Disposal of Disk and Tape Data by Secure Sanitization

Hughes, G.F.; Coughlin, Tom; Commins, D.M.

doi:10.1109/msp.2009.89

Cited by 35 publications

(26 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For example, both SCSI and ATA offer sanitation command [21] to erase all the data blocks in the SSD. However, sanitation cannot be used towards secure deletion, which should delete only invalid data while retaining valid data intact.…”

Section: Related Work On Ssd Secure Deletionmentioning

confidence: 99%

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Liu

Khouzani

Yang

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Securely deleting invalid data from secondary storage is critical to protect users' data privacy against unauthorized accesses. However, secure deletion is very costly for solid state drives (SSDs), which unlike hard disks do not support in-place update. When applied to SSDs, both erasure-based and cryptography-based secure deletion methods inevitably incur large amount of valid data migrations and/or block erasures, which not only introduce extra latency and energy consumption, but also harm SSD lifetime. This paper proposes ErasuCrypto, a light-weight secure deletion framework with low block erasure and data migration overhead. ErasuCrypto integrates both erasurebased and encryption-based data deletion methods and flexibly selects the more cost-effective one to securely delete invalid data. We formulate a deletion cost minimization problem and give a greedy heuristic as the starting point. We further show that the problem can be reduced to a maximum-edge biclique finding problem, which can be effectively solved with existing heuristics. Experiments on real-world benchmarks show that ErasuCrypto can reduce the secure deletion cost of erasurebased scheme by 71% and the cost of cryptographybased scheme by 37%, while guaranteeing 100% security by deleting all the invalid data.

show abstract

Section: Related Work On Ssd Secure Deletionmentioning

confidence: 99%

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Liu

Khouzani

Yang

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…(See Hughes et al [4] for a good overview.) A summary of what we know is that one has to consider what level of effort to recover the data one is guarding against.…”

Section: Data Disposal Lawsmentioning

confidence: 99%

Legal concepts meet technology

Russom

Sloan

Warner

2011

Proceedings of the 2011 Workshop on Governance of Technology, Information, and Policies

View full text Add to dashboard Cite

Informational privacy consists of the ability to control how others use our personal information. Over the past several decades, we have lost a significant degree of control as a result of advances in information processing technology and the rise of the Internet. We pose two questions: (1) What legal concepts of privacy and privacy protection have developed in response to changing technology? (2) Are these responses adequate?To answer these questions, we provide a detailed survey and analysis of current US state privacy and security laws, which illustrate the limits of current practical legal concepts of privacy. Our analysis reveals that when evaluated against the background of relevant technological developments, the answer is that the response has clearly been inadequate. We offer the analysis here as a starting point toward a more adequate response.

show abstract

“…According to (Kissel 2006), sanitisation is referred to as "the general process of removing data from storage media, such that there is reasonable assurance, in proportion to the confidentiality of the data, that the data may not be retrieved and reconstructed". Four basic sanitization security levels and corresponding techniques are defined in (Hughes 2009): weak erase (deleting files), block erase (overwrite by external software), normal secure erase (current drives), and enhanced secure erase.…”

Section: Function Mappingmentioning

confidence: 99%

Computer Forensic Functions Testing: Media Preparation, Write Protection and Verification

Guo

Slay

2010

JDFSL

View full text Add to dashboard Cite

The growth in the computer forensic field has created a demand for new software (or increased functionality to existing software) and a means to verify that this software is truly forensic i.e. capable of meeting the requirements of the trier of fact. In this work, we review our previous work---a function oriented testing framework for validation and verification of computer forensic tools. This framework consists of three parts: function mapping, requirements specification and reference set development. Through function mapping, we give a scientific and systemized description of the fundamentals of computer forensic discipline, i.e. what functions are needed in the computer forensic investigation process. We focus this paper on the functions of media preparation, write protection and verification. Specifically, we complete the function mapping of these functions and specify their requirements. Based on this work, future work can be conducted to develop corresponding reference sets to test any tools that possess these functions.

show abstract

Disposal of Disk and Tape Data by Secure Sanitization

Cited by 35 publications

References 7 publications

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

ErasuCrypto: A Light-weight Secure Data Deletion Scheme for Solid State Drives

Legal concepts meet technology

Computer Forensic Functions Testing: Media Preparation, Write Protection and Verification

Contact Info

Product

Resources

About