EFS Encrypted File System
The Encrypted Files System enables individual users on the system to encrypt their data on J2 file system through their individual key stores.
A key is associated to each user. These keys are stored in cryptographically protected key store and upon successful login, the user's keys are loaded into the kernel and associated with the processes credentials. Later on, when the process needs to open an EFS-protected file, these credentials are tested and if a key matching the file protection is found, the process is able to decrypt the file key and therefore the file content. Group based key management are supported too.
Note: EFS is part of an overall security strategy. It is designed to work
in conjunction with sound computer security practices and controls.