What is DISK ENCRYPTION? What does DISK ENCRYPTION mean? DISK ENCRYPTION meaning & explanation

✪✪✪✪✪ http://www.theaudiopedia.com ✪✪✪✪✪ What is DISK ENCRYPTION? What does DISK ENCRYPTION mean? DISK ENCRYPTION meaning - DISK ENCRYPTION definition - DISC ENCRYPTION explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. Expressions full disk encryption (FDE) or whole disk encryption often signify that everything on disk is encrypted – including the programs that can encrypt bootable operating system partitions – when part of the disk is necessarily not encrypted. On systems that use a master boot record (MBR), that part of the disk remains non encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR. Transparent encryption, also known as real-time encryption and on-the-fly encryption (OTFE), is a method used by some disk encryption software. "Transparent" refers to the fact that data is automatically encrypted or decrypted as it is loaded or saved. With transparent encryption, the files are accessible immediately after the key is provided, and the entire volume is typically mounted as if it were a physical drive, making the files just as accessible as any unencrypted ones. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. The entire file system within the volume is encrypted (including file names, folder names, file contents, and other meta-data). To be transparent to the end user, transparent encryption usually requires the use of device drivers to enable the encryption process. Although administrator access rights are normally required to install such drivers, encrypted volumes can typically be used by normal users without these rights . In general, every method in which data is transparently encrypted on write and decrypted on read can be called transparent encryption. Disk encryption does not replace file encryption in all situations. Disk encryption is sometimes used in conjunction with filesystem-level encryption with the intention of providing a more secure implementation. Since disk encryption generally uses the same key for encrypting the whole volume, all data is decryptable when the system runs. However, some disk encryption solutions use multiple keys for encrypting different partitions. If an attacker gains access to the computer at run-time, the attacker has access to all files. Conventional file and folder encryption instead allows different keys for different portions of the disk. Thus an attacker cannot extract information from still-encrypted files and folders. Unlike disk encryption, filesystem-level encryption does not typically encrypt filesystem metadata, such as the directory structure, file names, modification timestamps or sizes. Trusted Platform Module (TPM) is a secure cryptoprocessor embedded in the motherboard that can be used to authenticate a hardware device. Since each TPM chip is unique to a particular device, it is capable of performing platform authentication. It can be used to verify that the system seeking the access is the expected system.