Vergin, Adrian (2010) Windows encyption threat analysis. Other thesis, Edinburgh Napier University.
Available under License Creative Commons Attribution Non-commercial.
New versions of Windows come equipped with mechanisms, such as EFS and BitLocker, which are capable of encrypting data to an industrial standard on a Personal Computer. This creates problems if the computer in question contains electronic evidence. BitLocker, for instance, provides a secure way for an individual to hide the contents of their entire disk, but as with most technologies, there are bound to be weaknesses and threats to the security of the encrypted data. It is conceivable that this technology, while appearing robust and secure, may contain flaws, which would jeopardize the integrity of the whole system. As more people encrypt their hard drives, it will become harder and harder for forensic investigators to recover data from Personal Computers. By analyzing Windows encryption, the author intends to produce automated tools to aid investigators in gaining access to this data, as well as contribute to the progression of Windows encryption standards.
Over the course of this document, the author outlines both encryption systems and points out potential vulnerabilities in them. While presenting his findings, the author also provides tips and suggestions on how to use EFS and BitLocker in order to optimize their efficiency and make the best use of their strengths. This project also delivers software solutions designed to help compromise the integrity of these systems.
The ultimate finding of this project is that in order to keep data at rest optimally secure, both EFS and BitLocker should be used in tandem, or they should be used in conjunction with other encryption solutions. Neither of these solutions is completely impenetrable on it's own, but when combined with other forms of encryption, they provide a layer of defense that's sufficiently hard to crack.
|Item Type:||Thesis (Other)|
|Uncontrolled Keywords:||Microsoft Windows; Bitlocker; EFS; data encryption; intruder detection systems;|
|University Divisions/Research Centres:||Faculty of Engineering, Computing and Creative Industries > School of Computing|
|Dewey Decimal Subjects:||000 Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data > 005.8 Data security|
000 Computer science, information & general works >
|Library of Congress Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Depositing User:||Professor Bill Buchanan|
|Date Deposited:||12 Jan 2011 10:20|
|Last Modified:||12 Jan 2011 10:20|
Actions (login required)