TURAYA.Crypt Device Encryptor

Turaya.Crypt is a device encryption system and provides user-transparent encryption of commonly used storage devices such as hard disks and USB memory sticks.
In contrast to common hard-disk encryption systems, Turaya is resistant to almost arbitrary threads caused by worms, viruses and trojaner horses.
Three operation modes have been implemented to various application scenarios:P>

• Single-user mode with pre-boot authentication: The user is asked to enter a password at boot time. The password is directly passed on to the encryption module before the legacy (untrusted) OS is booted. This operation mode is designed for road-warriors who usually need full, transparent encryption of a notebook's hard disk.
• Single-user mode with just-in-time authentication (Trusted GUI support): The user is asked to enter a password at time of resource access. The Trusted GUI strongly isolates the authentication dialog from the legacy OS which is running in a separate window. This operation mode has been developed for removable media (e.g., USB memory sticks, CD/DVD media).
• Multi-user mode that enables centralized administration (Trusted GUI support): Administrators are able to add/delete users or resources (i.e. physical storage devices). They grant or revoke access rights to resources and can change user passwords in case of a password loss. This operation mode is useful when multiple users share a workstation and its resources.

Download Documents:

		Requirements [PDF]		This document contains the requirements specification of the Turaya.Crypt demonstrator.
		Analysis [PDF]		This document povides a brief description of the employed architecture and the underlying analysis model.
		Design [PDF]		This document describes the design specification of the Turaya-based security service. It contains the design specification, the design model, and the deployment model of the Turaya.Crypt Device Encryptor.