An implementation study of a ghost drive: hidden file store in a filesystem

Recently, it becomes increasingly important to secure user private data in mobile devices. To protect user private data, one possible approach is to implement a secure file storage in the mobile devices based on mandatory access control (MAC), but the device manufacturers seldom implement it because of high pressure of time-to-market, frequent version upgrade of the operating system, and no unanimous agreement in the MAC standard software. In this paper, we propose an implementation study of a secure file storage, called a ghost drive , which can facilitate the implementation of MAC in the mobile devices by unburdening the manufacturers from aggressive instrumentation of the whole operating system. Since our implementation is in form of a loadable kernel module, separated from the main kernel, it can be deployed even to commercial mobile devices already in use by installing it over the air. Our experiments show that the performance of our secure storage implementation is not worse than the original unmodified implementation.