?
Solved

BitLocker on kiosk

Posted on 2011-03-14
3
Medium Priority
?
842 Views
Last Modified: 2012-05-11
Using Windows Embedded we create kiosks with proprietary software.  Using Bitlocker, or something similar is a good way of encrypting a drive and the proprietary software.  However in the case of Bitlocker it needs a TPM or USB key inserted at startup - neither are feasible at this time.  Ideally we would like to encrypt a drive on the unit but give permission for certain software to run from it while keeping it encrypted. The goal would be to prevent unathorized access to the encrypted partition at runtime.  Possible? ideas?  Thanks.
0
Comment
Question by:suprdupr
2 Comments
 
LVL 25

Accepted Solution

by:
RobMobility earned 1000 total points
ID: 35127754
Hi,

Bitlocker and similar encryptions systems are designed to protect data at rest - i.e. the drive is encrypted when powered down, but unencrypted fully once authenticated.

Your scenario would be better served using either NTFS file permissions (i.e. the account running the service that needs to run the software) or perhaps EFS?

You can still use alternative Encryption solutions for boot-time protection - it's whether they are supported on Windows Embedded isn't clear -

You could look at something like Spyrus SPD - effectively, you'd run your whole Windows CE environment from a fash,encrypted USB Pen-drive which enables you to lock it etc?
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 35381956
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question