1 / 11

Work-in-Progress: Full-Datapath Secure Deletion

This research paper discusses the limitations of current fine-grained secure deletion methods and presents a holistic approach to securely erase files. It highlights the importance of fine-grained secure deletion, its applications, and the shortcomings of current methods. The paper proposes a centralized module that passes secure deletion information from the file system to lower layers, including the storage block layer, to ensure complete data erasure. The approach offers advantages such as easy usability, per-file deletion, acceptable performance, and compatibility with modern file system mechanisms. The current development includes the implementation of secure write and secure delete block layer commands in the Linux 2.6.25.6 kernel with ext3 and NAND flash.

jamiel
Download Presentation

Work-in-Progress: Full-Datapath Secure Deletion

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Work-in-Progress:Full-Datapath Secure Deletion Sarah Diesburg, Chris Meyers, An-I Andy Wang USENIX Security ‘09

  2. Full-Datapath Secure Deletion Current Work • Secure deletion • Erasing all traces of files after user deletion • The problem • Fine-grained secure deletion methods only operate on one segment of storage data path • Secure deletion may leave traces of data when interacting with other components (e.g. journal, page cache, flash) • The solution • Develop holistic, data-path-wide approach to securely erase files

  3. Full-Datapath Secure Deletion When is fine-grained secure deletion important? • Getting rid of one personal file • Switching banks, hospitals, any large organization • Decommissioned hard drives • Military purposes

  4. Full-Datapath Secure Deletion Are current methods good enough? Applications • Applications cannot delete information about files File System Block Layer Storage

  5. Full-Datapath Secure Deletion Are current methods good enough? Applications • Applications cannot delete information about files • File systems may • Hold hidden copies of information • Consolidate writes • Not honor in-place overwrites File System Block Layer Storage

  6. Full-Datapath Secure Deletion Are current methods good enough? Applications • Applications cannot delete information about files • File systems may • Hold hidden copies of information • Consolidate writes • Not honor in-place overwrites • Some storage media do not honor in-place overwrites File System Block Layer Storage

  7. Full-Datapath Secure Deletion Full-Datapath Secure Deletion • Centralized module that passes secure deletion information from file system to lower layers • Extension to storage block layer to take advantage of above information • Issue secure overwrite command • Call storage-specific secure deletion command

  8. Full-Datapath Secure Deletion Full-Datapath Secure Deletion Applications User Kernel Page Cache File System Add Secure Deletion Module After cache! Check Block # Block Layer Block # Secure delete commands Storage

  9. Full-Datapath Secure Deletion Approach Advantages • Irrevocably deletes data and description information • Easy to use • User calls normal delete commands • Per-file deletion • Acceptable performance • Behaves correctly during failures • Soft-state module and conservative recovery • Works with modern file system mechanisms • Journaling, page cache, compression, etc. • Works with emerging solid-state storage media • Compatible beside the legacy storage data path • No modification to original behavior

  10. Full-Datapath Secure Deletion Current Development • Implements both secure write and secure delete block layer commands • Secure write useful for devices that do not honor in-place overwrites • Linux 2.6.25.6 kernel with ext3 and NAND flash

  11. Full-Datapath Secure Deletion Questions?

More Related