Download EaseFilter Transparent File Encryption SDK Setup File Download EaseFilter Transparent File Encryption SDK Zip File
Transparent file encryption performs real-time I/O encryption and decryption of the files in any block data with 16 bytes. The encryption uses a 256 bits symmetric key to encrypt or decrypt the data with AES encryption algorithm. Auto file encryption protects data "at rest", meaning the transparent data and files encryption. It provides the ability to comply with policies which can be applied by users, processes and file type. This allows only authorized users and processes to access the encrypted files, unauthorized users and processes can’t access the encrypted files.
The Auto FileCrypt Tool is a file based encryption tool. Run the auto file encryption service with administrator permission, add the managed folders as encryption folder, when the files were added to the managed folder, the files will be encrypted automatically, when files were read, the data will be decrypted in memory automatically. It is completely transparent to the users.
In the managed folders, all new files will be encrypted automatically, and when you save the the modification of the encrypted file to disk, it also will be encrypted.
The encrypted file only can be read when the encryption service is running by the authorized users and processes, or the encrypted data will be returned.:
Encryption on read is the feature which the files in the folder are not encrypted, when the black list processes read the files, they will get the encrypted data on the fly.
If you have the sensitive files in your local computer, they are not encrypted, you want to automatically encrypt them when your email sends them out, or your browser uploads them to the internet, or the explorer copy them to a USB drive.
Organizations have struggled with secure file sharing for years, data breaches are reported almost every day where sensitive information has been stolen, mishandled, or used for fraudulent purposes. Organizations need a new approach to keep their most sensitive assets secure throughout the global enterprise.
AssureFiles Secure File Sharing combines AES 256 bit encryption with digital rights management to give businesses persistent control over all stages of its life, enables employees to share files with anyone, via any method, without compromising business data or risking liability from data loss.
AssureFiles Secure File Sharing solution helps organizations prevent data breaches caused by internal and external threats by enhancing access control to critical business applications and data. AssureFiles integrates DRM policy with leading enterprise and cloud applications to provide access control, data protection, and activity monitoring and reporting.
By leveraging the digital rights management, encryption keys and access policies are stored in the remote central server, so your data is never at risk of being unlocked, stolen or misused, either by internal threats or external attacks.Your files remain control wherever you share them. Wherever your data is stored, on the cloud, on your laptop, on a USB drive, on a backup disk or on someone else’s computer, only you, and those you authorize, can view the contents of those files.
With the centralized policy management, organizations can centrally control the creation, enforcement, and management of security policies to protect documents and files across all applications and systems. This ensures that the most up to date policies are applied and enforced consistently across the enterprise. You can grant or revoke the access control to any user at any time even the files were shared.
With the complete file access live tracking report, you can monitor who, when and where files are being accessed with the user and process information, computer identities and geo-location, also know all the unauthorized user information when unauthorized attempts are made and you can proactively block data leakage.
AssureFiles SecureAgent combines with a file system component, to support the file level encryption and decryption on-the-fly in the file system level, integrated with the access control component, enable your sensitive data always is encrypted.
With AssureFiles SecureAgent, you don't need to make any changes to your applications, infrastructure, or business practices, you can gain this secure solution right away.
AssureFiles secure file sharing can support most of the applications and files, such as Microsoft office files, PDF, 2&3D CAD files, images and other files.
To use the shared files, you need to start the SecureAgent service first, and you need to set the folder to store the shared files. After the service started, you can copy the share file to the drop folder, then you can open the shared file if you are authorized to open the share files.
To develop file systems and file system filter drivers, use the Windows Driver Kit (WDK),which is provided by Microsoft. Even with the resources available in the Windows Driver Kit (WDK) developing file systems is certainly a challenge. To simplify your development and to provide you with a robust and well-tested file system filter driver that works with all versions and patch releases of the Windows operating systems supported by Microsoft, EaseFilter offers the file system filter driver SDK which provides a complete, modular environment for building active file system filters in your application. With the EaseFilter file system filter driver SDK, you can develop your own filter driver application with c++/c# or other languages.
EaseFilter File System Mini Filter Driver SDK is a mature commercial product. It provides a complete modular framework to the developers even without driver development experience to build the filter driver within a day. The SDK includes the modules from code design to the product installation, it includes all the basic features you need to build a filter driver.
The following example creates a filter rule to encrypt the file in a encryption folder, create another filter rule to decrypt the encrypted file. Only the authorized the processes and users can read the encrypted file, or other processes or users will get the raw encrypted data.
using System;
using EaseFilter.FilterControl;
namespace AutoFileEncryption
{
class Program
{
static FilterControl filterControl = new FilterControl();
static void Main(string[] args)
{
string lastError = string.Empty;
string licenseKey = "Email us to request a trial key: info@easefilter.com";
FilterAPI.FilterType filterType = FilterAPI.FilterType.CONTROL_FILTER | FilterAPI.FilterType.ENCRYPTION_FILTER | FilterAPI.FilterType.PROCESS_FILTER;
int serviceThreads = 5;
int connectionTimeOut = 10; //seconds
try
{
//copy the right Dlls to the current folder.
Utils.CopyOSPlatformDependentFiles(ref lastError);
if (!filterControl.StartFilter(filterType, serviceThreads, connectionTimeOut, licenseKey, ref lastError))
{
Console.WriteLine("Start Filter Service failed with error:" + lastError);
return;
}
//setup a file filter rule for folder encryptFolder
string encryptFolder = "c:\\encryptFolder\\*";
FileFilter fileFilter = new FileFilter(encryptFolder);
//enable the encryption for the filter rule.
fileFilter.EnableEncryption = true;
//get the 256bits encryption key with the passphrase
string passPhrase = "mypassword";
fileFilter.EncryptionKey = Utils.GetKeyByPassPhrase(passPhrase, 32);
//disable the decyrption right, read the raw encrypted data for all except the authorized processes or users.
fileFilter.EnableReadEncryptedData = false;
//setup the authorized processes to decrypt the encrypted files.
string authorizedProcessesForEncryptFolder = "notepad.exe;wordpad.exe";
string[] processNames = authorizedProcessesForEncryptFolder.Split(new char[] { ';' });
if (processNames.Length > 0)
{
foreach (string processName in processNames)
{
if (processName.Trim().Length > 0)
{
//authorized the process with the read encrypted data right.
fileFilter.ProcessNameAccessRightList.Add(processName, FilterAPI.ALLOW_MAX_RIGHT_ACCESS);
}
}
}
//setup the authorized users to decrypt the encrypted files.
string authorizedUsersForEncryptFolder = "domainName\\user1";
if (!string.IsNullOrEmpty(authorizedUsersForEncryptFolder) && !authorizedUsersForEncryptFolder.Equals("*"))
{
string[] userNames = authorizedUsersForEncryptFolder.Split(new char[] { ';' });
if (userNames.Length > 0)
{
foreach (string userName in userNames)
{
if (userName.Trim().Length > 0)
{
//authorized the user with the read encrypted data right.
fileFilter.userAccessRightList.Add(userName, FilterAPI.ALLOW_MAX_RIGHT_ACCESS);
}
}
}
if (fileFilter.userAccessRightList.Count > 0)
{
//set black list for all other users except the white list users.
uint accessFlag = FilterAPI.ALLOW_MAX_RIGHT_ACCESS & ~(uint)FilterAPI.AccessFlag.ALLOW_READ_ENCRYPTED_FILES;
//disable the decryption right, read the raw encrypted data for all except the authorized users.
fileFilter.userAccessRightList.Add("*", accessFlag);
}
}
//add the encryption file filter rule to the filter control
filterControl.AddFilter(fileFilter);
//setup a file filter rule for folder decryptFolder
string decryptFolder = "c:\\decryptFolder\\*";
FileFilter decryptFileFilter = new FileFilter(decryptFolder);
//enable the encryption for the filter rule.
decryptFileFilter.EnableEncryption = true;
//get the 256bits encryption key with the passphrase
decryptFileFilter.EncryptionKey = Utils.GetKeyByPassPhrase(passPhrase, 32);
//don't encrypt the new created file in the folder.
decryptFileFilter.EnableEncryptNewFile = false;
//disable the decyrption right, read the raw encrypted data for all except the authorized processes or users.
decryptFileFilter.EnableReadEncryptedData = false;
//setup authorized processes to decrypt the encrypted files.
string authorizedProcessesForDecryptFolder = "notepad.exe;wordpad.exe";
processNames = authorizedProcessesForDecryptFolder.Split(new char[] { ';' });
if (processNames.Length > 0)
{
foreach (string processName in processNames)
{
if (processName.Trim().Length > 0)
{
//authorized the process with the read encrypted data right.
decryptFileFilter.ProcessNameAccessRightList.Add(processName, FilterAPI.ALLOW_MAX_RIGHT_ACCESS);
}
}
}
filterControl.AddFilter(decryptFileFilter);
if (!filterControl.SendConfigSettingsToFilter(ref lastError))
{
Console.WriteLine("SendConfigSettingsToFilter failed." + lastError);
return;
}
Console.WriteLine("Start filter service succeeded.");
// Wait for the user to quit the program.
Console.WriteLine("Press 'q' to quit the sample.");
while (Console.Read() != 'q') ;
filterControl.StopFilter();
}
catch (Exception ex)
{
Console.WriteLine("Start filter service failed with error:" + ex.Message);
}
}
}
}