusan sau 9 sauri lokacin karantawa kuma sau 2 cikin sauri lokacin rubutu idan aka kwatanta da tsarin fayil na UtahFS, wanda Cloudflare ya haɓaka kuma yana goyan bayan yanayin ORAM na zaɓi.
source: budenet.ru