User-Level Secure Deletion on Log-Structured File Systems

Reardon, Joel

doi:10.1007/978-3-319-28778-2_5

Cited by 3 publications

(7 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Reardon et al developed a secure deletion tool for the Android OS that will monitor the amount of free space and fill it with random data. This ensures unwanted data marked as invalid are filled with random data to achieve random deletion.…”

Section: Secure Flash Storage Deletionmentioning

confidence: 99%

Remote Wiping and Secure Deletion on Mobile Devices: A Review

Leom

Choo

Hunt

2016

Journal of Forensic Sciences

View full text Add to dashboard Cite

Mobile devices have become ubiquitous in almost every sector of both private and commercial endeavors. As a result of such widespread use in everyday life, many users knowingly and unknowingly save significant amounts of personal and/or commercial data on these mobile devices. Thus, loss of mobile devices through accident or theft can expose users-and their businesses-to significant personal and corporate cost. To mitigate this data leakage issue, remote wiping features have been introduced to modern mobile devices. Given the destructive nature of such a feature, however, it may be subject to criminal exploitation (e.g., a criminal exploiting one or more vulnerabilities to issue a remote wiping command to the victim's device). To obtain a better understanding of remote wiping, we survey the literature, focusing on existing approaches to secure flash storage deletion and provide a critical analysis and comparison of a variety of published research in this area. In support of our analysis, we further provide prototype experimental results for three Android devices, thus providing both a theoretical and applied focus to this article as well as providing directions for further research.

show abstract

Section: Secure Flash Storage Deletionmentioning

confidence: 99%

Remote Wiping and Secure Deletion on Mobile Devices: A Review

Leom

Choo

Hunt

2016

Journal of Forensic Sciences

View full text Add to dashboard Cite

show abstract

“…A user-level secure deletion scheme named purging is proposed in [20], which requires no modifications to the storage system. Since the user does not have direct control to the lower-level storage controller, a passive method is applied: the user should fill all the empty space in the file system with as much junk files as it can holds.…”

Section: Related Work On Ssd Secure Deletionmentioning

confidence: 99%

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Liu

Khouzani

Yang

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Securely deleting invalid data from secondary storage is critical to protect users' data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs), which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime. This paper proposes ErasuCrypto, a light-weight secure deletion framework with low block erasure and data migration overhead. ErasuCrypto integrates both erasurebased and encryption-based data deletion methods and flexibly selects the more cost-effective one to securely delete invalid data. We formulate a deletion cost minimization problem and give a greedy heuristic as the starting point. We further show that the problem can be reduced to a maximum-edge biclique finding problem, which can be effectively solved with existing heuristics. Experiments on real-world benchmarks show that ErasuCrypto can reduce the secure deletion cost of erasurebased scheme by 71% and the cost of cryptographybased scheme by 37%, while guaranteeing 100% security by deleting all the invalid data.

show abstract

“…S. M. Diesburg, et al, summarized and compared existing methods of providing confidential storage and deletion of data in personal computing environments [6]. Paper [8] shows that these systems provide no temporal guarantees on data deletion and that deleted data still persists for nearly 44 hours with average phone use and indefinitely if the phone is not used after the deletion. They proposed three mechanisms for secure deletion on log-structured file systems.…”

Section: Related Workmentioning

confidence: 99%

“…They proposed three mechanisms for secure deletion on log-structured file systems. R. Joel, et al, presented three user-level solutions for secure deletion on log-structured file systems assuming a coercive attacker capable of compromising both the storage medium and any secret keys required to access it [9]. The principle behind their three solutions -purging, ballooning, and our hybrid solution-is that they reduce the file system's available free space to encourage more frequent garbage collection, thereby decreasing the deletion latency of deleted data.…”

Section: Related Workmentioning

confidence: 99%

“…The strategies above are not friendly to user data secure since deleted files still exist in NAND and can thus be recovered [7]. Secure deletion is the act of deleting data from a storage medium such that the data is afterwards irrecoverable from the storage medium [8]. The time between deleting data and it becoming irrecoverable is called the deletion latency in [8].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Secure Data Sanitization for Android Device Users

Huang¹,

He²,

Zhao³

2015

IJSIA

View full text Add to dashboard Cite

To protect the data confidentiality of Android device users, this paper proposed a user-level secure data sanitization method which can make sensitive data stored in flash memory unrecoverable. The proposed method using reversed-scanning algorithm to reduce time and it don't need overwriting or erase the whole flash memory. After sensitive data pages are found, the program targetedly overwriting some blocks, erase them, and insert them into free block list waiting to be located again which means the blocks will be twice overwrited by new data.

show abstract

User-Level Secure Deletion on Log-Structured File Systems

Cited by 3 publications

References 6 publications

Remote Wiping and Secure Deletion on Mobile Devices: A Review

Remote Wiping and Secure Deletion on Mobile Devices: A Review

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Secure Data Sanitization for Android Device Users

Contact Info

Product

Resources

About