<div xmlns="http://www.w3.org/1999/xhtml"> </div><div xmlns="http://www.w3.org/1999/xhtml">I know at least several  technologies that protect "data at rest" , such as dm-crypt, tomb, eCryptfs.</div><div xmlns="http://www.w3.org/1999/xhtml"> </div><div xmlns="http://www.w3.org/1999/xhtml">The problem with dm-crypt or eCrypts that since file system is mounted, all logged users, including attackers can read files.</div><div xmlns="http://www.w3.org/1999/xhtml"> </div><div xmlns="http://www.w3.org/1999/xhtml">But I did not find anything that protects data at run, i.e decrypts  only file read request using user key.</div><div xmlns="http://www.w3.org/1999/xhtml"> </div><div xmlns="http://www.w3.org/1999/xhtml">Please advise,</div><div xmlns="http://www.w3.org/1999/xhtml">Lev</div>