Filesystem-level encryption

Filesystem-level encryption,[1] often called file-based encryption, FBE, or file/folder encryption, is a form of disk encryption where individual files or directories are encrypted by the file system itself.

This is in contrast to the full disk encryption where the entire partition or disk, in which the file system resides, is encrypted.

Types of filesystem-level encryption include:

  • the use of a 'stackable' cryptographic filesystem layered on top of the main file system
  • a single general-purpose file system with encryption

The advantages of filesystem-level encryption include:

  1. ^ "File-Level Encryption". PCI Security Standards Council. Retrieved 2024-10-18.