The OSR File Encryption Solution Framework (FESF) allows Clients to incorporate transparent, on-access, per-file encryption into their products. While adding on-access encryption sounds like something that should be pretty simple, it turns out to be something that's exceptionally complicated. Creating a Solution that provides on-access encryption that performs well is even more difficult.
FESF handles most of the necessary complexity, including the actual encryption operations, in kernel mode. This allows Clients to build customized file encryption products with no kernel-mode programming.
To understand what needs to be created to transform FESF into a complete product, it's important to understand a few concepts that are central to FESF. We discuss those concepts in this section of this document.