Faculty Publications

Trueerase: Leveraging An Auxiliary Data Path For Per-File Secure Deletion

Document Type

Article

Keywords

Assured deletion, File systems, NAND flash, Secure deletion, Security, Storage

Journal/Book/Conference Title

ACM Transactions on Storage

Volume

12

Issue

4

Abstract

One important aspect of privacy is the ability to securely delete sensitive data from electronic storage in such a way that it cannot be recovered; we call this action secure deletion. Short of physically destroying the entire storage medium, existing software secure-deletion solutions tend to be piecemeal at best - They may only work for one type of storage or file system, may force the user to delete all files instead of selected ones, may require the added complexities of encryption and key storage, may require extensive changes and additions to the computer's operating system or storage firmware, and may not handle system crashes gracefully. We present TrueErase, a holistic secure-deletion framework for individual systems that contain sensitive data. Through design, implementation, verification, and evaluation on both a hard drive and NAND flash, TrueErase shows that it is possible to construct a per-file, secure-deletion framework that can accommodate different storage media and legacy file systems, require limited changes to legacy systems, and handle common crash scenarios. TrueErase can serve as a building block by cryptographic systems that securely delete information by erasing encryption keys. The overhead is dependent on spatial locality, number of sensitive files, and workload (computational- or I/O-bound).

Department

Department of Computer Science

Original Publication Date

5-1-2016

DOI of published version

10.1145/2854882

Repository

UNI ScholarWorks, Rod Library, University of Northern Iowa

Language

en

Link to Full Text

Comments?

Share

COinS